August 2022 Blog Posts
Hi All,
As anounced the Microsoft common attachment filter has been updated with 53 default File Extensions and 219 File Extensions that can be selected. That's a huge improvement to what was available end of last Year.
Exchange Online Protection Common Attachment Filter Update
https://blog.icewolf.ch/archive/2021/11/12/exchange-online-protection-common-attachment-filter-update.aspx
Anti-malware protection in EOP
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-malware-protection?view=o365-worldwide#anti-malware-policies
I want to remind you - it's your responsability to define the Policy. Be aware that blocking *.bin Files can cause unintended affects
Blocking *.bin Files in EOP can cause block of Office Documents
https://blog.icewolf.ch/archive/2022/08/01/blocking-bin-files-in-eop-can-cause-block-of-office.aspx
I've created a new Anti-Malware Policy via M365 Defender Portal https://security.microsoft.com/antimalwarev2
As you can see the Default Policy contains 53 File Extensions
Get-MalwareFilterPolicy -Identity Demo04 |...
Hi All,
Switch the Swiss Registrar for .ch and .li Domains has published the Domains on a Open Data Policy.
You can download the top 1'000 Domains or use a Zone Transfer
Switch Open Data
https://www.switch.ch/open-data/#tab-c5442a19-67cf-11e8-9cf6-5254009dc73c-3
You need to create the TSIG Key
# filename ch_zonedata.keykey tsig-zonedata-ch-public-21-01 { algorithm hmac-sha512; secret "stZwEGApYumtXkh73qMLPqfbIDozWKZLkqRvcjKSpRnsor6A6MxixRL6C2HeSVBQNfMW4wer+qjS0ZSfiWiJ3Q=="; };
then use dig to initiate the Zone Transfer
dig -k ch_zonedata.key @zonedata.switch.ch +noall +answer +noidnout +onesoa AXFR ch. > ch.txt
Looks like this
I have used psftp.exe to transfer the ch.txt File to my Computer
open 172.21.175.80
cd /var/tmp
lcd E:\
get ch.txt
The Zone File looks like "TAB" separated. But is not consistent...
Hi All,
A few hours ago, Microsoft has released a new version of the Microsoft.Online.SharePoint.PowerShell Module.
Microsoft.Online.SharePoint.PowerShell 16.0.22810.12000
https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.22810.12000
Check the installed Version and what is available on PowerShell Gallery
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Find-Module Microsoft.Online.SharePoint.PowerShell
Uninstall the old PowerShell Module and install the new one
Uninstall-Module Microsoft.Online.SharePoint.PowerShell
Install-Module Microsoft.Online.SharePoint.PowerShell
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Connect to Sharepoint Online
Connect-SPOService -Url https://icewolfch-admin.sharepoint.com
List the SharePoint Online tenant settings
Get-SPOTenant | fl
Regards
Andres Bohren
Hi All,
On beginning of August, Microsoft has announced the Microsoft Outlook Lite Version on Android.
Microsoft Outlook Introduces Lite Version of Android App
https://techcommunity.microsoft.com/t5/outlook-blog/microsoft-outlook-introduces-lite-version-of-android-app/ba-p/3582948
They say the App is:
- Small
- Fast
- Low battery usage
- Works on all Networks incl. 2G / 3G
It's unclear what Options are not supported or what's the downside of using this app.
Microsoft Outlook Lite - Google Play
https://play.google.com/store/apps/details?id=com.microsoft.outlooklite&hl=de&gl=MX
Regards
Andres Bohren
Hi All,
On beginning of August, Microsoft had released AAD Connect 2.1.16.0.
I was exited, because that is the first 2.x version that did support "auto-upgrade"
Azure AD Connect: Version release history
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history
Microsoft Azure Active Directory Connect Download
https://www.microsoft.com/en-us/download/details.aspx?id=47594
I've checked the Version of AAD Connect on the Server with Powershell
Import-Module ADSync
(Get-Item "C:\Program Files\Microsoft Azure AD Sync\Bin\miiserver.exe").VersionInfo
Set-ADSyncAutoUpgrade -AutoUpgradeState Enabled
Get-ADSyncAutoUpgrade
After a while i've realized that the AutoUpgrade was reseted to suspended.
So i removed the Custom Rules i had created earlyer
https://blog.icewolf.ch/archive/2021/12/11/aad-connect-create-custom-sync-rule-with-powershell.aspx
And enabled Autoupgrade again
Get-ADSyncAutoUpgrade
Set-ADSyncAutoUpgrade -AutoUpgradeState Enabled
That did not help. So i looked into Eventviewer
According to the Return Value it looked like the new version was installed.
Windows Installer...
Hi All,
Yesterday, Microsoft has released a new Version of theyr PowerShell Modules for Microsoft.Graph
PowerShell Gallery Microsoft.Graph
https://www.powershellgallery.com/packages/Microsoft.Graph/1.11.1
Releases
https://github.com/microsoftgraph/msgraph-sdk-powershell/releases
Let's check the installed Version and what's available on the PowerShell Gallery
Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph
To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
Let's check
Get-InstalledModule Microsoft.Graph
Get-InstalledModule Microsoft.Graph*
Regards
Andres Bohren
Hi All,
A few Days ago Jabra has released theyr August Version of Jabra Direct
Versionshinweise für Jabra Direct
https://www.jabraheadsets.ch/support/release-notes/release-note-jabra-direct
Regards
Andres Bohren
Hi All,
VMware has released a Security Advisory to address the CVE-2022-31676. You need to upgrade to VMware Tools 12.1.0 to fix the Issue.
https://www.vmware.com/security/advisories/VMSA-2022-0024.html
VMware Tools 12.1.0 Download
https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1210&productId=1259&rPId=92824
After you have downloaded the ZIP file mount the vmwaretools.iso and run the Setup64.exe (or setup.exe on x86 Processors)
On my Server i had to restart and relaunch the Setup
Looks good after the Reboot and again launched setup64.exe
Let's check in VCSA
Regards
Andres Bohren
Hi All,
MicrosoftTeams 4.6.1-preview
https://www.powershellgallery.com/packages/MicrosoftTeams/4.6.1-preview
Show installed Module and what is available on PowerShell Gallery
Get-InstalledModule MicrosoftTeams
Find-Module MicrosoftTeams -AllowPrerelease
Install the Preview with the Force Parameter
Install-Module MicrosoftTeams -AllowPrerelease -Force
Get-InstalledModule MicrosoftTeams
Get-InstalledModule MicrosoftTeams -AllVersions
Import-Module
Get-Module
Testing
Connect-MicrosoftTeams
Get-Team
Get-CsOnlineUser -Identity a.bohren@icewolf.ch | fl *Ent*,*host*,*voice*, *line*
Regards
Andres Bohren
Hi All,
With Citrix Workspace for Windows 2206, citrix had released the improved Auto-Update.
https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/about.html#2206
This Morning i saw the Message, that Citrix Client has been upgraded
And i've checked the Version. Right, 2207 is now installed. Nice.
You can also grab it from here
Citrix Workspace app 2207 for Windows
https://www.citrix.com/de-de/downloads/workspace-app/windows/workspace-app-for-windows-latest.html
Regards
Andres Bohren
Hi All,
This Morning i have seen, that the PowerShell 7 has a new Update. Seems that it has been released yesterday.
GitHub PowerShell
https://github.com/PowerShell/PowerShell
v7.2.6 Release of PowerShell
https://github.com/PowerShell/PowerShell/releases/tag/v7.2.6
Regards
Andres Bohren
Hi All,
With the August 2022 Updates for ExchangeServer 2013/2016/2019 there is a new Feature called Windows Server Extended Protection. This will help against authentication relay or "man in the middle" (MitM) attacks.
Exchange Server Support for Windows Extended Protection
https://microsoft.github.io/CSS-Exchange/Security/Extended-Protection/
does not work with hybrid servers using Modern Hybrid configuration
SSL Offloading scenarios are not supported
Automated Archiving with Archive Policy is not suported
TLS configuration must be consistent across all Exchange servers
Access to Public Folders on Exchange 2013 not supported
The newest...
Hi All,
On the Microsoft Patchday, Microsoft has released Exchange 2013, Exchange 2016 and Exchange 2019 Security Updates.
Released: August 2022 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-august-2022-exchange-server-security-updates/ba-p/3593862
Description of the security update for Microsoft Exchange Server 2019 and 2016: August 9, 2022 (KB5015322)
https://support.microsoft.com/de-de/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-and-2016-august-9-2022-kb5015322-86c06afb-97df-4d8f-af88-818419db8481
Security Update For Exchange Server 2016 CU23 (KB5015322)
https://www.microsoft.com/en-us/download/details.aspx?id=104480
Regards
Andres Bohren
Hi All,
A few Hours ago, Microsoft has released a new Version of the Microsoft.Online.SharePoint.PowerShell PowerShell Module
Microsoft.Online.SharePoint.PowerShell 16.0.22713.12000
https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.22713.12000
Check the installed Version and what is available on PowerShell Gallery
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Find-Module Microsoft.Online.SharePoint.PowerShell
Uninstall the old PowerShell Module and install the new one
Uninstall-Module Microsoft.Online.SharePoint.PowerShell
Install-Module Microsoft.Online.SharePoint.PowerShell
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Connect to Sharepoint Online
Connect-SPOService -Url https://icewolfch-admin.sharepoint.com
List the SharePoint Online tenant settings
Get-SPOTenant | fl
Regards
Andres Bohren
Hi All,
Last Week i've received an update for my OnePlus 9 Android Smartphone. It updates the Android Patchlevel to 2022.06.
OxygenOS 12 C.62 update for OnePlus 9 and OnePlus 9 Pro
https://community.oneplus.com/thread?id=1114511772796583945
Regards
Andres Bohren
Hi All,
Yesterday Microsoft has released the Version 1.11.0 of the Microsoft.Graph PowerShell Module.
Microsoft.Graph 1.11.0
https://www.powershellgallery.com/packages/Microsoft.Graph/1.11.0
Release Notes
https://github.com/microsoftgraph/msgraph-sdk-powershell/releases
Check the installed Version and what is availabe on PowerShell Gallery
Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph
To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
It takes a while until everything is done. Wait until it shows "Cleanup finished"
Regards
Andres Bohren
Hi All,
Microsoft has released PowerToys v0.61.0 respectivly v0.61.1.
PowerToys Release Notes
https://github.com/microsoft/PowerToys/releases
Regards
Andres Bohren
Hi All,
Yesterday Microsoft has released the Azure PowerShell Module AZ v8.2.0
Az 8.2.0
https://www.powershellgallery.com/packages/AZ/8.2.0
Check your current installed Module and what is available on PowerShell Gallery
Get-InstalledModule AZ
Find-Module AZ
I've published a Script in my GitHub Repo to uninstall the old Modules and install the new Modules
https://github.com/BohrenAn/GitHub_PowerShellScripts/blob/main/AzureAD/Microsoft.Graph_HowToStart.ps1
Or you can run the Script below to directly execute that Script
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
Regards
Andres Bohren
Hi All,
I've tried out M365 Apps health
Microsoft 365 Apps health
https://docs.microsoft.com/en-us/deployoffice/admincenter/microsoft-365-apps-health
You have to go to the M365 Apps Admin Center
https://config.office.com/
I've gone through the "Get started" Wizard
Selected a Group with my Office Devices
I've had to change the Office Channel to "MontlyEnterprise" to get some data
cd C:\Program Files\Common Files\microsoft shared\ClickToRun
OfficeC2RClient.exe /changesetting Channel=MonthlyEnterprise
OfficeC2RClient.exe /update user
After the Change i had to wait for several Hours
What do you think. Is this helpful?
Regards
Andres Bohren
Hi All,
I just want to write a short Blog Article about Exhange Online Protection (EOP) Malware Filter regarding the *.bin Attachments.
Just be aware, that when Adding Linked or Embedded Objects in Office Documents (like PowerPoint), the Objects are added as *.bin Objects and might be catched by the Malware Filter.
Import content from other applications into PowerPoint
https://support.microsoft.com/en-us/office/import-content-from-other-applications-into-powerpoint-8165a079-e639-4278-81be-8b3ee94f81fb
If you rename the *.pptx or add *.zip at the end you can open in with Windows Explorer or any other ZIP Tool.
As you can see there is a "oleObject1.bin" File in the ppt\embeddings Folder
I have made a Test Anti-Malware Filter policy with just one...