Windows 365 Link, security exposure management and a new post-CrowdStrike faulty update initiative are among the big announcements.
Microsoft’s Windows 365 links devices. Security exposure management is becoming generally available. And a new initiative to make improvements after a faulty CrowdStrike update in July.
These are some of the biggest device and security news coming from Microsoft’s Ignite 2024 event.
Ignite runs through Friday, with in-person and online programming in Chicago. Microsoft had registered more than 200,000 people for the event and was expecting more than 14,000 to attend in person.
[RELATED: Microsoft CEO: AI Provides ‘On-Ramp’ To Azure Data Services, Copilot Continues To Surge]
Microsoft Ignite 2024
Redmond, Wash. The based tech giant unveiled 80 new products and features in its product portfolio.
According to Microsoft, Windows 11 has seen a three-fold reduction in firmware attacks and almost three times fewer credential theft incidents compared to Windows 10.
During Ignite, Microsoft said that the controversial recall feature would be disabled by default for Copilot+ PCs. IT will enable this feature through new policies before employees opt in.
Microsoft Chairman and CEO Satya Nadella shared his enthusiasm for the vendor’s devices and security portfolio during the vendor’s recent quarterly earnings call.
“It’s about hybrid AI where the rebirth of the PC as the edge of AI is going to be one of the most exciting things for developers,” Nadella said on Microsoft’s Copilot+ PC.
Nadella said customers have used Defender to find and secure more than 750,000 GenAI app instances. They have used Parview to audit over 1 billion Copilot interactions to ensure they meet compliance obligations.
Here’s everything you need to know in security and device news from Ignite 2024.
windows 365 link
In device news, Microsoft has previewed Windows 365 Link devices built for its Windows 365 cloud-based virtual machine service, with Link becoming generally available in April with a manufacturer’s suggested retail price of $349.
According to Microsoft, interested organizations in the US, UK, New Zealand, Japan, Germany, Canada, and Australia can apply for the preview program.
According to Microsoft, users can place Link on their desk, boot it up in seconds and perform local processing for Teams meetings, Webex by Cisco, and other high-fidelity experiences.
The Link supports dual 4K monitors, four USB ports, an audio port, an Ethernet port, Wi-Fi 6E, and Bluetooth 5.3.
The device has no local data, apps, or non-administrator users. Corporate data is safe in the Microsoft cloud. Security default policies are on by default. Users cannot turn off security features.
Users can leverage Microsoft Entra ID, Microsoft Authenticator app, or USB security key for passwordless login.
Microsoft Intune users can manage devices linked with other PCs. Links are configured in minutes and updated automatically when turned on for the first time. They are factory-reset in minutes for reusability.
better windows search
Starting next year, Windows Insider Program members with Snapdragon-powered CoPilot+ PCs will have the ability to take advantage of their Neural Processing Units (NPUs) for better search with File Explorer, Windows Search, and Settings.
Users can find documents, photos, and other files without having to search for file names or exact file contents. They can describe content with synonyms, even text that may appear in an image. This feature will work even without internet connection.
Enhanced search will be coming to Windows 365 cloud PCs in the spring.
Microsoft Security Exposure Management goes to general availability
Microsoft has made its security exposure management experience generally available to practitioners assessing cyber threats.
Exposure management integrates disparate data silos for better attack surface visibility, assessing attack paths to assets and across devices, identities, apps, data, on-premises, hybrid and multi-cloud infrastructures. Provides context-based recommendations to improve security posture.
According to Microsoft, the tool has attack path analysis capabilities with modeling and blast radius estimation, as well as integrated insights that bring in currency data from other vendors.
Microsoft Purview Update
Microsoft updated its Purview data governance and compliance platform to include the general availability of Customer Lockbox, which provides data protection for Windows 365 with users in the approval workflow process, and Data Security Posture Management, as well as AI Provides DSPM for.
According to Microsoft, DSPM for AI should help IT administrators and data stewards find risks and prevent data oversharing, data leakage, and other incidents. The tool works on Copilot, custom apps built on Copilot Studio, and third-party apps like ChatGPT Enterprise by Microsoft-backed OpenAI.
The new Purview preview includes data loss prevention (DLP) for Microsoft 365 Copilot – aimed at ensuring that the content of sensitive documents is not abstracted by AI – and Azure Microsoft Rights Management-defined sensitivity labels for administrators Ability to extend Office files and PDFs to SharePoint document libraries comfortably.
By the end of the year, Purview will have a preview of embedded Security CoPilot capabilities, including DSPMs with AI-powered data estate risk insights in natural language and suggested prompts to guide users through investigations.
Other Security CoPilot capabilities entering preview are DLP policy understanding, eDiscovery case summaries, and a CoPilot-powered knowledge center.
Features after the CrowdStrike incident
During Ignite 2024, Microsoft introduced its Windows Resiliency Initiative, which is based on learnings from the global outage caused by CrowdStrike. faulty update In July.
According to Microsoft, the initiative also focuses on allowing more apps and users to run without administrator privileges, stronger controls for which apps and drivers can run, and better identity protection.
Quick Machine Recovery is a feature that will come to the Windows Insider Program in early 2025 thanks to this initiative. With this feature, IT administrators can target Windows Update fixes to PCs, even when the machines cannot boot and do not have physical access to the PC.
There are ways to build security products outside of kernel mode, coming as a private preview to the security product ecosystem in July. According to Microsoft, antivirus and other security products will have the ability to run in user mode, just like apps. This will provide better resiliency to Windows in the event of a crash or error.
windows security updates
Microsoft said it is addressing long-standing complaints about Windows security — over-privileged users and applications, unverified apps and drivers, and insecure credentials and authentication.
The preview has Administrator Security, a tool that has standard user permissions security by default. If a system change requires administrator rights, users are asked to authorize the change using Windows Hello. Windows creates a temporary separate administrator token that is destroyed after the task is completed.
According to Microsoft, the new AI capabilities for Smart App Control and App Control for Business attempt to make the tool easier to deploy. A signed and reputable policy template should allow millions of verified apps to run, regardless of deployment location.
And the Personal Data Encryption (PDE) layer now generally available for Windows Enterprise should add more security to personal user files on laptops that are now readable only with Windows Hello sign in. PDE also integrates with OneDrive and SharePoint and is manageable with Intune.
Windows CoPilot Runtime, Windows Subsystem for Linux
Microsoft has added new AI APIs and improved frameworks and tools to the Windows Copilot Runtime to help developers scale AI across devices.
APIs for image description, image super resolution, object erasure, and optical character recognition are coming in January.
According to Microsoft, Windows Subsystem for Linux (WSL) has added integration with Intune, which is now generally available, and Entra ID, which is now in private preview.
In the coming months, Microsoft will preview a new distribution architecture for WSL to better manage and optimize it with enterprise security policies.
A new preview of Hotpack for Windows gives users a way to download updates in the background and have the installation take effect without restarting the device.
The preview coming before 2026 for Windows Autopatch AI integration with Copilot in Intune means IT administrators can only access data within their permissions and Windows users can prepare for feature updates, ready devices, and other uses. Can get payload details between cases.
A now generally available configuration refresh feature is available to enforce mobile device management (MDM) security policies by returning a PC to a preferred configuration, avoiding configuration drift when users change the system registry. Refresh also works offline with device self-management locally.
Mixed Reality, Windows in the Modern Environment
Microsoft has a preview coming in December for Windows 11 in Meta Quest headsets, which allows users to take advantage of Windows for virtual meetings and high-resolution monitors.
Windows 11 Mixed Reality Access will debut with the Quest 3 and Quest 3S headsets.
The preview available now allows a shared mode for provisioning Windows 365 Frontline. This mode is for users who need brief access to ad-hoc tasks in a non-personalized Windows desktop environment. User data is deleted upon signoff.
Another preview is for Windows Apps Mobile Application Management (MAM) support for iOS and Android to define device security criteria and customized access.
Azure Chips, Infrastructure
At Ignite, Microsoft introduced its Azure Integrated Hardware Security Module (HSM) in-house cloud security chip.
Next year, Microsoft will begin installing HSM in every new server in its data centers for confidential and general-purpose workloads.
The vendor also showcased its first in-house data processing unit silicon, the Azure Boost DPU. According to Microsoft, the purpose of a DPU is to work on storage, networking, acceleration, and more. Future DPU-equipped servers should run cloud storage workloads at three times less power and four times the performance of existing servers.
A liquid cooling heat exchanger unit rack by Microsoft should support large-scale AI systems on Azure, including Microsoft’s Azure Maia. Microsoft can reinstall the unit in Azure data centers.
Microsoft and Meta have collaborated on a differentiated power rack design with 400-volt DC power for 35 percent more AI accelerators per server rack. The vendors are open-sourcing the specifications through the Open Compute Project.
Microsoft launches preview of Nvidia Blackwell GB200-powered Azure AI system. Azure ND GB200 V6 is the new AI-optimized virtual machine series powered by Nvidia GB200 superchips.
More infrastructure news
Microsoft has made Azure Local cloud-controlled, hybrid infrastructure platform and Windows Server 2025 generally available.
Local extends Azure services across distributed locations for mission-critical workloads and cloud-native applications and AI. Runs containers, servers, and Azure Virtual Desktop (AVD) on Microsoft-accredited hardware from Hewlett Packard Enterprise, Lenovo, Dell Technologies, and others for local custom latency, near-real-time data processing, and compliance.
Windows Server 2025 has a preview of hot-patching subscriptions for easier upgrades, improved security, and update installation with fewer restarts.
Microsoft also moved SQL Server 2025 to private preview. According to Microsoft, this database platform should simplify AI app development and RAG patterns.