Microsoft Issues Patch For Critical Windows Flaw

Microsoft hastened to correct a critical Windows flaw after a British intelligence organization discovered and revealed the exploit to the company. The flaw in question, CVE-2017-11937, was discovered by the National Cybersecurity Center (NCSC) of the United Kingdom, which is part of the intelligence agency of the Government Communications Headquarters (GCHQ).

CVE-2017-11937, as Microsoft wrote in its security advisory, is a critical remote code execution vulnerability that exists in Microsoft's malware protection engine. The vulnerability, which affects Windows versions as of 7, takes advantage of Windows Defender, Microsoft Security Essentials, Microsoft Endpoint Protection and the Windows Intune Endpoint Protection dependency of the Malware Protection Engine to exploit the vulnerability. The result of a successful use of the exploit is as follows, according to Microsoft's notice:

    An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; see, change or delete data; or create new accounts with full user rights

To use CVE-2017-11937, an attacker must specially create a malicious package that will be scanned by default. For this to happen, the package must be sent to a location that is automatically scanned by Windows security products (such as email, hosting servers, and a website). As the scan is automatic, the packet can execute its remote code before the system has time to react, which gives a pirate full access to the machine.

The good news is that the patch for this critical Windows flaw was implemented fairly quickly. Even better, users can already have the updated version of the Windows operating system that contains this patch. As Catalin Cimpanu of Bleeping Computer explains in his report on the exploit, the update of version 1.1.14405.2 of the Microsoft Malware Protection Engine was installed automatically on the machines that have enabled their "auto-update mechanism for this component". The only way this update could have been blocked is "they have chosen to block MMPE updates by modifying the registry keys or through group policies".

Microsoft 70-743 Question Answer

You have a server named Server1 that runs Windows Server 2016.
You need to configure Server1 as a multitenant RAS Gateway.
What should you install on Server1?

A. the Network Controller server role
B. the Remote Access server role
C. the Data Center Bridging feature
D. the Network Policy and Access Services server role

Answer: B


You have an Active Directory domain that contains several Hyper-V hosts that run Windows Server 2016. You plan to deploy network virtualization and to centrally
manage Datacenter Firewall policies.
Which component must you install for the planned deployment?

A. the Routing role service
B. the Canary Network Diagnostics feature
C. the Network Controller server role
D. the Data Center Bridging feature

Answer: C

Microsoft’s Latest Experimental App Adds Voice Dictation To Office

Microsoft is using Cortana's voice recognition skills to bring dictation to the company's Office suite. The new application is simply called Dictate, and is the latest Microsoft Garage project, which is the company's experimental software team. Dictate is more a plugin for the application, since you really need Office to even use it. But once you install it, you can speak loudly in Word, Outlook and PowerPoint and have your words automatically transcribed into the selected text field.

20 languages are voice-to-text compatible, and Dictate also supports "real-time text translation" for up to 60 languages. Dictate started as a hackathon project, according to Microsoft's blog. In addition to blabbing out emails or a word document, you can also speak out the commands ("next line") and punctuation when using Dictate. But with this is just a Garage application, Nuance and other companies that specialize in voice dictation software do not have much reason to be wary yet.

Dictation uses the "state of the art" speech recognition and artificial intelligence behind Cortana, the Bing Speech API, and Microsoft Translator, according to the company.

Steelcase And Microsoft's Partnership Aims To Raise Worker Productivity

Steelcase general manager Jim Keane jokes to Grand Rapids furniture maker who has partnered with Microsoft is as surprising to some as his predecessor, Jim Hackett, recently named CEO of Ford Motor Co.

But both are tied to Steelcase being an industry leader when it comes to the intersection of office furniture and technology.

Microsoft wanted to work with the world's largest office furniture company, as the software giant began looking for ways to stay relevant to its customers.

"If you are in your business, they are realizing the days when they sold the software in a shrink box wrapped long ago," said Keane. "And even now, as they move to more subscription models, the key to success is not how many users are registered - but ultimately, how much people use the software they signed up for."

Microsoft realizes that the use of its software is tied to productivity. There is nothing wrong with software or devices, but people are using a very small percentage of the capacity in those tools, says Keane.

When Microsoft launched its Surface Hub product line a few years ago, companies were interested in the technology but had questions about how to integrate the larger devices into their workspace.

"We learned very quickly that we have to think of this as an architectural component," said Julia Atalla, senior director of surface marketing at Microsoft.

Microsoft customers had questions about the best environment for Surface devices.

Atalla, who has been one of Microsoft's top executives in collaboration, is at the NeoCon this week in Chicago. Participated in a "Conversation on Creativity" at the Steelcase showroom at Merchandise Mart on Sunday, June 11, with James Ludwig, vice president of global design at Steelcase.

The issue was about how space and technology can lay the groundwork for creative and ultimately more productive work.

Keane has been at the heart of the company's growing relationship with Microsoft, and has had discussions with Microsoft CEO Satya Nadella as they have laid the groundwork for their collaboration.

"We can actively and intentionally shape human behavior by changing the way the offices are designed, changing the types of furniture they choose ...," Keane said.

The thought is that Microsoft can develop technology that creates new potential and Steelcase can design environments that shape behaviors around use.

The first area that companies are focusing on is how to inspire creativity. In March, the companies unveiled five "Creative Spaces" at Steelcase's WorkLife Center in New York City.

One reason the partnership makes sense is that Microsoft and Steelcase have the same customer base.

"When we talk to our customers, we ask about technology," Keane said. "We were attracted to a technology discussion with our customers, Microsoft was hearing the same thing: they would talk about software and people would want to see their offices to see how it would work."

In New York, Microsoft takes its customers through the Steelcase showroom to demonstrate how their Surface Pro product line is used in an office.

"It's much easier to get close to customers when they're already buying the two," Keane said. "We're not trying to move from one company to another, we're just trying to bring you ideas about Microsoft products that work together."

As the demand for office furniture has flattened in recent years, manufacturers have responded differently. Some are expanding into the retail sector while others are designing more sophisticated furniture and some competitors are moving into new geographies.

"I can not think of a time when this industry has gone under the changes that is happening (now.) It's a great time for strategy," said Keane. "We think there are a lot of opportunities."

He says Steelcase will remain focused on the evolution of the worker and the workplace. The company is increasing its development investment and plans to hire 100 people to work at its Grand Rapids Learning and Innovation Center, where Keane and the leadership have moved their offices from the company headquarters to the side.

"It's not necessarily where the industry goes, but it's part of our commitment to product development and innovation," said Keane.

Microsoft 70-743 Question Answer

This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals. Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. All client computers run Windows 10. On Server1, you have the following zone configuration.

You need to ensure that all of the client computers in the domain perform DNSSEC validation for the fabrikam.com namespace. Solution: From Windows PowerShell on Server1, you run the Add-DnsServertrustAnchor cmdlet. Does this meet the goal?

A. Yes
B. No

Answer: B

Microsoft 70-743 Question Answer

Note: This question is part of a series of a questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory forest named contoso.com. The forest contains a member server named Server1 that runs Windows Server 2016. All domain controllers run Windows Server 2012 R2.
Contoso.com has the following configuration. You plan to deploy an Active Directory Federation Services (AD FS) farm on Server1 and to configure device registration.
You need to configure Active Directory to support the planned deployment.
Solution: You raise the forest functional level to Windows Server 2012 R2.
Does this meet the goal?

A. Yes
B. No

Answer: B