Microsoft Windows Server 2004: This update will help you make the most of containers


The latest SAC release of Windows Server continues Microsoft’s drive to reduce server container sizes, especially for .NET, without losing application performance.

The solution to ‘my version of Windows Server is about to lose support’ used to be ‘upgrade to a newer version’. But if you’ve carried on running an old version, such as Windows Server 2008 or 2008 R2, it’s probably not because you didn’t want to take the time to upgrade. Most likely it’s because you were running line-of-business applications that didn’t get any better on a newer OS, so the cost and disruption of upgrading outweighed the security benefits.

SEE: 250+ tips for telecommuting and managing remote workers (TechRepublic Premium)

Microsoft has been pushing organisations to modernise those server applications to run in containers — perhaps adding new features, but definitely making them more portable so it’s easier to keep the OS they’re running on up to date. The six-monthly Semi-Annual Channel (SAC) releases of Windows Server are where the updates to that container platform show up quickest, so you’re unlikely to experience the cognitive dissonance of moving from Windows Server 2008 to Windows Server 2004. But those who have already started work on modernising server apps will see some welcome improvements in this new release, especially for .NET.

The emphasis on reducing the download size of Windows Server container images continues (see chart, below): Windows Server 2004 is about 20% smaller than with WS 1909; the on-disk size is also smaller — just under 4GB instead of slightly less than 5GB. That makes it faster to download a container and deploy it.

A lot of the space saving comes from moving most of the NGEN performance optimisation from the Server Core image to the .NET Framework runtime image. Windows Server comes with .NET native binaries precompiled with NGEN, which makes them faster but also makes the image size larger. The Server Core image now has a much smaller set of precompiled binaries — just the x86 and X64 versions of mscorlib.dll, System.dll and System.Core.dll, along with a serviced version of the .NET Framework.

Even with the extra NGEN files, the .NET Framework image is also smaller. Partly that’s because many traditional Windows Server applications are ASP.NET web applications and the NGEN optimisation is now targeted to ASP.NET apps and PowerShell scripts, and partly because the image is now built to avoid the bloat you get by updating files through the Dockerfile that builds the image (which adds multiple copies of the file). Instead of installing and then patching the .NET Framework, the image loads the Windows Server Core to get the .NET Framework and then uses NGEN to pre-compile only the 64-bit assemblies for PowerShell and ASP.NET.

Microsoft continues to reduce Windows Server’s download size, and the space it occupies on disk.

Data: Microsoft / Chart: TechRepublic

Admin-friendly containers

Although it’s not tied to Windows Server 2004, Windows Admin Center (WAC) also now makes it easier to work with containers on Windows Server.

In the past, Microsoft has put a lot of emphasis on the developer tools for building and debugging apps in containers, but that didn’t help sysadmins who were used to providing a VM infrastructure to run applications. WAC has tools for monitoring and troubleshooting containers running on Windows Server, but until now it didn’t have the tools to move existing apps into containers.

There’s now an extension that enables WAC to pull container images from container registries like Docker Hub, spin up containers (setting options like CPU and RAM allocation, environment variables and persistent storage in much the same way as you would for VMs), create new container images and push them to Azure Container Registry (or other registries) so you can use them from different container hosts.

The extension is available on the Insider Feed, although you can use it with release versions of WAC as well: turn this on under Settings / Extensions / Feeds and add the feed, then pick the Containers extension from the list of available extensions. You’ll see the new features under Server Manager when you target a container host with Docker installed.

SEE: 5 developer interview horror stories (free PDF) (TechRepublic)

Initially, creating new images is restricted to containerising IIS Web Applications, including static web applications that don’t depend on frameworks and ASP.NET applications where you have access to the Visual Studio solution for the app. WAC will support more application types for containerisation in future: .NET and Java applications would be logical additions, as would SQL Server applications given that SQL Server itself is already available through containers.

You can incorporate PowerShell scripts for configuration, and you can use WAC to update an existing Dockerfile (if you’ve created a container for a previous version of the application and need to rebuild it for either a new OS or a new version of the application, for example). And rather like graphical admin tools for Windows Server and Exchange that also created a PowerShell script, you could copy to use for future automation and to help admins learn PowerShell, you can see a preview of the Dockerfile in WAC as you fill in the configuration. That will help admins become more familiar with the way a Dockerfile works, without forcing them to pick up new tools to work with the containers that are becoming an important Windows Server workload.

Before planning Windows Server 2004 installations, check whether you’re using Parity Storage Spaces; upgrades to this release are blocked on some hardware configurations because those storage partitions may show as RAW space in Disk Manager and running CHKDSK to fix that can cause data loss. If you’ve already upgraded to Windows Server 2004 and see the problem, Microsoft advises setting Parity Storage Spaces to read-only until it releases a fix. From an admin PowerShell console, run Get-VirtualDisk | ? ResiliencySettingName -eq Parity | Get-Disk | Set-Disk -IsReadOnly $true.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft Word: How to use AutoCorrect to handle unwanted words


Deleting unwanted words can be tedious, even if you use Word’s Find feature. Instead, consider using one of these AutoCorrect methods.

Image: photo5963, Getty Images/iStockphoto

Whether you’re an editor, writer, or you work in an organization that frowns on the use of certain words, you probably run a Find function so you can remove offending words before you consider the Microsoft Word document complete. You could write a macro to highlight them all so you can easily find them, but that’s a lot of work. Word’s AutoCorrect feature can do it much quicker. In this article, I’ll show you how to use AutoCorrect to automatically replace or otherwise identify a forbidden word as you type it, avoiding that final search task altogether.

SEE: Microsoft Teams: How-to guide (TechRepublic)

AutoCorrect is a Microsoft 365 feature, which means it’s available in other Office apps, not just Word. There are a number of built-in words and phrases, but you can add your own. To learn more about this feature, read Harness the power of Word’s AutoCorrect feature.

I’m using Microsoft 365, but you can use older versions. There’s no demonstration file because you won’t need one.

How to remove a word

Let’s suppose that one of your forbidden words is very; it’s over-used and adds nothing to the discussion. I know of no way to delete a word right out, but you can replace it with a space character. To add very to AutoCorrect, do the following:

  1. Click the File tab, choose Options from the left, and then choose Proofing in the left pane.
  2. Click AutoCorrect Options in the AutoCorrect Options section.
  3. In the resulting dialog, enter very in the Replace control.
  4. In the With control, enter a space—you can’t see it in Figure A, but it’s there.
  5. Click Add, and then click OK twice.

SEE: How to assign a keyboard shortcut to blocks of content for easy input in Word (TechRepublic)

Figure A

  Add an AutoCorrect item for the word very.

The AutoCorrect item you added will replace very with a space character. Let’s try it now. Enter the sentence, The word very is not allowed in this very formal document. There’s a bit of a problem though—did you notice? You won’t want to replace the first instance of very. Fortunately, doing so is no problem.

SEE: How to make the Microsoft Word automatic table of contents do what you want (TechRepublic)

After typing the first very, Word will replace it with a space. Press Ctrl+Z to undo that edit. Then, enter the rest of the sentence. When Word replaces the second instance of very, allow it to replace the word with a space character (Figure B). Now, you’ll want to remove the space character, which you can easily do with a Replace task when you’re done with the document to find and replace all double-spaces with a single space. If you don’t know how to do this, read 10 cool ways to get more from Word’s Find and Replace feature (Tip #1).

Figure B

  AutoCorrect replaces the second instance of very with a space.

Replacing a word with a space has the disadvantage of needing to delete the extra space, but it’s one way to avoid a forbidden word. You might think you’ve replaced one Find task with another, and in truth you have. This method is advantageous only if finding spaces is quicker and less tedious than finding and dealing with the forbidden word. If you’re removing several different words, it might be. Another method is to highlight the word rather than remove it. That way you can decide how to deal with the word without running an extra Find task to find it—you might delete it or substitute a different word. 

How to highlight a word

Highlighting a forbidden word makes sense when you’re allowed a bit of discretion. Creating the AutoCorrect item is similar, but you’ll start out differently. Begin by typing the word very (and use Ctrl+Z to undo the space substitution if you’re following along). Apply a highlight, such as yellow. Select the formatted word and do the following:

  1. Click the File tab, choose Options from the left, and then choose Proofing in the left pane.
  2. Click AutoCorrect Options in the AutoCorrect Options section.
  3. In the resulting dialog enter very in the Replace control. The With control is auto-filled with the selected word (Figure C) and its format. 
  4. If necessary, click Formatted text, but you shouldn’t need to. Word knows the selected word is formatted.
  5. Click Replace (remember, you created an item for very in the last section).
  6. Click Yes when asked to confirm the replacement.
  7. Click OK twice.

Figure C

  Create a replacement AutoCorrect item for very.

Now, type the same sentence, The word very is not allowed in this very formal document. As you type, Word highlights each occurrence of the word very, as shown in Figure D.

Figure D

  AutoCorrect highlights the word very.

Two things are worth noting: You can’t use both AutoCorrect items, and AutoCorrect doesn’t work if you paste the word.

Stay tuned

One of these two AutoCorrect items is probably the easiest way to handle a list of restricted words, but it isn’t the only way. Stay tuned for subsequent articles on using a dictionary and a macro.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft and LinkedIn partner to help 25M workers gain digital skills


Along with free access to learning content, Microsoft also announced the addition of a learning app to Teams.

LinkedIn CEO speaking during Microsoft digital event. 

Image: Screenshot

Microsoft introduced its new global skills initiative to provide digital skills to more than 25 million people worldwide who have been displaced by the coronavirus pandemic. The announcement was made during a Microsoft digital event on Tuesday, shedding light on the significant impact COVID-19 has had on employment, as well as introducing a new learning app to Microsoft Teams.

“People are contributing in new ways in essential roles, which have been overlooked and undervalued, to keep our society and economy functioning amidst this pandemic,” said Satya Nadella, CEO of Microsoft, during the digital event. 

“In this time of change, people are hungry to learn, gain new skills, and grow their economic opportunity. It’s been forecasted 800 million people need to learn new skills for their jobs by 2030,” Nadella said.

SEE: Top IT certifications to increase your salary (free PDF) (TechRepublic)

“COVID-19 has made the skills gap even more acute—it’s exacerbating economic inequity. People of color, people with disabilities, women…and those who have less formal education are bearing the brunt of this unemployment crisis,” Nadella added. 

Microsoft estimated that global unemployment in 2020 could reach a quarter of a billion. To help prevent this from occurring, the tech company announced a mitigation strategy grounded in three principles: Use data to identify in-demand jobs and the skills needed to fill them; free access to learning paths and content to help people develop those skills; and low-cost certifications and free job-seeking tools to help people pursue new jobs. 

The tech giant also mentioned that it would be providing $20 million in cash grants to nonprofits worldwide as a part of their strategy. 

With this approach in mind, here the key announcements Microsoft and LinkedIn made during the presentation. 

Major announcements 

1. LinkedIn Economic Graph 

LinkedIn first released its Economic Graph several years ago to track workforce trends and reveal emerging skills gaps. Since its inception, the graph has become even more critical and insightful, and it is now available to the public. 

Today, the graph presents a digital representation of 690 million professionals, 50 million companies, 11 million job listings, 36,000 defined skills, and 90,000 schools, said Ryan  Roslansky, CEO of LinkedIn, during the digital presentation.

“We’re excited to begin offering some of our labor market insights to policymakers and the public to help understand what jobs and skills are in demand per region,” Roslansky said.

“This labor market insights tool includes data on what companies are hiring, the top jobs companies are hiring for, and the skills needed for those jobs,” Roslansky said. “The data is available and downloadable for more than 180 countries and regions. You can access this tool at” 

By looking at the jobs with the greatest number of openings, steady growth over the past four years, livable wages, and skills that can be learned online, LinkedIn identified the 10 jobs that are most accessible to those seeking employment. 

“We’re also making 10 LinkedIn Learning paths aligned with these roles available for free,” Roslansky said.

Here are the 10 paths: 

  1. Become a Software Developer
  2. Become a Sales Representative

  3. Become a Project Manager

  4. Become an IT administrator (Prepare for CompTIA Network+ Certification)

  5. Become a Customer Service Specialist

  6. Become a Digital Marketing Specialist

  7. Become IT Support / Help Desk (Prepare for the CompTIA A+ Certification)

  8. Become a Data Analyst

  9. Become a Financial Analyst

  10. Become a Graphic Designer

2. Free access to comprehensive resources 

In addition to the free LinkedIn Learning paths, Microsoft also announced that it would offer free in-depth technical learning content through Microsoft Learn. 

“Microsoft Learn content also helps learners prepare for Microsoft certification so they can gain industry recognition for their skills. Through the end of the year, we’re significantly discounting the exams for these certifications for those impacted by COVID-19,” Roslansky said.

Microsoft Certifications will be reduced to $15 for those who can self -attest that their employment has been impacted by COVID-19. Users will have until March 31, 2021, to complete the exam. 

“We’ll also enable job seekers pursuing developer roles to access the GitHub Learning Lab to practice their skills. GitHub learning lab is a bot-based learning tool that uses repositories to teach technology, coding, Git, and GitHub via real-life demo based modules,” Roslansky said. 

“This means that as job seekers engage in learning paths, they’ll have the opportunity to practice newly acquired skills by completing realistic projects in a personalized GitHub repository,” Roslansky added. 

Once users learn those skills, they can easily add them to their LinkedIn profile, he added.

3. More tools for job seekers

LinkedIn also created four horizontal LinkedIn Learning paths employees and job seekers can use to make themselves more competitive and resourceful.  

The paths include the following: 

Additionally, LinkedIn announced new interview prep tools that leverage Microsoft artificial intelligence (AI). 

“When job seekers get to that critical interview phase, we want to help them demonstrate their skills through effective interviewing,” Roslansky said. “We’re offering free interview prep tools, including a newly launched feature, leveraging Microsoft AI for real-time feedback on your answers.”  

This also includes a new tool called Open to Work, which allows job seekers to let employers and the LinkedIn network know they are seeking employment. 

4. Learning app in Microsoft Teams

The last major announcement Microsoft made introduced the Microsoft Teams learning app. 

“A new Microsoft Teams app will help organizations skill and upskill employees, surfacing learning content in the context of their day-to-day work,” Nadella said. “By applying our technologies and partnering across the private and public sectors, we believe we can make progress in closing the skills gap.”

The app will allow employers to merge content from LinkedIn Learning, Microsoft Learn, the 

customer’s own content base, and third-party providers into one place. 

A demo of the app was shown during the virtual event, displaying how managers can assign and track learning progress, and how employees can gain recognition and certifications.

The app will be available later this year, according to a blog post

For more, check out Microsoft launches digital skills initiative to help those hit by the COVID-19 economy on ZDNet. 

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft Teams is different on desktop, iOS and Android: Here’s what you need to know


Microsoft is rapidly evolving its Teams app on iOS and Android, as the collaboration tool embraces firstline and other mobile workers.

Collaboration tools like Slack and Teams have become key to remote work, offering shared spaces for working on specific projects, hanging out with co-workers, and taking part in voice and video meetings. They’re powerful platforms, with APIs that allow you to build and deploy apps and services right alongside chats.

SEE: Office 365: A guide for tech and business leaders (free PDF) (TechRepublic) 

Microsoft Teams has become an important part of its Microsoft 365 service, building on the Microsoft Graph and offering a web-based rendering environment for applications. It’s built using web technologies, with a browser client and desktop tool that’s running in GitHub’s Electron HTML and JavaScript runtime. But the desktop isn’t the only way to access Teams: it’s available on iOS and on Android via Apple’s and Google’s respective app stores, with a very different set of use cases from the desktop.

Teams for the frontline

There’s been something of a sea change at Microsoft over the past few years. It used to be a company focused on skilled ‘knowledge workers’, with the slogan ‘A computer on every desk and in every home’. The mission statement is now ‘to empower every person and every organization on the planet to achieve more’. With the change of emphasis from computers to people, there’s a shift to supporting firstline workers, who often work shifts and are usually paid by the hour.

It’s a move that has put less focus on the PC, and more on mobile devices. Staff working in a coffee shop, say, need access to shared notices and shift-booking tools rather than copies of Word and PowerPoint. Microsoft offers its Microsoft 365 F3 plans, which come with web and mobile device support for the Office apps, including the mobile version of Teams and the services needed to support it.

Teams on iOS and Android

If there’s one thing that the Teams mobile app isn’t, it’s a clone of the desktop Teams experience. While that would be easy for Microsoft to deliver, it wouldn’t be the easy-to-use, easy-to-learn application that a firstline worker needs. They need to be able to pick it up and get to work, with minimal training. So the mobile Teams needs to be designed to work like any other iPhone or Android app, with a familiar look-and-feel and support for native mobile features.

There are Teams features that make more sense on mobile, while others are there to help you manage your work/life balance more effectively. That can be as simple as setting quiet times to block out calls and messages when you don’t want to be disturbed. Unlike Windows’ Focus Assist tools, Teams goes further and offers an option of Quiet Days, which allow you to block out whole days — stopping notifications at weekends or on shift rest days, for example.

Walkie Talkie, which works over wi-fi or cellular connections, will be available in the Teams mobile app in July and will integrate with Samsung’s rugged Galaxy XCover Pro smartphone.

Image: Microsoft

Walking and talking

One important feature in the mobile version of Teams is Walkie Talkie, launching on Android devices in July. Like the old press-to-talk phones, it’s a way to quickly put staff in touch with each other. Using either Wi-Fi or cellular data, it provides a secure voice communications channel for individuals and groups. Walkie Talkie is part of Microsoft’s partnership with Samsung’s mobile phone group, with the new Galaxy XCover Pro rugged phone offering a hardware ‘talk’ button that activates the feature.

Walkie Talkie is like any Teams app, and needs to be installed from the Teams admin centre. Once it’s installed and deployed to devices, you’ll need to set up dedicated teams and channels for Walkie Talkie, to segment groups of users and avoid cross-talk and confusion. Users will connect to a channel when they come on-shift and disconnect when they leave.

SEE: Microsoft 365: A cheat sheet (free PDF) (TechRepublic)

For staff on a factory floor, issuing a corporate-managed smartphone with hardware support for tools like Teams makes a big difference. The learning curve is shorter, and you’re able to use Microsoft 365’s InTune device management service to control the software on devices and how they’re used. Walkie Talkie is still in private preview, but should launch soon.

If a Walkie Talkie isn’t what you need, Teams still offers useful audio features in its chat tools. Where you might type a message on a PC, Teams has the option of using your phone to record a message that’s dropped in-line in the chat. There’s often very little time to compose a message on a phone screen, so quickly dictating a message lets you stay in touch with team members without having to give your phone all your attention.

From desk to hand: making Teams mobile

Closely related is an easy way of sharing your location, hooking into your device’s existing GPS and mapping tools. Tap on the ‘…’ in a chat, where you normally chose emoji or link to video streams, and Teams will insert a map snippet and an address. It’s a useful way for field service engineers or other mobile workers to quickly let others know where they are in relation to current calls, making it easier to quickly allocate tasks to the worker nearest a call.

Microsoft is clearly aware of the differences between desktop and mobile use. Some of the mobile Teams features are there to make sure that using Teams doesn’t detract from your device’s look and feel. That includes support for a dark mode, which can be useful in low-light conditions or where you don’t want to disturb the people around you. Other options make it easier to customise the buttons and menus, so you can have the tools and apps you use inside in Teams right where you need them.

Modern mobile devices are more than portable computers; they’re powerful cameras as well. Microsoft’s ML-powered Office Lens is a tool for taking and sharing images of documents and screens, automatically trimming unwanted borders and adjusting perspective. It turns a phone into a portable scanner, and by integrating Office Lens into the mobile Teams app you can quickly share paper documents with colleagues without leaving the app.

Tools like Teams are going to be an important part of the work experience for most of us, so it’s good to see the mobile version of the app now offering mobile-specific features that differentiate it from the desktop. The way we work on mobile is evolving, and the rapid evolution of apps like Teams shows that they are keeping pace, supporting and guiding these developments. It will be very interesting to see what the mobile version of Teams looks like in a year or even five years’ time.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft Edge browser: This new password monitor helps keep your data safe


The new Edge browser will soon warn you if one of your passwords shows up in a data breach — a feature based on an Azure service that enterprises can already use to protect user passwords.

Browser extensions like PassProtect warn you if the password you’re using to log into a site is known to have been compromised and listed in a data breach, often based on the excellent Have I Been Pwned service. Chrome and Firefox have introduced password breach notification inside the browser and when macOS Big Sur comes out, Safari will notify users if a password saved in their iCloud Keychain is compromised.

Password breach notification is one of the many Google services that Microsoft stripped out of the open-source Chromium code and replaced with its own version, which will ship in Edge 85 (the next stable version) on both Windows and macOS. Password Monitor, as it’s called, will pop up a notification if any of the username and passwords that you’ve let Edge save appear in a data breach, with a link to go to the site and change your credentials.

SEE: Security Awareness and Training policy (TechRepublic Premium)

There will also be a dashboard in the Password section of Settings (Settings / Passwords / Password Monitor or edge://settings/passwords/passwordMonitor) that will show you any leaked passwords that you haven’t yet dealt with, and any previous alerts that you’ve ignored in case you want to deal with them later. If you’re using the Canary or Dev branches of Edge, you might see the dashboard already, or you might just get a placeholder because the feature is still being rolled out to users, but Password Monitor won’t start scanning your passwordsc for breach notifications until you give Edge permission to do that.

Admins can manage the Password Monitor feature through group policy or registry settings (PasswordMonitorAllowed and SOFTWAREPoliciesMicrosoftEdgeRecommendedPasswordMonitorAllowed). Disable the policy and users won’t be asked for permission to enable the feature and password won’t get scanned; but even if you enable the policy they can still turn the feature off, so you may want to offer training so staff are comfortable that the scanning isn’t a risk to their privacy.

What you’ll see in Edge if one of your passwords has been exposed.

Image: Microsoft

Finding leaked credentials 

Like Google, Microsoft’s security team collects its own details about exposed credentials, from similar sources to Have I Been Pwned (with researchers tracking leaks that show up on the so-called ‘dark web’ of hacker forums and sharing sites), but also from attempted attacks on its own services. Office 365, Xbox Live and Outlook are among the first services that attackers try out leaked usernames and passwords on, because so many people reuse the same password on different sites; Microsoft calls this a ‘data breach replay attack’ and it detected 4.6 billion attempts to use passwords lost in data breaches to log into Microsoft services in just one month (May 2018).

As of 2018, Microsoft was analysing 18 billion login attempts for 800 million accounts a day. About 300 million of those attempts were from hackers. Given that 3,800 data breaches exposed over 4 billion records in the first half of 2019, there are plenty of genuine passwords to try.

If a password for a different site that you’ve saved in Edge is being used to try and log into one of the Microsoft services you use (either because it’s a common password that attackers are trying out or because you used it for a different site that suffered a password breach), Password Monitor can alert you even if security researchers don’t already have a dump of the passwords from a data breach. Microsoft, Google and other large online services like Facebook (and national cyber security services around the world who confiscate computers from suspects) also share information about leaked credentials and compromised accounts.

Azure AD Password Protection’s identity protection feature looks for risky logins and compromised credentials; the same security graph information powers Edge’s password breach notifications.

Image: Microsoft

Those compromised password lists aren’t used to create the list of banned passwords that Microsoft will stop you using to sign up for a Microsoft service because they’re easy to guess; that’s created by looking at what passwords are used to attack accounts and applying normalisation rules that spot common substitutions like ‘0’ for ‘o’. But enterprises can already use both the banned password list and credential leak protection, along with their own list of banned passwords, to protect passwords used in their own environment — including Active Directory — by using Azure AD Password Protection (which is included in an Azure AD P2 or Microsoft 365 E5 licence).

The identity protection feature in AAD Password Protection uses the same leaked credential information that Edge Password Monitor relies on, as well as looking at patterns in logins (whether users are coming from unusual devices and IP addresses, for example, or if they’re trying to log in from a different country when they wouldn’t have had time to travel there). Edge doesn’t look at details of your connection like that, and getting notifications about compromised credentials doesn’t mean you shouldn’t use a password manager that creates complex passwords that are harder for attackers to guess. But putting the warnings right in the browser where you can quickly go and change a leaked password is important because leaked passwords are used by attackers within minutes of becoming available, rather than hours or days later, which is why these notification services are showing up in all the browsers.

Cybersecurity Insider Newsletter

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays

Sign up today

Also see

Microsoft to permanently close all of its retail stores


The company will “reimagine” four of its existing stores, specifically ones in London, New York City, Sydney, and its Redmond campus, but those won’t necessarily be retail outlets.

Microsoft Store In New York

The Microsoft Store in midtown Manhattan in New York City. 

Image: Nicolas Economou/NurPhoto via Getty Images

Microsoft is pulling the plug on its retail store experience. After launching its first physical store more than 10 years ago, the company is permanently closing all its physical retail outlets across the world, except for four that will be “reimagined” as new spaces, David Porter, corporate VP for Microsoft Store, said in a LinkedIn post on Friday.

SEE: Cheat sheet: Windows 10 PowerToys (free PDF) (TechRepublic) 

“As part of our business plan, we announced a strategic change in our retail operations, including closing Microsoft Store physical locations,” Porter said. “Our retail team members will continue to serve customers working from Microsoft corporate facilities or remotely and we will continue to develop our diverse team in support of the overall company mission and objectives.”

In announcing the decision, Porter said that Microsoft’s hardware and software sales have been shifting online, while its lineup has evolved to digital products, including Microsoft 365 as well as content for gaming and entertainment. Porter touted growth in traffic to and the company’s digital Xbox and Windows storefronts that see as many as 1.2 billion monthly customers across 190 markets.

Further, the coronavirus lockdown seemed to show Microsoft that it could provide sales and technical support to buyers and customers without maintaining a physical presence. The company’s shift to a remote workforce due to COVID-19 still allowed it to support individuals and organizations.

“Our retail sales team helped small businesses and education customers digitally transform; virtually trained hundreds of thousands of enterprise, government and education customers on remote work and learning software; and helped customers through support calls,” Porter said. “The team supported communities hosting more than 14,000 online workshops and summer camps and helped more than 3,000 schools and 1.5 million students celebrate virtual graduations.”

In line with the store closures, Microsoft employees will offer sales, training, and support from their corporate offices as well as remotely, Porter said. The company also aims to enhance its digital storefronts where people can buy products, receive training, and get technical support. One new service slated for these online storefronts will be 1:1 video sales support.

The four stores in London, New York City, Sydney, and the Redmond campus will be reimagined as new spaces, according to Porter. But there was no indication that these would still be used as retail outlets. Microsoft also plans to co-locate engineering, sales, support, envisioning centers, executive briefing centers, and retail spots to maximize available space.

Borrowing a page from Apple, Microsoft opened its first retail store in the US in October 2009 to sync with the launch of Windows 7. Over the years, the number of US stores climbed to 72 locations across 31 states. Expanding beyond the United States, Microsoft kicked off stores in Australia, Canada, Puerto Rico, and England, for a total of 82 worldwide.

The Microsoft store was an attempt to sell products and services, offer support and training, and provide customers with a more personal one-on-one approach. But unlike Apple, Microsoft failed to squeeze much success or profitability out of its retail store experience. One factor lies in a core difference between the two companies.

Apple designs and sells its own hardware and software, mostly for individual consumers who can enjoy and benefit from an in-store experience. Microsoft is a more nebulous company that creates and sells software to run on devices from other vendors, while its direct target audience consists of enterprise customers less likely to venture to a store for sales or support.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Editor’s note: This story and headline have been updated to clarify that the remaining four stores won’t necessarily be retail centers.

Two ways to return to where you last were in a Microsoft Word document


If you browse a lot, you might want to make use of these two easy methods for returning to where you started in Microsoft Word.

Image: Screenshot

That title’s a bit ambiguous because where you last were could mean different things to different users. What users really want is to look around in a document without losing their place. If you’re reading a book, you can bookmark the spot. You can do the same in a Word document, but that’s a bit dramatic if all you’re looking for is a quick way to return to where you last were. In this article, I’ll show you two easy ways to do that, even though where you last were doesn’t mean the same thing in both tips.

I’m using Microsoft 365, but you can use earlier versions. There’s no demonstration file because you won’t need one. I used the RAND() function to create a few paragraphs of text and then copied them several times to create a five-page document. The space bar tip works in the browser, the Shift+F5 tip doesn’t. Enlarging the cursor carries over into the browser but increasing the size of the insertion point doesn’t.

SEE: Office 365: A guide for tech and business leaders (free PDF) (TechRepublic)

Finding where you last were in Word

The phrase where you last were could mean two different things. Either you want to go back to the spot where the insertion pointer is, or you want to return to the last edit. Sometimes, the spot is the same and sometimes it isn’t. Fortunately, there are two quick ways to satisfy both possibilities.

Getting back to the insertion pointer in Word

It’s common for a user to be reviewing a part of the document that’s nowhere near the insertion point. The user might be referencing related information or checking to make sure information was included in a later section. There are many reasons for viewing content that is paragraphs, pages, or even full sections away from the insertion point. All that’s required to get home is a tap of your shoes–I mean, the space bar. It really is that simple.

Now, let’s suppose you’re working in a long document (which is difficult to represent in a single figure, so lend me your imagination a bit). You can see in Figure A that the insertion point is on the first page, but let’s say you’re reviewing content on page 4. (You’d probably scroll down rather than displaying multiple pages as I have. I’m displaying multiples to represent what we’re doing.)

Figure A

  You can view areas well beyond the insertion point.

Now, let’s suppose you’re reading page 4 or 14 or 421, and you want to return to the insertion point, and you don’t remember exactly where it is. Remember, the insertion point is where you can edit the document and not necessarily where you’re currently viewing. All you have to do is press the space bar and Word immediately returns you to the insertion point. You’ll want to delete the space of course, but that’s the quickest and easiest method for getting back to where you last were. This is one of those simple tips that works more often than not without doing a single special thing. However, this quick and easy solution won’t always work. For instance, if you use Page Down to browse the document, it won’t work because Page Down moves the insertion point! 

Get back to the last edit(s)

In some cases, where you last were will refer to the last edit you made. That may or may not be where the insertion point is. To find the last edit, simply press Shift+F5. You can press this combo to find the last three places in the document where you edited content. Keep in mind that a single keystroke is an edit, so sometimes this combo won’t work as you expected.

Try it now by making simple edits in a longish document—remove a word, add a space, apply bold—and then press Shift+F5 to return to each of those edits. If you have more than one document open, the combo might even take you to another document!

SEE: Recap: Microsoft Build 2020 (free PDF) (TechRepublic)

How to enlarge the cursor and insertion point

Neither of these tips is perfect but don’t give up. They’re both worth the effort of familiarity. However, there’s one more tip to offer. The cursor is small. Even when working on the same page, it can be difficult to find. One way to attack this is to make the cursor larger and thereby more visible. (Notice that I’m talking about the cursor and not the insertion point—we’ll get to that next.)

This solution is a Windows solution and it isn’t perfect (nothing in this article has been) but it can help. Here’s what you can do:

  1. In Cortana, type Control Panel and choose Mouse from the list to the right (Figure B).
  2. In the resulting dialog, click the Pointers tab.
  3. From the Customize list, choose Text Selector, and then click Browse.
  4. Thumb down to the I beam choice and select a bold, larger item (Figure C).
  5. Click Open, Apply, and OK. The new insertion point is much larger than the out-of-the box icon.

Figure B

  Find the Mouse settings. 

Figure C

  Choose a larger I beam icon.

That’s helpful to a point, but what about the insertion point? You can also enlarge it. To increase the size (or thickness) of the blinking cursor (the insertion point), do the following:

  1. In Cortana, type Ease of Access mouse settings and choose the system settings item from the resulting list.
  2. Click Mouse and Pointer on the left.
  3. Scroll down to change cursor thickness and use the thumb to increase the size. Figure D shows the insertion point at its full thickness. The thickest setting can be confusing as it resembles insertion mode a bit. Reset the thickness until you find the one that’s right for you.

Figure D

  This insertion point is much easier to see.

Keep in mind that changing the insertion point and the cursor are Windows settings, so they impact more than Word. You will see the modifications in other applications that use them.

It’s not a silver bullet

Nothing I’ve shown you in this article will work perfectly, as you expect, every single time. As you become more familiar with each, you’ll intuitively know what will work best in any given situation. Whether you change the visual impact of the cursor and the insertion point is up to you.

Also see

How Microsoft is changing its Windows Insider program


Windows Insider builds are shifting from the current Ring model to a new Channel model in an attempt to make the process less confusing.


Image: Microsoft

Microsoft is kicking off a couple of changes to its Windows Insider program that could help users better choose and navigate the right builds.

In a blog post published Monday, the software giant said that it’s transitioning the present Ring model for builds to a Channel model. Beyond the name change, the new model will focus less on the frequency of each build and more on the quality. The goal is to help existing insiders and new joiners select the build experience that’s right for them.

SEE: Windows 10 Start menu hacks (TechRepublic Premium) 

People who join the free Windows Insider program receive regular updates, or builds, with the latest changes that Microsoft is planning for Windows 10. By working with these prerelease builds, insiders can share feedback with the company to help it fix bugs and smooth over the rough spots before an update hits the general public.

In the current model, Microsoft offers three rings: Fast, Slow, and Release Preview. The Fast ring is for Windows Insiders who want updates the fastest and are willing to put up with more bugs and glitches. The Slow ring is for those who’d rather wait for more stable updates. The Preview Release ring is the most stable of the three and is geared toward people who want to get an upcoming major Windows update before it’s released to the public.

The problem with the Ring method is that it forces Microsoft to work on multiple product releases for Windows 10, all at the same time. Plus, the Ring builds are based more on frequency than quality, another aspect that makes the process more challenging.

“In the middle of 2019, Insiders were running builds from 3 different releases (at various stages in our development cycle) with the Fast ring being on 20H1, the Slow ring on 19H2 code, and the Release Preview ring on 19H1 code,” Microsoft said. “We began to realize that we were ‘outgrowing’ the original concept for rings.”

The new method will instead use a Channel model with a clear transition from the current rings. The Fast ring will become the Dev Channel, the Slow ring will become the Beta Channel, and the Release Preview ring will become the Release Preview Channel. The new channels are described as follows:

  • Dev Channel. Right for highly technical users, these builds will offer the latest work-in-progress changes eyed for future releases of Windows but will have rough edges and some instability.
  • Beta Channel. Best for early adopters, these builds will offer upcoming Windows 10 features aimed at a specific release and will be relatively stable as validated by Microsoft.
  • Release Preview Channel. Geared for people who want stable and validated releases, these builds will include upcoming changes to Windows ahead of their public launch and are supported by Microsoft.

Image: Microsoft

The new names also match up with recent changes to the naming scheme for the Office Insider Program. People testing new builds of Microsoft 365 can choose from a Beta Channel or a Preview Channel.

Current Windows Insiders need do nothing; these changes to the Insider builds will automatically take effect. Those who join the Windows Insider Program will be able to choose which of the three Insider settings they want to use. To join the program directly in Windows 10, go to Settings and then Update & Security. Select the setting for Windows Insider Program and click the button to Get Started. You’ll then be prompted to select a channel.

Depending on the channel you choose, you’ll likely want to receive the builds on a computer separate from your main or production machine, such as a test PC or virtual environment.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft 365 phishing campaign exploits Samsung, Adobe, and Oxford University


The attack redirects users through legitimate websites in an attempt to capture their Microsoft credentials, says Check Point Research.


Image: weerapatkiatdumrong, Getty Images/iStockphoto

Microsoft is a
popular brand for cybercriminals

to impersonate in phishing campaigns. The company’s products are used by a vast number of people, both personally and professionally. Plus, gaining access to someone’s Microsoft credentials can open the key to an array of associated websites and services. One particular campaign analyzed by cyber threat intelligence provider Check Point Research redirected people through a series of legitimate websites in an effort to steal their Microsoft credentials.

SEE: Fighting social media phishing attacks: 10 tips (free PDF) (TechRepublic) 

In a blog post published Thursday, Check Point described the method in which attackers exploited one of Oxford University’s mail servers to send the initial email, abused an Adobe Campaign redirection tool, and then used a Samsung domain to take users to a Microsoft Office 365-themed phishing website. The goal was to take advantage of legitimate sites and services in an effort to evade security software. First spotted in April, 43% of the attacks targeted European companies, while the rest were found in Asia and the Middle East.

Most of the emails observed came from multiple addresses that belonged to legitimate subdomains from different departments at the University of Oxford. By using Oxford’s SMTP servers, the attackers were able to sneak past the reputation check for the sender’s domain. They could also generate as many email addresses as they needed.

The sent email itself claims to offer missed voice mail related to the recipient’s Office 365 account with references to Office 365 and Microsoft and even a phony “Message from Trusted server” notice at the top. The email prompts the recipient to click on a button to listen to or download their missed voice messages. Clicking on that button then takes unsuspecting victims to a phishing page that asks them to sign in with their Microsoft account.

Image: Check Point Research

Behind the scenes, however, the trip between the email and the phishing page goes through several steps. First, users are redirected to an Adobe Campaign server. Offered by Adobe to email marketers, Adobe Campaign has been exploited in other phishing attempts to add legitimacy to URLs used in malicious messages.

In this instance, the link in the email directs people to an Adobe server used by Samsung during a 2018 Cyber Monday marketing campaign. By taking advantage of the Adobe Campaign link format and a legitimate Samsung domain, the attackers attempted to elude security protection based on reputation, blacklists, and URL patterns.

Next, the attackers redirect users to one of several compromised WordPress sites that contain malicious redirect code. Adding this layer is another way to evade security products as the URL in the email points to a seemingly legitimate WordPress site rather than a dubious phishing page.

As the final step, the phishing page is located on one of the compromised WordPress sites. Created using JavaScript, this page looks like a legitimate Microsoft login page that prompts for the person’s username and password.

Image: Check Point Research

To elude security alerts or blocks, the attackers reached into a clever bag of tricks. Using an Oxford email server to send the initial email helped them bypass reputation filters. The links within the email pointed to a legitimate domain owned by Samsung. And a series of redirects resulted in a concealed phishing page.

Image: Check Point Research

“What first appeared to be a classic Office 365 phishing campaign turned out to be a masterpiece strategy: using well-known and reputable brands to evade security products on the way to the victims,” Lotem Finkelsteen, Check Point manager of threat intelligence, told TechRepublic. 

“Nowadays, this is a top technique to establish a foothold within a corporate network. Access to corporate mail can allow hackers unlimited access to a company’s operations, such as transactions, finance reports, sending emails within the company from a reliable source, passwords, and even addresses of a company’s cloud assets. To pull the attack off, the hacker had to gain access to Samsung and Oxford servers, meaning he had time to understand their inner workings, allowing him to go unnoticed.”

To protect yourself against phishing attacks that exploit Microsoft 365 and other cloud services, Check Point offers three tips:

  1. Use different passwords for your cloud application. Segregation protects your assets when one is exposed.
  2. Use cloud and mail security solutions. The fact that these campaigns thrive proves that native security solution are easy to bypass. Use cloud and mail security solutions to remove threats to your email and to protect your cloud infrastructure.
  3. Don’t enter your credentials when you didn’t expect to do it. Often, it’s a scam in disguise.

Roger Grimes, data driven defense evangelist for KnowBe4, also has some advice to share.

“Phishing emails sent from a compromised trusted third party have been on the rise for at least two years,” Grimes said. “When I talk to CIOs, they say this is the type of phishing email that they see increasing the most and the one that worries them the most. Traditional anti-phishing advice like ‘Don’t trust email coming from people you don’t know’ or ‘Don’t open file attachments from people you don’t know’ doesn’t work. These days, phishing emails are coming from people and brands you trust and have ongoing relationships with.”

To combat these latest phishing threats, Grimes suggests the following steps:

  1. Educate users about these types of attacks coming from compromised trusted third parties.
  2. Implement Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and DMARC to ensure that the sending domain in the email is really the domain it is coming from.
  3. Educate users to care more about the particular request than the sending party it is from. If the request is unexpected and requesting an action never requested before, then it should be considered suspicious and investigated more before performing the requested action.
  4. Most of these types of phishing emails have “stressor events” in them, telling the user they need to do something immediately, or else something irreversibly bad will happen. Teach end users to be suspicious of all emails containing stressor events. If an email arrives saying you need to act quickly, that’s the time to stop and think before you act.
  5. Lastly, tell users to call the legitimate sender when something seems unusual. Make it a policy. They should call using pre-defined phone numbers and not rely on any phone numbers or contact information in the email.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see

Microsoft adds CompTIA certifications to datacenter training programs


Five community colleges offer the Datacenter Academy program that is part of a larger community development program.

Diverse IT colleagues setting server hardware

Image: EvgeniyShkolenko, Getty Images/iStockphoto

Community college students at five Microsoft Datacenter Academies around the country have a new requirement to test their tech skills: CompTIA certifications.

Three CompTIA certifications will become required components of the existing IT curriculum at the schools:

  • CompTIA A+ 
  • CompTIA Network+

  • CompTIA Server+ 

The Datacenter Academy trains students for entry-level jobs at data centers. Training covers infrastructure cabling, copper and fiber optic testing, and computer network connectivity. Courses range from eight weeks to 20 months.

SEE: Guide to Becoming a Digital Transformation Champion (TechRepublic Premium)

The Datacenter Academy program is a part of Microsoft’s Datacenter Community Development initiative, which works to build partnerships that deliver economic, social, and environmental benefits in communities where Microsoft operates datacenters. This initiative brings together nonprofits, governments, educators, and businesses to improve computer science education and support business development.

“CompTIA is an important partner for the Microsoft Datacenter Academy program, which develops IT skills for the community workforce in locations where Microsoft operates datacenters,” Utaukwa Allen, senior director, Microsoft Datacenter community development, said in a press release. “Skills learned through the CompTIA curriculum prepare workers for jobs in the digital economy, including working in a Microsoft datacenter.”

Participating schools also can add the CompTIA Security+ certification, which covers baseline cybersecurity skills, to their programs. Classroom instructors at the five partner schools will have the opportunity to join the CompTIA Instructor Network.

Currently, five community colleges around the US have Microsoft Data Center training programs, including Southside Virginia Community College, the Southern Virginia Higher Education Center, Des Moines Area Community College in Iowa, Laramie County Community College in Wyoming, and Big Bend Community College in Washington. 

Earlier this spring at the Des Moines Area Community College, the datacenter academy opened a virtual learning lab, which features virtual reality (VR) and augmented reality (AR) technologies that will give students the opportunity to navigate the Microsoft data centers located throughout Central Iowa via a simulated environment.

During the COVID-19 pandemic, datacenters were deemed essential businesses by most jurisdictions due to the reliance on cloud services by businesses, schools, and government agencies, including many first responders.

Cloud certifications, security certifications and project management programs are other popular ways to quantify professional experience and increase earnings potential.

Microsoft Weekly Newsletter

Be your company’s Microsoft insider by reading these Windows and Office tips, tricks, and cheat sheets.
Delivered Mondays and Wednesdays

Sign up today

Also see