Microsoft Edge: Protect against potentially unwanted applications (PUAs)

Overview

Potentially unwanted applications aren’t considered to be viruses or malware, but these apps might perform actions on endpoints that adversely affect endpoint performance or use. For example, Evasion software actively tries to evade detection by security products. This kind of software can increase the risk of your network being infected with actual malware. PUA can also refer to applications that are considered to have poor reputation.

Protect against PUA with Microsoft Edge

Microsoft Edge (version 80.0.361.50 or later) blocks PUA downloads and associated resource URLs.

You can set up protection by enabling the Block potentially unwanted apps feature in Microsoft Edge.

To enable PUA protection:

  1. Open Settings in the browser.
  2. Select Privacy and services.
  3. In the Services section, check to see that Microsoft Defender SmartScreen is turned on. If not, then turn on Microsoft Defender SmartScreen. The example in the following screenshot shows the browser is managed by the organization and that Microsoft Defender SmartScreen is turned on.
  4. In the Services section, use the toggle shown in the preceding screenshot to turn on Block potentially unwanted apps.
security-pua-setup
Edge security-PUA-setup

block against PUA-associated URLs

After you turn on PUA protection in Microsoft Edge, Windows Defender SmartScreen will protect you from PUA-associated URLs.

There are several ways admins can configure how Microsoft Edge and Windows Defender SmartScreen work together to protect users from PUA-associated URLs. For more information, see:

Admins can also customize the Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) block list. They can use the Microsoft Defender ATP portal to create and manage indicators for IPs and URLs.

Protect against PUA with Windows Defender Antivirus

The Detect and block potentially unwanted applications article also describes how you can configure Windows Defender Antivirus to enable PUA protection. You can configure protection using any of the following options:

When Windows Defender detects a PUA file on an endpoint it quarantines the file and notifies the user (unless notifications are disabled) in the same format as a normal threat detection (prefaced with “PUA:”.) Detected threats also appear in the quarantine list in the Windows Security app.

PUA notifications and events

There are several ways an admin can see PUA events:

  • In the Windows Event Viewer, but not in Microsoft Endpoint Configuration Manager or Intune.
  • In an email if email notifications for PUA detections is turned on.
  • In Windows Defender Antivirus event logs, where a PUA event is recorded under event ID 1116 with the message: “The antimalware platform detected malware or other potentially unwanted software.”

 Note

Users will see “*.exe has been blocked as a potentially unwanted app by Microsoft Defender SmartScreen”.

Allow-list an app

Like Microsoft Edge, Windows Defender Antivirus provides a way to allow files that are blocked by mistake or needed to complete a task. If this happens you can allow-list a file. For more information, see How to Configure Endpoint Protection in Configuration Manager to learn how to exclude specific files or folders.

PCMadness Recommends the New Microsoft Edge as the choice of browser to use.

What’s Next for Microsoft Edge

What’s Next

In January, we announced that the new Microsoft Edge was available to download and since then, it has been downloaded millions of times. Thank you, Insiders, for being a part of the journey to build the new Microsoft Edge. With your engagement and support, we keep innovating to bring world class compatibility, more privacy, more productivity, and more value to make the web work for you.

To learn more about the new Microsoft Edge and the latest features visit microsoft.com/edge.

Check out the latest announcements and news from Microsoft Edge here.

We invite you to continue checking our preview channels to see what’s next. In the meantime, here is a look at our upcoming features.

Vertical tabs

It’s easy to end up with a ton of tabs open. The more you have open, the more difficult it becomes to find, switch between, and manage them. With vertical tabs, you can easily shift to view your tabs in a pane to the side. This allows you to easily see the titles and access controls like mute and close. It even makes it easy to reorder your tabs, with the ability to drag and drop to rearrange. When you want to focus on a specific page, you can collapse the pane. Anytime you need to switch between tabs, you can hover over the pane to see all the information you need. The new Microsoft Edge is the only browser to offer built-in vertical tab navigation allowing for a more streamlined experience.

Smart copy

Copying and pasting content from the web can be tricky – selecting the content can be challenging and pasting doesn’t always look like the original. Smart copy makes it easier to select, copy, and paste content that you find across the web, maintaining source site’s formatting, spacing and text. Use your mouse to select any area or content (including charts, images, etc.) and when you paste, you will get the option to paste as an image or to retain the original source formatting, saving you valuable time. This is one of the many ways the new Microsoft Edge is providing tools to help you be more productive while browsing the web.

Password Monitor

Data breaches worldwide have been on the rise and the security of your data is one of our top priorities. Password Monitor on the new Microsoft Edge notifies you when your online credentials have been detected on the dark web. If Microsoft Edge uncovers a match with your saved passwords, you will receive a notification on the browser informing that your credentials have been compromised. Through a dashboard view, people can see a list of all affected accounts, visit the websites directly, and take action accordingly.

How to Create a Teams Meeting in Outlook

outlook logo

Now that working from home is the norm, video conferences are becoming the de facto way to meet. Here’s how to create Microsoft Teams meetings directly from within Outlook, without having to book them through the Teams app.

To create Teams meetings from within Outlook—either Outlook Online and the Outlook client—you need to install the Teams client on your computer. This will install an add-in to Outlook that provides a new option when you’re creating a meeting. Add-ins that you install in the Outlook client are automatically added to Outlook Online and vice versa. Once you’ve installed the Teams app, the add-in should be available in both clients.

These options should be available for all users of Outlook and Teams, regardless of whether you have a paid Office 365 (O365)/Microsoft 365 (M365) subscriptions. However, they’re only available for email accounts that use Exchange, whether that’s a free Outlook.com/live.com/hotmail account, or a paid Microsoft account for your own domain. If you’re using a non-Exchange account, such as a Gmail or Yahoo account, the Teams add-in won’t work for you.

We’ll take you through installing the Teams client first. If you have installed the client and you still can’t see these options, we’ve got some troubleshooting suggestions as well.

Install the Teams Client

The quickest way to get the Teams client is to open Teams online. On the first page, you’ll be offered the chance to download the Teams client.

The "Get the Windows app" button in Teams online.

If you already have Teams online open, click on the app download option at the bottom of the left sidebar.

The "App download" button in Teams online.

Install the .exe file, and log in with your O365/M365 account details when requested. To make sure the add-in is installed in Outlook, restart Teams, then restart Outlook.

Follow the instructions below to use the add-in in the Outlook client and in Outlook Online. If it’s not available, follow these troubleshooting tips from Microsoft.

Create a Teams Meeting in the Outlook Client

When you install the Teams client on your computer, it will install an add-in to Outlook that provides a new option when you’re creating a meeting. The option is available in the Home > New Items menu.

The "Teams Meeting" option in Outlook's "New Items" menu.

It’s also available in the ribbon of a new Meeting request.

The "Teams Meeting" option in a new meeting request.

When you click one of these options, the meeting request will change to include a location of “Microsoft Teams Meeting” and a link in the body of the request that attendees can click on to join the meeting.

A Teams meeting request.

Create a Teams Meeting in Outlook Online

When you install the Teams client on your computer, it will install an add-in to Outlook that provides a new option when you’re creating a meeting. In Outlook Online, the option is available in the meeting request.

The "Teams meeting" toggle switch in an Outlook Online meeting request.

Toggle the setting on to make it a Teams meeting. Unlike Teams meetings you create in the Outlook client, nothing changes in the Outlook Online meeting request, but once you’ve sent the meeting request, the Teams link will appear in the event in your calendar.

An event in the Outlook Online calendar showing the Teams meeting link.

For both Outlook Online and the Outlook client, fill in the attendees and the date and time of the meeting as usual. Send the meeting request the same way that you would with a normal meeting. The only difference is that you and your attendees will join the meeting in Teams, rather than a meeting room in an office.

Article by Rob Woodgate from How-to-geek.

Mobile Security Datasheet

Mobile Security Datasheet

Flexible support network


With the rise of the mobile workforce, the need to minimize security risks like device theft, data accessibility, and malware attacks is also increasing. Also, the sophistication of today’s security threats require a comprehensive approach that keeps your business devices, networks, and data protected.

USER ACCESS CONTROL

Lenovo’s user access control technology protects the organization’s devices and business ensuring only the right people have access to it.

  • Multi Factor Authentication (MFA) – For User Identity Protection
  • IR Camera with Windows Hello – For Simple and Secure Facial Login
  • Smart Card Access – For Two-factor Authentication in One Step
  • Near Field Communication (NFC) – For Rapid Contactless Authentication

PORT AND PHYSICAL PROTECTION

Whether in the office or on the go, end user computing devices need protection not only at the software level but also at a physical level. Built-in port security features help protect against physical theft of data via the USB and other access ports on company PCs.

  • ThinkShutter Camera Privacy – For Privacy When You Need It
  • Kensington® Cable Lock – For Preventing Device Theft
  • ThinkPad Ultra Dock – For Innovative Dock and Device Security

DATA PROTECTION

To keep the business running smoothly and without disruption, it is essential to have secure, automatic, and efficient data backup. Lenovo’s robust data protection tools enable easy and efficient data recovery and retrieval only by authorized personnel.

  • Fast Identity Online (FIDO) – For Robust Data Protection
  • Discrete Trusted Platform Module (dTPM) 2.0 – For Data Encryption
  • Online Data Backup (OLDB) – For Safeguarding Your Critical Data
  • Hard Drive Retention – For Retaining Sensitive Company Data
  • BUFFERZONE® – For Sophisticated and Supreme Malware Protection
  • Mobile Device Management

 DOWNLOAD DATASHEET 


VPN (virtual private network)

A person touching a tablet with a blue glow on their finger and VPN text overlayed

Wright Studio/Shutterstock.com

A VPN (virtual private network) service is a great way to ensure you have a secure network connection while online. It also allows you to protect your browsing history, torrent, and access content that is blocked or regionally restricted.

What Does a VPN Do?

Each of your devices (your computer, smartphone, etc.) have their own unique IP address, which tells services who, what, and where you are. A VPN sits in between your device and however it connects to the internet, spoofing your device’s IP address. Anything you do online goes first through the VPN, then to the router, causing your router (and everything outside of your device) to think you have a different identity.

VPNs are great to have when you are planning on hopping online over an unsecured connection (a network that does not ask you for a password), like at a cafe, as it keeps your information (such as your browsing history and any data you transfer) safe from prying eyes. A VPN offers other benefits, like accessing content that may be restricted geographically, as they allow you to interact with the internet as though you were doing so from the VPN’s location, not your own. You can do a variety of other things with a VPN as well, including access your work or home network while traveling, bypass internet censorship, and download files.

What to Look for in a VPN Service

If you need to use a VPN, it’s easy enough to get started: simply choose a service, sign up on the company’s site, and download the client. Here are a few things to look for when picking a VPN.

  • Lots of Servers: The more servers a VPN has, the faster your connection speeds are and, typically, the more country connection options you’ll have. This means you likely won’t have to deal with buffering or throttling issues.
  • High Simultaneous Connections: If you need to connect more than one of your devices to your VPN at the same time, more power to you. The best VPN services allow you to connect five of your devices simultaneously, if not more.
  • Great Ease of Use: For those who are new to VPNs, having a clean and clearly abeled interface, as well as easy access to customer support, is what’s important. For veteran users, this may mean an app that’s configurable and loaded with extras like a kill switch, data compression (for mobile), and automatic HTTPS redirection.
  • Excellent Security, and No Logging: Good VPN services won’t monitor, log, or sell any of your personal info, like which websites you visit. They also ensure they are protecting you with strong encryption (AES 256-bit) and regular security audits. This is a surprisingly hard thing to find out about most VPNs, too, which is why we’ve made sure you can trust all the picks on our list.

Article by SUZANNE HUMPHRIES from review geek.

Browsers to block access to HTTPS sites using TLS 1.0 and 1.1 starting this month

notsecure

More than 850,000 websites still use the old TLS 1.0 and 1.1 protocols, scheduled to be removed from most major browsers later this month.

This includes websites for major banks, governments, news organizations, telecoms, e-commerce stores, and internet communities, according to a report published today by UK technology firm Netcraft.

All the 850,000 websites use HTTPS, but on a version that weak. The websites support HTTPS connections via cryptographic certificates built on the TLS 1.0 and TLS 1.1 protocols.

These are ancient protocols, released in 1996 and 2006, respectively. The protocols use weak cryptographic algorithms and are vulnerable to a series of cryptographic attacks that have been disclosed over the past two decades, such as BEAST, LUCKY 13, SWEET 32, CRIME, and POODLE. These attacks allow attackers to decrypt HTTPS and access a user’s plaintext web traffic.

New versions of these protocols were released in 2008 (TLS 1.2) and 2017 (TLS 1.3), both of which are considered superior and safer to use than TLS 1.0 and TLS 1.1.

REMOVAL OF TLS 1.0 AND TLS 1.1 WAS ANNOUNCED TWO YEARS AGO

After the release of TLS 1.3 in the spring of 2018 the four browser makers — AppleGoogleMozilla, and Microsoft — got together and jointly announced in October 2018 plans to remove support for TLS 1.0 and TLS 1.1 in early 2020.

The first stages of this deprecation began last year when browsers began labeling sites that were using TLS 1.0 and TLS 1.1 with a “Not Secure” indicator in the URL address bar and the lock icon, hinting to users that the HTTPS connection was not as secure as they might imagine.

firefox-weak-encryption.png
Image: ZDNet

Later this month, browsers will move from showing a hidden warning to showing full-page errors when users access sites that use TLS 1.0 or TLS 1.1.

chrome-tls-error.png
TLS 1.0/1.1 error in ChromeImage: ZDNet
mozilla-tls-error.png
TLS 1.0/1.1 error in FirefoxImage: Mozilla

These full-page errors are scheduled to roll out with the release of Chrome 81, and with Firefox 74, both scheduled later this month. Safari was also scheduled to drop TLS 1.0 and 1.1 this month as well, per their initial announcement.

Microsoft will follow suit at the end of April, with the release of (the Chromium-based) Edge 82.

According to Netcraft’s scans, the number of sites that will be impacted is around 850,000, of which, more than 5,000 are ranked in the Alexa Top 1 Million sites.

“Removing client-side support for these older protocols is the most effective way of ensuring that their associated vulnerabilities can no longer pose any risks,” Netcraft researchers said.

Written By Catalin Cimpanu  taken from ZDNet.com

PC Madness Trading Hours​

Monday: 8:00am – 5:30pm

Tuesday: 8:00am – 5:30pm

Wednesday: 8:00am – 5:30pm

Thursday: 8:00am – 5:30pm

Friday: 8:00am – 5:30pm

Saturday: 9:00am – 1:00pm

Sunday: CLOSED

Public Holidays: CLOSED