Microsoft.com Operations Team Blog

You can make decisions as you design and deploy your Group Policy Objects (GPOs) that will have an impact on how quickly your Windows desktops start and become usable to your users. Some of these decisions are obvious, while many are not. This post will guide you through some of the ways Group Policy can impact performance as well as some of the improvements we made for Windows 8.

When I talk with customers about the Cloud, we always talk about a few key themes:

AccessChk v5.11: AccessChk, a command line utility for
dumping the effective permissions and security descriptors for files, registry
keys, processes, tokens, object manager objects, now prefixes Windows 8
application container SIDs with the word “Package”, and includes several minor
bug fixes.

Often, when I talk to customers, product certification is one of the key themes they want to address. Especially they want to know about our commitment to Common Criteria and whether our products are certified. Typically we certify an operating system on Common Criteria EAL 4+ - the highest level, which seems achievable for multi-purpose operating systems. However, personally I do not think that product certifications are the future for different reasons:

I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different needs and my notebook is setup differently than a lot of others within Microsoft's internal network – just because I have different needs and I use one piece of hardware for private and business. Actually in my case, it is even my own hardware. Back then at this point the CSO left the room complaining that I am completely nuts.

I just read a post on slashdot:

We could even talk about two-factor authentication in my opinion. The idea is, that whenever you logon from an untrusted PC, you will be asked to use a second factor (or step). In my case, which I show below, I use the Authenticator app on my phone, which is similar to an RSA SecureID.

Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.