Tapping into your existing customer base could be the key to new business growth. Register now for the next episode of Office Small Business Academy, “The Power of Referral Marketing: How to Get Your Customers Talking,” airing February 22, 2017 at 9 a.m. PT / 12 p.m. ET, and learn how to design a program that works for your business. Plus, learn a few new tricks in Microsoft Excel that will help you organize, visualize and measure the results of your marketing efforts.

Watch the preview:

This month’s featured guests include:

• Founder of Duct Tape Marketing, John Jantsch, gives his proven advice for implementing a referral program that helps you gain new customers and stand apart from the competition.
• Chief style officer of Erin Condren Design, Erin Condren, shares her secrets to generating buzz, including how she grew her brand into a $40-million empire with the help of successful referral and loyalty programs.

Sign up for free!

For more information, visit the Office Small Business Academy home page.

Related content

• Watch the episode, “Up Your Marketing Game: Social Media Secrets.”
• Download the eBook, “Rules of Engagement: 5 Reasons Why Social Media is a Must.”
• Register now for an Office 365 live demo.

The post Learn the power of referral marketing with Office Small Business Academy appeared first on Office Blogs.

Back in October 2015, I announced the first step in a broad vision to transform the MVP Award program. Since then, you have provided a great deal of feedback on how we could take this vision further. Thank you for your feedback. Now, with the arrival of 2017, this is the perfect moment to share with you the next step in the evolution of the MVP Award program.

For most of the program’s existence, the MVP review model has been based on four award cycles per year. This never truly provided us with the agility to quickly recognize community leaders and technical experts as Microsoft MVPs. In addition, we ended up having four sub-groups.  We hear all the time “I am a January MVP”, or “I am an April MVP”.  That’s not our goal – we want a unified program, providing a consistent experience. To that end, we heard your feedback and that is all about to change.

Beginning today, we are going to recognize new MVPs every single month. We want great people to join the program as fast as possible! At the same time, to simplify our re-award process, we are going annual. Just one re-award cycle per year. Every July 1^st all renewals will happen with one unified celebration when we recognize all our renewing MVPs.

We know that by nature MVPs love to learn new technologies and skills, often ahead of others. You then process that information and you share.  This is how you truly help the community. As part of our commitment to continuously improve, we are also adding new benefits to the program focused on enabling new learning opportunities for you.

We have recorded a special announcement video below which provides greater detail about these updates and I invite you to watch it. If you are an MVP I hope you are as excited as we are about these improvements. The team will be taking questions you might have on the MVP Yammer Network. If you aspire to become an MVP, I encourage you to check out what the MVP Award is and nominate yourself or someone that you believe deserves this recognition.

Together, we are working to empower every person and every organization on the planet to achieve more. Without your partnership, the MVP Award would not be the pillar that it is today in the technical industry. I want to personally thank you for your passion, your community leadership, and especially the feedback you have provided directly to me and to my team.

Cheers,
Guggs
@stevenguggs

Samsung has released the second preview of Visual Studio Tools for Tizen today. Tizen is a Linux-based open source OS running on over 50 million Samsung devices including TVs, wearables, and mobile phones. You can now download the Visual Studio Tools for Tizen and begin building .NET applications for Tizen with Visual Studio.

At Connect(); in November 2016, Samsung announced a collaboration with Microsoft to build .NET support for Tizen. Along with the announcement, Samsung released the first preview of the Visual Studio Tools for Tizen. The second preview is a significant update to the first preview. In this post I’ll highlight some key new features –

• TV application development. The first preview came with mobile application support only. With the second preview, you can now use the same familiar APIs, such as .NET Standard and Xamarin.Forms, to develop Tizen TV applications. Samsung Tizen TVs will begin shipping with .NET support once Visual Studio Tools for Tizen is officially released later this year.
• Project wizard. Visual Studio Tools for Tizen provide a number of different options to build applications. For instance, you can build an application that runs on a single device type or an application that runs on multiple device types. You can build an application that runs on Tizen only or an application that runs on multiple platforms. The project wizard helps you to select the right project type with step-by-step guides.
• New tools. Tizen-specific tools were added to further improve your productivity including a certificate manager, emulator manager, emulator control panel, and manifest editor.
• More Tizen platform-specific APIs. The second preview significantly increases the number of Tizen-specific APIs available for .NET developers. Key additions include Bluetooth, Smart Card, NFC, Map, Wi-Fi Direct, Telephony, Geofence Manager, and Account Service.

For more information see Samsung’s Tizen developer website.

Try it out and share your feedback. For any problems, please let us know through Tizen .NET Forum.

Scott Hunter, Director of Program Management for .NET Scott Hunter works for Microsoft as a Director of Program Management for .NET overseeing the server frameworks, such as ASP.NET, MVC, Web API, Web Pages and NuGet. Before this Scott was the CTO of several startups including Mustang Software and Starbase, where he focused on a variety of technologies – but programming the Web has always been his real passion.

Howdy folks,

I’ve been looking forward to writing this blog post for a while!

Those of you who follow the blog know that Azure AD B2B collaboration is a set of capabilities that makes it easy for IT pros and information workers to invite people from any organization in the world to collaborate online. The goal of Azure AD B2B is to enable organizations of all sizes and industries – even those with complex compliance and governance requirements – to work easily and securely with collaborators around the world.

I’m excited to let you know that we’ve just turned on a boat load of new enhancements in our B2B public preview.

Millions of users and thousands customers have been using the public preview of our B2B Collaboration capabilities since we first announced the public preview. Those customers have been incredibly generous with their time and feedback. All of the enhancements we’re announcing today are based their suggestions and we can’t thank them enough for their partnership.

Key new features of Azure AD B2B Collaboration

In today’s release, you’ll find the following new features and functionality:

1. UX enhancements to the B2B admin experience, including the ability for admins to invite B2B users to the directory or to any group or application.
2. B2B self-service invitation capabilities in the Access Panel, so information workers can invite B2B users to any self-service group or application they manage.
3. Ability to invite a user with any email address to collaborate. Whether a user has an Office365 or on-premises Exchange email address, an outlook.com email address, or any social email address, he/she can now seamlessly access the invited organization with inline, lightweight creation of an Azure AD or Microsoft Account.
4. Professional, tenant branded invitation emails.
5. The option to build customize onboarding experience using our invitation APIs.
6. The ability to require and provide MFA for B2B guest accounts.
7. Ability to delegate responsibility for inviting B2B guest accounts to non-administrators.
8. PowerShell support for B2B.
9. Auditing and reporting capabilities.
   

Fig 1: A custom branded invitation, one of our most highly requested features

We are also releasing updated, detailed documentation to help you understand the capabilities really well and guide you in using them as efficiently as possible.

Our next milestone is to take the service to Generally Availability. So please send us any final or suggestions you have ASAP. We will put them all to good use!

Give it a try!

Getting started is simple. Go to the user list in your tenant and add any external email address today!

Fig 2: Inviting a B2B Guest User in the new Azure Portal

And like always, we would love to receive and feedback our suggestions you have in our tech forum!

Learn More

There’s much more detail about the new Azure AD B2B Collaboration features in our updated documentation. Dive in and let us know if you have any questions! And if you haven’t seen it yet, check out ourIgnite Azure AD B2B collaboration talk, too.

Best Regards,
Alex Simons (@Twitter:@Alex_A_Simons)
Director of Program Management
Microsoft Identity Division

The .NET Language Strategy

I am constantly aware of the enormous impact our language investments have on so many people’s daily lives. Our languages are a huge strength of the .NET platform, and a primary factor in people choosing to bet on it – and stay on it.

I’ve been here on the .NET languages team at Microsoft for more than a decade, and I’ve always seen us have developers’ interests first and foremost in our minds as we moved the languages forward. The open source revolution (of not just the .NET languages but the whole .NET stack) has improved the conversation dramatically, and – I think – helped us to make better choices. However, we haven’t always been good at sharing how we make those decisions: Our language strategy; the framework for how we think about each of our .NET languages and chart their evolution.

This post is meant to provide that additional context for the principles we use to make decisions for each language. You should consider it as guidance, not as a roadmap.

C#

C#is used by millions of people. As one data point, this year’s Stack Overflow developer survey shows C# as one of the most popular programming languages, surpassed only by Java and of course JavaScript (not counting SQL as a programming language, but let’s not have a fight about it). These numbers may well have some skew deriving from which language communities use Stack Overflow more, but it is beyond doubt that C# is among the most widespread programming languages on the planet. The diversity of target scenarios is staggering, ranging across games in Unity, mobile apps in Xamarin, web apps in ASP.NET, business applications on Windows, .NET Core microservices on Linux in Azure and AWS, and so much more.

C# is also one of the few big mainstream languages to figure on the most loved top 10 in the StackOverflow survey, joining Python as the only two programming languages occurring on both top 10s. After all these years, people still love C#! Why? Anecdotally we’ve been good at evolving it tastefully and pragmatically, addressing new challenges while keeping the spirit of the language intact. C# is seen as productive, powerful and easy to use, and is often perceived as almost synonymous with .NET, neither having a future without the other.

Strategy for C#

We will keep growing C# to meet the evolving needs of developers and remain a state of the art programming language. We will innovate aggressively, while being very careful to stay within the spirit of the language. Given the diversity of the developer base, we will prefer language and performance improvements that benefit all or most developers, avoiding over-focusing on a given segment. We will continue to empower the broader ecosystem and grow its role in C#’s future, while maintaining strong stewardship of design decisions to ensure continued coherence.

Every new version of C# has come with major language evolution: generics in C# 2.0, language integrated queries (and much functional goodness) in C# 3.0, dynamic in C# 4.0, async in C# 5.0 and a whole slew of small but useful features in C# 6.0. Many of the features served emerging scenarios, and since C# 5.0 there’s been a strong focus on connected devices and services, the latency of those connections and working with the data that flows across them. C# 7.0 will be no exception, with tuples and pattern matching as the biggest features, transforming and streamlining the flow of data and control in code.

Since C# 6.0, language design notes have been public. The language has been increasingly shaped by conversation with the community, now to the point of taking language features as contributions from outside Microsoft.

The C# design process unfolds in the dotnet/csharplang GitHub repository, and C# design discussions happen on the csharplang mailing list.

Visual Basic

Visual Basicis used by hundreds of thousands of people. Most are using WinForms to build business applications in Windows, and a few are building websites, overwhelmingly using ASP.NET Web Forms. A majority are also C# users. For many this may simply be because of language requirements of different projects they work on. However, outside of VB’s core scenarios many undoubtedly switch to C# even when VB is supported: The ecosystem, samples and community are often richer and more abundant in C#.

An interesting trend we see in Visual Studio is that VB has twice the share of new developers as it does of all developers. This suggests that VB continues to play a role as a good, simple and approachable entry language for people new to the platform and even to development.

The Stack Overflow survey is not kind to VB, which tops the list of languages whose users would rather use another language in the future. I think this should be taken with several grains of salt: First of all this number may include VB6 developers, whom I cannot blame for wanting to move on. Also, Stack Overflow is not a primary hangout for VB developers, so if you’re there to even take the survey to begin with, that may be because you’re already roaming Stack Overflow as a fan of another language. Finally, a deeper look at the data reveals that the place most VB developers would rather be is C#, so this may be more about consolidating their .NET development on one language, and less of a rejection of the VB experience itself.

All that said, the statistic is eye opening. It does look like a lot of VB users feel left behind, or are uncertain about the future of the language. Let’s take this opportunity to start addressing that!

Strategy for Visual Basic

We will keep Visual Basic straightforward and approachable. We will do everything necessary to keep it a first class citizen of the .NET ecosystem: When API shapes evolve as a result of new C# features, for instance, consuming those APIs should feel natural in VB. We will keep a focus on the cross-language tooling experience, recognizing that many VB developers also use C#. We will focus innovation on the core scenarios and domains where VB is popular.

This is a shift from the co-evolution strategy that we laid out in 2010, which set C# and VB on a shared course. For VB to follow C# in its aggressive evolution would not only miss the mark, but would actively undermine the straightforward approachability that is one of VB’s key strengths.

In VS 2015, C# 6.0 and VB 14 were still largely co-evolved, and shared many new features: null-conditional operators ?., NameOf, etc. However, both C# and VB also each addressed a number of nuisances that were specific to the language; for instance VB added multi-line string literals, comments after implicit line continuation, and many more. C#, on the other hand, added expression-bodied members and other features that wouldn’t address a need or fit naturally in VB.

VB 15 comes with a subset of C# 7.0’s new features. Tuples are useful in and of themselves, but also ensure continued great interop, as API’s will start to have tuples in their signatures. However, VB 15 does not get features such as is-expressions, out-variables and local functions, which would probably do more harm than good to VB’s readability, and add significantly to its concept count.

The Visual Basic design process unfolds in the dotnet/vblang GitHub repository, and VB design discussions happen on the vblang mailing list.

For more details on the VB language strategy see this post on the VB Team Blog.

F#

F#is used by tens of thousands of people and shows great actual and potential growth. As a general purpose language it does see quite broad and varied usage, but it certainly has a center of gravity around web and cloud services, tools and utilities, analytic workloads, and data manipulation.

F# is very high on the most loved languages list: People simply love working in it! While it has fantastic tooling compared to most other languages on that list, it doesn’t quite measure up to the rich and polished experience of C# and VB. Many recent initiatives do a lot to catch up, and an increasing share of the .NET ecosystem – inside and outside of Microsoft – are thinking of F# as a language to take into account, target and test for.

F# has a phenomenally engaged community, which takes a very active role in its evolution and constant improvement, not least through the entirely open language design process. It’s been an absolute front runner for open-source .NET, and continues to have a large proportion of its contributions come from outside of Microsoft.

Strategy for F#

We will enable and encourage strong community participation in F# by continuing to build the necessary infrastructure and tooling to complement community contributions. We will make F# the best-tooled functional language on the market, by improving the language and tooling experience, removing road blocks for contributions, and addressing pain points to narrow the experience gap with C# and VB. As new language features appear in C#, we will ensure that they also interoperate well with F#. F# will continue to target platforms that are important to its community.

On top of the strong functional legacy from the ML family of languages and the deep integration with the .NET platform, F# has some truly groundbreaking language features. Type providers, active patterns, and computation expressions all offer astounding expressiveness to those who are willing to take the jump and learn the language. What F# needs more than anything is a focus on removing hurdles to adoption and productivity at all levels.

Thus, F# 4.1 sees vastly improved tooling in Visual Studio through integration with Roslyn’s editor workspace abstraction, targeting of .NET Core and .NET Standard, and improved error messages from the compiler. Much of the improved Visual Studio tooling and especially the improved error messages are a direct product of the strong F# open source community. Looking down the road, we intend to work both with the F# community and other teams at Microsoft to ensure F# tooling is best-of-breed, with the intention of making F# the best-tooled functional programming language in the market.

F# language design unfolds in the language suggestion and RFC repositories.

Conclusion

Hopefully this post has shed some light on our decision-making framework for the .NET languages. Whenever we make a certain choice, I’d like you to be able to see where that came from. If you’re left to fill in the gaps, that easily leads to unnecessary fear or speculation. You have business decisions to make as well, and the better you can glean our intentions, the better informed those can be.

Happy hacking!

Mads

Clustered column store indexes (CCI) in SQL Server vNext and Azure SQL Database support LOB types like NVARCHAR(MAX), which allows you to store strings with any size, including JSON documents with any size. With CCI you can get 3x compression and query speedup compared to regular tables without any application or query rewrites. In this post we will see one experiment that compares row-store and column store formats used to store JSON collections.

Why would you store JSON documents in CCI?

Clustered column store indexes are good choice for analytics and storage  – they provide high compression of data and faster analytic queries. In this post, we will see what benefits you can get from CCI when you store JSON documents.

I will assume that we have one single column table with CCI that will contain JSON documents:

create table deals (
      data nvarchar(max),
      index cci clustered columnstore
);

This is equivalent to collections that you might find in classic NoSQL database because they store each JSON document as a single entity and optionally create indexes on these documents. The only difference is CLUSTERED COLUMNSTORE index on this table that provides the following benefits:

1. Data compression – CCI uses various techniques to analyze your data and choose optimal compression algorithms to compress data.
2. Batch mode analytic – queries executed on CCI process rows in the batches from 100 to 900 rows, which might be much faster than row-mode execution.

In this experiment I’m using 6.000.000 json documents exported from TPCH database. Rows from TPCH database are formatted as JSON documents using FOR JSON clause and exported into the tables with and without CCI. The format of the JSON documents used in this experiment is described in the paper: TPC-H applied to MongoDB: How a NoSQL database performs, and shown on the following picture:

Ref: TPC-H applied to MongoDB: How a NoSQL database performs

JSON documents are stored in standard table with a single columns and equivalent table with CCI and performance are compared.

Compression

First we can check what is compression ratio that we are getting when we store JSON in collection with CCI. We can execute the following query to get the size of the table:

exec sp_spaceused 'deals'

Results returned for table with and without CCI are:

• Table with CCI 6.165.056 KB
• Table without CCI 23.997.744 KB

Compression ratio in this case is 3.9x. Although CCI is optimized for scalar data compression, you might also get a good compression on JSON data.

Note that I’m trying something that would be considered as the worst case data sample for COLUMNSTORE. CCI gets big compression by removing duplicates and NULL values that don’t exist in this data set. CCI would give you even better compresson on string columns that are not unique, so 4x compression in the worst case is still good result

JSON analytic

JSON functions that are available in SQL Server 2016 and Azure SQL Database enable you to parse JSON text and get the values from the JSON. You can use these values in any part of SQL query. An example of the query that calculates average value of extended price grouped by marketing segments is shown in the following sample:

select JSON_VALUE(data, '$.order.customer.mktsegment'), avg(CAST(JSON_VALUE(data, '$.extendedprice') as float))
from deals
group by JSON_VALUE(data, '$.order.customer.mktsegment')

Instead of joining different tables you can just change the paths in the second parameter of JSON_VALUE function to select different fields from JSON that you want to analyze.

In this experiment we have simple 5 analytic queries that calculate average value of some price column from the JSON grouped by other json values (queries are similar to the query above). The same queries are executed both on row-store table and table with CCI on Azure SQL Db P11 instance, and the results are shown below:

Depending on the query, toy might get 2-3x speedup in analytic on JSON data.

Conclusion

CLUSTERED COLUMNSTORE indexes provide compression and analytic query speed-up. Without any table changes, or query rewrites you can get up top 4x compression and 3x speed-up on your queries.

SQL Server 2016 SP1 and higher versions enables you to create COLUMNSTORE indexes on any edition (even in the free edition), but in this version there is a size constraint of 8KB on JSON documents. In SQL Server vNext you can store JSON documents with any size even in free edition. In Azure SQL Database you can use COLUMNSTORE indexes in premium tiers.

This post was co-authored by Vybava Ramadoss, Senior Program Manager, Azure Marketplace.

Azure Marketplace provides a rich catalog of thousands of products and solutions from independent software vendors (ISVs) that have been certified and optimized to run on Azure. While customers love the breadth of our offerings, which range from open source to enterprise applications, one piece of feedback we’ve heard consistently was that navigating through such a huge catalog is difficult. Today, we are excited to announce a new interactive experience for the Azure Marketplace that makes it easy to navigate the product catalog and find the right solution for your cloud application without having to login to the Azure portal.

Launch the new Azure Marketplace. Let’s go over a couple of scenarios.

Find and deploy your favorite product

Let’s say you are looking for a specific product. For example, you may be a blogger who wants a WordPress environment. You can start typing “WordPress” in the top search button and pick the WordPress option that best suits you from the list.

Click on “Get It Now” which will prompt you to login to the Azure portal. Follow the instructions, and you can have your WordPress environment up and running in a few minutes.

Discover and deploy a new product

Let’s say you are looking for a solution, but you aren’t sure which product best fits your needs.  For example, you need a storage appliance for your cloud application, but you want to look at the available options and learn about the products before deciding.

Discover new products - The categories in Azure Marketplace are a good place to start. You can click on the Storage category (notice that categories are consistent with the Azure portal) to see the top recommended products or filter to a subcategory such as Backup and Recovery.

But in this case, you are looking for appliances, and it isn’t a subcategory. Don’t worry; you can type Appliances in the search area to filter for appliances within the storage offerings. The search result shows you the brief description and the starting price for each available appliance. 
 

Deep dive to learn more– So, now you know the storage appliances available in Marketplace, but you need more information on the products to make your decision. The new product pages make it easier and more convenient to deep dive into a product. Let’s look at the NetApp and SoftNAS product pages. Click on the product tiles to open the product pages. You will see two sections. The Overview section contains the detailed technical documentation, product features, screenshots, etc.
 

The Plans + Pricing contains the different SKU’s, pricing options, and publisher recommendations.

You will notice that while the pages have product-specific information, the fields that are important for your decision making are prominent and consistent across product pages. These fields include:

• Select a software plan -Shows the available pricing plans. Also, the Download table as CSV option enables you to export the pricing plan.
• Publisher recommendations – Tells you the recommended VM’s to use to deploy a product based on the region.

Test drive the products - Now that you have gone through the potential candidates, wouldn’t it be great to try out some of these appliances before making your final decision? Azure Marketplace Test Drives let you do just that. Test Drives are ready to go environments that allow you to experience a product for free without even needing an Azure subscription. You can access a Test Drive from the product page itself or by clicking on Test Drives on the left navigation pane. Both SoftNAS and NetApp products offer Test Drives – so go ahead test drive them to get a hands-on experience before deciding.
 

The new marketplace experience makes it seamless to find and deploy your favorite product. We hope that the consistent and easy-to-use navigation structure along with the hands-on experience of Test Drives will make finding and learning about new products a fun experience. Try out the new Azure Marketplace and let us know your feedback.

If you are a publisher interested in Azure Marketplace, visit the Sell on Azure Marketplace page and get started today.

Today StorSimple Virtual Array is available exclusively for Microsoft Enterprise Agreement (EA) customers. To leverage the StorSimple Virtual Array hybrid cloud offering, we are now expanding this solution to customers who are on MSDN, Pay-as-you-go, and other subscriptions. For more details, please visit StorSimple Solution Pricing.

With the flexible pay-as-you-go subscription, StorSimple Virtual Array can be used by Small and Medium Business (SMB) owners. MSDN subscribers can now run POCs or development and testing workloads. In all these cases, you can configure StorSimple Virtual Array as a file server (NAS) or as an iSCSI server (SAN) in the new Azure portal.

Everything about the StorSimple Virtual Array experience in the Azure portal is designed to be easy. Create a StorSimple Device Manager service to manage all your StorSimple Virtual Arrays. Remember to select the StorSimple Virtual Device Series while creating the service.

For more information, go to the StorSimple product documentation. Visit the StorSimple MSDN forum to find answers, ask questions, and connect with the StorSimple community.

Your feedback is important to us, please send any feedback or feature requests using the StorSimple User Voice. Should you need any assistance, Microsoft Support is there to help you along the way!

A common ask from customers is around how to make their Reporting Services environment available to users outside of their internal corporate network.  This is especially important for them when they’re trying to use the Power BI mobile apps to view mobile reports and KPI’s while on the go.  Today, we’re pleased to announce that we’ve made updates to both SQL Server 2016 Reporting Services and the Power BI mobile apps to give companies some additional options to enable this in their organizations.

• Download SQL Server 2016 SP1 CU1
• Download the Power BI Mobile App
• Download Windows Server 2016 (Evaluation)

First introduced in Windows Server 2012, Web Application Proxy (WAP)provides reverse proxy functionality for web applications inside your corporate network to allow users on any device to access them from outside the corporate network. WAP pre-authenticates access to web applications using Active Directory Federation Services (ADFS), and also functions as an ADFS proxy.  Below is a typical network topology when using WAP.

While we’ve provided ad hoc guidance in the past around taking advantage of this functionality, we’ve not had official support for it in the mobile apps, nor did we have full support for viewing mobile report content in the browser for many scenarios using this setup.

ADFS Support using WAP now available in the Power BI mobile apps

As first announced on the Power BI blog today, there is now support to access your mobile reports and KPI’s through the mobile app when used in conjunction with the Web Application Proxy functionality in Windows Server 2016.  Currently in preview for both iOS and Android devices, this will allow organizations using Kerberos in their corporate environment to access the mobile apps outside of that environment using ADFS.  The apps now also support modern security features that can be enabled in WAP like multifactor authentication, providing additional security options for organizations that can be tailored to their specific needs.

Keep in mind that though you must use Windows Server 2016 to enable the functionality, you don’t need to run your Reporting Services instances on servers running WS2016 machines, nor do you need to update your entire ADFS infrastructure to the latest release.  There is a detailed walkthrough available for you to setup and enable this in your organization posted in the Power BI documentation.

We’ve also made accessing your reports through your web browser using WAP more flexible with the recently released Cumulative Update for SQL Server 2016 SP1.  In this update, a bug that had prevented certain customers from accessing mobile reports through their web browser using WAP was addressed.  If you want to access reports through your web browser using WAP, make sure you have this update applied to your SQL Server Reporting Services environment.  Please note – you can use the WAP functionality found in either Windows Server 2016 OR Windows Server 2012 R2 when accessing reports through the browser.  There is a walkthrough guide of setting up WAP in the context of an application you can access through the browser.  We’ll be putting together a specific walkthrough for Reporting Services for this scenario in the coming weeks as well.

Try it now and send us your feedback

Thanks for all the feedback so far around the need for this capability, which allowed us to prioritize it accordingly.  As always, let us know if you have any questions or comments about the functionality in the blog comments.

• Download SQL Server 2016 SP1 CU1
• Download the Power BI Mobile App
• Download Windows Server 2016 (Evaluation)
• Post in the Reporting Services forum (or if you prefer, send us an email)
• Join the conversation on Twitter: @SQLServerBI, #SSRS

We are pleased to announce the release of fresh imagery in Australia and India for Bing Maps. This latest imagery release includes 7,685,768 square kilometers in Australia, which covers the entire country with all of the major cities and areas outside of those cities included. Also, the entire country of India is covered with the total square area of imagery being 3,119,733 square kilometers.

Below are examples of the beautiful imagery now available in Australia and India:

Australia

Uluru, also known as Ayers Rock, is one of Australia’s most well-known natural landmarks and a favored tourist destination. Uluru is the largest sandstone rock formation in the southern part of the Northern Territory in Australia and is sacred to the aboriginal people of the area.

The Sydney Opera House is another distinctive landmark. It is most famous for its award-winning architecture, but also recognized for the numerous performances presented in the multi-venue performing arts center, making it one of the busiest in the world.

The Great Barrier Reef is the largest coral reef system in the word. Stretching over 2300 kilometers, it is home to a wide variety of marine life, including soft and hard corals, jellyfish, mollusks, worms, sharks, rays, whales, dolphins and over 1000 types of fish. Makes you want to get your scuba gear and explore.

India

The Taj Mahal is a stunning example of architecture, made of ivory white marble, it is one of the most well-known buildings in the world. Located on the south bank of the Yamuna river in the city of Agra, the Taj Mahal was designated as a UNESCO World Heritage Site in 1983 and is a tourist destination for millions.

The Akshardham Temple is a Hindu spiritual and cultural campus located in New Dehli. With the temple at its center, the complex features landscaped gardens, a water show, giant screen theater, boat rides and numerous exhibitions, making it one of the most-visited tourist destinations in India.

Ambedkar Memorial Park is a large public park and memorial in Gomti Nagar, which is a growing residential and commercial area in the North Indian city of Lucknow. The park honors individuals who have devoted their lives to humanity, equality and social justice.

Visit even more natural and manmade landmarks in Australia and India on Bing Maps.

- Bing Maps Team

Two years ago, we launched Outlook mobile with the goal of helping you accomplish more while on the go. More means an inbox that helps you focus on the emails that matter most. More means a calendar that can manage your entire day, not just show you your schedule. And today, we are excited to continue that mission by bringing apps to your inbox with add-ins for Outlook on iOS.

We’re thrilled to collaborate with Evernote, GIPHY, Nimble, Trello and Smartsheet and bring their add-ins to Outlook on iOS. We’re also making a few of our own add-ins available today with Dynamics 365 and Microsoft Translator, with many more to follow.

With these add-ins, Outlook will help you accomplish awesome things you simply couldn’t do before from email. There has never been a better time to make your move to Outlook, called “the best mobile email app, no matter what phone you’re using” by Wired.

Transform your inbox into a do-box with add-ins for Outlook

Today, we use email to communicate and to triage and prioritize information. Completing tasks often requires us to leave our inbox and access other apps and services. Add-ins for Outlook help you transform your inbox into a “do-box” and accomplish tasks quickly—right from your email.

For example, imagine you are at the airport and receive an email from a new customer contact from Italy. With add-ins for Outlook, you can translate the email from Italian to your preferred language, review and update the customer’s CRM history and update your notes or project board—without leaving Outlook.

Add-ins can help you get more done on the go, and save you valuable time spent switching between apps. This is why we introduced add-ins for Outlook on Windows, Mac (in Insiders) and on the web—and are now bringing them to iOS. Support for Android is coming soon.

Getting started with add-ins for Outlook on iOS

The add-ins launching today bring the power of CRM, social intelligence, project management and more—right to your inbox. Starting today, add-ins for Dynamics 365, Nimble, Evernote, Smartsheet and GIPHY are available for Outlook on iOS, complementing their existing add-ins already available to Outlook users on Windows, Mac (in Insiders) and on the web. Additionally, we are launching new add-ins for Trello and Microsoft Translator across Outlook on iOS, Windows, Mac (in Insiders) and on the web today.

Add-ins for Outlook on iOS are available today to Office 365 customers and are rolling out gradually to Outlook.com users. We will soon be bringing them to Outlook on Android.

To start using add-ins for Outlook on iOS, go to Settings>Add-ins and then tap the + sign next to the add-ins you want to enable.

Add-ins available in Outlook on iOS.

When you go back to your inbox and open an email to read, you will see the  add-in icon in the email header. Tapping this icon will let you launch the add-ins you enabled.

(Left) Add-in icon displayed in email header. (Right) List of enabled add-ins.

Once enabled, you can access add-ins from Outlook on iOS as well as from Outlook 2016 or 2013 for Windows, Outlook on the web and Outlook 2016 for Mac (currently in Insiders) for the same email account.

Add-ins for Outlook on iOS are currently only available when reading email. We’ll be adding more add-in actions when composing or replying to an email in the future.

Here is a closer look at the add-ins launching today:

Microsoft Dynamics 365

Microsoft Dynamics 365 brings together business applications with the best of Microsoft—in productivity, collaboration, intelligence and platform—to give businesses the right set of tools to grow, evolve and transform.

The Dynamics 365 add-in for Outlook delivers real-time insights about your business contacts and their organization, right in your inbox, so you can focus on the selling and have more meaningful interactions. With the Dynamics 365 add-in for Outlook, you can quickly look up the Dynamics 365 record of your customer contacts, associate an email or appointment with an existing opportunity or create new records with just a few taps—right inside email—without having to copy/paste and switch back and forth between your email and Dynamics 365.

Quickly look up records and track emails with the new Dynamics 365 add-in for Outlook.

Starting today, the Dynamics 365 add-in for Outlook is available for Outlook on iOS users with a Dynamics 365 subscription. For detailed steps on how to install the Dynamics 365 add-in for Outlook, please refer to the deployment guidance.

Nimble

Nimble is a social CRM application that provides business intelligence about your email contacts and their organizations—right in email. With the Nimble add-in for Outlook, you can get insights on any contact included in Outlook, including broad social profiles, industry, shared relationships, mutual interests, company profile, revenue and more, to help you get prepared for meetings and engage effectively.

Get real-time insights about your contacts with the Nimble add-in for Outlook.

Trello

Trello is a collaborative tool that enables you to organize and prioritize your projects. With the Trello add-in for Outlook, you can turn your email into actionable items, keep track of your projects and make sure important emails never fall through the cracks.

Once enabled, simply click the Add card to Trello action to associate any incoming email with an existing board. You can create cards and edit associated descriptions and due dates directly from Outlook.

Stay on top of your projects by quickly associating any email with a Trello board.

Evernote

Evernote helps you capture what’s on your mind and stay organized. With the new Evernote add-in for Outlook, you can clip emails from Outlook to a project notebook in Evernote, where they will appear alongside other project-related assets such as meeting notes, saved web pages or Office documents.

Stay organized by saving emails directly to your notebook via the Evernote add-in for Outlook.

Microsoft Translator

Microsoft Translator provides you with a simple and effective way to translate and read messages in your chosen language. With the Translator add-in for Outlook, you can quickly translate email messages from 60 languages to your preferred language with just a few taps.

Quickly translate any email from 60 languages with the Translator add-in for Outlook.

Smartsheet

Smartsheet is a collaborative solution to help you manage and automate work. With Smartsheet’s add-in for Outlook, users can get work assigned, updated and completed more quickly, without ever having to leave their email. Once the add-in is enabled, you can create new tasks and add relevant information, including attachments from email into Smartsheet, and stay on top of your work.

Manage your work by assigning, updating and creating tasks in Smartsheet—right from Outlook.

GIPHY

GIPHY is the world’s first and largest GIF search engine, where thousands of artists, brands and pop culture moments make today’s expression, entertainment and info a little more moving. With the new GIPHY add-in for Outlook, you can now use GIFs to congratulate a friend or co-worker, wish them a happy birthday or simply add a touch of your personality, without leaving your inbox. Once enabled, simply click the GIPHY icon while replying to an email and then search for the GIF you are looking for, such as “congratulations” or “well done.” The selected GIF will be included in your reply.

Make your replies fun and expressive by adding GIFs with the new GIPHY add-in for Outlook.

Developers—make your apps a part of Outlook mobile

We’re committed to making Outlook an open platform for developers, so you can bring apps and services people love, right in email. Interested in building for Outlook? Check out our developer blog, “Add-ins are now available for Outlook on iOS.”

We want to hear from you!

Add-ins for Outlook help you stay productive on the go and accomplish tasks faster. If you have feedback or suggestions on adding your favorite app in Outlook, visit the add-ins section of Outlook for iOS uservoice and sign in with your Microsoft account to leave your comments—we’re eager to hear from you!

—Javier Soltero, corporate vice president for the Office team

The post Outlook mobile turns 2 and now comes with your favorite apps appeared first on Office Blogs.

In late 2016, Dynamics 365 launched their new Relevance Search functionality as a result of a partnership between the Dynamics and Azure Search teams. Relevance Search is generally available worldwide to every customer on the December 2016 Update for Dynamics 365 (online) release.

​Azure Search at scale

Dynamics 365 is one of the largest deployments of Azure Search. About 2,000 organizations have opted into CRM relevance search and that number is growing by dozens each day. By enabling members of these organizations to search through a variety of records spanning a number of entity types, including accounts, contacts, emails (including the content of email attachments), faxes, invoices, contracts, among many others.

As of the date of this posting, thousands of organizations have indexed more than 160 million records using Dynamics 365 Relevance Search. These organizations have issued almost 8 million search queries to Azure Search with an average latency of under 90 milliseconds.

How Dynamics 365 configured Azure Search

Dynamics 365 has provisioned separate search services in each Azure geography where Dynamics 365 is offered. Within each region’s service, each Dynamics customer is assigned an individual Azure Search index. This index-per-tenant model is described in the whitepaper Design patterns for multitenant SaaS applications and Azure Search.

Using Azure Search’s comprehensive APIs, the Dynamics team built a robust infrastructure to handle index lifecycle management and index allocation. Additionally, Dynamics 365 implemented their complex row level security trimming using Azure Search filter expressions to ensure that document security was not compromised across each organization that uses Relevance Search.

S3 High Density

Dynamics 365’s Relevance Search is successfully deployed using Azure Search’s S2, S3, and S3 High Density (HD) pricing tiers. S3 HD was designed specifically for multitenant scenarios built on the index-per-tenant model, supporting up to 3000 indexes in a single service. With this configuration, Dynamics 365 is able to effectively and cost-efficiently serve search traffic for not only their largest and most active customers, but also their long tail of small and medium-sized tenants – all at a global scale.

Read more

You can learn more about Azure Search and its capabilities and find our documentation. Please visit our pricing page to learn about the various tiers of service to fit your needs. You can also read more about modeling multitenancy in this whitepaper.

In episode 116 of the Office 365 Developer Podcast, Richard diZerega and Andrew Coates talk to Microsoft Developer Evangelist Richard Custance about Sage and their work building a solution that is highly integrated and bundled with Office 365.

Download the podcast.

Weekly updates

• Office Brand Icons by Office Fabric Team
• Developer Week Event by Dan Canning
• PnP Webcast – Introduction to SharePoint Webhooks by PnP Team
• Extending SharePoint with ADAL and the Microsoft Graph API – Part 3 (The Execution) by Julie Turner
• How to define add-in commands in an Outlook module by Elio Struyf
• Get the site URL of an Office 365 Group via the Microsoft Graph by Elio Struyf
• How to avoid the five most common SharePoint customization mistakes by Torsten Mandelkow

Show notes

• Sage 50c Announcement

Got questions or comments about the show? Join the O365 Dev Podcast on the Office 365 Technical Network. The podcast RSS is available on iTunes or search for it at “Office 365 Developer Podcast” or add directly with the RSS feeds.feedburner.com/Office365DeveloperPodcast.

About Richard Custance

Richard is a software engineer in the Microsoft Developer Experience (DX) group in TED where he works with Global Independent Service Providers (GISV) to help accelerate their growth and adoption of Microsoft Technologies and Platforms. Richard’s passion is Office 365 and regularly contributes at partner events and Hackfests. Whilst Richard works for Microsoft Corp. he is based in the UK, Newcastle-upon-Tyne with his wife and three football (soccer) mad boys.

About the hosts

Richard is a software engineer in Microsoft’s Developer Experience (DX) group, where he helps developers and software vendors maximize their use of Microsoft cloud services in Office 365 and Azure. Richard has spent a good portion of the last decade architecting Office-centric solutions, many that span Microsoft’s diverse technology portfolio. He is a passionate technology evangelist and a frequent speaker at worldwide conferences, trainings and events. Richard is highly active in the Office 365 community, popular blogger at aka.ms/richdizz and can be found on Twitter at @richdizz. Richard is born, raised and based in Dallas, TX, but works on a worldwide team based in Redmond. Richard is an avid builder of things (BoT), musician and lightning-fast runner.

A Civil Engineer by training and a software developer by profession, Andrew Coates has been a Developer Evangelist at Microsoft since early 2004, teaching, learning and sharing coding techniques. During that time, he’s focused on .NET development on the desktop, in the cloud, on the web, on mobile devices and most recently for Office. Andrew has a number of apps in various stores and generally has far too much fun doing his job to honestly be able to call it work. Andrew lives in Sydney, Australia with his wife and two almost-grown-up children.

Useful links

• Office 365 Developer Center
• Office 365 main blog
• dev.office.com blog
• Twitter
• Facebook
• FlipBoard
• Slack channel

StackOverflow

• http://aka.ms/AskSharePointDev
• http://aka.ms/AskOfficeDev
• http://aka.ms/AskOffice365Dev

Yammer Office 365 Technical Network

• O365 Dev Podcast
• O365 Dev Apps Model
• O365 Dev Tools
• O365 Dev APIs
• O365 Dev Migration to App Model
• O365 Dev Links
• UserVoice

The post Episode 116 on Sage and Office 365 bundling with Richard Custance—Office 365 Developer Podcast appeared first on Office Blogs.

We are excited to announce some great enhancements to our Automated Backup feature, which greatly extends your control over backups when running SQL Server 2016 in Azure Virtual Machines. You can now control the schedule of your backups and backup system databases. You can easily enable this feature through the Azure Portal or PowerShell on Azure Virtual Machines running SQL Server 2016 Enterprise, Standard, or Developer.

For those of you not familiar with Automated Backup, this feature allows you to automatically backup all the databases in a SQL Server VM running in Azure to one of your storage accounts. Automated Backup ensures a consistent backup chain at all times, so you can always recover your databases to any point in time. Even better, it manages the desired retention for the backups, keeping them only for the time you specify. If you’re curious, Automated Backup is implemented on top of the SQL Server IaaS Agent Extension and the SQL Server Managed Backup feature.

New capabilities

Backup system databases

Automated Backup now gives you the option to schedule backups for System databases in addition to User databases. If you choose to enable this option, your System databases, and all their important instance-level objects, will be backed up on the same schedule as your User databases.

Scheduling backups

Automated Backup now allows you to schedule a time window and frequency, daily or weekly, for full backups so that these don’t impact performance during business hours. In addition, you can specify how often to take log backups.

Remember that Azure Storage keeps 3 copies of every VM disk to guarantees no data loss, thus the purpose of these backups is to recover from human errors (e.g. deleting a table).

For disaster recovery purposes or compliance reasons, consider storing these backups in a geo-replicated storage account, preferably readable. This will make the backups available also in a remote Azure region.

How to find Automated Backup v2

For new SQL Server VMs

When creating a new virtual machine running SQL Server 2016 in the Azure portal, you will be presented with several SQL Server configuration options. Here you can enable and configure Automated Backup according to your requirements.

For existing SQL Server VMs

If you have an existing virtual machine running SQL Server 2016, you can enable and configure Automated backup v2 from the Azure Portal or PowerShell. If you find your SQL Server virtual machine in the Azure Portal, you can find Automated Backup under SQL Server configuration.

To learn more, check out the documentation for this feature.

Try out this feature today in the Azure Portal!

If you do not have an Azure subscription, you can easily sign up for a free trial!

After several months of testing, both internally and by our users (thank you), we releasing our newest Event Hubs clients to general availability. This means that these new libraries are production ready and fully supported by Microsoft.

What new libraries are available?

Consistent with our past design decisions, we are releasing two new NuGet packages:

1. Microsoft.Azure.EventHubs– This library comprises the Event Hubs specific functionality that is currently found in the WindowsAzure.ServiceBus library. In here you will be able to do things like send and receive events from an Event Hub.
2. Microsoft.Azure.EventHubs.Processor– Replaces functionality of the Microsoft.Azure.ServiceBus.EventProcessorHost library. This is the easiest way to receive events from an Event Hub, and keeps you from having to remember things such as offsets and partition information between receivers.

What does this mean for you?

Releasing these new libraries provides three major benefits:

1. Runtime portability – Using .NET Standard, we now have the ability to write a single code base that is portable across different .NET runtimes, including .NET Core, .NET framework, and the Universal Windows Platform. You can take this library and run it on Windows Server with .NET Framework 4.6, or on a Mac/Linux machine using .NET Core.
2. Open source – Yes! We are very excited that these new libraries are open source and available on GitHub. We love the interactions that we have with our customers, whether it be an issue or pull request.
3. Event Hubs now has its own library – while Event Hubs and Service Bus have been seemingly joined in the past, the use cases between these two products are often times different. Previously, you needed to download a Service Bus library in order to use Event Hubs. These new libraries are specific to Event Hubs, so we hope that they will make things more clear for our new users.

What's next?

For those of you currently using the WindowsAzure.ServiceBus library, we will continue to support Event Hubs workloads on this library for the foreseeable future. With that said, we currently have a .NET Standard Service Bus library in preview!

For more information on getting started with these new libraries , check out our updated getting started documentation.

So take the new libraries for a spin, and let us know what you think!

TypeScript 2.2 is just around the corner, and today we’re announcing its release candidate!

If you’re first hearing about it, TypeScript is a language that just takes JavaScript and adds optional static types. Being built on JavaScript means that you don’t have to learn much more beyond what you know from JavaScript, and all your existing code continues to work with TypeScript. Meanwhile, the optional types that TypeScript adds can help you catch pesky bugs and work more efficiently by enabling great tooling support.

To try out the RC today, you can use NuGet, or using npm just run

npm install -g typescript@rc

You can also get the TypeScript release candidate for Visual Studio 2015 (if you have Update 3). Other built-in editor support will be coming with our proper 2.2 release, but you can look at guides on how to enable newer versions of TypeScript in Visual Studio Code and Sublime Text 3.

To clue you in on what’s new, here’s a few noteworthy features to get an idea about what to keep an eye out for in this release candidate.

The object type

There are times where an API allows you to pass in any sort of value except for a primitive. For example, consider Object.create, which throws an exception unless you pass in an object or null for its first argument.

// All of these throw errors at runtime!Object.create(undefined);Object.create(1000);Object.create("hello world");

If we try to come up with the type of the first parameter, a naive approach might be Object | null. Unfortunately, this doesn’t quite work. Because of the way that structural types work in TypeScript, number, string, and boolean are all assignable to Object.

To address this, we’ve created the new object type (and notice all of those lowercase letters!).
A more obvious name might be the “non-primitive” type.

The object type is “empty” – it has no properties just like the {} type.
That means that almost everything is assignable to objectexcept for primitives.
In other words, number, boolean, string, symbol, null, and undefined won’t be compatible.

But that means that we can now correctly type Object.create‘s first parameter as object | null!

We anticipate that the object primitive type will help catch a large class of bugs, and more accurately model real world code.

We owe a big thanks to Herrington Darkholme for lending a hand and implementing this feature!

Improved support for mixins and composable classes

The mixin pattern is fairly common in the JavaScript ecosystem, and in TypeScript 2.2 we’ve made some adjustments in the language to supporting it even better.

To get this done, we removed some restrictions on classes in TypeScript 2.2, like being able to extend from a value that constructs an intersection type. It also adjusts some functionality in the way that signatures on intersection types get combined. The result is that you can write a function that

1. takes a constructor
2. declares a class that extends that constructor
3. adds members to that new class
4. and returns the class itself.

For example, we can write the Timestamped function which takes a class, and extends it by adding a timestamp member.

/** Any type that can construct *something*. */exporttypeConstructable = new (...args: any[]) =>object;exportfunctionTimestamped<BCextendsConstructable>(Base: BC) {returnclassextendsBase {
        timestamp = newDate();
    };
}

Now we can take any class and pass it through Timestamped to quickly compose a new type.

classPoint {
    x: number;
    y: number;constructor(x: number, y: number) {this.x = x;this.y = y;
    }
}constTimestampedPoint = Timestamped(Point);const p = newTimestampedPoint(10, 10);p.x + p.y;p.timestamp.getMilliseconds();

Similarly, we could write a Tagged function which adds a tag member. These functions actually make it very easy to compose extensions. Making a special 3D point that’s tagged and timestamped is pretty clean.

classSpecialPointextendsTagged(Timestamped(Point)) {
    z: number;constructor(x: number, y: number, z: number) {super(x, y);this.z = z;
    }
}

A new JSX emit mode: react-native

In TypeScript 2.1 and earlier, the --jsx flag could take on two values:

• preserve which leaves JSX syntax alone and generates .jsx files.
• react which transforms JSX into calls to React.createElement and generates .js files.

TypeScript 2.2 has a new JSX emit mode called react-native which sits somewhere in the middle. Under this scheme, JSX syntax is left alone, but generates .js files.

This new mode accomodates React Native’s loader which expects all input files to be .js files. It also satisfies cases where you want to just leave your JSX syntax alone but get .js files out from TypeScript.

What’s next for 2.2?

While we can’t list everything that we’ve worked on here on this post, you can see what else we have in store here on the TypeScript Roadmap.

We’re counting on your feedback to make TypeScript 2.2 a solid release!
Please feel free to leave us feedback here, or file an issue on GitHub if you run into anything you may think is a bug.

When you connect to a virtual machine in enhanced session mode, you are asked to choose some settings for display and local resources. We recently introduced dynamic resizing in Virtual Machine Connection, allowing you to change resolution after connecting, so you might not care any more about specifying it here. You can just select  “Save my settings for future connections to this virtual machine”, and you won’t see this page again. 

However, you still might want to occasionally configure local resources like audio and devices, so there are 2 easy ways to get back to it:

• Open VMConnect from command line or Powershell, and specify the /edit flag to open the session settings. 

• In Hyper-V Manager, you will see an option to “Edit Session Settings…” for any VM for which you have saved settings. 

-Andy

Cybercriminals are using a combination of improved script and well-maintained download sites in trying to install Locky and Kovter on more computers.

A few months ago, we reported an email campaign distributing .lnk files with a malicious script that downloaded Locky ransomware on target computers. Opening the malicious .lnk files executed a PowerShell script that performed a download routine. More recently, we have found a more complex version of the script delivering more malware from more download sites.

This new script has no less than five different hardcoded domains from which it attempts to download malicious code. In addition to Locky, this script also now downloads Kovter.

The script attempts to access a specific location in the domains by using a parameter. It does this for all for domains, one by one, until it is able to successfully download its payload. If unsuccessful in the first pass, it uses another parameter and goes through the five domains again. It exits after a second pass and still no successful download.

The use of multiple domains and the technique of storing the rest of the URL as a parameter is a way to circumvent URL filtering solutions. All the script needs is one URL that is not blocked in order to successfully download malware.

On the other hand, the fact that the script uses specific parameters means the cybercriminals have complete control of the domains, whether they are compromised websites or were set up specifically for this purpose. More importantly, we observed that the malicious websites are updated with new versions of the malware payload every day.

This setup gives cybercriminals behind these attacks a great level of flexibility. They have the option to update the malware payload pointed to by the URLs, change the URLs in the script, or do both to try and evade detection.

Email campaigns distribute the updated script

Just like the previous version, the new PowerShell script is contained in .lnk files within .zip files that are spread via email.

The email messages in this new campaign spoof US Postal Service (USPS) delivery emails.

Figure 1. Sample spam email with malicious .zip attachment.

Figure 2. Another sample spam email with malicious .zip attachment.

The attachment is a multi-layer .zip file. The second .zip file contains the malicious .lnk file.

Figure 3. The attachment is a .zip file, which contains another .zip file, which in turn contains the malicious .lnk file.

The .lnk file points to a command line containing the PowerShell script. Opening the shortcut file executes the PowerShell command.

Figure 4. Command line with the PowerShell script.

The script contains the hardcoded domains and the parameters it uses for the download routine. For each attempt to download, it checks if download is successful and if the downloaded file is at least 10KB. It stops trying to download when these conditions are met, or when it has gone through the five domains twice with no successful download.

Figure 5. The malicious PowerShell code in readable format

Locky and Kovter as payload

During our testing, the URLs that result from adding the first parameter to the five domains point to a copy of Locky ransomware, similar to the previous campaign. Locky is one of the most prominent ransomware families, infecting almost 500,000 computers in 2016 alone. It’s known to use the email vector. It encrypts files and renames them using the following filename extensions: .locky (where it got its name), .zepto, .odin, .thor, .aeris, and .osiris (used by the Locky version in this attack).

Figure 6. The part of the script that adds a parameter to the domain

The second parameter results in URLs that point to a copy of the click-fraud Trojan Kovter. Kovter is a complex malware whose file-less persistence makes it more difficult to detect than traditional malware.

As mentioned, the cybercriminals update the payload downloaded by the PowerShell script. We have seen this being done on a day-to-day basis. During our testing, the malware payload was updated with newer versions of either Locky and Kovter, but technically the attackers can change this to any malware they wish to use.

It is important to note that Locky and Kovter have not been observed to be related pieces of malware in the past. However, they can both be used by cybercriminals to earn money at the expense of victims. The use of these two distinct malware families demonstrates the flexibility that attackers have in a setup like this. This may also indicate that the attackers in control of the servers can sell or rent them out as pay-per-install service. This also proves that cybercriminals will use whatever is available to them to accomplish their goal of siphoning money off victims.

Windows 10 protection against more complex attacks

This new technique shows how determined cybercriminals can be in improving their tools to try and evade security solutions. The attackers came up with a setup that gives them the flexibility to launch campaigns with fresh payloads. Complex attacks like this that combine the use of email, web, and malicious file require a strong defense stack that will stop the attack chain at multiple points.

In Windows 10, PowerShell version 5 can be locked down to “Constrained Mode“, which limits the extended language features that can lead to unverifiable code execution such as direct .NET scripting, invocation of Win32 APIs via the Add-Type cmdlet, and interaction with COM objects.

Figure 7. “Constrained Mode” stops the malicious PowerShell from connecting to the web to download the payload

Enable Windows Defender in Windows 10 to get up-to-date, real-time protection against threats. PowerShell is deeply integrated with Antimalware Scan Interface (AMSI) in Windows 10 to allow registered antivirus software that support AMSI, like Windows Defender, to inspect content at runtime, enabling the antivirus software to detect malicious code regardless of obfuscation. Windows Defender also detects the malware payload Locky and Kovter.

For enterprises, use Office 365 Advanced Threat Protection. It has machine learning capability that helps network administrators to block dangerous email threats.

Use Device Guard, which can lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run.

For security operations teams, use Windows Defender Advanced Threat Protection to get alerts about suspicious activities, including the download of malware, so you can detect, investigate, and respond to attacks.

Figure 8. Windows Defender Advanced Threat Protection raises an alert for malicious PowerShell script downloading malware.

Additional resources

Check out the following resources to know more about PowerShell protection:

• “Constrained PowerShell”, Windows PowerShell blog
• “Windows 10 to offer application developers new malware defenses”, Microsoft Malware Protection Center blog
• “How to think about those darn PowerShell attacks” (video), DerbyCon 2016 keynote by Jeffrey Snover and Lee Holmes

Duc Nguyen
MMPC