Showing results for 
Search instead for 
Did you mean: 

IT Hour 17.June.2022

Iron I
Iron I


SME IT Trend with Tom Bridge
Tom comes and joins us on The IT Hour to talk about the SME IT Trend report. A lot of great information about how IT admins are feeling and dealing with their current roles. Check out the full report!

Community Update 

  • In case you missed last week, the Script Repo is up and running. Yay! <insert muppet flail here> Reminder: all scripts, not just JumpCloud are welcomed and encouraged. We are equal opportunity. And we’re still working on getting that knowledge base ready for guides and tutorials.
  • The Jumpies are complete and voting closed, but you can still read the entries if you’d like. Next step is the top entries go to the judges for review.
  • If you’re not paying attention to the Community News & Info blog, well, you should. That’s where we drop things like previews of upcoming badges and the like. Ahem. <cough, cough> We’ll put a link in the comments.

Community Spotlight


Check out our IT Meetup Network!

JC Platform Updates

  • Customers with Windows devices joined to AD and/or AAD with JumpCloud Agent installed can now create policies to manage those devices.
    • Get Device Telemetry (Q3 2021)
    • Harness the JumpCloud Software Management Capability (Q3 2021)
    • Leverage the value of JumpCloud Commands (Q4 2021)
    • Keep their devices more secure with JumpCloud Patch (Q1 2022)
    • Keep their devices configured and compliant with JumpCloud Policies (Now!)
    • Manage Users with JumpCloud (Future)
  • iOS Supervised Policies
    • Block Airdrop
    • Add VPN Config
    • Block iCloud Drive
    • Block Screen Time
    • And many more policies
    • You can find these settings under the “Supervised iOS Restrictions”
    • Ios 13 is required
    • Device Enrolled and Auto Enrolled devices
  • App Notification Settings for macOS and iOS
    • Each one has specific settings for the platform
    • Including iOS has settings for Carplay
    • JumpCloud Admins can now provide notification policies for application bundles so your end users do not have to configure notification policies for certain applications. 
    • You can find these settings under the Notification Settings in both Mac and iOS
    • From my understanding (and I could be wrong, since I haven’t had a chance to fully test) You will no longer need to have a custom profile to enable the JC Tray app bundle. Simply target the JC tray bundle “com.jumpcloud.jcagent-tray” and configure the notification settings within the policy

IT Trending Updates “Rapid Fire Round”

  • Microsoft Defender extends malware protection to macOS and Android—for a price (Ars Technica)
    • The Microsoft Defender antivirus product built into Windows 10 and 11 is generally good enough at detecting and removing malware that most people don't need to pay for a separate antivirus product. Today, Microsoft is extending the consumer version of the product. Called Microsoft Defender for Individuals, the new app will provide malware protection for multiple operating systems and security tips and the ability to check on the protection status of all devices signed in to your or your family's Microsoft account. It's available now for Microsoft 365 subscribers and will run on Windows, macOS, iOS/iPadOS, and Android devices.
    • This new Defender software is an offshoot of Microsoft's Defender product for businesses, which offers anti-malware protection and centralized monitoring for IT admins. The Defender app supports different features on different operating systems. On macOS and Android, it provides real-time malware protection. On Windows, it doesn't include this feature since the Defender Antivirus software is already included by default with all installs of Windows 10 and 11. Antivirus protection is also unavailable on iOS and iPadOS, where Apple restricts the kinds of things third-party apps can do. "Security tips" will only be provided in the Windows and macOS versions of the app.
  • How to Install Windows 11 22H2 Update Right Now (Toms Hardware)
    • Last week, Microsoft announced that Windows 11 22H2 (Build 22621) had been pushed to the Release Preview Channel for Windows Insiders. Windows 11 22H2 is the latest major update for Microsoft’s current consumer operating system and brings new features like Smart App Control, a redesigned Task Manager (with an efficiency mode), and new touch screen gestures (among other features). In addition, all Windows 11 versions (including Pro) now require a Microsoft account.
    • You can install the Windows 11 22H2 Update ahead of schedule in two different ways. The easiest way is to head over to Windows Update and join the Windows Insider program (if you haven’t done so already). Once that's done, you can install it from Windows Update. The second method is to create an ISO so that you can mount and update within Windows 10/Windows 11 or perform a clean install by transferring the ISO to a bootable USB thumb drive.
    • So if you want those new sweet File Explorer tabs.. Go get that insider preview!
  • If you're using older, vulnerable Cisco small biz routers, throw them out (The Register)
    • If you thought you were over the hump with Patch Tuesday then perhaps think again: Cisco has just released fixes for seven flaws, two of which are not great.
    • First on the priority list should be a critical vulnerability in its enterprise security appliances, and the second concerns another critical bug in some of its outdated small business routers that it's not going to fix. In other words, junk your kit or somehow mitigate the risk.
    • The first security flaw, tracked as CVE-2022-20798, is an authentication bypass vulnerability in the virtual and hardware versions of Cisco Secure Email and Web Manager, and the Cisco Email Security Appliance. It occurs when the device uses Lightweight Directory Access Protocol (LDAP) for external authentication, and the good news is that Cisco disables external authentication by default.
    • Another high-severity flaw, CVE-2022-20664, in these same virtual and hardware appliances could allow a remote, authenticated user to steal credentials from a LDAP external authentication server connected to a device. However, exploiting this bug would require valid operator-level, or higher, credentials. It received a CVSS score of 7.7, and Cisco issued a software update to fix this bug, too. 
  • We bid you farewell Internet Explorer. You have certainly provided many memories.
    • 🎶It’s so hard.. To say goodbye.. To Yesterday!🎶
  • Hackers based out of China Exploited Critical Security Vulnerability in Sophos Firewall (IT Security Guru)
    • Earlier this year cybersecurity firm Volexity found that the APT actor was used to infiltrate an unnamed South Asian target.
    • The zero-day flaw is tracked as CVE-2022-1040 (CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponised to execute arbitrary code remotely. The flaw affects Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier.
  • Leaked Benchmarks Confirm M2 Chip is Up to 20% Faster Than M1 (Mac Rumors)
    • Apple's new M2 chip is up to 20 percent faster than the M1 chip when it comes to multi-core performance, according to leaked M2 benchmarks from the upcoming 13-inch MacBook Pro that were discovered on Geekbench today.
    • The ‌M2‌, which runs at 3.49GHz compared to 3.2GHz for the ‌M1‌, earned a single-core score of 1919, which is roughly 12 percent faster than the 1707 single-core score of the ‌M1‌ 13-inch MacBook Pro. The ‌M2‌ earned a multi-core score of 8928, up about 20 percent from the 7419 score of the ‌M1‌ model.
    • As for the Metal benchmark, the ‌M2‌ chip scored 30627, a notable improvement over the 21001 score earned by the ‌M1‌. The ‌M2‌ chip offers up to a 10-core GPU, compared to the 8-core maximum of the ‌M1‌.