Archive for the ‘Technology’ category

Chrome flaw-urgent update

September 7th, 2022

An urgent warning has been issued for BILLIONS of Google Chrome users by Google to warn that its web browser users that there is a vulnerable flaw.

 Chrome has launched a new update – across Windows, Max and Linux computers.

Chrome users need to relaunch the browser to activate the update. This will update Chrome to version 105.0.5195.102 for Windows, Mac, and Linux. 

To update Chrome, click on the three-dot menu on the top-right of your Chrome window. Then users should go to Help > About Google Chrome to see if the update is available, before clicking the download button.

Please see the Chrome Security Page for more information.

This latest update comes just days after Google released Chrome version 105 on August 30th. That update already came with 24 security fixes. Apparently, that still wasn’t enough. This is the sixth zero-day vulnerability Chrome has faced so far this year. The last vulnerability that was actively exploited was just flagged in mid-August,

USB 4 version 2.0

September 3rd, 2022

USB 4 version 2.0 is expected to provide twice the speed of data performance over existing USB Type-C cables and connectors. The new technology, will launch later in 2022, and should deliver greatly improved connectivity and data transfer speeds. The advances, are made possible by a new physical layer architecture allowing up to 80GBps operation – even when using previous USB C passive cables, which previously allowed up to 40GBps speeds.

his means that a 40GBps cable bought today would soon be able to deliver double these speeds, with no extra effort required by the user. 

Existing USB-C and USB Power Deliver (PD) specifications will be updated to enable the new levels of performance, with the protocols backwards-compatible with USB 4 version 1.0, USB 3.2, USB 2.0 and Thunderbolt 3. There’s also improved support for DisplayPort and PCIe, where improved data tunnelling will be used to harness the best possible bandwidth.

Solutions will most benefit from this speed enhancement include: higher-performance displays, storage, and USB-based hubs and docks.

More information, together with detailed technical specifications into how USB 4 version 2.0 will work, are expected to be revealed in November 2022.

Why now is the time to adopt Power Bi – ask Synergy Software Systems, Dubai

August 19th, 2022

Power BI innovation never stops. For several years in a row now, it is positioned as a leader in the 2021 Gartner Magic Quadrant for Analytics and Business Intelligence Platforms, furthest to the right for completeness of vision and furthest up in the ability to execute within the Leaders’ quadrant.

The gaps are widening with interactive reports, paginated reports, datasets, dataflows, deployment pipelines, scorecards, dashboards, metrics, data alerts, and much more, and recently announced in public preview, self-service datamarts. No wonder, customers are adopting Power BI at an accelerated pace. Boost Office 365 productivity with Power BI integrated into PowerPoint and Microsoft Teams, connect to data anywhere with hundreds of built-in connectors, leverage industry-leading AI, go quickly from insight to action with the Microsoft Power Platform, and provide best-in-class mobile experiences with Power BI Mobile.

Reports can be mobile friendly, they can be paginated, and you can link into Azure Analysis Services.

Microsoft Edge browser improvements

July 31st, 2022

Microsoft Edge is the built-in browser on Windows 11 and Windows 10.

It’s powered by Chromium, which ensures its compatibility with the vast majority of the web.

Starting with Edge 102, the browser will automatically compress disk caches to optimize performance.

Using too much disk space can worsen the browsing experience as well as bog down an entire system.

“When a browser uses too many resources, it not only impacts the browsing experience but can also slow down the entire system,” explained Microsoft’s Edge team in a blog post. “However, when it comes to performance optimizations, we often need to balance optimizing for the entire system, since optimizing for one resource can often come at a cost increasing the use of another resource.”

Browsers store content from the web by using disk caches. This allows Edge and other apps to access information quickly. While browsers, including Edge, already moderate how much disk space they take up, compressing content allows for further optimization.

Contents within caches are usually highly compressible. “Since the contents in these cache(s) are often highly compressible, compression results in increasing the likelihood that the requested resource can be fetched from the disk.”

Edge will automatically compress disk caches on eligible systems. The browser has to check whether a system is eligible to ensure that compression will not result in poor performance.

Cache compression is particularly advantageous for systems with a “clear” amount of available storage space, which is otherwise quickly used up with unlimited cache.

Most recently, the browser’s CPU and memory requirements have been slashed, which would have a less damaging effect on battery life. Bleeping Computer(opens in new tab) reports that sleeping tabs should use 32% less memory on average, with CPU usage dropping by 37%.

An upcoming update could give users a whole new way to interact with Edge by using custom commands. Microsoft Edge Canary 105 will see a feature that enables the command bar to run commands from a launcher integrated into the browser. Unlike rivals such as Chrome and Firefox, the new command bar is not located in the browser address bar, but as a standalone option, which we can hope will provide much smoother functionality.

he new command bar is opened by pressing Ctrl+Shift+Space, and sits just below the Microsoft Edge address bar. 

Although given the official name DevTools Command Palette, ghacks.net found that a wide range of commands could be used in the bar, including creating a new window or tab, opening office web apps, and even opening other apps such as Stack Overflow.

Users already signed up to Microsoft Edge Canary are able to try out the new feature now by updating to the latest build. The tool is still in development, so there’s no news yet on a potential release date, but if it gets enough engagement in the testing phase, there’s no reason why it shouldn’t become a part of Microsoft Edge in the future.

Microsoft has been made aware that some users are experiencing issues with favorites synchronization and plans to fix this in an upcoming release.

Xcitium – the new Comodo zero threat solution

July 31st, 2022

Every 11 seconds a new ransom incident occurs and every day the AV-TEST Institute registers over 450,000 new malicious malware and unwanted applications.

What if you could provide 100% protection from those unknown ransomware and malware attacks?

Well, – Now you can!

Comodo Security Solutions has rebranded as Xcitium as it unveils its patented ‘ZeroThreat‘ technology, to be the first in this new Gartner Domain Space “Containment for Endpoints”

Xcitium will have an official launch at the Black Hat USA Exhibition (Aug 6-11, 2022). 

ZeroThreat’ technology employs Kernel API Virtualization to isolate and eliminate threats such as zero-day ransomware and other malware before those can cause damage, all without interfering with a customer’s operations. 

“Xcitium’s ZeroThreat Technology, utilizing patented Kernel API Virtualization, prevents unknown malware from accessing critical system resources that cause damage, while providing complete use of the unknown file or application—this is a distinct departure from all existing vendors which terminate the offending unknown once their engine makes a threat determination,” 

Sarah Pavlak, Industry Principal at Frost & Sullivan

(In 2018, as Comodo, the company expanded beyond its original business strategy of keeping the Internet secure through SSL certificates. It focus was on unified managed endpoint protection in response to the increasing, advanced threat, landscape.

Since its inception, Xcitium has a track record of zero security breaches when completely configured.

The ZeroThreat technology is the cornerstone of the Xitium endpoint suite.

It is built with a signature role to keep the Internet safe with:

  • advanced endpoint protection (AEP),
  • endpoint detection and response (EDR),
  • managed detection and response (MDR).

For more information, contact: Synergy Software Systems 0097143365589

End of support for Microsoft SQL 2012

July 15th, 2022

Microsoft on Tuesday announced that it will no longer be supporting SQL Server 2012     

The product, on July 12, 2022, reached the end of its 10-year support model. It means that SQL Server 2012 will no longer get future security patches from Microsoft. The server continues to run under such circumstances, but organizations may be potentially exposed to future security troubles and they could get encumbered by the compliance implications of running unsupported software.

Organizations who need to stick with SQL Server products, have four options:

  • Organizations can upgrade to SQL Server 2019.
  • Organizations can continue to use SQL Server 2012 and get “Critical” security patches only via Microsoft’s Extended Security Updates (ESU) program for up to three years.
  • Organizations can move their SQL Server 2012 workloads into Microsoft Azure virtual machines, where Microsoft provides the ESU patches at no cost.
  • Lastly, Microsoft advocates using Azure SQL Managed Instance, which is an Azure platform-as-a-service offering that promises high compatibility with on-premises SQL Server.

The Azure SQL Managed Instance option is similar to the Azure Arc-enabled SQL Managed Instance service, but the latter lets organizations continue to use their own infrastructure. The nuances between those two options are described in this Sept. 30, 2020 Microsoft Tech Community post.

While the ESU program offers a grace period of sorts for SQL Server 2012 users, its use with on-premises servers comes with licensing requirements. Organizations will need to have Software Assurance coverage, which is an annuity cost. However, they can only buy ESUs when they have an “Enterprise Agreement (EA), Enterprise Subscription Agreement (EAS), a Server & Cloud Enrollment (SCE) and Enrollment for Education Solutions (EES)” licensing, according to Microsoft’s end-of-support FAQ document.

The ESU program lets organization buy Critical security patches in one-year increments, for up to three years maximum. Microsoft hikes the ESU price each year by 25 percent of the base price of SQL Server 2012 license, according to the following formula:

  • Year 1: Approximately 75% of full license price
  • Year 2: Approximately 100% of full license price
  • Year 3: Approximately 125% of full license price

Those incremental fees no doubt are designed to prod organizations into moving their SQL Server 2012 workloads into Azure virtual machines, where Microsoft provides ESU patching for free.

For organizations making the move to cloud services, Microsoft’s  Azure Migration and Modernization Program offers either Microsoft ,or partner support for moves to Azure services. This program is billed as being available to organizations of all sizes, and bearing “no additional cost” for Azure customers, per its landing page.

Microsoft has recently beefed up the funding for the Azure Migration and Modernization Program.

“We’re now investing significantly more to support your largest Windows Server and SQL Server migration and modernization projects, up to 2.5 times more than previous investments, based on project eligibility,” the announcement indicated. “This investment will help with your migration in two ways: partner assistance with planning and moving your workloads, and Azure credits that offset transition costs during your move to Azure Virtual Machines, Azure SQL Managed Instance, and Azure SQL Database.”

The announcement also warned that Windows Server 2012 and Windows Server 2012 R2 will be reaching their end-of-support phasesnext year on October 10, 2023.”

Microsoft plans to offer its ESU patch program and its Modernization migration support program for those servers as well.

Next year, in April, many of Microsoft’s 2013-branded application servers will also fal out of support 

Note: Before you upgrade SQL, check the compatibility of the software that runs on it with the new version of SQL – you may be faced with the need to also update those systems to later versions for example older versions of Dynamics Ax,

Comodo Scores 100% in Endpoint and Internet Security Detection Tests – Ask Synergy Software Systems

June 25th, 2022

Comodo is the only Endpoint Protection company that is brave enough to publicly announce 100% protection against Ransomware and Malware for your endpoints.

Such a bold statement!!! We will be happy to demonstrate the unprecedented technology behind this statement (Valkyrie AI-based Auto Containment).

In March of 2022, AVLAB completed the 17th edition of its Advanced In The Wild Malware Test. Ten endpoint protection products were continuously evaluated, using thousands of unique malware samples to challenge the solutions against real-world threats. Products needed to demonstrate their capabilities using all components and protection layers.

Both Comodo’s Advanced Endpoint Security and Internet Security solutions received top honors with a recognition of ‘Excellent’. The products blocked all 2,050 possible threats and provided protection against all 0-day samples. Comodo’s Advanced Endpoint Protection (AEP) is the only solution that prevents 100% of ransomware and other malware, utilizing a patented, virtual isolation capability that confines unknown files and code in a protective container until it is determined to be 100% safe.

Once again, Comodo has proven the effectiveness of our solution during this latest evaluation,” said Faith Orhan, EVP of Engineering at Comodo. “As the results of this test illustrate, Comodo is still the only endpoint security solution on the market that applies the Zero Trust principle of ‘Never Trust; Always Verify.”

June 2022 cumulative Windows Update to seal the zero-day security hole

June 18th, 2022

the June 2022 cumulative Windows Updates seal the zero-day security hole that enabled an exploit called Follina (CVE-2022-30190). 

The security flaw was in a Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution bug, which allows hackers to execute arbitrary code within apps by using the tool, such as installation of programs, change or deletion of data or creation of a new Windows account with a compromised user’s rights on the affected PC.

The bug affects machines running Windows 7 and later. 

The bug appears to have been exploited by Chinese hackers to send malicious documents to Tibetans. and also to target U.S. and European Union government agencies. 

Other cyber-savvy criminals could use the same exploit on unpatched PCs to cause havoc. so we like Microsoft, recommend that you ensure your PC is patched as soon as possible. 

Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action,” said Microsoft.

With automatic updates enabled you should already protected. If not then to ensure you have the latest patch go to the Windows Settings app, navigate to the Windows Update section to see whether your PC is up to date,, or needs an update, or in some cases a restart to apply the update.

Do this to keep your PC protected from malicious and opportunistic hackers. 

Cybercrime update – increasingly scary

June 13th, 2022

According to the recent 2022 Ransomware Trends Report” (Veeam), compiled by surveying 1,000 global IT leaders, paying a ransom for an organization’s hijacked data doesn’t ensure return of the stolen data.   

  • 24 percent of organizations that paid the amount demanded by ransomware attackers ended up not recovering their stolen data.
  • 19 percent of those affected by ransomware were able to recover their data through their own means and without having to pay off the attackers.
  • When data is eventually recovered after remediation through payment, data recovery took an average of 18 days.
  •  (22 percent) reported it took one to two months to fully recover the data,
  • 3 percent said they were down for two to four months.
  • Some time was spent decrypting the encrypted stolen data, but much of the downtime is attributed to deep scans of restored systems to confirm they were “clean” from any ransomware remnants.
  • Backup repositories were targeted 94 percent of the time.
  • Specific production platforms or application types were targeted in 80 percent of successful ransomware attacks, making ransomware prevention not just the duty of IT security
  • Phishing e-mails and malicious links and Web sites continue to be the top (44 percent) ransomware entry points,
  • Infected patches and software are close behind with 41 percent of all ransomware attacks by those surveyed.
  • The remaining entry point sources:
    • Compromised credentials and spraying attacks (35 percent).
    • Insider threats (32 percent).
    • Zero-day vulnerabilities (26 percent).
    • Only 1 percent of those who experienced a ransomware attack were not able to identify the entry point

About 25 years ago a business report indicated that a majority of companies that lost their computer system for more than one week went out of business within 18 months. A sobering thought given our increased dependence on systems in the digital age, and the surge in state sponsored cybercrime.

The 2022 Ransomware Trends Report” indicates that most organizations don’t have the tools or know-how  to recover their hijacked data before they end up paying for their data back.

  • A strong Modern Data Protection strategy requires a commitment to a clear policy that the organization will never pay the ransom, but do everything in its power to prevent, remediate and recover from attacks,.  
  • IT should routinely test their data protection solutions and protocols and ensure that employees are well-versed in spotting possible ransomware attacks.

Veeam credits the improvements in monitoring tools and a concerted effort toward ransomware prevention by many IT shops for the high success in identifying the source of ransomware.

The report finds that.

“This alone should drive broader conversations within IT, so cyber security isn’t just the delegated to the security team; database administrators should also help ensure that database servers are secure and administrators should help ensure hypervisors are patched, that Windows updates are routinely run, etc.,”

How to protect yourself against ransomware

Whether a simple ransomware attack, a double- or triple-extortion attack, a self-contained threat family, or a RaaS attack executed by an affiliate network, the defense strategy is the same: employ the principles of zero trust to limit vulnerabilities, prevent and detect attacks, and limit the blast radius of successful breaches.

 Here are some best practices recommendations to safeguard your organization against ransomware:

  • Get your applications off of the internet. Ransomware actors start their attacks by performing reconnaissance on your environment, looking for vulnerabilities to exploit, and to calibrate their approach. The more applications you have published to the internet, the easier you are to attack.
  • Use a zero trust architecture to secure internal applications, make those invisible to attackers.
  • Enforce a consistent security policy to prevent initial compromise. With a distributed workforce, it is important to implement a security services edge (SSE) architecture that can enforce consistent security policy no matter where your users are working (in office or remotely). 
  • Use sandboxing to detect unknown payloads. Signature-based detection is not enough in the face of rapidly changing ransomware variants and payloads. Protect against unknown and evasive attacks with an inline, AI-powered sandbox that analyzes the behavior rather than the packaging of a file.
  • Implement a zero trust network access (ZTNA) architecture. Implement granular user-to-application and application-to-application segmentation, brokering access using dynamic least-privileged access controls to eliminate lateral movement. This allows you to minimize the data that can be encrypted or stolen, reducing the blast radius of an attack. 
  • Deploy inline data loss prevention. Prevent exfiltration of sensitive information with trust-based data loss prevention tools and policies to thwart double-extortion techniques.
  • Keep software and training up to date. Apply software security patches and conduct regular security awareness employee training to reduce vulnerabilities that can be exploited by cybercriminals.
  • Have a response plan. Prepare for the worst with cyber insurance, a data backup plan, and a response plan as part of your overall business continuity and disaster recovery program.
  • To strengthen defences against ransomware, embrace layered defenses that can disrupt the attack at each stage—from reconnaissance to initial compromise, lateral movement, data theft, and ransomware execution.

The amount of time cyber criminals intruders are spending inside victims’ networks is increasing, providing them with the ability to carry out higher complexity campaigns and more damaging cyber attacks.

According to analysis by cybersecurity researchers at Sophos, who examined incidents targeting organisations around the world and across a wide range of industry sectors, the median dwell time which cyber criminals spend inside compromised networks is now 15 days, up from 11 days the previous year.

The 2022 ThreatLabz State of Ransomware report breaks down a year’s worth of intelligence from a variety of sources, including over 200 Billion daily transactions and 150M daily blocked threats across the Zscaler Zero Trust Exchange, and shows that ransomware is becoming even more attractive to criminals. Attackers are able to wage increasingly profitable campaigns based on three major trends:

  • Supply chain attacks,
  • ransomware-as-a-service ecosystems,
  • multi-extortion tactics.

Ransomware attacks increased by 80% year-over-year, accounting for all ransomware payloads observed in the Zscaler cloud.

  • Double extortion ransomware overall increased by 117%.
  • Manufacturing was the most targeted industry for the second year running, – almost 20% of double-extortion ransomware attacks.

 Some industries saw particularly high growth of double-extortion attacks, including:

  • healthcare (643%),
  • food service (460%),
  • mining (229%),
  • education (225%),
  • media (200%),
  • manufacturing (190%).

Some recent events………

The DeadBolt ransomware started 2022 with attacks that targeted internet-facing Network-Attached Storage (NAS) devices.

  • First target was QNAP Systems, Inc. in January 2022. According to a report from Censys.io, Jan. 26, 2022, out of 130,000 QNAP NAS devices that were potential targets, 4,988 services showed signs of a DeadBolt infection.
  • ASUSTOR, another NAS devices and video surveillance solutions vendor, also experienced DeadBolt ransomware attacks that targeted an unknown number of its devices.
  • In March, DeadBolt attackers again targeted QNAP devices; and  the number of infections reached 1,146 by March 19, 2022.
  • On May 19,2022, QNAP released a product security update stating that internet-connected QNAP devices were again bargeted by DeadBolt, this time aiming at NAS devices using QTS 4.3.6 and QTS 4.4.1.
  • The number of DeadBolt-infected devices is very high for a ransomware family that exclusively targets NAS devices.

LockBit 2.0 is ransomware as a service (RaaS)

  • This first emerged in June 2021 as an upgrade to its predecessor LockBit (aka ABCD Ransomware), which was first observed in September 2019.
  • Since its inception, the LockBit 2.0 RaaS attracted affiliates via recruitment campaigns in underground forums, and thus became particularly prolific during the third quarter of calendar year 2021. The LockBit 2.0 operators claimed to have the fastest encryption software of any active ransomware strain as of June 2021, claiming accordingly that this added to its effectiveness and ability to disrupt the ransomware landscape.

An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it’s only getting bigger.

  • Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page – out of around 400 Pixm found – got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022.
  • The flow of this phishing campaign isn’t unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account.

The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage.

  • The attack occurred last Friday, and all internet-relying services remain unavailable, impacting 1.3 million people and many tourists visiting the city.
  • The authorities admitted the severity of the incident on Monday and explained that all systems had to be taken offline to contain the damage, warning that the outages might last a few more days.

Shields Health Care Group Inc., which provides imaging and ambulatory surgical services at dozens of locations, said in a notice on its website Tuesday that data including names, Social Security numbers, dates of birth, and medical or treatment details is among the information that may have been compromised.

  • The breach has been reported to federal law enforcement and the U.S. Department of Health and Human Services Office for Civil Rights.
    • That agency reported on its website that 2 million people were affected.
    •  An FBI spokesperson said the agency had no comment.

The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks.

  • Cuba ransomware’s activity reached a peak in 2021 when it partnered with the Hancitor malware gang for initial access.
  • By the end of the year, it had breached 49 critical infrastructure organizations in the United States.

Russia-Ukraine

The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was “one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare,” according to Dmitri Alperovitch, co-founder of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator.

  • An obvious purpose of the attack was to  disrupt Ukrainian communications during the invasion, by wiping the modems’ firmware remotely, it also disabled thousands of small-aperture terminals in Ukraine and across Europe.
  •  The attack disrupted satellite connectivity for thousands, and disabled remote monitoring of 5,800 wind turbines in Germany.

The Russia-Ukraine conflict has the world on high alert.

  • Several attacks associated with the Russia-Ukraine conflict, combined multiple tactics, such as HermeticWiper and PartyTicket ransomware.
  • Most of this activity has targeted Ukraine.
  • Government agencies have warned organizations to be prepared for more widespread attacks as the conflict persists.

Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India.

  • The Microsoft Digital Crimes Unit said the gang, dubbed Bohrium, took a particular interest in those working in technology, transportation, government, and education sectors: its members would pretend to be job recruiters to lure marks into running malware on their PCs.
  • “Bohrium actors create fake social media profiles, often posing as recruiters,” said Amy Hogan-Burney, GM of Microsoft’s Digital Crimes Unit. “Once personal information was obtained from the victims, Bohrium sent malicious emails with links that ultimately infected their target’s computers with malware.”

Last month the notorious Russian ransomware gang Conti threatened that if a ransom wasn’t paid it would overthrow Costa Rica’s government.

This month, the Hive ransomware gang hit Costa Rica’s Social Security system, and also struck the country’s public health agency, which had to shut down its computers on Tuesday to prevent the spread of a malware outbreak.

The Costa Rican government said at least 30 of the agency’s servers were infected, and its attempt at shutting down systems to limit damage appears to have been unsuccessful. Hive is asking for $5 million in Bitcoin to unlock infected systems.

As ransomware becomes less profitable or carries a higher risk for attackers It is logical for ransomware actors to eventually convert their operations to business email compromise (BEC) attacks.

In the US, the Federal Bureau of Investigation has repeatedly found that total money stolen in BEC scams far exceeds that pilfered in ransomware attacks—though ransomware attacks can be more visible and cause more disruption and associated losses.

The newer Industrial Spy group is applying greater pressure on victims by hacking their websites to display ransom notes.

The Canadian Department of National Defence confirmed recently that a key supplier – CMC Electronics  a key supplier to a critical defence initiative.–  reported that they were victim of a ransomware attack.

  • CMC makes cockpit systems integration, avionics, display solutions, and high-performance microelectronics for military and commercial aircraft.
  • It was recently selected to supply the avionics and software applications for the Royal Canadian Air Force’s new Calidus B-250 turboprop light attack combat and training aircraft
  • It was reportedly attacked by a gang calling itself AlphV. The FBI say the gang also operate under the name BlackCat. and had compromised over 60 organizations worldwide as of March of this year.

Power Apps April release wave 1 2022 for Model-driven apps

March 12th, 2022

The Power Apps April release wave 1 for Model-driven apps is now available for you to take advantage of. In this release wave you can take advantage of cohesive and modern experiences while collaborating with team members in Power Apps.

Collaboration with colleagues and task productivity is more important than ever before for business users.   These are two main focuses of the Wave 1 release, and we have several features you can opt into in order to streamline productivity.

Task productivity updates include:

  • Modern Power Apps grid and view pages have been enhanced and will be auto enabled during this wave

Opt-In Updates:

  • Modern Advanced Find allows users to access any table and use advanced filters to explore data
  • Users can be alerted to key items to address, which makes them more likely to be successful leveraging In App Notifications

Collaboration opt-in updates include:

  • See colleagues who are currently working on the record and easily start chats with them
  • See on-line status of colleagues in-app and easily start chats with them via improved people card
  • Easily share links to records with colleagues

Task Productivity

Power Apps grid

Model-driven apps are first to feature the new Power Apps grid, a new read-only grid control, both inside the view page and inside forms (sub-grids). The new grid control follows Microsoft Accessibility Standard and will be auto enabled as part of this wave release.

In addition to improved performance, the new control supports:

  • Remembering grid view settings across the session
  • Ability to resize columns
  • Ability to reorder columns (via column options UI)

The grid view page in Model-driven apps now features column options settings that let app users customize which columns are shown in the grid. Additional text make sit easy for your end users to discover this capability.

With this feature, users can:

  • Add new columns, from current or related tables.
  • Remove columns.
  • Change the order of columns in the grid

When the grid is auto enabled with this release, the classic jump bar experience is disabled by default, but can be enabled.  Infinite scrolling will be an option in future waves. To opt out of the new Power Apps read-only grid control, the Power Platform Admin Center to toggle the “Enable the modern-read only grid experience” switch under the “Grids and views” section.

Modern Advanced Find

With modern advanced find, you can access any table in a model-driven app through search and use advanced filters to explore the data easily. The new view management experience will provide you with options to share views so you can collaborate with your team easily. Managing views is simpler with personalization options to build your own set of views.

In App Notifications are Generally Available starting in April 2022

The in-app notification feature that was announced for public preview July 2021 with Model-driven app adds in-app notifications will reach general availability in April 2022. A maker can opt-in to this feature using the modern app designer preview.  Open the settings > Upcoming features and then enable “In-app notifications”.

Multiplayer App Collaboration

Co-presence in records and Owner field online presence

Now you can see who’s currently working on a record including their online status. You can also start a chat or send them an email and take collaboration to the next level.  This feature is currently available on the Account, Case, Opportunity, and Contact tables.

Avatar and on-line availability of colleagues is immediately obvious in the UI with the new persona card shown in the form owner field, lookups and grids. Click on the avatar to expose the improved contact card to start a chat or email.

Easy record sharing

Share records as easy as Office documents. Use the new share button to email a link or copy the link and share it with someone else. A link to the record can only be shared with users who have permissions to access the record currently, but we are working on expanding this in the future.

Get started today by opting your environment into the 2022 April Release Wave 1, learn how ( https://docs.microsoft.com/power-platform/admin/opt-in-early-access-updates  ).