Published: Sep 14, 2023
Key takeaways:
- Microsoft’s 23H2 update for SharePoint Server SE introduces AMSI protection, enhancing security by scanning web requests for potential threats before reaching SharePoint Server.
- The update includes a new SharePoint health analyzer rule and LDAP support in the People Picker.
- IT administrators can now manage feature release rings through PowerShell, offering greater deployment flexibility.
Microsoft has announced the release of a new feature update (23H2) for SharePoint Server Subscription Edition (SE). Among the highlights is the integration of Antimalware Scan Interface (AMSI) protection, which is now enabled by default across all supported SharePoint Server products.
“It allows SharePoint Server to work with AMSI-compatible antimalware solutions such as Microsoft Defender to scan all web requests sent to SharePoint Server. Antimalware solutions examine each web request against their own signatures and heuristics to determine if a request is potentially malicious. If it’s determined to be potentially malicious, they will block the web request before it’s handed off to SharePoint Server to be processed,” Microsoft explained.
Microsoft highlights that this approach allows customers to quickly update and distribute antimalware signatures. This eliminates the need for end users to install the updates manually in order to protect their systems against old and emerging security threats. This capability is available for SharePoint Server 2016, SharePoint Server 2019, and SharePoint Server SE.
Microsoft has added a new SharePoint health analyzer rule for SharePoint Server Subscription Edition, 2019, and 2016. The feature sends “simulated web requests” to actively verify that AMSI is working properly on any application. Meanwhile, IT admins will be able to view a report about any failures and mitigation strategies within SharePoint Central Administration.
Microsoft also announced that the People Picker now supports the Secure Lightweight Directory Access Protocol. The People Picker feature allows users to find users and groups in Active Directory forests and domains. This release lets People Picker protect LDAP traffic to TCP ports 636 and 3269 with TLS connection encryption.
SharePoint Server Subscription Edition version 23H2 lets IT admins choose the release rings option to deploy feature updates through PowerShell. “Up until now, organizations could only make this choice through the Feature Release Preference page in SharePoint Central Administration,” which was a limitation on those organizations that carry out scripted deployments,” Microsoft added.
Last but not least, Microsoft notes that it’s now possible for organizations to apply custom branding to the Suite Bar. The feature lets SharePoint admins add custom text, hyperlinks, color schemes, and logos to all sites within a web app.