Laggy Overlay on AVD with published Apps on Windows App for Web (HTML5) ? See here why https://www.julianjakob.com/windows-cloud-laggy-overlay-in-published-apps/

I wrote a couple of articles on automating Nerdio Manager Shell Apps with the new REST API: https://stealthpuppy.com/nerdio-shell-apps-p1/ https://stealthpuppy.com/nerdio-shell-apps-p2/

❓ Does anyone have recent experience with static site generators other than Jekyll or Hugo? Looking to see what else is around that might be simpler or better

.NET Bounty Program now offers up to $40,000 in awards  We’re excited to announce significant updates to the Microsoft .NET Bounty Program. These changes expand the program’s scope, simplify the award structure, and offer great incentives for security researchers. The .NET Bounty Program now offers awards up to $40,000 USD for vulnerabilities impacting the .NET and ASP.NET Core (including Blazor and Aspire).

New research about deployment times in Azure: https://www.go-euc.com/how-consistent-are-the-azure-deployment-times/

Zero Day Quest: Join the largest hacking event with up to $5 million in total bounty awards Last year, we announced the largest hacking event in history: Zero Day Quest, with up to $4 million in bounty awards. The response from the global security community was incredible and helped improve security for our customers and partners. This year, Zero Day Quest is back with even more potential bounty awards: up to $5 million total for high-impact research in Cloud and AI security.

Microsoft Bounty Program year in review: $17 million in rewards We’re thrilled to share that this year, the Microsoft Bounty Program has distributed $17 million to 344 security researchers from 59 countries, the highest total bounty awarded in the program’s history. In close collaboration with the Microsoft Security Response Center (MSRC), these security researchers have helped identify and resolve more than a thousand potential vulnerabilities, strengthening protections for Microsoft customers around the world.

In the past, filtering published Apps visibility on Citrix DaaS with Entra ID groups was only possible when linked to application groups. Now, you can add the filter on the published app, directly. But watch out regarding a minimum VDA version. https://www.julianjakob.com/citrix-daas-filtering-published-apps-with-entra-id-groups/

I made a blog post about my time at EUC World Amplify and my experience presenting for the first time. https://thedxt.ca/2025/08/i-went-to-euc-world-amplify-2025/

For awhile, people have been requesting me to write a guide on migrating from Workspace ONE to Microsoft Intune as contracts are expiring and people reassess what platform makes the most sense to them. Read my new article and first ever akams detailing the challenges and options on migrating #mdm for each platform along with some data migration and backup strategies https://aka.ms/WS1toIntuneGuide

Today, I'm proud to announce the official release of a new product that I mentioned in my recent blog article. We have now released our Workspace ONE to Microsoft Intune migration portal for mobile devices. This is a portal that customers can self-host as an Microsoft Azure Static WebApp powered with their SSO, is easily customizable, and secured to align with their policies. This app after user login, will pull all of their existing WS1 devices and easily help them migrate to Intune supporting iOS and Android with all flavors of enrollment as it walks them through the journey of switching MDMs with ease.

postMessaged and Compromised At Microsoft, securing the ecosystem means more than just fixing bugs—it means proactively hunting for variant classes, identifying systemic weaknesses, and working across teams to protect customers before attackers ever get the chance. This blog highlights one such effort: a deep dive into the risks of misconfigured postMessage handlers across Microsoft services and how MSRC worked with engineering teams to mitigate them.

Sometimes, I see a gap in documentation/blogs and want to write something people can reference. This week, I wrote some theorycrafting on a good strong baseline for Nerdio autoscaling for https://mobile-jon.com/2025/08/26/creating-the-ideal-nerdio-autoscaling-baseline-policy

BlueHat Asia 2025: Closing soon: Submit your papers by September 5, 2025 The next chapter of the Microsoft Security Response Center’s (MSRC) BlueHat security conference is fast approaching. BlueHat Asia 2025 will take place in Bengaluru, India, on November 5 – 6, 2025 and the Call for Papers is now open. Submissions will be accepted through September 5, 2025. Now in its third decade, BlueHat is more than a conference, it’s a community.

Around two months ago, I shared some insights about Windows Cloud GPU-Workload with the new Windows App capabilities. Finally, I did the same with maxing out Windows App for Web (HTML5). In the past, HTML5-based solutions primary were an alternate or fallback possibility to connect to it's EUC-solution, when the main native Client wasn't available. With todays features and performance, I personally use HTML5 more often than native Apps - especially when switching between different devices and OS'es - a Browser is always there! See now my Testresults any you will understand why I'm addicted to windows365.microsoft.com https://www.julianjakob.com/windows-cloud-windows-app-for-web-html5/

Why XSS still matters: MSRC’s perspective on a 25-year-old threat  Cross-Site Scripting (XSS) has been a known vulnerability class for two decades, yet it continues to surface in modern applications, including those built with the latest frameworks and cloud-native architectures. At Microsoft, we still receive a steady stream of XSS reports across our services, from legacy portals to newly deployed single-page apps.

NetScaler now supports (hybrid) Post-Quantum Cryptography (PQC) which will be soon NIST's new default. I also did some tests by configuring PQC and connecting with the X25519MLKEM768 key exchange. https://www.julianjakob.com/netscaler-testing-new-post-quantum-cryptography-pqc/

We found that there was a bug in the Azure instances (due to a change on the Azure backend infrastructure) that could cause issues. I wrote a blog concerning it and steps to recover if you are affected. To avoid any interruptions, these instances should be upgraded as soon as possible. https://www.ferroquesystems.com/resource/netscaler-bug-in-azure-instances-fixed/

Good morning good folks. Hope you are all having a wonderful weekend. To make the weekend even more fun, head over to the citrix community site and read my new blog about Intelligent Build to Lossless: https://community.citrix.com/techzone-blogs/app-and-desktop-virtualization/intelligent-[…]citrix%2520organic&utm_medium=social%2520media%2520organic

Securing AVD and Windows 365 with Strong Authentication https://stealthpuppy.com/avd-w365-secure-authentication/

Here’s a post and script showing how you can use PowerShell with our v4 API from Prism Central to replicate images across many clusters and many Prism Centrals ready for VDI environments. While the script is VDI focused, resulting in objects ready for provisioning, it’s also useful in gaining some understanding of how PowerShell can be used with our modern API. https://jkindon.com/distributing-nutanix-pc-recovery-points-vdi-environments/

Many people have questions and concerns around the new License Activation Service for Citrix products. We have consolidated links to Citrix alerts, product documentation, remediation and existing support articles into a single page for easy answers to the cutover in the next year. https://docs.jeffriechers.com/Citrix/LicenseActivationService/

Update the Omnissa UAG IP Configuration via Shell or Console So you’re in a situation where you need to update the Omnissa UAG IP Configuration via Shell or Console. You’re Omnissa UAG (Unified Access Gateway) network configuration usually takes place on deployment, or can be modified via the Web Admin interface running on port 9443. In some scenarios you may lose access, or have to [...] The post <a...

How to create a VDI Windows 11 Gold Image with proper vTPM for Omnissa Horizon In this video, I’ll show you how to properly create a Windows 11 gold image, for use with Omnissa Horizon (both persistent VMs, and non-persistent Instant Clones). We’ll be using the manual process to create the VDI Golden Image. In this video, I’ll show you how to: A big thank you goes out to Graeme [...] The post <a...

Brand new research by @Edwin de Bruin and @Leee Jeffries on GO-EUC! VMware ESXi Memory Management Reimagined: NVMe Tiering vs Traditional Swap https://www.go-euc.com/vmware-esxi-memory-management-reimagined-nvme-tiering-vs-traditional-swap/

Interesting read - https://www.thorsrud.io/breaking-down-information-silos-building-a-home-network-intelligence-platform/

What’s the deal with TPMs, vTPMs, vSphere NKP, and VDI? In this video, I sit down and chat with Joe Cooper to find out “What’s the deal with TPMs, vTPMs, vSphere NKP, and VDI?” We’ll be talking about everything from Physical TPMs, to Virtual TPM (vTPM), VMware vSphere Native Key Provider (NKP), and specialized workloads such as Virtual Desktop Infrastructure (VDI). A big thank you [...] The post <a...