Six months ago I wrote a post on Taking Feedback. Several people asked me to write a follow up on giving feedback. Amazing how time flies and somehow I just haven’t gotten around to it – so I’m doing it now.
After more than 23 years at Microsoft, I’ve decided it’s time for me to take a break. Starting March 12th 2018, I’ll be taking a leave of absence for a year. Deciding to do this has been one of the most gut-wrenching decisions of my life.
This week we began rolling out the sprint 131 updates. You can get the details in the release notes.
There are some good things in this sprint payload (a good start at a new Work items hub, Azure DevOps projects support for VMs,
I wanted to call your attention to a good incident postmortem done by Taylor Lafrinere this week. Taylor sits in my team room and, for a week, I saw him bent over his keyboard, often with two or three people staring over his shoulders trying to figure out what had caused this incident and what we needed to do to prevent it in the future.
On Wednesday, we released a roll up of fixes for security vulnerabilities for several versions of Team Foundation Server. There are no new features in this update. Most of the vulnerabilities are related to cross site scripting (XSS), some of which were customer reported. The others include an improperly encoded API, a service endpoint editing experience which exposes a previously configured password, and a regex denial of service vulnerability in our web portal. We recommend customers install these updates. These fixes are included in the recently released Team Foundation Server 2018 Update 1. The release on Wednesday was for older versions and for customers who are not yet ready to update to the TFS 2018.