![]() It is located at “Machine” and then at “Windows ComponentsWindows UpdateWindows Update for Business”. ![]() This setting allows you to override that block. Microsoft blocks feature updates to systems that are not able to properly deploy the feature releases. This is located at “Machine” then “Windows ComponentsCloud Content”.Īnother new setting relating to Windows Update is “Disable Safeguards for Feature Updates”. The next new setting is “Turn off cloud optimized content”. It is located at “Machine”, then “Security Options”. It allows exclusions for non-complying devices that cannot connect to a domain after these patches (CVE-2020–1472) have been applied to your domain controllers. This is needed due to the Zerologon vulnerability that has been recently patched. The first new setting is “Domain controller: Allow vulnerable Netlogon secure channel connections”. Now both are included in one update, like the streamlined process for consumer patching.įour new settings included in 20H2 are an interesting mix, and one addresses a recent security vulnerability that has been in the headlines. If both were not approved, you risked having patching issues with the operating system. Before 20H2 when a servicing stack update was released and you used Windows Server Update Service (WSUS), System Center Configuration Manager (SCCM) or another patching platform to look for and approve latest cumulative update and then find and approve the servicing stack released for the month (if there was one). Servicing stack updates help keep Windows 10 updating healthy. You no longer must look for and approve servicing stack updates separately from the latest cumulative updates. Service stack update changesĭeployment of servicing stack updates has changed with 20H2. Click on “Get policy files” to download the Cabinet (CAB) Group Policy files you need to manage Edge. Next, select the platform from the drop-down menu and select your operating system. Click the drop-down menu item “Select Channel/Build”, then choose the version of Edge you plan to use. To download the Group Policy files to control the new Edge in your environment, go to the Edge for business web page. The major change in 20H2 is the inclusion of Microsoft’s new Edge browser based on the Chromium engine. Version 20H2 is supported through May 10, 2022, for Home, Pro, Pro Education, Pro for Workstations and IoT Core, and through May 9, 2023, for Enterprise, Education and IoT Enterprise. (Security baselines for Edge are released separately as you can install it separately from the operating system.) Microsoft has also released a draft of the security baseline documents for 20H2. Installing from any older release will take longer as it will go through the normal installation and staging process. If you move from 2004, the installation time will be quick as 20H2 is an enablement package for software already installed. You can move from any older version of Windows 10 to the 20H2 release. ![]() The naming changed to align with the Windows Insider channel releases. Microsoft’s semi-annual Windows 10 feature release for Windows 10, called 20H2, for the second half of 2020 is the smaller May incremental release to version 2004. This tool is superseded by Windows PowerShell for WMI. The WMIC tool is deprecated in Windows 10 version 21H1 and the 21H1 semi-annual channel release of Windows Server. Rather, the two are combined for easy installation and the experience is similar using Windows Update for servicing.įor those that love the WMI command line (WMIC), 21H1 announces the beginning of the end. Servicing stack changesĪs with 20H2, Windows 10 21H1 combines the update with the related servicing stack update so you no longer need to install the servicing stack first if you manually approve updates. In a sign that this release is not major, the ADK for 2004 and 20H2 still works for 21H1. Look for the “Feature Update to Windows 10 Version 21H1 圆4-based systems 2021-05 via Enablement Package” and approve that in your WSUS console to upgrade to 21H1. If you have never used Windows Server Update Services (WSUS) or Intune to approve and manage feature releases to Windows 10, this might be the release you’ll want to test the process with. If you are already on 2004 or 20H2, the install will be fast and should not cause any major issues. Because of the pandemic, and due to potential more changes in the next version of Windows 10, this release is nearly anti-climatic in it’s release. The May 2021 release of Windows 10 may be the most stable Windows 10 release ever. You no longer have to wait for a new operating system to deploy new security features. Many of those changes will allow you to improve your security posture and offer more security choices. With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |