Everything You Need to Know About Windows -- April 2018
This month, Windows 10 goes on a diet, the April Update is delayed, and Project Honolulu reaches general availability as the Windows Admin Center.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
Windows 10 April Update Delayed
April’s Patch Tuesday was the expected release date for the next major version of Windows – the Windows 10 April Update. But the update (build 17133) didn’t roll out as expected and there was no word from Microsoft about why. Several days later on April 16th, Microsoft announced a new build was being released to Insiders (build 17134) on the Fast Ring because of a bug in the previous build that caused more BSODs than expected on some devices. Build 17134 includes fixes released on Patch Tuesday from KB4100375.
The final 1803 was released on April 30th, 2018.
While Microsoft could have released a cumulative update for build 17133 to fix the BSOD issues, it was obviously felt that the problem was serious enough to warrant delaying the April Update and to take extra time to iron out serious bugs. A week later, build 17134 was released for Insiders on the Slow and Release Preview Rings. At the time of writing, we don’t know when Microsoft will make the Windows 10 April Update generally available. But assuming build 17134 has solved the BSOD issues, it could slip out the gate any time.
Windows 10 Lean
Last month, Microsoft announced the availability of Windows 10 Redstone 5 for Insiders on the Skip Ahead Ring. The latest build (17655) has a new SKU called Windows 10 Lean. While there’s been a lot of surmising about the purpose of Windows 10 Lean, which has an install footprint 2GB smaller than Windows 10 Professional and is missing some default apps, according to Windows Central, it is for low-end tablets and laptops that are limited to 16GB of internal storage.
Windows 10 Lean is a slightly stripped-down version of Windows, and while I’ve not tried it myself, according to Windows Central, it does support legacy win32 apps. So, Windows 10 is not likely a new SKU for mobile form factors or the Andromeda device that Microsoft is rumored to be working on. Windows Central’s sources say that Windows 10 Lean is designed to solve problems updating Windows to major new builds on devices with limited internal storage.
Windows Server 2019 Preview
Another build of Windows Server 2019 was released April 24th. Insider Preview Build 17650 includes enhancements to one of the witness options for failover clustering and two new PowerShell cmdlets that allow companies to move clusters between domains without needing to destroy and rebuild clusters. The new build brings Storage Replica to Windows Server 2019 Standard Edition, with several limitations over Datacenter Edition, including restricting volume sizes to 2TB. Finally, Remote Desktop Session Host has been added to the latest build. Due to a bug, the role was missing from previous releases.
For more information on the latest build, check out Microsoft’s blog post here.
Windows Admin Center Released
Project Honolulu, the new web-based GUI management tool for Windows Server, is now generally available and supported for production use. Renamed Windows Admin Center, WAC is a website for managing either local or remote servers via a gateway that uses PowerShell Remoting and Windows Management Instrumentation (WMI) over WinRM. The gateway can be installed on Windows Server 2016, Windows Server version 1709, Windows Server 2019, and Windows 10. WAC manages Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, and Windows Server 2012. It can also manage Hyper-V Server, Azure VMs, Azure Backup, highly-converged infrastructures (HCI), and more.
For further information on WAC, read Getting Started with the Windows Admin Center on Petri.
Skype for Business, Yammer, and Teams Retired on Windows Phone
This month, Microsoft announced that they will retire Skype for Business, Yammer, and Teams for Windows Phone and that after May 20th these apps will no longer be available in the Microsoft Store. This shouldn’t come as a great surprise as Microsoft abandoned active development of Windows 10 Mobile some time ago. Microsoft recommends using the Android and iOS versions of these apps going forward.
‘Switch out of S Mode’ Appears in Microsoft Store
The Windows 10 April Update will allow OEMs to deploy any SKU of Windows in S Mode and businesses will be able to provision Windows 10 Enterprise in S Mode. S Mode restricts users to installing apps from the Microsoft Store and improves security by reducing the operating system’s attack surface. To break out of S Mode and upgrade to the full version of the installed SKU for free, users will need to go through the Microsoft Store. Richard Hay spotted the ‘Switch out of S mode’ listing in the Store and posted a screenshot on Twitter.
Windows Template Studio 2.0
Windows Template Studio is an extension for Visual Studio aimed at getting developers up and running faster with Universal Windows Platform (UWP) apps. The new version of Windows Template Studio adds improved UI, templates, and template updating experience. The wizard now detects dark, light, and high contrast modes set in Visual Studio.
For more information on Windows Template Studio, check out Microsoft’s announcement here.
Windows Hello and FIDO2 Security Keys
Microsoft is on a mission to rid the world of passwords. FIDO2 security keys allow users to carry their credentials with them and securely authenticate to Azure AD joined Windows 10 devices. The keys rely on high-security, public-key cryptography to enable strong authentication. FIDO2 compliant security keys store credentials and can be additionally protected with a second factor like a fingerprint or a PIN. Integration with Windows Hello is currently in limited preview. For more information and to sign up for the preview, head over to Microsoft’s site here.
Windows Defender ATP Gets New Capabilities
Last but not least, Microsoft is bringing new capabilities to Windows Defender Advanced Threat Protection (WDATP). Automatic investigation and remediation of threats uses artificial intelligence to flag alerts and put playbooks into action to decide the best remedial action. Microsoft 365 conditional access can also now be activated based on risks determined by WDATP. Advanced Hunting is a new query-based search tool that allows you to find events across your devices, including new process creation, file modification, network communication, registry update, and many kinds of event. Signal sharing through the Intelligent Security Graph passes information from WDATP to other systems, like Office 365 ATP, and vice versa, to make sure threats that are identified in one system can be blocked on others. Finally, a new dashboard gives insights and information about your organization’s security posture.
For more information about the new features and to sign up for the public preview, check out the Windows blog here.
Follow Russell on Twitter @smithrussell.