Everything You Need to Know about Windows – November 2020

In the run-up to Christmas, things are slowing down at Microsoft. November brought the final Stable version of Edge for 2020, version 87. The Insider program gets its first Windows Feature Experience Pack, and there are some interesting announcements on security, rumors of UI updates, and Android app support.

Microsoft Edge 87

Microsoft released what will be the final Stable Channel version for 2020 of its new Edge browser this month. Edge version 87 is a relatively minor update and comes with some features that are only available in certain regions, like Shopping.

  • Shopping – now enabled by default, Shopping shows coupons in the top right of the address bar when they are available. It also lets you check prices against competitors.
  • The new tab page (NTP) for enterprise users now lets users toggle between the Office 365 and personal (My Feed) information.
  • For consumers, NTP gets a new tile called ‘Deals’, which displays up-to-the minute discounts. Although unlike Shopping, the Deals tile isn’t enabled by default. And apparently, the NTP also gets voice search, although I don’t see that so maybe it’s also a regional feature.
  • The web capture tool now has basic annotation capability. i.e. drawing with a pen. Something that will be useful for tablet users.
  • URL shortening is included and turned on by default. So, when you copy a URL and then paste it, the URL will be shortened. Pressing CTRL+SHIFT+V will paste the full URL for those who prefer the old behavior.
  • The PDF reader now supports highlighting text with the keyboard and mouse. There are lots of updates to the PDF reader coming down the line in the Dev and Canary Channels.
  • And Book Mode is a new view for dual-screen devices, where an article is sized for reading across both screens, like a book.

There are also some updates for IT pros, like automatic redirection of incompatible Internet Explorer sites to Edge, user privacy features enabled by default in kiosk mode, ClickOnce app deployment is now enabled by default, and support TLS Token Binding for policy-configured sites to prevent token theft.

You can find more details on updates in Edge 87 on Microsoft’s website here.

Microsoft Edge WebView2 for .NET

WebView2 is a component that developers can use to embed web technologies into their applications. WebView is based on Chromium Edge and it is now generally available for .NET apps. Last month, Microsoft announced general availability of WebView2 for C/C++. WebView2 works with Win32 and UWP apps.

Project Latte’s rumored Android app support in Windows 10

According to Zac Bowden at WindowsCentral.com, Microsoft could be bringing Android app support to Windows 10 next year with Project Latte. While Your Phone supports app streaming from select Samsung phones, Project Latte would allow developers to package their Android apps using MSIX for the Microsoft Store, with little or no changes.

According to Bowden, Android apps would run on Windows with the help of the Windows Subsystem for Linux (WSL), which is getting Linux app GUI support and GPU acceleration in a future Windows 10 feature update. How Project Latte would work in practice though is not clear. Microsoft will need to develop its own Android subsystem to run on WSL and somehow provide support for APIs that are part of Google Play Services on Android.

Microsoft Pluton processor to block attacks that require physical access to Windows 10 devices

Trusted Platform Modules (TPM) provide security at the hardware level on most modern Windows 10 devices. But while they are quite effective at blocking remote attacks, they can be vulnerable if a hacker is able to get physical access. When physical access is gained, hackers target the communication channel between the CPU and TPM.

Microsoft’s answer is Pluton, a chip design that builds the security usually provided by a TPM directly into the CPU.  In a post by Microsoft’s Director of Enterprise and OS Security, David Weston, it said that initially Windows devices using the Pluton architecture would emulate the TPM that works with current TPM specifications and APIs.

Pluton to keep system firmware up to date

Pluton complements Project Cerberus, a hierarchical Root of Trust architecture. When Pluton and Project Cerberus are used together, Pluton will be able to deliver system firmware updates to devices across the entire PC ecosystem. As it stands today, customers depend on firmware updates coming from different sources, which makes system firmware updates hard to manage. Weston writes:

Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft. Pluton for Windows computers will be integrated with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices.

The fusion of Microsoft’s OS security improvements, innovations like secured-core PCs and Azure Sphere, and hardware innovation from our silicon partners provides the capability for Microsoft to protect against sophisticated attacks across Windows PCs, the Azure cloud, and Azure intelligent edge devices.

New details on Microsoft Cloud PC

As reported by Brad Sams on Petri, Walking Cat provided us with some more details on Cloud PC, a service Microsoft is hoping to offer based on Windows Virtual Desktop (WVD). It will give organizations access to a modern, elastic, and cloud-based Windows experience in a simpler and more scalable manner.

Destined to be part of Microsoft 365 and licensed per-user, it is expected to be available in three tiers:

  • Medium – 2 vCPUs, 4GB of RAM, 96GB SSD
  • Heavy – 2 vCPUs 8GB of RAM, 96 GB SSD
  • Advanced – 3 vCPUs, 8GB of RAM

Medium is for general-purpose computing and it is optimized for cost and flexibility. Heavy is for speed and performance, and Advanced is optimized for scalability and data processing. Cloud PC should be available from any device that can run Microsoft’s Remote Desktop app.

Windows 10 20H2 and 2004 blocked due to Thunderbolt DMA violation

Microsoft has put a compatibility hold on devices where an external NVMe Solid State Disk (SSD) is connected via Thunderbolt, so they won’t be able to update to Windows 10 20H1 or 20H2 for the time being. Users who plug in a NVMe SSD device to Thunderbolt might receive a stop error with a blue screen of death.

Microsoft says that it is working to resolve the issue. For organizations using Update Compliance, the safeguard ID is 29991611.

Image #1 Expand
Figure1 9
Everything You Need to Know about Windows – November 2020 (Image Credit: Microsoft)

Sun Valley UI refresh for Windows 10 coming in 2021

Microsoft is apparently working on a big UI refresh for Windows 10 due to be released next year. The changes will modernize the Windows UI without any radical changes. Some of the new features, users will be able to turn off.

While we don’t know exactly what is planned as part of Sun Valley, it is expected to include a new Start menu and Action Center, similar to those in Windows 10X, and an updated Taskbar programmed using modern code. And finally, a new UI for File Explorer.

Windows Insider program builds

Windows 10 Insider Preview Build 20257 (FE_RELEASE) was released to the Dev Channel November 11th. The only change in this build is updated Start menu tile theming logic. Microsoft says: “the tile background for Win32 apps will no longer adjust based on detected contrast ratio, except in the case of pinned Microsoft Edge PWAs.”

The Your Phone experience, for users on supported Samsung Galaxy phones, has also been updated to run multiple Android mobile apps side by side.

Image #2 Expand
Figure2 4
Everything You Need to Know about Windows – November 2020 (Image Credit: Microsoft)


Windows Feature Experience Packs

And finally this month, Microsoft is testing Windows Feature Experience Packs with Insiders. The new update experience comes to users in the Beta Channel, with Windows Feature Experience Pack 120.2212.1070.0. The idea is to update features in Windows 10 without requiring users to upgrade to a new version of the operating system.

Many features are decoupled from the OS, like the Edge browser, which is already updated independently from Windows. Brad Sams reports that Microsoft could use Windows Feature Experience Packs to push out new features with less impact for corporate customers, where upgrading to a new version of Windows usually requires a lot of testing.

Microsoft says that only a limited number of features are currently being deployed using Feature Packs. Windows Feature Experience Pack 120.2212.1070.0 includes just two updates. The first enables the built-in screen snipping experience to create a snip and paste it into a folder without first having to save the screenshot. The second adds support for split keyboard mode with the touch keyboard in a portrait posture on 2-in-1 devices.

Windows Feature Experience Packs are delivered using Windows Update, so enterprises should be able to block them like the are able to block any other kind of update.

And that is it for another month!