01 Aug

Enterprise Dish: Microsoft provides guidance for Windows 19H2

Microsoft rolled out some big changes this month including more information on the recent Windows 19H2 release and adjustments in the Microsoft internal use rights. To learn how these Microsoft modifications will affect your environment watch Brad and Aaron’s video, to drill into the specifics of these topics keep reading.

Windows 19H2 Update

The updated Windows 19H2 build was released to Windows Insiders on July 15th and the public will receive the full update this September. The primary focus is to improve stability and performance compounded from the previous Windows 19H1 release, which became Update 1903. The update will also introduce a few minor new features for enterprises and developers. Users will experience the Windows 19H2 update differently as it will be released as a Patch Tuesday update, or Cumulative Update, which includes a less extensive install process. Users who have installed Update 1903, will experience Windows 19H2 as a traditional patch in the form of Update 1909. However, anyone using an update prior to 1903 will experience Windows 19H2 as an entire feature update. Will this be Microsoft’s new release and update protocol? To find out more, watch the video as Brad called Microsoft to gain more insight.

These are the current features included in the Windows Insider Preview Build of 19H2, which may be included in the full September update. Below, we included Microsoft’s release notes for Windows 19H2 and included how these changes will affect users.

Codename: 19H2 Build 1862.10005
Version: 1909

    • Microsoft: Windows containers will require a corresponding host and container version. This limits customers and Windows containers from supporting mixed version container pod scenarios. For other similar situations, Windows 19H2 will include 5 fixes, allowing the host to run down-level containers on up-level for process isolation.
      What this means: Essentially, users will have the ability to run Windows containers from older versions of Windows 10 on new versions of Windows 10. For example, if a user made a container with Windows 10 1903, they could also run it on Windows 10 1909, which is something users couldn’t do before.
    • Microsoft: OEMs limit the inking latency based on the hardware capabilities of their devices as opposed to dealing with latency selected on the standard hardware configuration by the OS.
      What this means: The update will allow a device manufacturer to select latency values based on their hardware, instead of a preconfigured profile. This will be beneficial to companies who manufacture tablet devices, like the Surface, where they require a pen to interact with the machine.
    • Microsoft: An updated BitLocker key-rolling feature which allows for secure rolling of recovery passwords on MDM managed AAD devices when requested by in-tune/MDM tools or when a recovery password is used to unlock the BitLocker protected drive. This update will reduce recovery password disclosure included in manual BitLocker drive unlocked by users.
      What this means: Once a user uses BitLocker to encrypt a device, a recovery key is created. If a hardware change or tampering is detected, BitLocker will put the device in recovery mode which requires a key, generally stored in Azure Active Directory (AAD). The feature will invalidate the current key and create a new one, either on schedule or after use. This will provide your machine additional security in the event a key is exposed.
    • Microsoft: Third-party digital assistants will voice activate above the lock screen.
      What this means: Currently, when users lock their device a digital assistant isn’t be able to interact with the user. However, once updated, users can interact with their digital assistant while the computer is locked.

These adjustments are currently “off” by default and may be turned “on” via controlled feature rollouts. The lag in activation is to allow Microsoft to gain feedback from the Windows Insiders on the overall build performance before the update’s full release.

Microsoft Internal Use Rights

Microsoft recently announced an adjustment in the internal use rights which will be effective July 1, 2020. This affects any Microsoft partner without a competency program, as they will be required to pay for Microsoft’s internal services, which were originally free. Service use for demonstration purposes, solution/services development purposes, and internal training are exempt from this change. Partners using Microsoft services for other internal purposes will need to purchase additional licenses through commercial licensing. Steps are already being taken to support this change as on-premise support incidents are no longer available for Action Packs. How will the changes in Microsoft’s internal use rights benefit Microsoft’s competitors? Watch the video to hear Brad and Aaron explain how likely businesses are to revert to alternative, less expensive solutions.

About the Author

Heidi Flaig
Heidi Flaig has overseen the marketing department for SmartDeploy since 2011 and thrives on engaging with IT professionals to better understand how SmartDeploy products can improve their world. She has over 500 contributions in the Spiceworks community. When she’s not in the office, you can find Heidi hiking with her husband, two sons, and silver lab, Miles.