Learn how IT can remotely update computers to support extended work from home policies and unpack recent Microsoft news and trends. Watch Windows expert, Brad Sams, and SmartDeploy CEO, Aaron Suzuki, break down these topics and more.
Do you need an asset and inventory management software?
Aaron received a viewer submitted question asking for his advice on how to manage inventory and monitor software on laptops. The viewer is struggling to find a successful way to uncover what Windows version is running on an existing device to determine what Windows Update the computer requires before being distributed to a WFH user. With many employees working offsite, the traditional method for computer updates by connecting it to the network via a LAN or VPN may not be possible with remote computers. The solution of investing in an asset or inventory management software may not be the best route as secondary factors like cost, complexity, and infrastructure build up can impede IT’s success. Check out our blog highlighting some of the key factors to consider before purchasing software.
When should you update computers to the latest version of Windows 10?
Undergoing a big Windows 10 update to get these machines running properly may not be necessary right when a new Windows Update is released. Plus, as Aaron and Brad joked about at the beginning of the episode, installing the latest version of Windows 10 doesn’t mean it will go smoothly. Keeping users on the best tested and supported version of Windows 10 should be company policy, and it’s easy to manage when working from a golden image. Instead of tracking Windows versions and software running on the devices, it’s best practice to use a golden image with the company preapproved Windows version and custom-configured applications. That way when a new device needs to be spun up, all IT needs to do is deploy the golden image to the target device and migrate user data from the old OS instance to the new one.
Update computers over WiFi, no VPN necessary
SmartDeploy’s lightweight cloud-based solution allows IT to manage Windows 10 updates, by deploying their golden image to the target devices, over the cloud. That way when a device is shipped to a remote worker, whether it drop ships directly from a reseller or is sent from the office, IT can remotely deploy the golden image and the user will be ready to go with their updated computer. Once the machine is configured, IT can continue to manage the remote computer by deploying applications, automating silent tasks, and pushing device driver updates. Basic asset tracking is currently available and SmartDeploy is working on adding more robust asset and inventory management capabilities. While we’re laying down the groundwork, feel free to send any suggestions or things you’d like included in the product update by contacting firstname.lastname@example.org.
Watch out for this vulnerability in the Microsoft June Patch Tuesday
Windows released their June Patch earlier this month which included a record topping 129 security patches, 11 were deemed “critical,” but none of them were zero-days. Most of the patches were to address vulnerabilities in the Windows file-sharing technology, Microsoft Server Message Block (SMB). The CVE-2020-1301 patch fixed a remote code execution bug in SMB capabilities included in Windows 7 and Windows Server 2008, both have reached end of support as of January 2020. However, a relieving factor in this flaw is the attacker would need to be already authenticated on the network to exploit it, making this security threat “Tenable.” This flaw is similar to another vulnerability, CVE-2020-0796, in the March 2020 Patch we covered in a previous blog. If you have not updated Windows 10 prior to that patch, look through the article to ensure you’re protected.
Windows Insider Program Name Changes
On June 15th Microsoft announced they are changing the names associated with the Windows Insider Windows 10 releases from “rings” to “channels.” The previous verbiage of “Fast” and “Skip Ahead” rings are now “Dev Channel,” the “Slow” ring is now “Beta Channel,” and the “Release Preview” ring is now “Release Preview Channel.” These naming adjustments align to the Office, Edge, and Teams updated cadences as they include Beta and Developer Channels. Microsoft further explains these adjustments in a blog post claiming this change is “focused on basing the frequency of builds to a new channel model that pivots on quality of builds and better supports parallel coding efforts”. Microsoft also deemed the new Release Preview Channel “supported” and recommends the channel for organizations. Listen in to hear Aaron’s take on the “rings” to “channels” name changes.