Windows 11, version 24H2 | Security, experience, performance, and migration updates. by info.odysseyx@gmail.com October 16, 2024 written by info.odysseyx@gmail.com October 16, 2024 0 comment 4 views 4 -Windows 11 24H2 has been released. Today we’ll take a closer look at what’s new in this release of Windows, from experiences to new administrator controls, including the latest security enhancements exclusive to Windows 11 with additional data encryption options and phishing capabilities. – Strong authentication that helps protect users from evolving threats. Then experience updates that everyone will see 24/7, including improvements to your system tray, File Explorer, connectivity, and more. -Then, for Copilot+ PCs, explore the new Unified AI option using the on-device model with Windows Studio effects, migration if your PC is currently running Windows 10, and the option to extend security updates if you need more time. Let’s start with security. It is reported here that existing security improvements in Windows 11, including Credential Protection, Malware Protection, and Application Protection, have already resulted in a 3.1x reduction in firmware attacks and a 58% reduction in security incidents. That means a slew of new Windows 11 security protections will be active around the clock as the threat landscape evolves faster than ever. – First, to better protect your files, personal data encryption is a new feature in Windows 11 Enterprise and EDU editions that use Windows Hello for business authentication. Generate unique keys for each user profile’s Desktop, Documents, and Pictures folders. Protection is indicated by a lock icon, ensures that files can only be read during an active user session, and works independently of BitLocker or other volume-level encryption as additional protection. If a PDE-enabled device is shared or has multiple user accounts, other users can view folder and file names, even if they are local administrators on the device, but they cannot decrypt and view the contents of those files. It’s locked. You can enable personal data encryption on Microsoft Intune managed devices through policy. Then, once encryption is in place, it may take up to 7 days for encryption to complete, and processing will occur during defined device maintenance windows to avoid any impact on productivity. -To increase protection against credential theft without sacrificing convenience, Windows Hello has now been extended to work with secret keys for more secure, anti-phishing multi-factor authentication when accessing apps and websites. When you register for an online service or set up your device with a Microsoft Entra account using a cryptographic key, Windows creates a new encryption key pair where the private key is stored securely on your device and the public key is registered with the online service. – Then, for authentication, you first prove that you have the private key on your Windows device. This private key can only be used after you unlock it with Windows Hello using your face, fingerprint, or PIN. Additionally, on PCs with 24H2 pre-installed, your credentials are better protected by using virtualization-based security by default when you set up or use Windows Hello. Because it is an operating system, even if you only use a PIN, the PIN is also stored in a secure container. This means it will work on devices with or without built-in biometric sensors. Windows 11 24H2 devices also add built-in proactive protection against malware-based credential theft. Local Security Authority protection is now turned on by default. This prevents untrusted code from executing and accessing LSA memory where credentials may be stored. This helps prevent token replay attacks, where app tokens are stolen when you sign in to sites and services and transferred to another device, allowing you to access resources. These are just a few security-based highlights. -Now let’s take a look at the Windows 11 experience updates and the new features everyone will see around the clock, followed by the AI-powered experiences available on Copilot+ PC. Windows adds a scrollable view for quick settings, starting in the system tray. Instead of editing the list to add new quick actions, you can scroll through the list to reorder it. From quick settings to longer battery life, you can save energy at any time by enabling or disabling energy-saving features that work even when your PC is connected. For Wi-Fi quick setup, we’ve added a new Refresh button that can now run a scan for available Wi-Fi networks that are in range. If your device supports it, Windows 11 24H2 can also connect to Wi-Fi 7 networks, which is up to 4 times faster than Wi-Fi 6. By the way, Wi-Fi 7 also supports multi-link operation, ultra-fast connections. Wide bandwidth for high-bandwidth scenarios such as virtual and augmented reality, and 4096 QAM for enhanced video streaming. Now your file transfer connections will be faster too. In fact, after you start a longer process on the taskbar, like transferring a file, downloading, or rendering a video, you’ll see a new thin line indicating 100%, making it easier to measure progress. There is one more thing to point out about the files themselves in File Explorer. – In addition to the icons from previous Windows 11 versions with right-click context menus, we’ve now added text labels for Cut, Copy, Paste, Rename, Share, and Delete. There are also more options for accessibility. You can now turn live captions on or off directly from Quick Settings. We’ve streamlined connecting and pairing Bluetooth devices for better accessibility when using supported Bluetooth low energy hearing aids. Direct pairing is now available with Swift pair, and once connected, compatible devices work seamlessly with audio streaming. Call handling. Again, these updates are available to everyone. -Advanced on-device AI features are now also turned on if you have a Windows 11 24H2 Copilot+ PC. These devices include more than 40 models that leverage power-efficient neural processing units, or NPUs, that provide a variety of intelligent local functions and can perform at least 40 trillion operations per second. Let me show you some highlights. First, you’re using Live Captions with Translation in your Accessibility and Captions settings, and Windows can interpret all audio playing on the system in all apps. So, let’s play the video in the Windows Media Player we created earlier. Now you have live captions with translation… As you can see, while I’m speaking in English, German, and Mandarin, everything is translated in real time with English captions. All of this is done using a local model. Because Copilot+ is a device built into your PC, data round trips are virtually instantaneous with no latency. – For more built-in AI, let’s take a look at Windows Studio Effects, which are easily accessible from Quick Settings and work with your NPU to improve your online presence, regardless of which apps use the built-in camera or microphone. For example, Portrait Lighting automatically adjusts image quality to make people more visible even in poor lighting environments. You can also join video calls using three creative filters for some fun options. Here the Animation option has been selected and you can now see a cartoon effect on the subject while keeping the facial features intact. Then, as you can see, improved portrait blur performs significantly better than previous iterations with real-time depth estimation from the camera feed, and even though you can’t see it in the demo, improved voice focus uses the NPU to deliver deeper reverberation when you’re on a Teams, Zoom, or WhatsApp call. Removes and eliminates background noise. Of course, the auto-framing feature keeps you in your ideal position. This is very useful for some ultra-wide field of view cameras, and when combined with eye contact with a teleprompter on, it is very powerful. This improves eye contact when reading content on the screen, making you appear more engaged and natural with others on the call. -Now let’s go under the hood of Windows 11 and take a look at the recent performance and efficiency improvements. In a Principal Technologies study comparing popular business laptops from HP and Lenovo running Windows 11 and Windows 10 on identical spec devices, PCMark 10 benchmarks showed an overall improvement in battery life for Windows 11. Windows 11 was also preferred in our local video playback and streaming video tests. Then again, Windows 11 also scored higher on productivity tasks using the PCMark 10 benchmark. Additionally, both single-core and multi-core Windows 11 scored higher than Windows 10 in creative tasks using the Cinebench R23 benchmark. – Now let’s look at Windows 11 24H2 deployment considerations. This is especially true if some or most of your devices are currently running Windows 10. First, in the compatibility area, Windows 10 hardware and peripherals only work with Windows 11. In fact, most business PCs running today run Windows 11. In our experience, any device with an 8th generation Intel processor or newer released after 2017 will work, unless your PC is more than 7 years old. There should be no distractions, and when it comes to applications, more than 99.7% of Windows 10 apps run on Windows 11. If you’re currently running Windows 10 on some or most of your systems, now’s a good time to think about it. About your migration. End of support for Windows 10 is scheduled for October 2025. If you haven’t migrated yet, you have more options to purchase Extended Security Updates for systems running Windows 10 22H2 and later. This option should now be considered a last resort as it gives you more time to migrate. Extended security updates are included in Windows 365 and Azure Virtual Desktop, as well as physical devices used to connect to Windows 365. The good news is that Windows Update, deployment, and migration tools have improved since our last migration. So, if you’re using Windows 10, you don’t need to reimage your existing device. – For Microsoft Intune, you can manage Windows devices and update Windows 10 devices to Windows 11 using Windows Autopatch, a fully managed, cloud-native update solution included in Microsoft 365, E3, and E5. As you can see here, tenanting to Windows Autopatch is easy. Agree to assess your tenant’s readiness, then sign up, agree to the terms, and add contact information for your Windows Autopatch administrator. This solution automatically creates multiple incremental deployment rings to apply the latest updates based on your organization’s custom configuration, where you can configure release settings and group assignments for each deployment ring. This gives you complete control over update deployment, and Autopatch is designed to minimize disruption and disruption through early issue identification and support safe rollouts through stop and rollback support. – Next, you can also manage the Windows Autopilot Deployment Service in Microsoft Intune when you upgrade your hardware to a new device. Here you can automate device provisioning to simplify your default setup experience and ensure the devices you purchase are compliant. Enable management policies and settings, install required apps, and run defined scripts to ensure your devices are immediately ready for business. When you purchase a new device, you can work with your hardware vendor to create a managed connection between your organization and that device so you can ship it directly to your employees. Then, when you power on the device and connect it to the Internet, the policies and settings are applied and the device becomes compliant before it can connect to managed resources. In fact, migrating from Windows 10 to Windows 11 has never been easier, and there’s no compromise with 24H2. – Check out aka.ms/Windows11Enterprise to learn more and get started, and stay tuned to Microsoft Mechanics for further updates. If you haven’t already subscribed, please subscribe and thank you for watching. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post Partner Case Study Series | Tipsa next post AKS Networking for Data-Intensive Kubernetes Workloads You may also like How to strengthen AI security with MLSecOps December 6, 2024 The Sonos Arc Ultra raises the bar for home theater audio December 5, 2024 Aptera Motors will showcase its solar EV at CES 2025 December 3, 2024 How Chromebook tools strengthen school cybersecurity December 2, 2024 Nvidia unveils the ‘Swiss Army Knife’ of AI audio tools: Fugato November 26, 2024 Nvidia Blackwell and the future of data center cooling November 25, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.