The big May update of Windows 10 2004 finally became available to everyone. It included many improvements related to security, though users of Windows 10 2004 already had a lot of problems, and Microsoft engineers are already listing them.
The new version of Windows 10 has many new features, for example, the OS received an updated Network Status page, and a GPU temperature sensor was added to the Task Manager. However, we’ll talk about security improvements that Microsoft says will protect Windows 10 users for many more years.Windows sandbox
Last year, with the release of version 1903, Microsoft introduced Windows Sandbox for all versions of its OS. Windows Sandbox allows users to run a virtual machine with a stripped-down version of Windows 10, and this component has already gained considerable popularity, since it allows you easily run potentially dangerous applications in an isolated environment.
Microsoft has now introduced a number of new features for Sandbox that will simplify automation in enterprise environments. So, there was support for configuration files (which will help to configure some aspects of the sandbox, such as vGPU, network and shared folders); microphone support; the ability to configure the audio input from the configuration file and so on.
Wi-Fi 6 and WPA3
Windows 10 2004 supports the latest versions of Wi-Fi and WPA. Updates to both protocols include protection against a number of serious vulnerabilities, including DragonBlood, KRACK and so on.
System guard
The update also received the System Guard Secure Launch function, which checks whether the device firmware has been downloaded in a safe manner, without making changes.
Now System Guard Secure Launch takes into account more parameters than before, however, these changes require modern hardware, that is, the function may not work on some devices.
Basic security settings
The company’s specialists have prepared drafts of updated basic security settings for Windows 10 and Windows Server.
In fact, the basic security settings are the basic OS configurations that system administrators can apply to machines from their computer parks.
Windows hello
Windows Hello allows users to log into the OS using biometric data (fingerprints, face recognition) or without a password (PIN). In Windows 10 2004, if Windows Hello is enabled, these login options are available even for computers loaded in Safe Mode.
In addition, passwordless authentication through Windows Hello can be used as an alternative to regular passwords for Microsoft accounts.
FIDO2
Windows 10 supports FIDO2 hardware keys, as a form of passwordless authentication. Starting with Windows 10 2004, support for FIDO2 has been expanded to include hybrid devices integrated with Azure Active Directory (Azure AD).
Secured-core
Now devices based on the new AMD Ryzen Pro 4000 chipsets are compatible with Secured-core technology, which provides additional protection against attacks that affect the device’s hardware, firmware, or internal CPU components.
Cloud recovery
Windows 10 introduced the cloud recovery option. Previously, the “Reset this PC” option simply suggested performing a local reinstall to create a new Windows installation from existing files. Starting with Windows 10 2004, users will be able to choose the cloud recovery option, that is, Windows will download the files necessary for reinstallation from Microsoft servers.
Problems
As mentioned above, Microsoft specialists are already compiling a list of problems that users face after installing Windows 10 2004.
It seems that so far the updates do not lead to the BSOD and do not overheat the processor.
Nevertheless, the company encourages users and system administrators to familiarize themselves with the list of problems, and if any of them may affect their systems until they are advised to update manually, using the Media Creation Tool or the Update now button (until the problems are resolved).
Some of the known bugs interfere with connecting to more than one Bluetooth device; devices with an Intel GPU on board may experience problems with the refresh rate; errors may also occur when connecting or disconnecting Thunderbolt docking stations.
Other problems arise due to the use of old Nvidia drivers, and can also lead to unexpected reboots of devices using network adapters that support Always On, Always Connected.
Microsoft, together with the developers of problematic drivers and firmware, is already working to resolve these issues. Patches should be ready for the next release. Also, regarding a number of problems, Microsoft offers various workarounds, noting that users will need to check the device manufacturer’s website for an updated version of the driver and install it.
A complete list of Windows 10 2004 issues can be seen here.
User Review
( votes)
