This guide provides essential information for Windows 10 Extended Security Updates (ESU) program participants regarding each monthly security update. It has been freshly updated to include details for KB5075912, released on February 10, 2026.
Credit: Microsoft
Windows 10 has now reached the end of its mainstream support, meaning most users will no longer receive new features, bug fixes, or crucial security updates. Microsoft strongly advises both businesses and individual users to upgrade to Windows 11.
Alternatively, users can opt for extended security updates for Windows 10. Participants in the Windows 10 Extended Security Updates (ESU) program will continue to receive monthly security updates, though no new feature releases will be provided.
In this article, we’ve compiled a summary of key information for each update released for the most recent Windows 10 versions — 22H2 and 21H2. (Microsoft bundles updates for these two versions.) For every build, you’ll find its initial release date and a link to Microsoft’s official announcement. The latest updates are listed first.
For comprehensive guidance on installing and managing Windows updates, please refer to “How to handle Windows 10 and 11 updates.”
Updates for Windows 10 versions 21H2 and 22H2
As of November 2025, only devices enrolled in the Windows 10 ESU program (or those with a Windows 10 Enterprise LTSC 2021 or 2024 license) will continue to receive Windows 10 updates.
KB5075912 (OS Builds 19045.6937 and 19044.6937)
Release date: February 10, 2025
This Patch Tuesday update addresses various bugs, including one that previously prevented custom folder names from displaying correctly in File Explorer due to the LocalizedResourceName setting being ignored for desktop.ini files. This issue is now resolved, and custom folder names will appear as expected.
It also incorporates extensive targeting data to identify devices capable of receiving new Secure Boot certificates. Devices will only obtain these new certificates once they demonstrate consistent successful update signals, ensuring a secure and phased deployment.
Furthermore, the build includes a wide array of security improvements. For specific details, consult Microsoft’s Security Update Guide and February 2026 Security Updates.
What IT needs to know: As a security-focused update, it’s recommended to apply this build relatively quickly. Monitor for any reported issues over the coming weeks, and if none arise, proceed with deployment.
(Get more info about KB5075912.)
KB5078129 (OS Builds 19045.6812 and 19044.6812) Out-of-band
Release date: January 24, 2026
This urgent update resolves an issue where certain applications became unresponsive or encountered unexpected errors when accessing files stored in cloud services like OneDrive or Dropbox. Specifically, in some Outlook configurations using PST files on OneDrive, Outlook could hang and fail to reopen without a process termination or system restart. Users might also have experienced missing sent items or previously downloaded emails.
Get more info about KB5078129 Out-of-band.)
KB5077796 (OS Builds 19045.6811 and 19044.6811) Out-of-band
Release date: January 17, 2026
This out-of-band update fixes a problem affecting some users who experienced sign-in failures during Remote Desktop connections. This issue specifically impacted authentication steps for various Remote Desktop applications on Windows, including the Windows App.
(Get more info about KB5077796 Out-of-band.)
KB5073724 (OS Builds 19045.6809 and 19044.6809)
Release date: January 13, 2026
Applies to: Windows 10 ESU
This Patch Tuesday update includes a focused set of high-confidence device targeting data, identifying devices eligible to automatically receive new Secure Boot certificates. These certificates will only be deployed after devices demonstrate sufficient successful update signals, ensuring a secure and gradual rollout.
It also rectifies a bug where some security software might have incorrectly flagged the Windows core component, WinSqlite3.dll, as vulnerable.
The build also incorporates numerous security updates. For a complete list, refer to Microsoft’s Security Update Guide and January 2026 Security Updates.
What IT needs to know: Given its security nature, this update should be applied promptly. Monitor for any reported issues in the coming weeks, and if none emerge, proceed with its installation.
(Get more info about KB5073724.)
KB5074976 (OS Builds 19044.6693 and 19045.6693) Out-of-band
Release date: December 18, 2025
Applies to: Windows 10 ESU
This update resolves a critical bug within the Message Queuing (MSMQ) functionality, particularly affecting clustered MSMQ environments under heavy load. This issue could lead to message queues becoming inactive, “insufficient resources” messages, applications failing to write to message queues, “message cannot be created” errors, or warnings about insufficient disk space or memory. This problem primarily impacted enterprise or managed IT environments.
(Get more info about KB5074976 Out-of-band.)
KB5071546 (OS Builds 19045.6691 and 19044.6691)
Release date: December 9, 2025
Applies to: Windows 10 ESU
With this update, PowerShell’s Invoke-WebRequest command now includes a confirmation prompt that warns of potential script execution risks, allowing users to choose whether to proceed or cancel. For more details, see CVE-2025-54100 and KB5074596: PowerShell 5.1: Preventing script execution from web content.
This build also includes a broad range of security updates. Refer to Microsoft’s Security Update Guide and December 2025 Security Updates for specifics.
What IT needs to know: As a security update, it’s advisable to deploy this relatively quickly. Monitor for any reports of issues in the subsequent weeks, and if none are observed, proceed with its application.
(Get more info about KB5071546.)
KB5068781 (OS Builds 19044.6575 and 19045.6575)
Release date: November 11, 2025
Applies to: Windows 10 ESU
This update corrects a bug where, after installing the October 14, 2025 Windows update (KB5066791), the message “Your version of Windows has reached the end of support” might erroneously appear on the Windows Update Settings page. To access this page, navigate to Start > Settings > Windows Update.
The build also features numerous security updates. For more information, see Microsoft’s Security Update Guide and November 2025 Security Updates.
What IT needs to know: Given its security nature, this update should be applied relatively soon. Monitor for any reported issues over the next few weeks, and if everything appears stable, proceed with applying the update.
(Get more info about KB5068781.)
KB5071959 (OS Build 19045.6466) Out-of-band
Release date: November 11, 2025
This build addresses a bug in the Windows 10 Consumer Extended Security Update (ESU) enrollment process, where the enrollment wizard could fail during the enrollment procedure.
(Get more info about KB5071959 Out-of-band.)
KB5066791 (OS Builds 19044.6456 and 19045.6456)
Release date: October 14, 2025
This update fixes several bugs, including one where command timeouts in PowerShell Remoting and WinRM occurred after 600 seconds.
It also includes a broad range of security updates. For detailed information, consult Microsoft’s Security Update Guide and October 2025 Security Updates.
Note that today marks the official end of support for Windows 10 Home, Pro, and Enterprise editions, except for organizations and individuals enrolled in Microsoft’s Extended Security Updates program.
What IT needs to know: As this is a security update, it should be applied relatively soon. Over the coming weeks, check for reports of problematic issues, and if everything seems stable, apply the update.
(Get more info about KB5066791.)
KB5063842 (OS Build 19045.6396) Preview
Release date: September 25, 2025
This build resolves two bugs: one preventing connections to shared files and folders when using the Server Message Block (SMB) v1 protocol over NetBIOS over TCP/IP (NetBT), and another where Windows Autopilot deployments of Windows 10, version 22H2 to devices with the Enrollment Status Page (ESP) configured might fail to load the ESP during the Out-of-Box Experience (OOBE).
(Get more info about KB5063842 (OS Build 19045.6396) Preview.)
KB5065429 (OS Builds 19044.6332 and 19045. 6332)
Release date: September 9, 2025
This update includes fixes for several bugs, notably one that caused non-admin users to receive unexpected User Account Control (UAC) prompts when MSI installers performed certain custom actions, such as configuration or repair operations, during an application’s initial installation.
The build also introduces auditing for SMB client compatibility with SMB Server signing and SMB Server EPA. This feature allows customers to evaluate their environment and identify potential device or software incompatibilities before implementing hardening measures already supported by SMB Server. For detailed guidance, see CVE-2025-55234 | Windows SMB Elevation of Privilege Vulnerability.
Furthermore, the build contains a wide variety of security updates. For specifics, refer to Microsoft’s Security Update Guide and September 2025 Security Updates.
What IT needs to know: Being a security update, it’s advisable to deploy this relatively promptly. Monitor for any reported issues over the next few weeks, and if none arise, proceed with the update.
(Get more info about KB5065429.)
KB5063842 (OS Build 19045.6282) Preview
Release date: August 26, 2025
In this build, Windows Backup for Organizations is now generally available. This feature enables your organization to back up Windows 10 settings and restore them on Microsoft Entra joined devices. You can also back up the list of installed Microsoft Store apps and restore them to the user’s Start menu.
Various bugs have also been fixed, including one where mf.dll failed to enumerate redirected web camera devices in Remote Desktop Services (RDS) environments.
(Get more info about KB5063842 Preview.)
KB5066188 (OS Builds 19044.6218 and 19045.6218) Out-of-band
Release date: August 19, 2025
This build fixes a bug introduced by the August 2025 security update (KB5063709) that caused device reset and recovery attempts to fail. This issue occurred when users initiated one or more of the following processes:
System > Recovery > Reset my PC
System > Recovery > Fix problems using Windows Update
RemoteWipe CSP
For further information on this issue, consult Windows release health. Microsoft recommends installing this optional update if you have encountered this problem. The company also states that if your system is not affected or you do not intend to use the methods described above, you may choose not to install it.
(Get more info about KB5066188 Out-of-band.)
KB5063709 (OS Builds 19044.6216 and 19045.6216)
Release date: August 12, 2025
This update includes a wide variety of security updates. For detailed information, please refer to Microsoft’s Security Update Guide and August 2025 Security Updates.
What IT needs to know: As a security update, it’s recommended to apply this relatively soon. Over the next few weeks, monitor for reports of problematic issues, and if all appears well, proceed with applying the update.
(Get more info about KB5063709.)
KB5062649 (OS Build 19045.6159) Preview
Release date: July 22, 2025
This build introduces the capability to deploy SKUSiPolicy VBS Anti-rollback protections via the Secure Boot AvailableUpdates registry key.
It also addresses a range of bugs, including one that affected the Windows 10 Extended Security Updates (ESU) enrollment wizard. Some users encountered a problem where clicking “Enroll now” caused the wizard window to open, begin loading, and then unexpectedly close.
(Get more info about KB5062649 Preview.
KB5062554 (OS Builds 19044.6093 and 19045.6093)
Release date: July 8, 2025
This update contains a wide range of security updates. For comprehensive details, please consult Microsoft’s Security Update Guide and July 2025 Security Updates.
Note: In this build, there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers like Microsoft Edge and Google Chrome. This issue stems from limited pixel density at 96 DPI, which can affect the clarity and alignment of CJK characters. Increasing the display scaling typically improves clarity by enhancing text rendering.
What IT needs to know: Given its security nature, this update should be applied relatively soon. Monitor for any reported issues over the next few weeks, and if everything appears stable, proceed with applying the update.
(Get more info about KB5062554.)
KB5061087 (OS Build 19045.6036) Preview
Release date: June 24, 2025
This build fixes a variety of bugs, including one that caused jump lists to disappear from the Start menu.
There is one known issue in this build: blurry or unclear CJK (Chinese, Japanese, Korean) text may appear when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome.
(Get more info about KB5061087 Preview.)
KB5060533 (OS Builds 19044.5965 and 19045.5065)
Release date: June 10, 2025
This update features a wide array of security updates. For detailed information, please refer to Microsoft’s Security Update Guide and June 2025 Security Updates.
Note: In this build, there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. This issue is attributed to limited pixel density at 96 DPI, which can diminish the clarity and alignment of CJK characters. Increasing the display scaling typically enhances clarity through improved text rendering.
What IT needs to know: As a security update, it is advisable to apply this relatively soon. Monitor for any reported problematic issues over the next few weeks, and if all seems well, proceed with applying the update.
(Get more info about KB5060533.)
KB5058481 (OS Build 19045.5917) Preview
Release date: May 28, 2025
This build introduces several new features, including the return of a clock view that displays seconds on the calendar. It also fixes multiple bugs, such as one where some GB18030-2022 characters in plane 2 were not rendered correctly in GDI/GDI+.
There is one known issue in this build: blurry or unclear CJK (Chinese, Japanese, Korean) text may appear when displayed at 96 DPI (100% scaling) in Chromium-based browsers like Microsoft Edge and Google Chrome.
(Get more info about KB5058481 Preview.)
KB5061979 (OS Builds 19044.5859 and 19045.5859)
Release date: May 27, 2025
This out-of-band update addresses a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly, impacting service availability and requiring manual intervention. This problem primarily affected Azure confidential VMs.
There is one known issue in this build: blurry or unclear CJK (Chinese, Japanese, Korean) text may appear when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome.
(Get more info about KB5061979.)
KB5061768 (OS Builds 19044.5856 and 19045.5856)
Release date: May 19, 2025
This out-of-band build fixes a bug from the recent May 13 Patch Tuesday build (KB5058379) that caused the Local Security Authority Subsystem Service (LSASS) process to terminate unexpectedly. This termination triggered an Automatic Repair that prompted for the BitLocker recovery key.
There is one known issue in this build: blurry or unclear CJK (Chinese, Japanese, Korean) text may appear when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome.
(Get more info about KB5061768.)
KB5058379 (OS Builds 19044.5854 and 19045.5854)
Release date: May 13, 2025
This update enhances Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI) for improved detection of Linux systems. It also includes a comprehensive range of security updates. For detailed information, consult Microsoft’s Security Update Guide and May 2025 Security Updates.
What IT needs to know: Given its security nature, this update should be applied relatively soon. Monitor for any reported problematic issues over the next few weeks, and if everything seems stable, proceed with applying the update.
(Get more info about KB5058379.)
KB5055612 (OS Build 19045.5796) Preview
Release date: April 22, 2025
This build addresses two bugs, including one where the check for GPU paravirtualization in Windows Subsystem for Linux 2 (WSL2) was case-sensitive, potentially causing GPU paravirtualization support to fail.
There are two known issues in this build, including one where certain installed Citrix components might prevent the completion of the January 2025 Windows security update installation. This issue has been observed on devices running Citrix Session Recording Agent (SRA) version 2411.
(Get more info about KB5055612 Preview.)
KB5055518 (OS Builds 19044.5737 and 19045.5737)
Release date: April 8, 2025
This update includes a broad variety of security updates. For comprehensive details, refer to Microsoft’s Security Update Guide and April 2025 Security Updates.
What IT needs to know: As a security update, it’s recommended to apply this relatively soon. Over the next few weeks, monitor for any reported problematic issues, and if all seems well, proceed with applying the update.
There are two known issues in this build, including one where devices with certain Citrix components installed might be unable to complete the installation of the January 2025 Windows security update.
(Get more info about KB5055518.)
Windows 10 2022 Update (version 22H2)
Release date: October 18, 2022
The Windows 10 2022 Update is described by Microsoft as “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In essence, it offers minimal new features, though Computerworld blogger Susan Bradley did identify a few new group policies within the release.
Home and Pro editions of the 2022 Update will receive 18 months of servicing, while Enterprise and Education editions will be supported for 30 months.
To install the update, navigate to Settings > Update & Security > Windows Update and select Check for updates. If the update is available, select Download to initiate installation.
(Get more info about the Windows 10 2022 Update.)
Windows 10 November 2021 Update (version 21H2)
Release date: November 16, 2021
Version 21H2, known as the Windows 10 November 2021 Update, was the second feature update for Windows 10 released in 2021. Here’s a brief overview of its new additions:
Wi-Fi security is enhanced with WPA3 H2E standards support.
GPU compute support has been integrated into the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments, beneficial for machine learning and other compute-intensive tasks.
Several features are also designed specifically for IT and business users:
Windows Hello for Business now features a new cloud trust deployment method, simplifying passwordless authentication.
For heightened security, Universal Windows Platform (UWP) VPN APIs have been updated, enabling common web-based authentication schemes and protocol reuse.
Applications can now be provisioned from Azure Virtual Desktop, allowing them to function like local apps, including copy-paste functionality between remote and local applications.
The gap between Group Policy and mobile device management (MDM) settings has been narrowed. The device configuration settings catalog now lists over 1,400 settings previously unavailable via MDM, including administrative template (ADMX) policies for App Compat, Event Forwarding, Servicing, and Task Scheduler.
An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs up to 1GB or a series of jobs from a single user totaling 1GB within a 15-minute window.
Universal Print integrates with OneDrive for web and Excel for web, allowing users to print documents hosted in OneDrive from any internet-connected browser or device to an organizational printer without installing drivers.
Microsoft also announced that, starting with this release, Windows 10 would receive feature updates only once a year.
Windows 10 May 2021 Update (version 21H1)
Release date: May 18, 2021
Version 21H1, known as the Windows 10 May 2021 Update, was a relatively minor update to Windows 10, but it did introduce a few new features.
Here’s a quick summary of what’s new in 21H1:
Windows Hello multicamera support: Users with an external Windows Hello camera can now set it as their default for signing into their PCs. This is beneficial for those who prefer the superior accuracy of external cameras over built-in ones.
Improved Windows Defender Application Guard performance: This enhancement allows documents to open more quickly within the isolated, virtualized container, significantly reducing the previous wait time of up to a minute for Office documents.
Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has simplified settings management for administrators, especially to support remote work environments.
Windows 10 October 2020 Update (version 20H2)
Release date: October 20, 2020
Version 20H2, dubbed the Windows 10 October 2020 Update, was a relatively minor update to Windows 10 but brought several new features.
Here’s a quick summary of what’s new in 20H2:
The new Chromium-based Microsoft Edge browser is now natively integrated into Windows 10.
The System page within Control Panel has been removed, with its settings migrated to the Settings app.
The Start menu’s tiled background will now dynamically match your chosen Windows theme (light or dark).
When using Alt-Tab, Edge will now display each of your browser tabs as a separate Alt-Tab window. This behavior can be adjusted in Settings > System > Multitasking.
Pinning a site to the taskbar in Edge allows you to click or hover over its icon to view all open tabs for that specific website.
Detaching a keyboard on a 2-in-1 device will now automatically switch the device to the tablet-based interface, removing the previous prompt. This setting can be changed in Settings > System > Tablet.
The Your Phone app received various new features for select Samsung devices, enabling interaction with Android apps on your phone directly from the Windows 10 app.
What IT needs to know: Windows 10 version 20H2 also included several minor but notable changes for sysadmins and IT professionals:
IT professionals managing multiple mobile devices gained a new Modern Device Management (MDM) “Local Users and Groups” settings policy, mirroring options available through Group Policy.
Windows Autopilot, used for setting up and configuring enterprise devices, received various small enhancements, including improved deployment for HoloLens devices, co-management policy additions, better deployment reporting, and the ability to reuse Configuration Manager task sequences.
Microsoft Defender Application Guard now supports Office, allowing untrusted Office documents from outside the enterprise to launch in an isolated container, preventing malicious content from compromising computers or exploiting personal information.
Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
Biometric sign-on security has been enhanced. Windows Hello now supports virtualization-based security for specific fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.
For more detailed information, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”
Windows 10 May 2020 Update (version 2004)
Release date: May 27, 2020
Version 2004, known as the Windows 10 May 2020 Update, was a relatively minor update but introduced a variety of new features for both users and system administrators. For an in-depth review, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”
Here’s a quick summary of what’s new in 2004:
Cortana now operates as a standalone app within a resizable window. However, it lost several capabilities, such as music playback, smart home device control, and lock screen functionality.
Task Manager now displays additional information, including GPU temperature and disk type.
The Settings app received numerous small adjustments, including an account information header and a redesigned network status page that consolidates data previously spread across multiple pages (e.g., IP address, connection properties, data usage).
The Windows Subsystem for Linux (WSL) gained more features, now utilizing a real Linux kernel for improved performance.
IT administrators can now leverage Windows Hello biometric logins as the default over passwords on enterprise devices.
Installing and configuring Windows for others is made easier with new Dynamic Update controls, potentially reducing user downtime during installation.
PowerShell received new commands for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing update and upgrade package downloads across multiple devices in business deployments.
The security of the Chromium version of Edge has been enhanced by porting Application Guard to it.
Windows 10 November 2019 Update (version 1909)
Release date: Nov. 12, 2019
Version 1909, known as the Windows 10 November 2019 Update, was a notably minor update, more akin to a service pack than a typical feature release. At the time, it was unclear whether this indicated a future pattern of one full-featured update and one service-pack-like update per year, or if Microsoft would revert to its two-feature-updates-a-year schedule. For more insights, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”
Here’s a quick summary of what was new for users in 1909:
Users can create calendar events directly from the taskbar by clicking the time to open the Calendar view, then selecting a date and time to enter event details, including date, time, and location.
Search functionality now includes files from your OneDrive account alongside local PC files. As you type, a drop-down menu suggests relevant files for quick access.
Voice assistants beyond Cortana, such as Amazon’s Alexa, gained the ability to run on Windows 10’s lock screen.
Under-the-hood improvements were designed to enhance PC performance and extend battery life for some laptops.
The Start Menu received minor visual tweaks; hovering over items in the left-hand navigation pane now more clearly indicates what you’re about to click.
What IT needs to know: The following features in 1909 were particularly relevant for IT staff:
Windows containers no longer require host and container versions to match, removing a previous restriction that limited support for mixed-version container pod scenarios. This update enables containers from older Windows 10 versions (e.g., 1903) to run on newer versions (e.g., 1909).
Windows Defender Credential Guard, designed to protect enterprise users’ logins and credentials from theft, became available for ARM64 devices, including some Windows 10 convertible PCs.
Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow Windows 10 devices in S mode to install and run Win32 (desktop) apps, a capability previously restricted to Microsoft Store apps.
BitLocker encryption security was improved. A new “Key-rolling or Key-rotation” feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on-demand requests from Microsoft Intune/MDM tools or each time a recovery password is used to unlock a BitLocker-protected drive, adding protection if a key is exposed.
There were two known issues in this update: some users could not set Win32 program defaults for specific app/file type combinations using “Open with…” or Settings > Apps > Default apps, and Microsoft Notepad and other Win32 programs could not be set as default applications.
(Get more info about KB4464455.)
Windows 10 October 2018 Update (version 1809)
Release date: October 2, 2018; paused October 5; re-released November 13, 2018
Version 1809, known as the Windows 10 October 2018 Update, was the feature update preceding the May 2019 Update. Here’s a brief summary of its new user-facing features (for more details, see our full review):
A new, enhanced Windows Clipboard can now store multiple clips, retain them permanently, allow previews, and facilitate sharing across Windows 10 devices.
A new screenshot and annotation tool, Snip & Sketch, lets users capture and annotate full screens, rectangular sections, or freehand-drawn portions. Captures can be saved, copied to the Clipboard, opened in other programs, or shared via email/social media.
Storage Sense, a storage-saving feature, now integrates with OneDrive Files On-Demand to clear downloaded OneDrive files that are no longer used. Users can set a retention period (from never to 60 days) before unused cloud files are deleted from the PC.
The Microsoft Edge browser gained site-specific autoplay permissions for sound and video, word definition lookup in its built-in eReader, and PDF/book markup capabilities (highlighter, notes).
The new Your Phone app links Windows 10 devices with iOS and Android phones, enabling web browsing continuity and viewing Android phone photos from a Windows 10 PC.
Search Previews were improved: the preview panel now opens automatically without a click and displays local PC files.
Smaller changes include a new dark theme for File Explorer, the addition of the SwiftKey swipe keyboard for onscreen typing, less intrusive updates, and faster sign-ins on shared PCs.
What IT needs to know: The Windows 10 October 2018 Update introduced few significant changes for IT, aside from new Microsoft Edge Group Policies. These policies allow administrators to enable/disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also permit or restrict Edge extensions and configure the Home button, new tab page, and startup options.
Windows 10 April 2018 Update (version 1803)
Release date: April 30, 2018
Version 1803, known as the Windows 10 April 2018 Update, was a major update that preceded the October 2018 Update. Here’s a quick summary of its new user features (for more details, see our full review):
The most significant new feature is Timeline, which enables users to review and resume activities and open files across their Windows PCs, or even iOS and Android devices if Cortana is installed and logged in. It displays a daily list of activities for up to 30 days, with each activity represented by a tile showing file name, document title/URL, and the creating application. Clicking an activity reopens it. (Currently, Timeline tracks activities in specific Microsoft programs like Edge and Office applications.)
The new Diagnostic Data Viewer, while complex and technical, allows users to view diagnostic data collected from their Windows devices, understand its usage, and gain more control over it. This viewer needs to be downloaded separately from the Microsoft Store.
The My People feature now allows pinning up to 10 contacts on the Windows taskbar, an increase from the previous limit of three.
Microsoft Edge received minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
Cortana’s Notebook feature was redesigned with a cleaner interface, featuring Organizer and Manage Skills tabs. The Organizer simplifies list creation and reminder setting, while Manage Skills allows adding functionalities like smart home control, music service connections (e.g., Spotify), and fitness tracking.
Users gained more granular control over app permissions, such as access to the camera, location, and contacts.
What IT needs to know: IT staff should be aware of these new features in the Windows 10 April 2018 Update:
Windows 10 Professional now includes Windows Defender Application Guard, which protects Microsoft Edge. A new feature within Application Guard allows users to download files inside Edge (rather than directly to the OS) to enhance security.
New Group Policy and Mobile Device Management (MDM) policies provide better control over how Delivery Optimization is used for Windows Update and Windows Store app updates. Delivery Optimization can also now be monitored using Windows Analytics.
Windows AutoPilot received a tweak to ensure policies, settings, and apps are provisioned on devices before users begin using them.
Windows now includes native support for Linux curl and tar utilities for downloading files and extracting .tar archives, along with native support for Unix sockets (AF_UNIX) via a new afunix.sys kernel driver, simplifying software porting from Linux and other Unix-like OSes.
The Windows Subsystem for Linux received numerous improvements, including background execution for Linux applications, customizable launch settings for distributions, and access to serial devices. Unix sockets reporting is available for both WSL and Windows.
The Windows 10 Pro for Workstations version gained a new “Ultimate Performance” power scheme, exclusive to desktop PCs. This version also no longer ships with consumer-focused apps like Candy Crush, instead featuring enterprise- and business-related applications.
Administrators can now configure enterprise PCs to run custom scripts during feature updates, streamlining configuration and deployment.
For more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”
Windows 10 Fall Creators Update (version 1709)
Release date: October 17, 2017
Version 1709, known as the Windows 10 Fall Creators Update, was a major update that preceded the April 2018 Update. Here’s a quick summary of its new user-facing features (for more details, see our full review):
OneDrive introduced “Files On-Demand,” providing access to all OneDrive files on any device without prior download. Users can see all cloud files, identify local vs. cloud files by icons, and automatically download them upon opening.
The new My People feature allows pinning three contacts to the Windows taskbar for instant communication via Skype or Mail, and a glanceable view of all communications.
Users can now send web links from iOS or Android devices to their PCs, opening them directly in Microsoft Edge.
Cortana received several new features, including displaying results in a scrollable flyout panel, eliminating the need to launch a web browser.
Microsoft Edge saw minor improvements, such as better Favorites handling and the ability to mark up PDFs and e-books.
Security was enhanced with Windows Defender Exploit Guard, offering intrusion rules and policies to protect against various threats, including zero-day exploits. A new anti-ransomware feature, Controlled Folder Access, restricts access to Windows system files and folders to approved apps only.
New privacy features include the ability to review app access requests for devices and services from the Microsoft Store before downloading.
The update integrated Microsoft’s new Fluent Design system, bringing smoother transitions and subtle transparency effects.
What IT needs to know: IT staff should be aware of these features new in the Windows 10 Fall Creators Update:
The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks (e.g., WannaCry, Petya), will not be included in clean installs of the Windows 10 Fall Creators Update. However, SMBv1 components will persist if in-place upgrades are performed on PCs that already have them installed.
Windows Defender Advanced Threat Protection (ATP), a suite of tools in Windows 10 for enterprise threat protection and response, was enhanced. Improvements included running on Windows Server OS, memory sensors, better intelligence, and improved remediation.
ATP is also part of Windows Defender Application Guard for Microsoft Edge (Enterprise Edition only), which protects against malware by isolating unknown or untrusted website visits in a virtual machine.
Windows AutoPilot received various tweaks, including better mobile device management (MDM) services, improving self-service deployments of Windows 10 PCs.
Windows Analytics’ new Device Health tool gathers PC performance data within an enterprise, identifies potential issues, and outlines resolution steps.
Enterprises gained more control over Windows Analytics data collection. To improve user privacy, IT staff can limit collected information to diagnostic data only.
For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,” “Announcing end-to-end security features in Windows 10,” and “Delivering the Modern IT promise with Windows 10” from Microsoft.
Windows 10 Creators Update (version 1703)
Release date: April 5, 2017
Version 1703, known as the Creators Update, was a major update that preceded the Fall Creators Update. Here’s a quick summary of its new user-facing features (for more details, see our full review):
The Start menu received improved organization, allowing users to group multiple app tiles into single folders.
Users gained more control over the update process, including the ability to delay updates for three-day increments and choose specific installation times.
The Edge browser saw improvements, including Flash being disabled by default for security and support for ePub and PDF formats.
Microsoft introduced 3D and virtual reality features, including initial support for HoloLens VR/mixed reality apps and a new Paint 3D app.
System settings previously scattered across multiple locations were consolidated into the Settings app.
A new all-in-one security dashboard, Windows Defender Security Center, unified many security and computer health settings.
New gaming features included internet streaming for gaming sessions, a Game Mode for performance improvement, and a Game bar for recording gameplay, taking screenshots, and other gaming-related tasks.
Cortana, the personal assistant, received modest additions like scheduling monthly reminders and assistance with device setup.
What IT needs to know: IT staff should be aware of these features new in the Windows 10 Creators Update:
Security was enhanced in several ways, including new features and insights in Windows Defender Advanced Threat Protection (ATP) for better investigation and response to network threats, with improvements in memory sensors, intelligence, and remediation.
Several new Configuration Service Providers (CSPs) in the Creators Update allow administrators to manage Windows 10 devices via Mobile Device Management (MDM) or provisioning packages. For instance, the DynamicManagement CSP can enable/disable device features based on location, network presence, or time.
New mobile application management capabilities protect data on personal mobile devices without requiring them to be part of corporate MDM.
The Windows Configuration Designer (formerly Windows Imaging and Configuration Designer) included new wizards for easier provisioning package creation for various devices, including desktops, mobile devices, Surface Hub, HoloLens, and kiosks.
Enterprise security administrators received a more comprehensive documentation library for Windows Defender Antivirus.
For environments without an enterprise-wide update policy, users with Windows Pro, Enterprise, or Education editions gained significantly more control over Windows updates. The Creators Update allowed users to automatically delay cumulative monthly updates for up to 30 days and feature updates by up to 365 days.
For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”
Windows 10WindowsMicrosoftIT OperationsSmall and Medium BusinessBusinessIndustryOperating Systems
