April patch recap: Mostly quiet on the Microsoft front


Unlike March, when patch updates caused issues with some printers, Microsoft’s updates for April were relatively tame. Windows users lost the old pre-Chromium version of Edge; some users saw performance issues; and Microsoft started talking up “News and Interests.”

In fact, its that last one that has some IT admins concerns. (More about that below.)

Old Edge out, new Edge in

First off, Microsoft this month installed the new Chromium-based Edge browser and removed the old Edge. Now that the browser relies on the Chromium engine, it will receive updates on the same schedule as Google Chrome. Note: the rollout wasnt without some side effects. If you had some other application set to open up PDF files, the April release reset your default PDF reader to be Edge. So, youll need to reset the default application back to whatever your preference was. (This can be easily done; check out this recent YouTube video for details.) Microsoft also moved the default download location from the bottom left of the browser window to the top right in line with other browser download locations. If youre a long time Edge user like me, this takes a bit of getting used to.

Finally, because Edge is now updated at the same cadence as Chrome, attackers can release zero-day exploits at the same cadence. Expect Edge to get updates for these, though they will occur in the background; youll probably not even notice an update as occurred.

Performance impact to Windows 2004 or 20H2

If you are a gamer running Windows 2004 or 20H2, you may have seen blue screens of death or lower-than-expected performance. As Microsoft noted, Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors. Microsoft has rolled back the non-security fix that triggered those issues.

As a reminder: Windows 10 cumulative updates include both security and non-security components. For non-security fixes, Microsoft includes the new code and leaves behind the original code in its patch. If it later finds that one of these non-security fixes causes an issue, the company can trigger systems to uninstall the new code and return to the original. Note that you only have to reboot your computer for the fixes to take effect. (Microsoft triggers the change via a setting on Microsoft Update in the cloud.)

Microsoft

Here’s how todetermine whether your system has seen the April patch rollback.

If youre an enterprise patcher and dont allow direct access to Microsoft update, youll have to adjust and trigger the rollback via group policy or Intune settings. That said, Ive not seen anyone outside of gaming affected. To determine whether your system has seen the rollback, in the search box type in regedit to open up registry editor. Click on the user account control dialog that comes up. Browse to HKEY_LOCAL_MACHINE, then to SYSTEM>CurrentControlSet>Control>FeatureManagement and finally to Overrides to check the registry keys there. Look under the value of 4 for the entry 1837593227. If you see an EnabledState entry with value 1, the fix has been applied. My Lenovo laptop is not a gamer rig, but I found the entry on it.

The ability to undo fixes Microsoft has rolled out is limited to non-security patches included in the Windows 10 cumulative updates. Security updates cant be automatically fixed because Microsoft doesnt want to leave behind the vulnerable security code on your system. If it did, attackers could hit your system and trigger the vulnerability. Microsoft has indicated that 2004 or 20H2 offer full support for this rollback feature; prior versions, such as 1909, have less ability to roll back updates automatically.

New to the task bar: News and Interests

Starting with this months preview releases, Microsoft is introducing a new News and Interests feature in the task bar. The code for this feature will be included in the April preview releases and in the main May security patches. It reminds me of the Vista Gadgets, which allowed you to enable various gadgets on the desktop to track weather, time, and news items. The News and Interests feature will roll out slowly in a measured deployment, but Ive already seen some IT admins indicate they plan to block it from their networks.

If you want to block this feature, youll first need to wait for it to roll out; then there are several options for keeping it at bay. Once it arrives, you can, for instance, right-mouse click on the task bar, find the setting for News and Interests, and click on turn off. You can also use a registry key to disable the feature, as noted in the Tenforums.

The registry key you need to set is:

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionFeeds

“ShellFeedsTaskbarViewMode”=dword:00000002

news and interests turn off Microsoft

Here’s how you can turn off ‘News and Interests’ after it rolls out.

At work, Windows admins can use a group policy (after, as noted, the code is released). Many Sysadmins are questioning why Microsoft is rolling out changes outside the normal feature release process with no specific date or time when well see it. Note: News and Interests will be rolled out to Windows 10 2004/20H2, as well as earlier versions of Windows 10, so its not limited to any particular feature release.

Hopefully, this is not how Microsoft plans to bring changes to Windows 10 in the future. Most of us have resigned ourselves to changes that are rolled out via feature releases. But the Office 365 style of pushing out changes where admins dont know exact when it will occur is not typical for Windows 10. Im watching to see whether Microsoft continues this process or gets feedback from businesses that prompt it to change what its doing.

Copyright © 2021 IDG Communications, Inc.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *