Microsoft made headlines at the start of October with the release of Windows 11 24H2, showcasing various innovative features and one controversial aspect. The OS, initially launched in May for Copilot+ PCs equipped with a neural processing unit (NPU), now extends its availability to compatible systems, boasting enhanced security measures such as changes to the SMB protocol and firewall rules, personal data encryption for folders, and support for SHA-3 algorithms from NIST.
One of the most talked-about features of this release is the Recall feature, which utilizes AI technology to retrieve past activities on the device. Despite some privacy concerns, Microsoft has addressed these issues by incorporating updated security and privacy controls, as well as providing users with the option to remove the feature entirely. Additionally, this update represents a complete OS replacement, eliminating the option for an enablement package from previous Windows 11 versions.
Furthermore, Windows 11 24H2 introduces Windows 11 Enterprise LTSC 2024, following the previous LTSC release of Windows 10 Enterprise LTSC 2021. While Windows Server 2025 has yet to make its debut, it is anticipated to coincide with the upcoming Ignite 2024 event scheduled for November.
In a bid to streamline the update process, Microsoft has introduced “checkpoint cumulative updates” in Windows 11 24H2. This new approach comprises monthly cumulative updates followed by periodic checkpoint updates, consolidating the previous monthly updates. This methodology aims to reduce bandwidth and storage space usage by providing smaller differential files for subsequent monthly updates.
On the authentication front, the latest draft of NIST Special Publication 800-63B emphasizes the importance of longer, simpler passwords over mandatory reset rules and complex password requirements. The rationale behind this shift is to encourage stronger and easier-to-remember passwords among users, while limiting password resets to security-related events. Feedback on this draft is open for comment until October 7.
Looking back at September’s updates, Patch Tuesday addressed a total of 31 CVEs in Windows 11 and 45 CVEs in Windows 10, including four zero-day vulnerabilities. Notably, issues arose with the dual-boot setup, hindering boot processes into Linux systems. Subsequent updates for various Windows 11 versions are slated for release in the following week as these initial versions of Windows 11 approach their End of Life (EOL) status.
As the tech industry gears up for the October 2024 Patch Tuesday, expectations include updates from Microsoft for Windows 11 24H2, while Adobe, Apple, Google, and Mozilla are projected to release their own respective security updates. With a focus on Microsoft and Google updates, this month offers a relatively smooth Patch Tuesday, prompting users to familiarize themselves with the latest features of Windows 11 24H2 in anticipation of its wider adoption.