Embed Size (px)
Citation preview
Windows 10 Version 1903 und 1909 –
Neuerungen und neue Security Features
Manfred Helber
Twitter: @ManfredHelber
www.manfredhelber.de
WINDOWS AS A SERVICE
A new way to build,
deploy and service
Windows
A single cumulative update each month with no new
features
• Security fixes, reliability fixes, bug fixes, etc.
• Supersedes the previous month’s update
QualityUpdates
Twice per year with new capabilities
• New features and innovation APIs and security
capabilities
• Very reliable, with built-in rollback capabilities
• Simple deployment using in-place upgrade, driven by
existing tools
• Try them out with Insider Preview
FeatureUpdates
Windows 10 Version history
Windows 10 version history Date of availabilityEnd of service for Home, Pro, and Pro for Workstations editions
End of service for Enterprise and Education editions
Windows 10, version 1903 May 21, 2019 December 8, 2020 December 8, 2020
Windows 10, version 1809 November 13, 2018 May 12, 2020 May 11, 2021
Windows 10, version 1803 April 30, 2018 November 12, 2019 November 10, 2020
Windows 10, version 1709 October 17, 2017 April 9, 2019 April 14, 2020
Windows 10, version 1703 April 5, 2017* October 9, 2018 October 8, 2019
Windows 10, version 1607 August 2, 2016 April 10, 2018 April 9, 2019
Windows 10, version 1511 November 10, 2015 October 10, 2017 October 10, 2017
Windows 10, released July 2015 (version 1507)
July 29, 2015 May 9, 2017 May 9, 2017
* Windows 10, version 1703 for Enterprise, Education, and IOT Enterprise editions were released on April 11, 2017.Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardwareis incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period.
Windows 10 Version 1903
Simplified updates
Intelligent security
Enhanced productivity
Flexible management
Intelligent security
Securitymanagement
Threat protection
Identity protection
Intelligent security with Windows 10
Windows Sandbox
Isolated desktop environment where you can run untrusted software without the
fear of lasting impact to your device
Windows Defender Application Guard
Standalone users can install and configure their Windows Defender Application
Guard settings without needing to change Registry key settings
Enterprise users are able to check their settings to see what their administrators
have configured for their machines to better understand the behavior
Windows Defender Application Control
New features that light up key scenarios and provide feature parity with
AppLocker
Microphone privacy settings
A mic icon appears in the notification area letting you see which apps are using
your microphone
Core Windows 10 Security EnhancementsWhat’s new in Windows 10 May 2019 Update
Security managementWhat’s new in Windows 10 May 2019 Update
Windows Security app improvements
Protection history
Detailed and easier to understand information about threats and available
actions
Controlled Folder Access blocks added to Protection history
Actions from Windows Defender Offline Scanning tool
Any pending recommendations
Tamper Protection
Prevent malicious apps from changing important Windows Defender
Antivirus settings
Windows Defender Firewall
Windows Subsystem for Linux (WSL)
Add rules for WSL process, just like for Windows processes
netsh.exe advfirewall firewall add rule name=wsl_python dir=in action=allow program="C:\users\<username>\appdata\local\packages\canonicalgrouplimited.ubuntuonwindows_79rhkp1fndgsc\localstate\rootfs\usr\bin\python3.7" enable=yes
Identity protectionWhat’s new in Windows 10 May 2019 Update
1To use Windows Hello with biometrics specialized hardware, including fingerprint reader, illuminated IR sensor, or other biometric sensors is required.
Hardware-based protection of the Windows Hello credential/keys requires TPM 1.2 or greater; if no TPM exists or is configured, credentials/keys
protection will be software-based. 2 Not available for all SKU’s
Streamlined Windows Hello PIN reset experience1,2
Microsoft account users have a revamped Windows Hello PIN reset
experience with the same look and feel as signing in on the web
Sign-in with Password-less Microsoft accounts
Sign in to Windows 10 with a phone number account. Then use Windows
Hello for an even easier sign-in experience! 1
Remote Desktop with Biometrics
Azure Active Directory and Active Directory users using Windows Hello for
Business can use biometrics to authenticate to a remote desktop session
Securitymanagement
Threat protection
Identity protection
Intelligent security with Windows 10
Microsoft Defender Advanced
Threat Protection
Windows Defender Antivirus
improvements
Windows Sandbox
Mic privacy settings
Windows Defender Application
Guard Enhancements
Windows Defender Firewall
for WSL
Windows Security app
improvements
Protection history enhancements
Tamper Protection
Windows Hello PIN reset
Password-less sign-in
Remote Desktop with Biometrics
Simplified updates
Simplified updates
Streamline deployment and updates with modern tools
Application compatibility IT can trust
Reserved Disk Space
New and wipe-and-load installations of version 1903 will automatically reserve
disk space to be used by Feature and Quality Updates, ensuring the updates do
not fail for disk space reasons
Automatic Restart Sign-on (ARSO)
For Azure AD joined systems, Windows will automatically logon as the user and
lock the device in order to complete the update, ensuring that when the user
returns and unlocks the device, the update will be completed.
Servicing Updates
Pause updates, Background processing, intelligent Active Hours, and deferral
notifications have all been enhanced
Use instead of media-based to reduce the Feature Update size with Express
Updates
Streamline deployment and updatesWhat’s new in Windows 10 May 2019 Update
Delivery Optimization (DO)
Improve Peer Efficiency for Enterprises/EDUs with complex
networks (via a set of new Policies)
New! supports Office 365 ProPlus updates, Intune content,
and ConfigMgr is coming soon!
Feature Rollback Improvements
Supports Quality Updates and Feature Updates
Initiate a rollback remotely using MDM, or trigger via
ConfigMgr or other management tool
Streamline deployment and updatesWhat’s new in Windows 10 May 2019 Update
Simplified updates
Streamline deployment and updates with modern tools
Application compatibility IT can trust
Delivery Optimization (DO)
Express updates
Servicing-based feature updates
Feature Rollback improvements
Delivery optimization
Desktop App Assure
Windows Insider Program for Business
ReadyforMicrosoft365.com
Flexible management
Flexible management
Deliver enterprise-ready devices easily
Simplify device management
Deliver enterprise-ready devicesWhat’s new in Windows 10 May 2019 Update
Windows Autopilot 1
Enrollment Status Page (ESP) enhancements
Silencing Cortana in OOBE
Windows Autopilot white glove deployment
Windows Autopilot is self-updating during OOBE
1 Requires Azure Active Directory Premium P1 and Intune or another MDM solution
Simplify device managementWhat’s new in Windows 10 May 2019 Update
Mobile Device Management Policies
New Group Policies and MDM policies for managing Microsoft Edge
BitLocker can silently be enabled for standard AAD Joined users
Updated Microsoft 365 Admin Center (preview April 2019)
Intune Security Baselines (preview)
Includes many settings supported by Intune that you can use to help
secure and protect your users and devices.
Automatically sets these settings to values recommended by security
teams
1 MDM requires an MDM product such as Microsoft Intune or other 3rd-party solutions (sold separately).2 Available in select markets. Functionality and apps may vary by market and device.
Flexible management
Deliver enterprise-ready devices easily
Simplify device management
Windows Autopilot
Windows Subscription Activation
Mobile Device Management
Mobile Application Management
Windows Shared Devices
Microsoft Store for Business
Enhanced productivity
Enhanced productivity
Work smarter
Cultivate collaboration
Empower workstyles
Work smarterWhat’s new in Windows 10 May 2019 Update
Windows Shell
Search for Linux files contained in a WSL distro
Top apps and recent files displayed when you click
in the Search bar
Separating Search and Cortana1
Timeline
Chrome extension adds Google Chrome activity to
Timeline
1Cortana available in select markets; experience may vary by region and device. Cortana app required for Android and iOS
devices (Requires Android version 4.1.2 or higher, or iPhone 4 with iOS 8.0 or higher).
Empower workstylesWhat’s new in Windows 10 Update 1903
Accessibility
Narrator Improvements including more
voices and reading controls
Ease of Access improvements including 11
new mouse pointer sizes
Narrator QuickStart, a short tutorial for new
users
Kaomoji and Emoji Updates
Tap WIN +(period) to access new kaomojis
and emojis, finding the right one is a keyword
away
Enhanced productivity
Work smarter
Empower workstyles
Cultivate collaboration
Search for Linux Files in WSL
Cortana
Work across devices
Accessibility
Kaomojis & Emojis
Windows Virtual Desktop
Office 365 on Windows
Nearby Sharing
Microsoft Whiteboard
OneNote
Windows 10 gets better with each updateWith enhanced security, more tools for IT and end user productivity features
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove, Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
+
1703
Windows Autopilot
Windows Defender ATP
Windows Defender Security Center
Express update delivery
Hyper-V
Windows 10 Subscription Activation
Windows Insider Program for Business
Paint 3D
Cortana at work
Night light, mini view
+ Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove,
Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
1607
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
+
1511
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove, Skype+
1507
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
Windows 10 gets better with each updateWith enhanced security, more tools for IT and end user productivity features
Windows Defender Exploit Guard, System
Guard, Application Guard, Application
Control
Mobile Device Management
Windows Analytics Update Compliance
Windows Analytics Device Health
Co-management
Enterprise search in Windows
Continue on PC
OneDrive Files On-Demand
Narrator
Mixed Reality Viewer
Windows Autopilot
Windows Defender ATP
Windows Defender Security Center
Express update delivery
Hyper-V
Windows 10 Subscription Activation
Windows Insider Program for Business
Paint 3D
Cortana at work
Night light, mini view
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove, Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
+
Windows Analytics – Spectre & Meltdown, Delivery Optimization,
Application Reliability Logon Health
WDATP Automated Remediation
Conditional Access based on WDATP device risk
Threat Analytics
Emergency Outbreak Updates
Advanced hunting
Cloud Credential Guard
Diagnostic data viewer
Windows Autopilot enrollment status page
Windows 10 Enterprise in S mode
Shared Windows Devices
Nearby Sharing
Dictation
Timeline
1803
Windows Autopilot
Windows Defender ATP
Windows Defender Security Center
Express update delivery
Hyper-V
Windows 10 Subscription Activation
Windows Insider Program for Business
Paint 3D
Cortana at work
Night light, mini view
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove, Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
+
1709
Windows Defender Exploit Guard, System Guard, Application Guard,
Application Control
Mobile Device Management
Windows Analytics Update Compliance
Windows Analytics Device Health
Co-management
Enterprise search in Windows
Continue on PC
OneDrive Files On-Demand
Narrator
Mixed Reality Viewer
+
1809
Windows Analytics – Spectre & Meltdown,
Delivery Optimization, Application Reliability
Logon Health
WDATP Automated Remediation
Conditional Access based on WDATP device
risk
Threat Analytics
Emergency Outbreak Updates
Advanced hunting
Cloud Credential Guard
Diagnostic data viewer
Windows Autopilot enrollment status page
Windows 10 Enterprise in S mode
Shared Windows Devices
Nearby Sharing
Dictation
Timeline
Windows Defender Exploit Guard, System
Guard, Application Guard, Application
Control
Mobile Device Management
Windows Analytics Update Compliance
Windows Analytics Device Health
Co-management
Enterprise search in Windows
Continue on PC
OneDrive Files On-Demand
Narrator
Mixed Reality Viewer
Windows Autopilot
Windows Defender ATP
Windows Defender Security Center
Express update delivery
Hyper-V
Windows 10 Subscription Activation
Windows Insider Program for Business
Paint 3D
Cortana at work
Night light, mini view
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove, Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
Microsoft Defender ATP new attack surface area reduction controls
Investigation and remediation across Office 365 ATP and Microsoft
Defender ATP
Web Authentication in Microsoft Edge
Windows Hello with FIDO 2.0
30 months of support for September releases
Windows Autopilot Self-deploying mode
Windows Autopilot Hybrid Azure AD join
S Mode Block Switch
Microsoft Edge kiosk mode
Desktop Analytics (Preview) – Intelligent Pilot Selection and ConfigMgr
Integration
ReadyforMicrosoft365.com
Microsoft Edge experience improvements
Accessibility enhancements
Access the clipboard across devices
Your Phone
+
1903
Windows Analytics – Spectre &
Meltdown, Delivery Optimization,
Application Reliability Logon Health
WDATP Automated Remediation
Conditional Access based on WDATP
device risk
Threat Analytics
Emergency Outbreak Updates
Advanced hunting
Cloud Credential Guard
Diagnostic data viewer
Windows Autopilot enrollment status
page
Windows 10 Enterprise in S mode
Shared Windows Devices
Nearby Sharing
Dictation
Timeline
Windows Defender Exploit Guard,
System Guard, Application Guard,
Application Control
Mobile Device Management
Windows Analytics Update Compliance
Windows Analytics Device Health
Co-management
Enterprise search in Windows
Continue on PC
OneDrive Files On-Demand
Narrator
Mixed Reality Viewer
Windows Autopilot
Microsoft Defender ATP
Windows Defender Security Center
Express update delivery
Hyper-V
Windows 10 Subscription Activation
Windows Insider Program for Business
Paint 3D
Cortana at work
Night light, mini view
Windows Information Protection
Windows Hello for Business
Windows Analytics Upgrade Readiness
App-V, UE-V
Hybrid Azure Active Directory Join
Windows Ink
Mobile Device Management
AAD Join
Windows Store for Business
Windows Update for Business
Mail, Calendar, Photos, Maps, Groove,
Skype
Windows Defender Antivirus
Windows Hello
Microsoft Edge
Device Guard
Credential Guard
BitLocker
SmartScreen
Windows as a service
In-place upgrades
Continuum
Cortana
Windows 10 core
Windows Defender ATP new attack
surface area reduction controls
Investigation and remediation across
Office 365 ATP and Windows Defender
ATP
Web Authentication in Microsoft Edge
Windows Hello with FIDO 2.0
30 months of support for September
releases
Windows Autopilot Self-deploying
mode
Windows Autopilot Hybrid Azure AD
join
S Mode Block Switch
Microsoft Edge kiosk mode
Desktop Analytics (Preview) – Intelligent
Pilot Selection and ConfigMgr
Integration
ReadyforMicrosoft365.com
Microsoft Edge experience
improvements
Accessibility enhancements
Access the clipboard across devices
Your Phone
Windows Virtual Desktop (Preview)
Microsoft Defender Advanced Threat Protection enhancements
Attack Surface Reduction enhancements
Next Generation Protection enhancements
Tamper Proofing Capabilities
Windows Sandbox
Application Guard enhancements
Sign-on with Password-less Microsoft accounts
New Kaimojis and Emojis
Accessibility Improvements
Windows Shell enhancements
Windows Timeline
Device Management Policies
Intune Security Baselines
Enhanced Enrollment Status Page
Windows AutoPilot White Glove
Setup Diag
Automatic Restart Sign On (ARSO)
Reserved Disk Space
Improved Delivery Optimization (DO)
Begin your journey with Windows 10 today
January 14th 2020
Manfred Helber
Twitter: @ManfredHelberLinkedIn: Manfred Helberwww.manfredhelber.de
https://aka.ms/WBSCEvents
www.windows-business-solutions-club.de
Vielen Dank!
