Blog Post

Windows IT Pro Blog
6 MIN READ

Windows news you can use: May 2024

ThomasTrombley's avatar
ThomasTrombley
Icon for Microsoft rankMicrosoft
May 30, 2024
With so much going on this month, let's get you caught up on how Windows 11 management and security improved. We'll jump into what you need to know as an IT admin or decision maker to get ahead of yo...
Updated May 30, 2024
Version 1.0
device management
security
windows 11
Karl-WE's avatar
Karl-WE
MVP
May 31, 2024

Second wroot.

Without ajtek WAM, Microsoft WSUS is far from being useful for Windows Server and Clients.

 

Firstly, there is a lot of friction with the Windows OS update catagories to choose from for Windows Clients and Server. 

 

Secondly, as wroot mentioned, since Windows 10 1803/1809, that translates to fall 2019, with the introduction of enablement packages, the OS version identifier in the WSUS column is not correct, since. So WSUS admins, without WAM, will not be able to identify any Windows Server or Windows 10/11 Client releases correctly.

For the sake of patching drivers and firmware you really do not want to use WSUS for different reasons, foremost Management and Performance of the Database. 

 

Thirdly, WSUS ideally is contradicting the Autopilot / Intune native first strategy and requires hybrid join, which lately Microsoft Flagge, thankfully, as not recommended in docs.

 

Lastly, the underlying tech of WSUS is utterly outdated, not maintained much since Windows Server 2012 R2. WSUS Internal DB uses SQL 2012 Express. No change in Windows Server 2025 preview. Limiting it to one CPU core and small amount of RAM and DB size. 

WSUS Installation requires a bunch of dated tools to run and doing the reporting.

You find these in docs and ajtek blog. 

 

 

I would be cautious to introduce zero trust DNS for this and other reasons. 

Connected Cache doesn't appear to be a great option compared to native Delivery Optimization (DO). The docs might not be complete. MCC still uses DO, yet the listing of supported update types is shorter, as per documentation.

DO is also used for Drivers and Firmware, that easily exceed Windows Update packages today due to improvements.

It's used by winget, too if I remember correctly. Same for Microsoft Store Apps, Edge Updates. It is now mandantory for the new Microsoft Teams Client Updates. No longer part of M365 C2R, but being an MSIX file.

 

That said, ThomasTrombley, this article and new format is a blast! Please continue on this!

 

I appreciate much that it is targeting Windows Client and Windows Server alike and as such could become a single point of news for lastest developments, improvements and changes. 

 

Ideas:

- within each section seperate public preview and GA features.

- eventually include private preview features, if there is a public sign-up with NDA. 

- adding timelines would be amazing so in this and future issues of the blog, one can have a great overview of what's released and what's coming.

For released features, the timeline could link to a previous blog post, so one can catch up easily. 

- adding news, at least links, brought by MVP community driven newsletters.

Examplary, usually issued every Friday by Andrew Taylor. He's passionately aggregating news around Intune from the community, which links to practical use of latest development for Admins, and MVP / community solutions filling gaps, Microsoft has not closed yet.