What’s new for IT pros in Windows 10, version 21H2
Published Nov 16 2021 10:00 AM 246K Views
Microsoft

Windows 10, version 21H2, also known as the Windows 10 November 2021 Update, is now available through Windows Server Update Services (WSUS) and Windows Update for Business, and can be downloaded from Visual Studio Subscriptions, the Software Download Center (via Update Assistant or the Media Creation Tool), and the Volume Licensing Service Center*.

New servicing cadence

Beginning with Windows 10, version 21H2, we are transitioning to a new Windows 10 release cadence that aligns with the cadence for Windows 11. We are targeting annual feature updates for Windows 10 and moving from the Semi-Annual Channel to the new General Availability Channel. Today marks the start of the 30-month servicing timeline for Windows 10, version 21H2, a General Availability Channel release, for Enterprise and Education editions.

For those organizations with special-purpose devices and environments, such as manufacturing or healthcare systems, or for those who have other needs for longer term device update stability, we have also released a new version to the Long-Term Servicing Channel: Windows 10 Enterprise LTSC 2021.

For more details on Windows 10 servicing and lifecycle, see John Cable's post on How to get the Windows 10 November 2021 Update.

Enhancing security, management, virtualization, and quality

Windows 10, version 21H2 offers a scoped set of improvements in the areas of security, management, virtualization, and quality to ensure that your organization and end users stay protected and productive.

Let's start with what's new in security. With Windows 10, version 21H2, we are making some critical changes to the Universal Windows Platform (UWP) VPN APIs. This includes the ability to implement common web-based authentication schemes and to reuse existing protocols.

Version 21H2 also supports Wi-Fi 6 with Wi-Fi Protected Access 3 Hash-to-Element protocol (WPA3 H2E) to provide better protection from Wi-Fi side-channel attacks that could steal Wi-Fi passwords and other sensitive information. In a hybrid work situation, users will now be able to keep their web traffic encrypted when connected to open networks or home networks.

With each update, we build a more secure Windows. That's why Windows 10, version 21H2 provides security updates for the following products and features: Windows AI Platform, Windows App Platform and Frameworks, Windows Apps, Windows Cryptography, Windows Fundamentals, Windows Input and Composition, Windows Kernel, Windows Media, Windows Office Media, and Windows Virtualization.

Moving on to what's new in management. We have been listening to your feedback and are closing the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list over 1,400 settings previously not available for configuration via MDM. These new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler. We have done the same in Windows 11, thus creating a consistent policy management experience between Windows 11 and Windows 10.

Alan_Meeus_0-1637084027682.png

Part of Windows 10 Enterprise, Universal Print now supports print jobs of up to one gigabyte (1 GB) or a series of print jobs from an individual user that add up to 1GB within any 15-minute period. In addition, Universal Print integrates with OneDrive for web and Excel for web. This allows those using any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printers on their devices. Universal Print will also be updated by the end of 2021 to support printing from Microsoft Excel for web.

Now let's talk about virtualization. For those using Azure Virtual Desktop, you can now automatically provision apps to a Windows 10 desktop, allowing the apps to run in Azure Virtual Desktop just like local apps—including the ability to copy and paste between remote and local apps. (This functionality is also available in Windows 11 for consistency.)

Alan_Meeus_1-1637084027736.png

Which tools are being updated for version 21H2?

With today's release, you can begin targeted deployments of Windows 10, version 21H2 to validate that the apps, devices, and infrastructure used by your organization work as expected with the new features. The enablement package is a great option for installing a scoped feature update like Windows 10, version 20H2 as it enables you to update a device from version 2004, 20H2, or 21H1 to version 21H2 with a single restart, reducing update downtime. To learn more, see Update to Windows 10, version 21H2 by using an enablement package.

To support the release of Windows 10, version 21H2, we have released updated versions of the following tools:

We are also updating the key resources you rely on to effectively manage and deploy updates in your organization, including:

  • Windows release health hub – The quickest way to stay up to date on update-related news, announcements, and best practices; important lifecycle reminders, and the status of known issues and safeguard holds. Windows 10 Enterprise customers can access greater detail from the Health menu in the Microsoft 365 admin center (see "Windows release health") and receiving important notifications and updates in the Message center.
  • Windows 10 release information – A list of current Windows 10 versions by servicing options, along with release dates, build numbers, end of service dates, and release history.
  • Windows 10, version 21H2 update history (available with the first servicing release) – A list of all updates (monthly and out-of-band) released for Windows 10, version 21H2 sorted in reverse chronological order. Available with the first servicing release.

Windows 10 computer specifications and systems requirements have not changed. As Windows 10, version 21H2 shares a common core and an identical set of system files with version 2004, 20H2, and 21H1, the Windows Assessment and Deployment Kit (Windows ADK) for Windows 10, version 2004 and the Windows PE add-on for the Windows ADK, version 2004 already work with version 21H2 and do not need to be updated.

With today's release, you can begin targeted deployments of Windows 10, version 21H2 to validate that the apps, devices, and infrastructure used by your organization work as expected with the new features.

For those looking to create custom Cloud PCs based on device images that IT creates—and for those looking for more management options and full integration with Microsoft Endpoint Manager—there is Windows 365 Enterprise. With Windows 365 Enterprise, you can allow users to securely stream their full Windows 10, version 21H2 (or Windows 11) experience from the Microsoft cloud to any device. As announced at Microsoft Ignite 2021, Windows 365 Business will offer similar management capabilities soon.

Alan_Meeus_2-1637084027752.png

Join us for Office Hours

If you have deployment, servicing, and management questions, join our monthly Windows Office Hours every third Thursday. Our broad team of experts will be there to offer answers, support, and best practices. Submit questions live during the monthly one-hour event or post them in advance if that schedule does not work for your time zone. Our next event is Thursday, November 18th from 8:00-9:00 a.m. Pacific Time—and will take place as part of Tech Community Live! Add it to your calendar!

Follow the Windows IT Pro Blog (and @MSWindowsITPro on Twitter) to keep up-to-date on Windows announcements and new feature releases, and the Microsoft Endpoint Manager Blog (and @MSIntune on Twitter) for announcements and features new to Intune and Configuration Manager.


* It may take a day for downloads to be fully available in the VLSC across all products, markets, and languages.

Updated 11.19.2021 to include the links to the Windows 10, version 21H2 ADMX and Group Policy Settings Reference.

 

27 Comments
Co-Authors
Version history
Last update:
‎Nov 19 2021 07:50 AM
Updated by: