Microsoft Releases Windows 10 Creators Update and Security Patches
Microsoft on Tuesday announced the release of the Windows 10 "creators update," along with security updates and some product deprecations.
Windows 10 Home edition PC users likely may be the first to start seeing this major feature release, which is "version 1703." Microsoft staggers these releases, so arrival times will vary, although it's possible to get it now, according to Microsoft's description.
Essentially, this release is the "current branch" test version. Consumer users typically will get it directly, without much ability to delay its arrival. These "guinea pig" testers do have a new "snooze" button, though, that permits the upgrade to be delayed for a maximum of three days, or there's a "pick a day" option within a 7-day range. Those are the two new temporary deferral options for consumers.
Windows Phone users could see the Windows 10 creators update as early as April 25. However, delivery likely will depend on mobile services provider release plans.
IT Pro Concerns
IT pros are supposed to start testing the Windows 10 creators update current branch at this time, according to Microsoft's scheme for organizations. About four months later, organizations will get the "current branch for business" (CBB) release of Windows 10 version 1703. It'll be the same thing as this current branch release, except that flaws will be fixed. Microsoft sees the CBB release as the one that's ready for production environments.
Enterprises with volume licensing agreements in place will have to wait until May 1 to be able to download Windows 10 version 1703 from the Volume Licensing Service Center (VLSC).
MSDN subscribers can get Windows 10 version 1703 from the MSDN download page or there's a free 90-day trial version at Microsoft's TechNet Evaluation Center.
Of note, IT pros may want to register for Microsoft's upcoming live Webcast, happening on April 27. It will feature Microsoft luminaries Michael Niehaus and Nathan Mercer speaking on Windows 10 deployment and management scenarios. Registration for the event can be found in this Microsoft Tech Community announcement.
Patch Tuesday Releases
Today is "update Tuesday" for this month, so Microsoft announced security patches, which now get described in its Security Update Guide. This patch release contains a fix for a "critical" zero-day Word vulnerability that was described late last week. The SANS Institute suggested that organizations should consider the Word fix as a "patch now" priority.
April's security update includes 46 vulnerabilities, according to Chris Goettl, product manager with Ivanti (formerly Shavlik).
"There are a total of 46 unique vulnerabilities (CVEs) being resolved, three of which have been publicly disclosed (CVE-2017-0210, CVE-2017-0199, CVE-2017-0203) and two of those have been exploited in the wild or zero days (CVE-2017-0210, CVE-2017-0199)," Goettl stated via e-mail.
Microsoft also released updates for the .NET Framework, including a "security and quality rollup" for April, as well as a "security-only update."
Microsoft Edge Improvements
Microsoft made some energy efficiency claims about the Microsoft Edge browser (EdgeHTML 15) that's coming with Windows 10 version 1703. Microsoft's consumer-oriented Edge browser didn't drain laptop batteries as much as the Google Chrome and Mozilla Firefox browsers did, per video and browsing tests conducted by Microsoft, according to an announcement.
Microsoft is also touting better security with this release of the Microsoft Edge browser because it has an "app container sandbox." The sandbox has separate app containers for Internet sites, intranet sites, Edge browser extensions, special Web pages and the Adobe Flash Player. The browser also has new security additions called "Code Integrity Guard" and "Arbitrary Code Guard," which are designed to neutralize the kind of exploits that can lead to remote code execution attacks, Microsoft indicated.
Developers get some additions in this Edge browser release. They have access to the new W3C Payment Request API to simplify payment checkouts. CSS Custom Properties is a newly added "primitive value type to fully cascade variables across CSS properties." Microsoft Edge also supports the WebVR 1.1 preview for creating immersive virtual reality experiences.
Last year, Microsoft had described a coming Windows Defender Application Guard feature for Microsoft Edge in the Windows 10 Enterprise edition. It uses Hyper-V to run untrusted sites in a virtual machine. However, Microsoft's Edge team announcement didn't mention it. Likely, this feature didn't make this release, as it's not listed in Microsoft's general TechNet description of Windows 10 version 1703, nor is it listed in the "Microsoft Edge Developer Guide."
Internet Explorer Lives!
Some organizations can't easily use the Microsoft Edge browser because they may have so-called "legacy" Web applications that depend on earlier Internet Explorer technologies to work. For those organizations, Microsoft is continuing to support the use of IE in Windows.
Organizations typically may use Microsoft's Enterprise Mode solutions, which provide some measures to support those older IE technologies. Last week, Microsoft announced a new portal to make is easier to manage dual-browser scenarios where IE or Microsoft Edge gets used. The new Enterprise Mode Site List Portal is a Web-based tool for large organizations that's designed to make it easier to manage site lists and submit change requests, as well as test configuration settings before going live. It's an aid to using the Enterprise Mode Site List, which uses an XML schema to manually associate sites and browsers.
Microsoft's announcement also mentioned various ways to discover and test what sort of Web apps are used across organizations. The F12 developer tool can be used to manually test individual sites for IE 11 browser emulation. There's an Enterprise Site Discovery tool that can be turned on to gather Web use data as well. Microsoft also touted its Windows Upgrade Analytics service for such inventory work. It's a "free service," according to Microsoft.
Dead and Dying Products
Windows Vista is an unsupported product as of today. It's technically dead. It still runs, but it doesn't get any more updates, including security patches. Vista was the subject of lawsuits years ago. Its memory possibly may still haunt Microsoft in some ways.
Exchange Server 2007 fell out of support today. Microsoft offered some guidance in this Microsoft Tech Community announcement.
SharePoint Server 2007 will fall out of support on Oct. 10, 2017. Microsoft recently listed some SharePoint upgrade considerations to note in this blog post.
April 13 will be the end of support for two Azure Active Directory synchronization tools, too, Microsoft announced.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.