Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch -- Redmond Channel Partner

Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

By Kurt Mackie
May 26, 2023

Windows 11 users are getting new features, which are expected to arrive at latest in July, per a Microsoft announcement this week.

The new features are perhaps overshadowed by the Microsoft Build announcement that a new AI-powered Windows Copilot will be reaching the preview stage sometime in June. Also, although Microsoft didn't specify a rollout period, it's promising to soon add a Microsoft Intune capability that will let IT pros manage Windows drivers and system firmware updates.

Windows 11 Privacy and Security Features
Windows 11 version 22H2 users are getting some ease-of-use enhancements for privacy and security controls.

Users will be able to more easily enable or disable app presence-sensing features, such as "wake on approach/lock on leave." There's also a new feature that will let users see their virtual private network connection status on their taskbars in the form of a "small shield icon." Microsoft also will show an alert on the Start menu when "your account needs attention," which is called "account badging."

Microsoft also is previewing an Azure Active Directory Conditional Access "token protection policy," as described in this document. It's a protection against token theft by remote attackers who are thereby able to impersonate users to gain access. Microsoft's token protection scheme is designed to thwart that scenario by creating "a cryptographically secure tie between the token and the device (client secret) it's issued to." The token protection scheme will work with "Windows 10 or newer devices that are Azure AD joined, hybrid Azure AD joined, or Azure AD registered." It won't be available for Office perpetual-license users.

Also being previewed for consumer and commercial Windows 11 users is an ability to isolate Win32 applications. Microsoft's isolation technologies will "make it harder and costlier for attackers to break out of the app and into other applications and Windows subsystems," Microsoft explained.

Organizations using the Universal Print service are getting access to QR codes as a means for Android mobile device users to authenticate for a print job. Universal Print is Microsoft's standards-based scheme for E3/E5-type licensees that lets organizations print from anywhere while dispensing with having to maintain print servers, although IT pros must monitor monthly print job allocations. Universal Print was commercially released about two years ago.

Other Windows 11 Features
Windows Autopatch is getting previewed, with expected "general availability" commercial release in July, per this May 1, 2023 announcement, although maybe that's confusing because Microsoft had announced it at general availability last year. This feature will be a perk for automating new Windows rollouts to end users in accordance with Microsoft's user-group ("rings") triage approach, as well as for automating Microsoft 365 Apps for Enterprise updates. IT pros will be able to create "up to 15 deployment rings," but Microsoft generally takes control over the update process with Windows Autopatch.

Windows 365 Boot is another new feature coming to Windows 11 Pro or Enterprise edition users. Windows 365 Boot facilitates "Cloud PC" logins for users of the Windows 365 desktop-as-a-service offering. A Cloud PC can be stipulated as a user's "primary Windows experience on the device" and users will then get directed to the Cloud PC after a successful log-in attempt. Microsoft is touting Windows 365 Boot as being optimal for shared devices. Setting it up will require having "Microsoft Intune Administrator rights."

Organizational Messages is coming to organizations with Microsoft Intune-managed Windows 11 version 22H2 Enterprise edition subscriptions. This feature lets IT pros send notifications via Microsoft Intune to Windows 11 end users. The messages concern onboarding and lifecycle management details. They can be company branded, and now permit "custom messages" and "fully customizable URL links" as well. Those are new capabilities from Microsoft's initial announcement back in November. Microsoft also added a new "Organizational Messages Manager role" to the Azure AD and Intune portals for overseeing messages.

Some machines running Windows 11 version 22H2 are getting Bluetooth Low Energy Audio. This perk represents a collaboration with Samsung on its Galaxy phones and ear buds, plus Intel. Bluetooth Low Energy Audio will enable "high-quality audio at low power" for videos, music and phone calls.

Windows 11's Widgets will expand to a larger format with space for pinned apps and a "personalized feed for discovery," Microsoft indicated. The Widgets pane pops up from the left edge of a screen. It currently displays weather, news and stock info.

Live captions, which appear when audio is playing, are getting expanded to support "10 additional languages spanning 21 regions."

Windows 11 Features Arrival
These new Windows 11 features could show up as early as this month for consumer users (Home edition). Others could see the new features in June, or even July.

For instance, Microsoft's announcement indicated that the new features will be "enabled by default in the June 2023 optional non-security preview release for all editions of Windows 11, version 22H2." Since not all individuals and organizations opt in to get these nonoptional security preview releases, the new features likely will appear for them with the July "update Tuesday" patch releases.

Microsoft's somewhat new Windows feature dispersal approach is to release new Windows 11 features when it deems them ready, which get distributed with quality and security patches each month on the second Tuesday of each month ("update Tuesdays"). Previews typically get released in a prior month's third week.

The new features at preview will be blocked for users with managed devices when they try to "seek" them through Windows Update, Microsoft's announcement explained. IT pros wanting to test the new preview features in advance will need to be part of the Windows Insider Program.

Microsoft technically speaking still issues a new Windows 11 operating system release (called a "feature update") just once per year, in the fall. However, its new Windows Update feature-delivery scheme entails adding new features to the OS potentially each month.

Free Webcast! Learn about Password Management Best Practices

Featured

Multinational Partner Cognizant Buys 25,000 Microsoft 365 Copilot Seats

IT services giant Cognizant, which already has a robust Microsoft cloud MSP business, is now also one of the biggest customers of Redmond's Copilot AI product.
In Wake of VMware Changes, Broadcom Still Struggling To Win Critics Over

Broadcom CEO Hock Tan recently shared his company's motives for controversially changing VMware licensing policies, a move that had been met by widespread backlash.
2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
The 2024 Microsoft Product Roadmap

Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

Featured

Multinational Partner Cognizant Buys 25,000 Microsoft 365 Copilot Seats

In Wake of VMware Changes, Broadcom Still Struggling To Win Critics Over

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The 2024 Microsoft Product Roadmap

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

In Wake of VMware Changes, Broadcom Still Struggling To Win Critics Over

Multinational Partner Cognizant Buys 25,000 Microsoft 365 Copilot Seats

Top SMB Threats Include Ransomware and Windows Server 2012: Report

Microsoft and OpenAI Continue Partnership with Supercomputer AI Datacenter

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

In Wake of VMware Changes, Broadcom Still Struggling To Win Critics Over

Multinational Partner Cognizant Buys 25,000 Microsoft 365 Copilot Seats

Top SMB Threats Include Ransomware and Windows Server 2012: Report

Microsoft and OpenAI Continue Partnership with Supercomputer AI Datacenter

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Coffee Talk: Phishing Awareness Training 101 for Partners

Security Essentials: Empowering MSPs with Datto’s Integrated Solutions

Coffee Talk: Endpoint Security 101: Threats & Strategies SMB Partners Need to Know

Automated Intelligence: Simplifying M365 Governance for MSPs

FREE WHITE PAPERS FROM OUR SPONSORS

A guide to zero trust for MSPs

Microsoft CSP Guide

10 Reasons to Bundle Security with your Managed Services

Battling Business Email Compromise