Eat up, Windows 11 users – this is your last non-security preview update for the year

Microsoft is parcelling out new features and functions this week in updates to Windows and Defender.

The company released this month's non-security preview cumulative update for Windows 11 version 22H2, which enhances what users will see with OneDrive personal cloud storage as well as more than two dozen improvements and changes.

KB5020044 represents the final such preview release for the year.

"Because of minimal operations during the holidays and the upcoming Western new year, there won't be a non-security preview release for the month of December 2022," Microsoft wrote on its support page. "There will be a monthly security release… for December 2022."

The monthly security and non-security updates will resume their normal cadence in January.

Among the highlights are OneDrive subscribers being able to more easily manage their storage environments. They will get storage alerts on the Systems page in the Settings app that will appear as they near their storage limits. Through this feature, users also can manage the storage they have and buy more if needed.

In addition, the update delivers the full amount of the storage capacity on all OneDrive subscription and displays the total storage amount on the Accounts page in Settings.

There also is a new mobile device management policy for organizational messages, giving companies the ability to enroll tenant devices in the MDM program so those devices can receive custom messages.

"For example, you can use Intune to write the messages," Microsoft wrote. "They will render within Windows."

The KB update also addresses some known issues. Using provisioning packages on version 22H2 might not always work as intended, with Windows only being partially configured and the Out of Box Experience either not finishing or unexpectedly restarting. Microsoft is offering a workaround for now – provisioning the Windows devices before upgrading to version 22H2 – and is working on a fix that will be in an upcoming update.

In addition, it might take longer than expected to copy large multi-gigabyte files on version 22H2, particularly if copying files to Windows from a network share through Server Message Block. The workaround is using file copy tools that don't use cache manager while Microsoft works on a permanent solution.

The update also fixes issues that caused File Explorer to stop working when users close context menus and menu items and affected File Explorer when opening a file, causing CPU use to shoot up.

Another fix addressed a problem that caused certain apps to stop responding when using the Open File dialog.

If users want to install the optional update, they can go to Settings > Windows Update and then hit the "Check for Updates" button or download it from the Microsoft Update Catalog.

• Windows Server domain controllers may stop, restart after recent updates
• Google and Microsoft add more renewable energy for datacenters
• Still using a discontinued Boa web server? Microsoft warns of supply chain attacks
• Windows Subsystem for Linux now packaged as a Microsoft Store app

Microsoft's Defender also is getting upgraded, with enhancements including built-in protection becoming generally available, which makes security settings a default in the endpoint security offering. It's designed to protect organizations against emerging threats like ransomware. The default settings include tamper protection to protect against unauthorized users or attackers changing security settings.

The integration of Corelight's Zeek into Defender for Endpoint, which was announced at Ignite 2022 in October, is generally available. The open source network security tool lets IT administrators more easily analyze what they're seeing on the network and respond quickly.

"With many attacks only visible at the network layer, continuously monitoring and analyzing network activity is critical," Elad Solomon, senior software engineer at Microsoft, wrote in a blog post. "Attackers that utilize their own network stack can often bypass existing endpoint-based detections, but they cannot hide their network footprint. Providing visibility into the network layer, using both incoming and outgoing traffic from each endpoint, broadens the ability to protect devices operating on the network."

Microsoft's Defender Vulnerability Management offering, which is in preview, will also include the ability to assess the security of a system's hardware and firmware. It will include inventories of system models, chips, and BIOS, with each view providing details of the vendor's name, number of weaknesses, threat insights, and the number of exposed devices. ®