Starting January 14, 2020, Microsoft will no longer provide security updates, software updates and technical support for computers running Windows 7. Start upgrading the Windows 7 computers in your organizations or in your homes to Windows 10 ASAP.
This website, Windows 7 End of Life provides a nice countdown along with a calculator to determine how many computers you will need to upgrade per month, per week, or per day given the number of Windows 7 computers you have left to upgrade.
Nash Pherson, the creator of the Win 7 End of Life website also provides a nice PowerShell script to find all the Windows 7 computer objects remaining in your Active Directory. Great resource, Thanks Nash!
Starting with Windows 10 “19H1” or build 18237, you have likely encountered a blurred background on the login screen. Some users like this feature and some don’t. If you’d like to change the blurred effect to a clear image, then you can do it in two ways: 1. Group Policy or Local Policy 2. Registry setting
Change using Group Policy or Local Policy:
Launch the Group Policy Editor > gpedit.msc
In Group Policy Editor, go to: Computer Configuration\Administrative Templates\System\Logon
Enable the policy option: Show clear logon background
Restart the computer for good measure
Change using Registry setting:
Launch the Registry editor (make sure you backup the registry prior to making any changes) > regedit.exe
Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System
Create a new DWORD (32-bit) value: DisableAcrylicBackgroundOnLogon
Set the Value data to 1 to disable the blur effect on the login screen
Restart the computer
Now, you should have a clear login screen background.
Microsoft provides several Insider programs which you can participate to get a preview of the latest features and updates, as well as provide feedback to Microsoft for bugs, issues, and request features.
In case you are trying to figure out what Insider programs are available and how you can sign up to participate, see below for the individual programs.
Patch Management is an important role of a Sysadmin in the Enterprise, because securing endpoints with security updates to keep systems secure and functional, receive fixes that resolve issues, and patch security holes is highly important. However, with the frequency of security updates which are released these days, patch management tasks feels like a full-time job!
For the most part, monthly patches are straight forward, however in recent months, they have been problematic where they have caused system crashes, blue screens, application functionality issues, and introduced other bugs. Some faulty patches are quickly reversed or rectified by Microsoft, while others go unfixed for a longer duration causing further duress and downtime in many organizations. This has been a major pain point for Sysadmins in the field.
Well, we may have some reprieve from these buggy patches. Microsoft has announced that it will start uninstalling problematic patches automatically from Windows 10 systems when it detects a startup issue due to incompatibility or issues stemming from a recently installed patch. The following notification will be presented: “We removed some recently installed updates to recover your device from a startup failure.”
According to this KB4492307 posted by Microsoft, the problematic patch will not be reinstalled for 30 days to allow Microsoft and it’s partners to investigate and fix the issues. This process seems like a good proactive approach by Microsoft to get a handle of buggy patches, however more information is needed in terms of how this will work with detection, deployments, and compliance of these patches using ConfigMgr and WSUS as mechanisms for patch management in the enterprise. Time will tell, we hope!
This post is not to emphasize or promote the use of the local administrator account or provide such level of access to your users. IT Professionals and security experts will tell you that providing local administrator account privileges for end users is risky as it can introduce lots of issues such as ransomware attacks, malware infections, risk of compromised systems, and Pass-the-Hash attacks to name a few.
The local administrator account on a Windows 10 system is disabled by default. If you need to enable it for troubleshooting purposes or for some management tasks, you can do so in 3 ways.
Option 1: Computer Management
Click Start > search for Computer Management
Expand Local Users and Groups
Right-click on Administrator account
Uncheck Account is disabled box > click Apply and OK
The Microsoft Deployment Toolkit (MDT) has been released and the most current build (8456) which can be downloaded from the Microsoft Download Center. This update requires the Windows Assessment and Deployment Kit (ADK) for Windows 10 version 1809 (10.1.17763.1) which is available for download on the Microsoft Hardware Dev Center.
The ISO download for Windows 10 October 2018 Update edition (version 1809) has been released and is now available from the Microsoft Volume Licensing Service Center (VLSC) portal. You’ll find the 64-bit ISO file with a download size of 4505 MB. The 32-bit version is also available for download (3278MB).
Here is a good article on “How to verify if you have downloaded or installed the latest version of Windows 10”. I would recommend that you check out Michael Niehaus’ blog post where he shares some important information regarding the changes with the volume license media and upgrade packages with Windows 10, starting with v1709. There is only one ISO with a single WIM (Windows Image) file that contains all the volume license images as listed below:
Here’s what’s new in Windows 10 October 2018 Update and Office. And here’s some additional information on how to get Windows 10 October 2018 Update.
With the release of Windows 10 version 1809, the following tool to support this latest Windows 10 build, Windows Assessment and Deployment Kit (ADK) version 1809 is now available.
You can download it from: Windows 10 Assessment and Deployment Kit (ADK).
NOTE: There is a new change with this ADK which requires an add-on installation to include Windows PE.
Starting with Windows 10, version 1809, Windows Preinstallation Environment (PE) is released separately from the Assessment and Deployment Kit (ADK). To add Windows PE to your ADK installation, download the Windows PE Addon and run the included installer after installing the ADK. This change enables post-RTM updates to tools in the ADK. After running the installer for the WinPE add-on, the WinPE files will be in the same location as they were in previous installs of the ADK.
On April 30, 2018, Microsoft released the Windows 10 April 2018 Update (1803) build to customers worldwide. The following tools to support this latest release has been made available, which includes Windows 10 Administrative Templates (.ADMX), Windows Assessment and Deployment Kit (ADK), and the Remote Server Administration Tools (RSAT) for Windows 10 April 2018 Update.
The latest version of the Remote Server Administration Tools (RSAT) for Windows 10 April 2018 Update v1803 have been released. The download is available here. You will find the following download files available for version 1.0 corresponding to x86 or x64 Operating Systems:
See here if you would like to determine if a computer is running 32-bit or 64-bit Windows OS.