Work safer and smarter with the Windows 11 2022 Update
Today, Microsoft announced the general availability of the Windows 11 2022 Update, the first major update to the operating system that secures your hybrid work. This update includes some critically important new features designed to help keep your organization safe in an ever-changing threat landscape without compromising the Windows experiences that help your employees collaborate and do their best work.
One of the great parts of my job is hearing your feedback. Why? Because it helps us build the technology solutions that help you do more, with less effort and cost, to meet your business needs. You’ve told me you value robust security and Windows endpoints that are easier to manage no matter where your team is working. You’ve also told me you want Windows to be familiar and inclusive so everyone can focus on the things that matter by utilizing intelligent features and automating basic tasks. We’ve heard that you want to create more meaningful connections and provide more flexibility for your employees. The 2022 Update delivers on these needs. The power of the cloud and the flexibility to get Windows on a PC or in the cloud empowers your team to work seamlessly across devices and locations so they can achieve better work-life balance however and wherever they work.
Finally, we know that any investment in new technology at this time must address your most critical business needs: security, productivity, and IT efficiency. Understanding your IT costs is critical—even more so in times of economic uncertainty. We’ve commissioned a study with Forrester Consulting to determine if Windows 11 delivers meaningful, quantifiable returns, in particular for managed organizations using Windows 11 Enterprise and Microsoft Intune as part of Microsoft 365. See the commissioned study: New Technology: The Projected Total Economic Impact™ Of Windows 11 study.1
The power of Microsoft 365 is in the integration of the solutions and the efficiency they provide your organization by limiting the need for additional solutions to stay secure, all with the flexibility to work how you want on a Windows 11 PC or in the cloud with Windows 365.
Back in April 2022, at the Windows powers the future of hybrid work event, we shared new innovations coming to Windows that would better meet your evolving needs. I am thrilled to share more details about the new features we’re shipping now and in the coming months that protect your organization, unlock new experiences for employees, and increase efficiency for IT, all while providing strong returns on your Microsoft IT investments. To learn more about how to get the 2022 Update and our strategy for delivering continuous value, please see How to get the Windows 11 2022 Update. All of the features we’re releasing today and later this year are available as a free update, on new Windows 11 devices, as well as with Azure Virtual Desktop and on Windows 365 Cloud PCs, giving your organization the flexibility to empower hybrid and specialized work, securely, on a wide variety of endpoints and across platforms.
What’s new in Windows
Making Windows even more secure
Windows 11 was designed from the start to be the most secure Windows operating system yet. From the chip to the cloud, our aim is to keep the digital workforce and organizational data safe, regardless of where people work. New Windows 11 PCs come with robust security features turned on by default, based on close integration of hardware and Windows.
We’re thrilled to hear that so many of you are adopting Windows 11 to help ensure protection against evolving threats and using it within the Zero Trust framework to protect your people and your business.
“Windows 11 is built for the hybrid way of working. It’s built for the hybrid IT infrastructure and it’s built to allow organizations to choose their path for the future of work.”
—Simon Binder, Digital Workplace Architect, Telia Cygate AB
“Windows 11 is that extra step in productivity that I didn’t know I was missing. It’s smarter, faster and didn’t break a thing.”
—Raymond Comvalius, IT Infrastructure Specialist/MVP, Invendows B.V (Nextxpert)
As part of our effort to help your devices be more secure right out of the box, with the 2022 Update we are enabling additional features and expanding the number of devices that we enable security by default. One example of this is that devices running Intel 8th generation chipsets and higher will have virtualization-based security (VBS) and hypervisor-protected code integrity (HVCI) enabled by default. These two technologies protect you from both common malware and ransomware, as well as more sophisticated attacks. Starting with the 2022 Update, we will also enable Windows Credential Guard by default with devices running Windows 11 Enterprise. Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them, making it harder for attackers to compromise your network.
Hackers are increasingly developing new and sophisticated ways to breach defenses. At Microsoft, we try to never stop testing our environment in service of developing features to help keep you safe. One of the major threats we commonly see today is phishing. A great way to mitigate this threat is by going passwordless with Windows Hello. As organizations are at various stages in the journey to rid themselves of passwords, we feel that we have a duty to help protect them. This is why today we are launching enhanced phishing protection with Microsoft Defender SmartScreen. This helps protect your employees by identifying malicious applications or hacked websites and alerting them when they are entering their Microsoft Azure Active Directory or Active Directory credentials. It also warns them when reusing their password in other apps or websites and when using unsafe password storage practices like storing it in Notepad.
Another area of investment is protecting you from malicious apps that look legitimate but are really out to infect your device with malware. This is why we built Smart App Control, which prevents employees from running malicious applications by blocking untrusted or unsigned applications. Using AI, Smart App Control only allows processes to run that are predicted to be safe based on existing and new intelligence processed daily. This is great for smaller organizations who don’t manage their devices or have unsigned line of business applications and have clean installations of the 2022 Update. For enterprise organizations who do have these needs, we recommend using Windows Defender Application Control.
For more details on these new security features, visit the Security Blog.
Windows Autopatch, released earlier this year, addresses another critical element of keeping your environment secure: staying up to date with the latest updates of the OS including patches. Windows Autopatch is a new automated managed service that uses the Windows Update for Business client policies and deployment service tools included in the Windows Enterprise E3 and higher subscription, to reduce endpoint vulnerability by maintaining healthy, secure, and compliant endpoints with automated updates and patches on schedule but without interruption. Windows Autopatch helps you get current and stay current on Windows, Microsoft Teams, Microsoft Edge, and Microsoft 365 apps while hardening endpoints against threats and increasing productivity by deploying new updates with minimal friction and risk. If issues arise, they won’t turn into interruptions. The service can stop and even roll back updates, keeping IT in control but releasing you from manual processes. We’ve been thrilled to see your response to Windows Autopatch over the past three months.
One of our early enterprise Autopatch customers summed it up in one sentence: “Its simplicity is what makes it so great.”
Find out how to get Windows Autopatch set up and how it works while watching it in action in today’s Microsoft Mechanics show:
Operational efficiency for IT
IT’s job continues to get more complicated as the way in which we perform our jobs, where and how we get our work done, and the tools we need to stay productive and secure continue to evolve. Our goal is to make the Windows IT experience streamlined from end to end, from purchase through provisioning with zero-touch deployment, management, updates, and support. Windows E3 and Microsoft Endpoint Manager bring together a powerful combination of industry-leading unified endpoint management that spans across not only your physical but virtual endpoints with intelligent, proactive tools that keep IT in control while reducing manual processes.
As organizations began planning and starting their Windows 11 deployment this year, we knew we needed to provide more analytics and reports before we delivered the 2022 Update. This is why you have seen us invest in providing application and driver compatibility insights within Endpoint Manager. These reports are available in preview as a Windows Enterprise E3 benefit to help you better understand compatibility risks in moving to Windows 11.
These insights are a great complement to our continued investment in tools like Test Base for Microsoft 365, which helps automate application compatibility testing, and App Assure, which ensures compatibility, backed by engineering guarantees that everything will “just work” or we’ll make it right.
We are also helping you easily monitor Windows Updates and patch compliance so you can stay current through Update Compliance. We recently announced changes to the reporting to leverage Azure Workbooks, which will make the solution more responsive to your needs while providing a simpler and more consistent product. To learn more about Update Compliance, we invite you to join us at Microsoft Ignite where we will share more information.
Over the past months, we have also heard that some of you wanted to upgrade some of your kiosk devices that ran multiple applications, but Windows 11 did not support this. You found this feature important as it provided a customized Start experience that only showed the apps that you allowed. We are happy to share that this is coming back to the 2022 Update in October 2022, helping you provide a great tailored experience for your employees that need a customized but locked down experience.
Taken together, these investments in reporting, application compatibility and manageability, plus the option for premium management solutions like remote help, give IT an “easy button” when it comes to managing, securing, and updating physical devices, virtual desktops with Azure Virtual Desktop, and Windows 365 Cloud PCs all in one place.
“Within months of the Windows 11 release, our organization upgraded with speed and agility. Deployment was far smoother from previous major revision updates and has allowed us to deliver secure and improved hybrid work experiences to our employees.”
—Andrew Zahradka, Head of Workplace Compute, National Australia Bank
Working in Windows is friction-free
While hybrid work may be here to stay for many job roles and organizations, that doesn’t mean we have it perfected. Employees continue to report wanting better ways to stay connected with the organization to learn, build their networks, and stay up to date on the latest information and resources. In addition, experiences like onboarding and training employees are more complicated in a hybrid world.
In April 2022, we introduced a feature called organizational messages that enables IT-managed direct communications with employees within the Windows experience such as above the taskbar, in the notifications panel, and in the Get Started application. From the Endpoint Manager admin center, IT can create messages and add their company logo, provide customized links or URLs, configure the viewing frequency, and, of course, define the targeted set of users for the message based on the integration with Azure Active Directory. This allows better employee connection while respecting privacy and ensuring helpful and targeted information reaches your people. Expect us to share more information on this solution at Microsoft Ignite.
Safely accessing applications that help employees do their jobs is critical to everyone’s success. This is why we have been hard at work on integrating the Microsoft Store app catalog with Intune. With expanding app content available in the Microsoft Store on Windows, a richer experience around app deployment and update controls, and the ability to easily assign or uninstall apps to users or devices, this solution will offer a consumer-like experience for employees with all the IT control you want integrated into Intune, giving you an improved solution over what was available in the Microsoft Store for Business. We will share the latest information about how the solution is evolving at Microsoft Ignite.
We are also making Universal Print even better. For organizations that use Azure Virtual Desktop, Universal Print can now be used in that environment, helping you make printing easier for every employee regardless of if they are running Windows virtualized or physically on a device. There is also a new set of management capabilities coming this month. We are releasing new downloadable reports, that include the raw usage data, so organizations can import data into their existing analytics solutions. There is also a live dashboard to provide tenant-wide, printer-specific, and user-specific information to help you better understand your printing volumes. We are also excited to share that Universal Print is supported when using Excel on the web making it even easier to print your spreadsheets.
Organizations I talk to tell me one of the areas that they would love to see improvements in is how virtual meetings can be better. In February, we released the ability to share an application in a meeting directly from the taskbar and microphone mute controls in the taskbar. With the 2022 Update, we are adding new meeting features called Windows Studio Effects2 to help make video and audio calls even better. Effects like Voice Focus that help filter background noise, Automatic Framing where your camera will frame and follow you which is great if you like to move around in meetings, and Eye Contact so we can all look like we are looking into the camera to better engage with our audience even if we need to occasionally look at our monitors to check out notes.
Another feature that is great for meetings and accessibility needs is system-wide live captions. Live captions can transcribe audio content from places like Teams and the web, making that audio easier to understand. The feature helps to create more inclusive work environments for those who are hearing impaired or comprehend information better when it’s presented visually rather than audibly. It’s also useful when working in a noisy location where it’s hard to hear what’s going on in a meeting. There are other great accessibility features that you can learn more about in our dedicated blog to accessibility.
Finally, we continue to refine Windows Enterprise features that help employees securely access workplace needs like seamless single sign-on identity and authentication from device to cloud with Windows Hello without remembering passwords and data-driven proactive actions to address common problems, thereby reducing help desk calls. All of these features are designed to help employees work how and where they want without disruption and without sacrificing security.
All of these Windows 11 features, in addition to those launched last year, contribute to a friction-free experience for employees that is intuitive, secure, and helps them do their best work. A commissioned study conducted by Forrester Consulting also found that “Using Windows 11 allowed the average end user to be 5 percent to 15 percent more productive.”1 This increased productivity is rooted in Windows 11, giving users the ability to customize their workspaces, which allows them to quickly access their most-used applications.
Move to the Windows 11 2022 Update today
The 2022 Update is now generally available through Windows Update for Business. As we’ve outlined above, Windows 11 was designed to be compatible with your existing tools and processes and integrated with the entire Microsoft 365 stack. Moving to Windows 11 is as easy as taking an update and runs seamlessly side by side with Windows 10. So, rather than updating your eligible PCs to Windows 10, version 22H2 (available later this year), why not upgrade directly to the 2022 Update and start getting the best returns on your technology investment today? World-class security, streamlined IT processes, and experiences designed to let your employees work where and how they want, inclusively, collaboratively, and without disruption. That’s helping you do more with less.
There are many resources available to help you on your Windows 11 journey including deployment and onboarding kit, FastTrack partner resources, and more details on all of these features and how to use them on the Windows IT Pro Blog. In addition, see the commissioned study delivered by Forrester Consulting, New Technology: The Projected Total Economic Impact™ Of Windows 11 study, to learn more about the economic impact of an investment in Windows Enterprise.1
Finally, I invite you to join me, Panos Panay, Chief Product Officer, and our colleagues from across Windows, Intune, Surface, and Microsoft 365 product teams at Microsoft Ignite next month where we will have demos, sessions, and product roundtables plus more Windows 11 continuous innovation to share with you. See you at Microsoft Ignite, and thank you for continuing to trust Microsoft and Windows to secure your hybrid workforce.
1 New Technology: The Projected Total Economic Impact™ Of Windows 11, a commissioned study conducted by Forrester Consulting on behalf of Microsoft, July 2022
2 Hardware dependent.