I know what you’re thinking… summer’s over, Halloween is around the corner-ish, the days are getting shorter… and the NCSC have just released a second Windows 10 guidance update in a month!
Well, if this is what you are thinking, you’re right. As promised we have just updated our traditional on-premises Windows 10 guidance. This time to include all the latest features within the Windows 10 1803 “April Update”.
What’s new:
- We have updated our downloadable group polices to include the latest NCSC recommended configuration and the new Microsoft enterprise baselines for Windows 10 1803. These group polices make it easy for IT admins to directly import our guidance configuration. We still recommend that you read the guidance document and understand what has changed since the last update, though. The key differences are highlighted within this blog.
- We have strengthened the recommendation to use Windows Hello for Business to a ‘should’ for corporate and personal-issue devices.
Windows as a service
Microsoft has recently updated its servicing timelines for feature updates. Microsoft currently release feature updates twice a year for Windows 10, targeting March and September. The September feature updates will now be serviced for 30 months from release date, while the March feature updates will continue to receive 18 months worth of quality updates as standard. Having 30 months gives you longer to validate that apps, devices and infrastructure work well with the new update.
As always, feel free to add comments below or get in touch if you have any suggestions on how we could improve our guidance. We would be especially keen to hear from you if you’ve completed any recent deployments using the settings we recommend – being able to learn from your experiences improves the guidance we develop.
Stuart G
EUD Security Research
Source: National Cyber Security Centre