Released formally final week, Windows 11 22H2 provides quite a lot of new options and choices, although many aren’t but out there — Microsoft shall be “dribbling” out modifications all through the approaching yr. The much-touted Windows File Explorer tabs, for instance, has not but rolled out, however the gadgets launched do embrace Enhanced Phishing Protection, which is obtainable to shoppers in addition to companies. (To make the most of the brand new reporting and alerts, you do want a license to the Microsoft 365 safety portal, which is included in a Microsoft 365 E5 license, or a Microsoft 365 enterprise premium license. The latter is a particular license for firms with fewer than 300 seats.)Microsoft is being a bit cagey about its plans for pushing out the incremental modifications within the months forward, although it has mentioned they received’t be enabled by default on a enterprise or domain-joined pc. It’s additionally unclear whether or not these incremental tweaks could be managed via registry keys on Windows 11 Home variations.As Computerworld’s Preston Gralla defined in his Windows 11 22H2 assessment: “Microsoft says that from now on, Windows will get feature updates like 22H2 once a year, but that in between, individual new features may be released as often as once a month. That will happen in October, when Microsoft will release an update that delivers tabs to File Explorer. The update will be optional and delivered via a phased rollout, and will then be included in the normal monthly security update release in November.”In addition to tabs in File Explorer, steered actions — the place Windows 11 recommends actions to soak up sure purposes — are additionally anticipated in October. And whereas Microsoft has despatched indicators indicating companies will be capable of management these new enhancements, it hasn’t documented precisely how.One would assume there’d be some type of group coverage setting to regulate these releases, however to date, the group coverage templates associated to the most recent modifications supply no clues.With that background, listed here are the group coverage changes we do see which are new in Windows 11 22H2. Many are self-explanatory, others showcase among the working system’s new choices. They’re listed right here in alphabetical order, together with transient explanations of what they do: controlpanel.admx     Hide messages when Windows system necessities usually are not met.(Clearly, many people are utilizing this registry entry to go across the {hardware} mandates in Windows 11. This new setting permits directors to cover the notification that your {hardware} received’t run Windows 11.) desktop.admx   Hide and disable all gadgets on the desktop.This removes icons, shortcuts, and different default and user-defined gadgets from the desktop. While this coverage isn’t new, it does supply new choices.desktopappinstaller.admx  Enable App Installer.Enable App Installer Settings.Enable App Installer Experimental Features.Enable App Installer Local Manifest Files.Enable App Installer Hash Override.Enable App Installer Default Source.Enable App Installer Microsoft Store Source.Set App Installer Source Auto Update Interval In Minutes.Enable App Installer Additional Sources.Enable App Installer Allowed Sources.Enable App Installer ms-appinstaller protocol.These settings management whether or not customers can run the Windows Package Manager. dnsclient.admx  Configure Discovery of Designated Resolvers (DDR) protocolConfigure NetBIOS settings.This coverage specifies whether or not the DNS consumer would use the DDR protocol.  The Discovery of Designated Resolvers (DDR) protocol permits Windows to maneuver from unencrypted DNS to encrypted DNS when solely the IP tackle of a resolver is thought. explorer.admx   Turn off recordsdata from Office.com in Quick entry view.This additionally will forestall File Explorer from requesting current cloud file metadata and displaying it within the Quick entry view. inetres.admx     Turn off Adobe Flash in Internet Explorer and forestall purposes from utilizing Internet Explorer expertise to instantiate Flash objectsTurn off Adobe Flash in Internet Explorer and forestall purposes from utilizing Internet Explorer expertise to instantiate Flash objectsEnable international window checklist in Internet Explorer modeEnable international window checklist in Internet Explorer modeReset zoom to default for HTML dialogs in Internet Explorer modeReset zoom to default for HTML dialogs in Internet Explorer modeDisable HTML ApplicationDisable HTML ApplicationThis allows varied browser settings.kdc.admx  Configure hash algorithms for certificates logon.This setting controls hash or checksum algorithms utilized by the Kerberos consumer when performing certificates authentication.kerberos.admx  Configure hash algorithms for certificates logon.Allow retrieving the Azure AD Kerberos Ticket Granting Ticket throughout logon.These insurance policies management varied Kerberos settings.lanmanserver.admx   Request site visitors compression for all shares.Disable SMB compression.This controls varied SMB compression settings.lanmanworkstation.admxUse SMB compression by default.Disable SMB compression.This, too, controls varied SMB compression settings.localsecurityauthority.admx       Allow Custom SSPs and APs to be loaded into LSASS.Configures LSASS to run as a protected course of.This is used to regulate new settings concerning LSASS safety (Local safety secrets and techniques).microsoftedge.admx  Suppress the show of Edge Deprecation Notification.Suppress the show of Edge Deprecation Notification.This is used to regulate Edge notifications.msapolicy.admx Only permit system authentication for the Microsoft Account Sign-In Assistant.This limits authentication methods.passport.admx  Enable ESS with Supported Peripherals.This Enhanced Sign-in Security isolates Windows Hello biometric (face and fingerprint) template information and matching operations to trusted {hardware} or specified reminiscence areas.printing.admx    Limits print driver set up to Administrators.Manage processing of Queue-specific recordsdata.Manage Print Driver signature validation.Manage Print Driver exclusion checklist.Configure RPC listener settings.Configure RPC connection settings.Configure RPC over TCP port.Always ship job web page depend info for IPP printers.Configure Redirection Guard.This permits settings for brand new printer protections.search.admxFully disable Search UI.Allow search highlights.This permits settings for search.sensors.admx    Force Instant Dim.This permits admins to tweak dim settings.settingsync.admx       Do not sync accessibility settings.This limits sync of those settings.startmenu.admx        Remove Run menu from Start Menu.Prevent modifications to Taskbar and Start Menu Settings.Remove entry to the context menus for the taskbar.Prevent customers from uninstalling purposes from Start.Remove Recommended part from Start Menu.Remove Recommended part from Start Menu.Simplify Quick Settings Layout.Disable Editing Quick Settings.Remove Quick Settings.This permits further changes for Start menus.taskbar.admx    Remove pinned packages from the Taskbar.Hide the TaskView button.Hide the TaskView button.This permits further changes for the Taskbar.terminalserver.admxDo not permit WebAuthn redirection.Disable Cloud Clipboard integration for server-to-client information switch.This supplies changes for terminal server settings.webthreatdefense.admxService Enabled.Notify Malicious.Notify Password Reuse.Notify Unsafe App.Device Control.Select Device Control Default Enforcement Policy.Define Device Control proof information distant location.Control whether or not or not exclusions are seen to Local Admins.Select the channel for Microsoft Defender month-to-month platform updates.Select the channel for Microsoft Defender month-to-month engine updates.Select the channel for Microsoft Defender every day safety intelligence updates.Configure time interval for service well being studies.CPU throttling kind.Disable gradual rollout of Microsoft Defender updates.These are new changes for Enhanced Phishing Protection.winlogon.admx Enable MPR notifications for the system.This coverage controls the configuration beneath which winlogon sends MPR notifications within the system.It stays unclear precisely how we can management these new options and whether or not Windows 11 2022 Home customers will be capable of management these new incremental modifications. Stay tuned. Windows 11 is clearly nonetheless a piece in progress.

Copyright © 2022 IDG Communications, Inc.