By Susan Bradley

Defer until the February updates are fully understood.

Even though I don’t anticipate any specific problem with February’s updates, it’s always hard to know for sure. For that reason, the MS-DEFCON level is raised to 2. Don’t be surprised by a Microsoft update before you’re prepared to deal with it!

So far, we anticipate changes in Windows 11 22H2 with respect to how .NET updates are handled. Most notable is a change in the preview experience for .NET Framework updates. Once the February security updates are installed, all future previews (which are optional) will be identified differently. Instead of showing up in the basic list of available updates on the Windows Update page in Settings, they will now be found — optional or not — in Settings under Windows Update | Advanced options | Optional updates. That’s where you will control which optional updates you wish to install.

The February updates will also include a fix to Remote Desktop. Users have been complaining about dropped connections; the upcoming updates for Windows 11 22H2 will fix the problem. This is an example of why I say Windows 11 22H2 is still not quite ready for businesses.

Regarding the file copy bug (in which copying large, multiple-gigabyte files might take longer than expected with Windows 11 22H2), do not expect a fix. You are more likely to experience this issue copying files to Windows 11 22H2 from a network share via Server Message Block (SMB), but local file copy might also be affected.

February’s Windows 10 22H2 update will include an addition to allow long URL lengths (up to 8,196 characters). I hope that none of us will be typing in such long Web addresses, but links provided in emails and other documents can be quite long. I think you can assume that reports have reached Microsoft that the previous limit has been reached.

Recently, I was asked which updates should be installed and which ones should be skipped if you are setting up Windows 10 22H2. For Windows 10 Home Edition, the risk of side effects from KB5012170 (Secure Boot DBX) is low. You won’t get prompted by a BitLocker recovery key that you may not have backed up after installing the update. I’m still not convinced this update is needed on consumer machines.

If you accidentally catch any preview updates for .NET or Windows, don’t worry. They have been relatively well behaved, especially on Windows 10. That doesn’t mean I recommend installing preview updates on a regular basis. They are meant for businesses to test ahead of time, to see whether future fixes will solve problems they are encountering.

We don’t expect any additional changes in Kerberos in the February updates, but I still recommend that you review the impact of these future updates on your network. (Use this Microsoft GitHub PowerShell script to check.) Merely installing the November security updates is not enough. You need to be proactive and review the impact on your network. The Microsoft blog has more steps and tips.

From now on, and if possible, use a test network to test your updates on a domain controller with the lowest level of the operating system that you have connected to the network. This wil ensure that the connectivity you need is not impacted. I’ll be keeping a close eye on the impact of updates and will report as I see them.

Resources

Join the conversation! Your questions, comments, and feedback about this topic are always welcome in our forums!

Susan Bradley is the publisher of the AskWoody newsletters.