A new Windows 11 update could break provisioning – the ability to configure end-user devices – for those companies applying it to new devices on a network, Microsoft has warned. MSFT recommends that devices are provisioned before the patch is activated manually.
The patch, version 22H2 of Windows 11, was released on 22 September. As well as patching known vulnerabilities and bugs within the system, it brought with it several new problems including a printing error and the provisioning fault.
The provisioning issue first came to light last week with reports on the Microsoft Q&A platform of roll-outs “failing miserably” on 22H2 that worked on 21H2. The reports suggested the package is being installed but not processed, throwing out a range of errors and triggering restarts.
According to Microsoft, which says it is investigating the problem, “Windows might only be partially configured, and the out-of-box experience might not finish or might restart unexpectedly.” It doesn’t impact provisioning using Windows Autopilot or those used in homes and small offices.
The update was blocked from certain machines running the IPP Class printer driver or the universal print driver due to an issue that causes installed printers to only allow default settings and so are unable to print specific features including colour and double-sided printing. Rather than cause organisations to roll-back the update, Microsoft put a “compatibility hold” on the roll-out of 22H2 for machines with these drivers to “safeguard your upgrade experience”.
Windows 11 update: fixes… and new bugs
There are also reports of remote desktops not connecting, randomly disconnecting or even freezing without warning after the install of 22H2, according to Microsoft. The issue, as well as others reported since the roll-out began, is under active investigation with a potential fix in development for some issues.
Another issue that Microsoft will have to tackle in this update is a problem with performance degradation when copying large files from a remote computer to a system running 22H2. This leaves users facing a 40% drop in throughput when copying files larger than a few gigabytes.
Despite all these bugs, Microsoft says it is pressing ahead with a new deployment phase for 22H2, making it available to anyone with an eligible device.
There are several new security features released as part of 22H2 including protections against credential theft and account lockout. It also saw the roll-out of a Kernel Mode Hardware Enforced Stack Protection that provides extra security to kernel-level software and blocks out a number of exploits that use code-execution vulnerabilities.
A feature that underpins several key Windows security features, the hypervisor-protected code integrity system will be turned on by default on more computers in future, including any with Intel eighth-generation chipsets and higher, and Windows 11 Enterprise licensed machines will now have Windows Defender Credential Guard on automatically. This protects against pass-the-hash and pass-the-ticket attacks.
For enterprise users, 22H2 also brings other updates including having File Explorer show both the sync status of OneDrive files more clearly and who last edited those files so teams can see more quickly what changes have been made. Microsoft has also updated its voice control and dictation features that allow for more accurate recognition, and Narrator has been more tightly integrated into Microsoft Edge.