Credit to Author: Susan Bradley| Date: Mon, 26 Apr 2021 13:53:00 -0700
Unlike March, when patch updates caused issues with some printers, Microsoft’s updates for April were relatively tame. Windows users lost the old pre-Chromium version of Edge; some users saw performance issues; and Microsoft started talking up “News and Interests.”
In fact, it’s that last one that has some IT admins concerned. (More about that below.)
First off, Microsoft this month installed the new Chromium-based Edge browser and removed the old Edge. Now that the browser relies on the Chromium engine, it will receive updates on the same schedule as Google Chrome.
Note: the rollout wasn’t without some side effects. If you had some other application set to open up PDF files, the April release reset your default PDF reader to be Edge. So, you’ll need to reset the default application back to whatever your preference was. (This can be easily done; check out this recent YouTube video for details.) Microsoft also moved the default download location from the bottom left of the browser window to the top right — in line with other browser download locations. If you’re a longtime Edge user like me, this takes a bit of getting used to.
Finally, because Edge is now updated at the same cadence as Chrome, attackers can release zero-day exploits at the same cadence. Expect Edge to get updates for these, though they will occur in the background; you’ll probably not even notice an update has occurred.
If you are a gamer running Windows 2004 or 20H2, you may have seen blue screens of death or lower-than-expected performance. As Microsoft noted, “Most users affected by this issue are running games full screen or borderless windowed modes and using two or more monitors.” Microsoft has rolled back the non-security fix that triggered those issues.
As a reminder: Windows 10 cumulative updates include both security and non-security components. For non-security fixes, Microsoft includes the new code and leaves behind the original code in its patch. If it later finds that one of these non-security fixes causes an issue, the company can trigger systems to uninstall the new code and return to the original. Note that you only have to reboot your computer for the fixes to take effect. (Microsoft triggers the change via a setting on Microsoft Update in the cloud.)
Here’s how to determine whether your system has seen the April patch rollback.
If you’re an enterprise patcher and don’t allow direct access to Microsoft update, you’ll have to adjust and trigger the rollback via group policy or Intune settings. That said, I’ve not seen anyone outside of gaming affected. To determine whether your system has seen the rollback, in the search box type in “regedit” to open up registry editor. Click on the user account control dialog that comes up. Browse to HKEY_LOCAL_MACHINE, then to SYSTEM > CurrentControlSet > Control > FeatureManagement and finally to Overrides to check the registry keys there. Look under the value of 4 for the entry 1837593227. If you see an “EnabledState” entry with value 1, the fix has been applied. My Lenovo laptop is not a gamer rig, but I found the entry on it.
The ability to undo fixes Microsoft has rolled out is limited to non-security patches included in the Windows 10 cumulative updates. Security updates can’t be automatically fixed because Microsoft doesn’t want to leave behind the vulnerable security code on your system. If it did, attackers could hit your system and trigger the vulnerability. Microsoft has indicated that 2004 or 20H2 offer full support for this rollback feature; prior versions, such as 1909, have less ability to roll back updates automatically.
Starting with this month’s preview releases, Microsoft is introducing a new “News and Interests” feature in the task bar. The code for this feature will be included in the April preview releases and in the main May security patches. It reminds me of the Vista Gadgets, which allowed you to enable various gadgets on the desktop to track weather, time, and news items. The News and Interests feature will roll out slowly in a measured deployment, but I’ve already seen some IT admins indicate they plan to block it from their networks.
If you want to block this feature, you’ll first need to wait for it to roll out; then there are several options for keeping it at bay. Once it arrives, you can, for instance, right-mouse click on the task bar, find the setting for News and Interests, and click on “turn off.” You can also use a registry key to disable the feature, as noted in the Tenforums.
The registry key you need to set is:
Here’s how you can turn off ‘News and Interests’ after it rolls out.
At work, Windows admins can use a group policy (after, as noted, the code is released). Many Sysadmins are questioning why Microsoft is rolling out changes outside the normal feature release process with no specific date or time when we’ll see it. Note: News and Interests will be rolled out to Windows 10 2004/20H2, as well as earlier versions of Windows 10, so it’s not limited to any particular feature release.
Hopefully, this is not how Microsoft plans to bring changes to Windows 10 in the future. Most of us have resigned ourselves to changes that are rolled out via feature releases. But the Office 365 style of pushing out changes where admins don’t know exactly when it will occur is not typical for Windows 10. I’m watching to see whether Microsoft continues this process or gets feedback from businesses that prompt it to change what it’s doing.