Microsoft is today releasing Windows 10 21H2 build 19044.1200 to Insiders running version 21H2 in the Release Preview ring. The build is what finally adds the promised features for 21H2, such as support for WPA3 H2E, simplified deployments without passwords through Windows Hello for businesses, and more. The build also comes with a ton of fixes, which it shares with the update rolling out for version 21H1 headed to Release Preview Insiders still running 21H1, bumping that version to build 19043.1200.
While Insiders that have originally been running Release Preview builds of versions 21H2 will receive this update automatically, those that were moved from the Beta channel to the Release Preview channel recently will receive the “seeker” experience, meaning that they will be served the update only if they check for updates manually. However, the update will eventually make it to all Insiders before heading to consumers later this year.
The reason that the update packages for Windows 10 versions 21H1 and 21H2 are identical (KB5005101) is that version 21H2 is just an enablement package, the way 21H1 was for versions 20H2. While the changelog for build 19044.1200 includes the new features, those features will also be added to version 21H1, but in a dormant state. When users receive the October 2021 Update, the enablement package, as the name suggests, enables these features. This means that builds released for versions 2004 and 20H2 will also contain these features since the last four versions are built on the same codebase.
With that explanation out of the way, here are the features being added for 21H2 users:
- Adding WPA3 H2E standards support for enhanced Wi-Fi security
- Windows Hello for Business introduces a new deployment method called cloud trust to support simplified passwordless deployments and achieve a deploy-to-run state within a few minutes
- GPU compute support in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute intensive workflows
There are a bunch of bug fixes being made to the OS. These fixes will make their way to Windows 10 versions 2004, 20H2, and 21H1 users as an optional update sometime later this month, before being added to the Patch Tuesday updates next month. Here is the complete list of fixes:
- We fixed an issue that prevents users from tracking Distributed Component Object Model (DCOM) activation failures.
- We fixed a threading issue that might cause the Windows Remote Management (WinRM) service to stop working when it is under a high load.
- We fixed an issue that causes the Windows Management Instrumentation (WMI) provider host process to stop working. This occurs because of an unhandled access violation that occurs when using the Desired State Configuration (DSC).
- We fixed an issue that causes file migration between Distributed File System (DFS) paths that are stored on different volumes to fail. This issue occurs when you implement the migration using PowerShell scripts that use the Move-Item command.
- We fixed an issue that prevents you from writing to a WMI repository after a low memory condition occurs.
- We fixed an issue that resets the brightness for standard dynamic range (SDR) content on high-dynamic range (HDR) monitors. This occurs after you restart the system or reconnect to the system remotely.
- We fixed an issue that might cause an external monitor to display a black screen after Hibernation. This issue might occur when the external monitor connects to a docking station using a certain hardware interface.
- We fixed a memory leak that occurs when you use nested classes within VBScript.
- We fixed an issue that prevents you from typing any words in the username box during the out-of-box experience (OOBE) process. This issue occurs when you use the Chinese Input Method Editor (IME).
- We fixed an issue that causes applications that use a shim to stop working. This issue occurs on devices that do not have edgegdi.dll installed. The error message is, “The code execution cannot proceed because edgegdi.dll was not found”.
- We fixed an issue that might prevent you from minimizing an application that uses unthemed windows.
- We fixed an issue that might cause your device to stop working during a touch input gesture. This issue occurs if you bring more fingers into contact with the touchpad or screen during the middle of the gesture.
- We fixed an issue with resizing images that might produce flickering and residual line artifacts.
- We fixed an issue with copying and pasting a text box into Office 365 apps. The IME prevents you from inserting text into the text box.
- We fixed an issue that prevents USB audio headsets from working on laptops that support USB audio offload. This issue occurs if you installed third-party audio drivers on the laptops.
- We fixed an issue that prevents Code Integrity rules from working correctly when specifying Package Family Name rules in a Code Integrity policy. This issue occurs because of the incorrect handling of case-sensitive names.
- We fixed an issue that prevents the ShellHWDetection service from starting on a Privileged Access Workstation (PAW) device and prevents you from managing BitLocker drive encryption.
- We fixed an issue in Windows Defender Exploit Protection that prevents some Microsoft Office applications from working on machines that have certain processors.
- We fixed an issue that causes the IME toolbar to appear even when the Remote App is closed.
- We fixed an issue that might occur when you configure the policy, “Delete user profiles older than a specified number of days on system restart”. If a user has been signed in for longer than the time specified in the policy, the device might unexpectedly delete profiles at startup.
- We fixed an issue with the Microsoft OneDrive sync setting “Always keep on this device”. The setting is unexpectedly reset to “Known folders only” after you install Windows updates.
- We fixed an issue that provides the wrong Furigana result when a user cancels the Japanese reconversion.
- We fixed a rare condition that prevents Bluetooth headsets from connecting using the Advanced Audio Distribution Profile (A2DP) for music playback and causes the headsets to only work for voice calls.
- We added the “Target Product Version” policy. With this, administrators can specify the Windows product they want devices to migrate to or remain on (for example, Windows 10 or Windows 11).
- We increased the default number of entries in the local security authority (LSA) Lookup Cache to improve lookup performance in high lookup volume scenarios.
- We fixed an issue that might create duplicate built-in local accounts, such as administrator or guest account, during an in-place upgrade. This issue occurs if you previously renamed those accounts. As a result, the Local Users and Groups MMC snap-in (msc) appears blank with no accounts after the upgrade. This update removes the duplicate accounts from the local Security Account Manager (SAM) database on the affected machines. If the system detected and removed duplicate accounts, it logs a Directory-Services-SAM event, with ID 16986, in the System event log.
- We fixed a stop error 0x1E in srv2!Smb2CheckAndInvalidateCCFFile.
- We fixed an issue that might cause transfer validations to fail with the error, “HRESULT E_FAIL has been returned from a call to a COM component”. This issue occurs when you use Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 as sources.
- We fixed an issue that might cause a system to stop working after a deduplication filter detects damage in a reparse point. This issue occurs because of deduplication driver changes introduced in a previous update.
- We fixed an issue with using the robocopy command with the backup option (/B) to fix data loss. This issue occurs when the source location contains tiered Azure File Sync files or tiered Cloud Files.
- We stopped running queries against OneSettings APIs from the obsolete Storage Health feature.
- We enabled over 1400 new mobile device management (MDM) policies. With them, you can configure policies that Group Policies also support. These new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler. Starting in September 2021, you can use the Microsoft Endpoint Manager (MEM) Settings Catalog to configure these new MDM policies.
There is one known issue that the firm has listed in the changelog. This relates to the Windows Update settings page for optional updates, which has a simple workaround. Here is the known issue:
- The Windows Update settings page may hang after you download an optional update. Close and reopen the Windows Update settings page if you encounter this.
As mentioned, these updates are rolling out through Windows Update for Release Preview channel users, with the new features only applicable to those running versions 21H2. Microsoft will also release an LTSC version based on version 21H2 later this year, which might align with the release of Windows 10 version 21H2.