What is it? Seems like it is a system administrator’s dream. The only cool things I see are:
- Automatically switch to tablet mode when you disconnect the monitor on 2-in-1 machines.
- Change refresh rate.
- No squares around the icons under Windows key.
Here’s the rest from Microsoft.
As with previous fall releases, Windows 10, version 20H2 is a scoped set of features for select performance improvements, enterprise features, and quality enhancements. As an H2-targeted release, 20H2 is serviced for 30 months from the release date for devices running Windows 10 Enterprise or Windows 10 Education editions.
To download and install Windows 10, version 20H2, use Windows Update (Settings > Update & Security > Windows Update).
Microsoft Edge
This release automatically includes the new Chromium-based Microsoft Edge browser instead of the legacy version of Edge. For more information, see the Microsoft Edge documentation.
Servicing
Windows Update
There are several changes that help improve the security of devices that scan Windows Server Update Services (WSUS) for updates. For more information, see Changes to improve security for Windows devices scanning WSUS.
Starting with Windows 10, version 20H2, LCUs and SSUs have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services. For more information, see Simplifying on-premises deployment of servicing stack updates.
Deployment
New guidance is available to help prepare a servicing strategy and move your devices to the latest version of Windows 10 quickly and as seamlessly as possible.
Activities are grouped into the following phases: Plan > Prepare > Deploy:
Plan your deployment by evaluating and understanding essential activities:
- Create a phased deployment plan
- Assign roles and responsibilities within your organization
- Set criteria to establish readiness for the upgrade process
- Evaluate your infrastructure and tools
- Determine readiness for your business applications
- Create an effective, schedule-based servicing strategy
Prepare your devices and environment for deployment by performing necessary actions:
- Update infrastructure and tools
- Ensure the needed services are available
- Resolve issues with unhealthy devices
- Ensure that users are ready for updates
Deploy and manage Windows 10 strategically in your organization:
- Use Windows Autopilot to streamline the set up, configuration, and delivery of new devices
- Use Configuration Manager or MDT to deploy new devices and update existing devices
- Use Windows Update for Business with Group Policy to customize update settings for your devices
- Deploy Windows updates with Windows Server Update Services (WSUS)
- Manage bandwidth for updates with Delivery Optimization
- Monitor Windows Updates with Update Compliance
Windows Autopilot
Enhancements to Windows Autopilot since the last release of Windows 10 include:
- Windows Autopilot for HoloLens: Set up HoloLens 2 devices with Windows Autopilot for HoloLens 2 self-deploying mode.
- Windows Autopilot with co-management: Co-management and Autopilot together can help you reduce cost and improve the end user experience.
- Enhancements to Windows Autopilot deployment reporting are in preview. From the Microsoft Endpoint Manager admin center (endpoint.microsoft.com), select Devices > Monitor and scroll down to the Enrollment section. Click Autopilot deployment (preview).
Windows Assessment and Deployment Toolkit (ADK)
There is no new ADK for Windows 10, version 20H2. The ADK for Windows 10, version 2004 will also work with Windows 10, version 20H2. For more information, see Download and install the Windows ADK.
Device management
Modern Device Management (MDM) policy is extended with new Local Users and Groups settings that match the options available for devices managed through Group Policy.
For more information about what’s new in MDM, see What’s new in mobile device enrollment and management
Security
Microsoft Defender for Endpoint
This release includes improved support for non-ASCII file paths for Microsoft Defender Advanced Threat Protection (ATP) Auto Incident Response (IR).
The DisableAntiSpyware parameter is deprecated in this release.
Microsoft Defender Application Guard for Office
Microsoft Defender Application Guard now supports Office: With Microsoft Defender Application Guard for Office, you can launch untrusted Office documents (from outside the Enterprise) in an isolated container to prevent potentially malicious content from compromising your device.
Windows Hello
With specialized hardware and software components available on devices shipping with Windows 10, version 20H2 configured out of factory, Windows Hello now offers added support for virtualization-based security with supporting fingerprint and face sensors. This feature isolates and secures a user’s biometric authentication data.
Virtualization
Windows Sandbox
New policies for Windows Sandbox are available in this release. For more information, see Policy CSP – WindowsSandbox.
Windows Virtual Desktop (WVD)
Note: WVD is not tied directly to a Windows 10 release, but it is included here as an evolving capability of Windows.
New capabilities in WVD were announced at Ignite 2020. For more information, see Announcing new management, security, and monitoring capabilities in Windows Virtual Desktop.
In addition, Windows Virtual Desktop is now generally available in the Azure Government cloud.
Windows Shell
Some enhancements to the Windows 10 user interface are implemented in this release:
- With this release, the solid color behind tiles on the Start menu is replaced with a partially transparent background. Tiles are also theme-aware.
- Icons on the Start menu no longer have a square outline around each icon.
- Notifications are slightly updated in appearance.
- You can now change the monitor refresh rate on advanced display settings.
- Alt+Tab now shows Edge browser tabs by default. You can edit this setting under Settings > System > Multitasking: Alt+Tab.
- The System control panel under System and Security has been updated to the Settings > About page. Links to Device Manager, Remote desktop, System protection, Advanced system settings, and Rename this PC are moved to the About page.
2-in-1 PCs
On a 2-in-1 device, Windows will now automatically switch to tablet mode when you detach the screen.
Surface
Windows 10 Pro and Enterprise are now available on Surface Hub 2. For more information, see What’s new in Surface Hub 2S for IT admins.
Desktop Analytics
Desktop Analytics is a cloud-connected service, integrated with Configuration Manager that provides data-driven insights to the management of Windows endpoints in your organization. Desktop Analytics requires a Windows E3 or E5 license, or a Microsoft 365 E3 or E5 license.
For information about Desktop Analytics and this release of Windows 10, see What’s new in Desktop Analytics.