Automatic mode (default) is recommended for organizations with standard Original Equipment Manufacturer (OEM) devices where no recent driver or hardware issues have occurred due to Windows Updates. Automatic mode ensures the best most secure drivers are installed using Autopatch deployment ring rollout.
| +| Self-managed | When you use the the **Self-managed** mode for drivers and firmware, no drivers are installed in your environment without your explicit approval. You can still use Intune to choose specific drivers and deploy them on a ring-by-ring basis.Self-managed mode turns off Windows Autopatch’s automatic driver deployment. Instead, the Administrator controls the driver deployment.
The Administrator selects the individual drivers within an Intune driver update profile. Then, Autopatch creates an Intune driver update profiles per deployment ring; drivers can vary between deployment rings.
The drivers listed for selection represent only the drivers needed for the targeted clients, which are the Autopatch rings. Therefore, the drivers offered may vary between rings depending on the variety of device hardware in an organization.
| + +## Set the mode to Automatic or Self-managed mode + +**To set the mode to Automatic or Self-managed:** + +1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). +1. Navigate to **Devices** > **Windows Autopatch** > **Release management** > **Release settings**. +1. Find the **Windows Driver Updates** section, read and accept the agreement. +1. Select either **Automatic** or **Self-managed**. + +## View driver and firmware policies created by Windows Autopatch + +**To view driver and firmware policies created by Windows Autopatch:** + +1. Go to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). +1. Navigate to **Devices** > **Driver updates for Windows 10 and later**. +1. Windows Autopatch creates four policies. The policy names begin with **Windows Autopatch – Driver Update Policy** and end with the name of the ring to which they're targeted in brackets. For example, **Windows Autopatch – Driver Update Policy [Test]**. + +The `CreateDriverUpdatePolicy` is created for the Test, First, Fast, and Broad deployment rings. The policy settings are defined in the following table: + +| Policy name | DisplayName | Description | Approval Type | DeploymentDeferralInDays | +| ----- | ----- | ----- | ----- | ----- | +| `CreateDriverUpdatePolicy` | Windows Autopatch – Driver Update policy [Test/First/Fast/Broad] | Driver Update Policy for device Test/First/Fast/Broad group | Automatic | `0` | + +> [!NOTE] +> In public preview, the DeploymentDeferralInDays setting is set to `0` for all deployment rings. + +## Feedback and support + +If you need support with this feature, and have enrolled your tenant into Windows Autopatch, [submit a support request](../operate/windows-autopatch-support-request.md). diff --git a/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md b/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md index e32bf9efd7..44dc4f822a 100644 --- a/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md +++ b/windows/deployment/windows-autopatch/overview/windows-autopatch-roles-responsibilities.md @@ -1,7 +1,7 @@ --- title: Roles and responsibilities description: This article describes the roles and responsibilities provided by Windows Autopatch and what the customer must do -ms.date: 03/08/2023 +ms.date: 06/27/2023 ms.prod: windows-client ms.technology: itpro-updates ms.topic: conceptual @@ -47,6 +47,7 @@ This article outlines your responsibilities and Windows Autopatch's responsibili | Remove your devices from existing unsupported [Windows update](../references/windows-autopatch-windows-update-unsupported-policies.md) and [Microsoft 365](../references/windows-autopatch-microsoft-365-policies.md) policies | :heavy_check_mark: | :x: | | [Turn on or off expedited Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md#expedited-releases) | :heavy_check_mark: | :x: | | [Allow or block Microsoft 365 Apps for enterprise updates](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#allow-or-block-microsoft-365-app-updates) | :heavy_check_mark: | :x: | +| [Manage driver and firmware updates](../operate/windows-autopatch-manage-driver-and-firmware-updates.md) | :heavy_check_mark: | :x: | | [Customize Windows Update settings](../operate/windows-autopatch-windows-update.md) | :heavy_check_mark: | :x: | | [Register devices/add devices to the Windows Autopatch Device Registration group](../deploy/windows-autopatch-register-devices.md#steps-to-register-devices-using-the-classic-method) | :heavy_check_mark: | :x: | | [Run the pre-registration device readiness checks](../deploy/windows-autopatch-register-devices.md#about-the-registered-not-ready-and-not-registered-tabs) | :x: | :heavy_check_mark: | @@ -69,6 +70,7 @@ This article outlines your responsibilities and Windows Autopatch's responsibili | [Maintain the Test deployment ring membership](../operate/windows-autopatch-update-management.md#deployment-ring-calculation-logic) | :heavy_check_mark: | :x: | | Monitor [Windows update signals](../operate/windows-autopatch-windows-quality-update-signals.md) for safe update release | :x: | :heavy_check_mark: | | Test specific [business update scenarios](../operate/windows-autopatch-windows-quality-update-signals.md) | :heavy_check_mark: | :x: | +| [Manage driver and firmware updates](../operate/windows-autopatch-manage-driver-and-firmware-updates.md) | :heavy_check_mark: | :x: | | [Customize Windows Update settings](../operate/windows-autopatch-windows-update.md) | :heavy_check_mark: | :x: | | [Define and implement service default release schedule](../operate/windows-autopatch-windows-quality-update-overview.md) | :x: | :heavy_check_mark: | | Communicate the update [release schedule](../operate/windows-autopatch-windows-quality-update-communications.md) | :x: | :heavy_check_mark: | diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md b/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md new file mode 100644 index 0000000000..bcb28df222 --- /dev/null +++ b/windows/deployment/windows-autopatch/references/windows-autopatch-driver-and-firmware-updates-public-preview-addendum.md @@ -0,0 +1,29 @@ +--- +title: Driver and firmware updates for Windows Autopatch Public Preview Addendum +description: This article explains how driver and firmware updates are managed in Autopatch +ms.date: 06/26/2023 +ms.prod: w11 +ms.technology: windows +ms.topic: conceptual +ms.localizationpriority: medium +author: tiaraquan +ms.author: tiaraquan +manager: dougeby +msreviewer: hathind +--- + +# Driver and Firmware Updates for Windows Autopatch Public Preview Addendum + +**This Driver and Firmware Updates for Windows Autopatch Public Preview Addendum ("Addendum") to the Microsoft Product Terms’ Universal License Terms for Online Services** (as provided at: [Microsoft Product Terms](https://www.microsoft.com/licensing/terms/product/ForOnlineServices/all) (the "**Product Terms**")) is entered into between Microsoft Corporation, a Washington corporation having its principal place of business at One Microsoft Way, Redmond, Washington, USA 98052-6399 (or based on where Customer lives, one of Microsoft's affiliates) ("**Microsoft**"), and you ("**Customer**"). + +For good and valuable consideration, the receipt and sufficiency of which is acknowledged, the parties agree as follows: + +Microsoft desires to preview the Driver and Firmware Updates for Windows Autopatch service it's developing ("**Driver and Firmware Updates Preview**”) in order to evaluate it. Customer would like to particulate this Driver and Firmware Updates Preview under the Product Terms and this Addendum. Driver and Firmware Updates Preview consists of features and services that are in preview, beta, or other prerelease form. Driver and Firmware Updates Preview is subject to the "preview" terms set forth in the Product Terms’ Universal License Terms for Online Services. + +## Definitions + +Capitalized terms used but not defined herein have the meanings given in the Product Terms. + +## Data Handling + +Driver and Firmware Updates Preview integrates Customer Data from other Products, including Windows, Microsoft Intune, Azure Active Directory, and Office (collectively for purposes of this provision "Windows Autopatch Input Services"). Once Customer Data from Windows Autopatch Input Services is integrated into Driver and Firmware Updates Preview, only the Product Terms and [DPA provisions](https://www.microsoft.com/licensing/terms/product/Glossary/all) applicable to Driver and Firmware Updates Preview apply to that data. diff --git a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md index 3cfdd71bec..716e61b2b6 100644 --- a/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md +++ b/windows/deployment/windows-autopatch/whats-new/windows-autopatch-whats-new-2023.md @@ -1,7 +1,7 @@ --- title: What's new 2023 description: This article lists the 2023 feature releases and any corresponding Message center post numbers. -ms.date: 06/26/2023 +ms.date: 06/26/2023 ms.prod: windows-client ms.technology: itpro-updates ms.topic: whats-new @@ -27,6 +27,7 @@ Minor corrections such as typos, style, or formatting issues aren't listed. | Article | Description | | ----- | ----- | +| [Manage driver and firmware updates](../operate/windows-autopatch-manage-driver-and-firmware-updates.md) | New article on how to manage driver and firmware updates. This feature is in public preview | | [Changes made at tenant enrollment](../references/windows-autopatch-changes-to-tenant.md) | Added Location for updates (Device) setting and value to the [Windows Autopatch - Office Configuration policy](../references/windows-autopatch-changes-to-tenant.md#microsoft-office-update-policies) | | [Microsoft 365 Apps for enterprise](../operate/windows-autopatch-microsoft-365-apps-enterprise.md) | Updated [deadline link](../operate/windows-autopatch-microsoft-365-apps-enterprise.md#behavior-during-updates) | | [Microsoft 365 Apps for enterprise update policies](../references/windows-autopatch-microsoft-365-policies.md) | Updated the [Update policies](../references/windows-autopatch-microsoft-365-policies.md#update-policies) section | diff --git a/windows/hub/index.yml b/windows/hub/index.yml index 2bd5f043b1..a23387a5f4 100644 --- a/windows/hub/index.yml +++ b/windows/hub/index.yml @@ -30,7 +30,7 @@ highlightedContent: url: https://www.microsoft.com/en-us/download/details.aspx?id=104594 - title: Windows release health itemType: whats-new - url: /windows-insider/get-started + url: /windows/release-health - title: Windows commercial licensing itemType: overview url: /windows/whats-new/windows-licensing diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index 1c867e7010..a3454bee50 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -137,6 +137,7 @@ Table 3 describes the available resource header attribute options you can set wi | **OriginalFileName** | Specifies the original file name, or the name with which the file was first created, of the binary. | | **PackageFamilyName** | Specifies the package family name of the binary. The package family name consists of two parts: the name of the file and the publisher ID. | | **ProductName** | Specifies the name of the product with which the binary ships. | +| **Filepath** | Specifies the file path of the binary. | ## More information about filepath rules diff --git a/windows/whats-new/whats-new-windows-10-version-1909.md b/windows/whats-new/whats-new-windows-10-version-1909.md index 602a7fcac7..69a6ccfa4c 100644 --- a/windows/whats-new/whats-new-windows-10-version-1909.md +++ b/windows/whats-new/whats-new-windows-10-version-1909.md @@ -57,6 +57,9 @@ Windows 10, version 1909 also includes two new features called **Key-rolling** a An experimental implementation of TLS 1.3 is included in Windows 10, version 1909. TLS 1.3 disabled by default system wide. If you enable TLS 1.3 on a device for testing, then it can also be enabled in Internet Explorer 11.0 and Microsoft Edge by using Internet Options. For beta versions of Microsoft Edge on Chromium, TLS 1.3 isn't built on the Windows TLS stack, and is instead configured independently, using the **Edge://flags** dialog. Also see [Microsoft Edge platform status](https://developer.microsoft.com/microsoft-edge/status/tls13/) +>[!NOTE] +>The experiental implementation of TLS 1.3 isn't supported. TLS 1.3 is only supported on Windows 11 and Server 2022. For more information, see [Protocols in TLS/SSL (Schannel SSP)](/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-). + ## Virtualization ### Windows Sandbox