4 min Applications

In Windows 11 24H2, a lot is happening under the hood too

It's not just about the flashy new AI features

In Windows 11 24H2, a lot is happening under the hood too

It’s no secret that Windows 11 version 24H2 is the major update this year for the widely used OS. Besides all the AI-related fireworks, one notable new feature for IT departments is the arrival of checkpoint cumulative updates. This feature should make the update process faster, more efficient and less disruptive for enterprise environments.

Previously, each cumulative update harkened back to the original release-to-manufacturing (RTM) version of Windows. Such updates became increasingly large because each update included all the changes made to the operating system since the initial RTM release. This led to large update files hogging a lot of space and taking long to download and install.

Microsoft reports that the new update system no longer references the RTM version for each new update. Instead, it uses the most recent cumulative update as a baseline. This means that future updates will include only the changes made since the last checkpoint update, making update files much smaller.

This can also help maintain security by allowing faster patch deployment and, in theory, shorter downtime when updating due to the smaller packages. The new functionality was announced in June and was already available to test via the Windows 11 Insider Preview Build 26120.1252 (Dev Channel). It is also available for Windows Server 2025.

Keeping up is required

However, a disadvantage is that a specific version of an earlier update may be required before administrators can apply the latest update. This can cause problems if a company has skipped or postponed certain updates. So, while organisations can save bandwidth, storage space and time with the new update method, this is offset somewhat by the fact that more steps are required to bring all devices up to the required baseline, which again takes time.

Speaking of security, version 24H2 also comes with features aimed at protecting personal and corporate assets. The Windows Local Administrator Password Solution (LAPS) now has a built-in automatic account management feature, making account security easier. Personal Data Encryption (PDE) secures user folders such as Documents and Pictures with user- or administrator-authenticated encryption. This acts as an extra layer of security for the places likely storing the most sensitive data, even when malicious actors have compromised the device.

App Control for Business (formerly Windows Defender Application Control) now provides enhanced defense against malicious code. Local Security Authority (LSA) also features enhanced protection, including better recognition of unauthorized code during login processes and prevention of process memory dumping. Updates to the Server Message Block (SMB) protocol further improve network security, with new support for NTLM blocking, SMB over QUIC (as an alternative, newer transport protocol in addition to TCP and RDMA) as well as enhanced SMB encryption and signing capabilities.

Wi-Fi7 and Bluetooth LE Audio

When we close the hood and get behind the wheel, we find support for the latest connectivity standards, such as Wi-Fi 7 and Bluetooth LE Audio. The latter allows users to manage presets of connected peripherals from within Windows. Audiophiles can use this to customize their audio experience through Windows at will.

Voice Clarity improves communication by reducing the annoying effects of echoes, background noise, and reverberation during virtual meetings. These improvements will be music to the ears of professionals who spend much time in video conferences. After all, they need to clearly understand what others are saying, even when conditions are somewhat less than ideal.

User experience improved

Furthermore, according to Microsoft, lots improvements have been made to the overall user experience. The Quick Settings menu now offers a scrollable list instead of a single panel and is user-customizable. The Explorer context menu now includes text labels for common actions such as cut, copy, rename, and delete.

In addition, there is now support for creating 7-zip and TAR archive files. The power-saving mode is now more accessible. It enables users to control settings manually or set these automatically for longer battery life. There are many improvements regarding AI and Copilot+ functionalities, plenty of which we mentioned in this article we posted earlier.

Windows 11 24H2 is available in preview through Windows Server Update Services (WSUS), Windows Update for Business and the Microsoft 365 admin center. Devices running Windows 11 versions 23H2 or 22H2 that have at least the May 2024 non-security preview update or later can already upgrade to 24H2. The general rollout will be gradual, with Copilot+ PC owners being the first to get the update.

Also read: Windows 11 24H2 available to everyone