Thursday, March 28, 2024

Microsoft Lists 25 Windows Policies That Admins Should Not Use in Windows 10 & Windows 11

Microsoft for Windows 10 and Windows 11 has recently listed 25 dead administrative templates (ADMX) policies in which Microsoft has clearly notified the IT Professionals to stop utilizing them.

At Microsoft, a program manager on the Windows updates team has affirmed that all the policies that were listed are ineffective and they have been replaced by newer ones with advancements. 

They have replaced the old ones with newer ones to reduce the complexity, with Windows 11 and Windows 10. That’s why it’s been strongly recommended to review the policy settings on your system and allow the recommended policy set only.

To make it more clear here we have mentioned below an example:-

Suppose an “Update/PauseFeatureUpdates” Group Policy setting is “replaced back in 1703” under the Windows 10 version 1703 that is released in April 2017. In this case, it will be replaced by the following policy set:-

  • Update/PauseFeatureUpdatesStartTime and/or Update/PauseQualityUpdatesStartTime policy 

In the case of Windows 11, Microsoft has piled up all the dead settings under a “Legacy Policies” folder. 

Policies not to set

Here we have mentioned all the policies that are not to be set:-

  • Do not display ‘Install Updates and Shut Down” option in the ShutDown Windows dialog box
  • Do not adjust the default option to ‘Install Updates and Shut Down’ in the Shut-Down Windows dialog box
  • Specify deadline before auto-restart for update installation
  • Delay Restart for scheduled installations
  • Configure auto-restart reminder notifications for updates
  • Configure auto-restart required notification for updates
  • Turn off auto-restart notifications for updated installations
  • Allow non-administrators to receive update notifications
  • Specify Engaged restart transition and notification schedule for updates
  • Turn on Software Notifications
  • Allow Automatic Updates immediate installation
  • Re-prompt for restart with scheduled installations
  • Reschedule Automatic Updates scheduled installations
  • Configure auto-restart warning notifications schedule for updates
  • No auto-restart with logged on users for scheduled automatic updates installation
  • Select when Feature Updates are received
  • Defer Upgrades and Updates
  • Defer Upgrades and Updates
  • Select when Feature Updates are received
  • Turn on recommended updates via Automatic Updates
  • No equivalent
  • No equivalent
  • Do not allow update deferral policies to cause scans against Windows Update
  • Update Power Policy for Cart Restarts

Now many of you might be wondering what’s exactly recommended? In this case, the best possible thing that you can do is allow the default experience.

Since the defaults provided by the companies always offer the best possible experience to all the users, and not only that even they also keep the devices up to date with the most latest updates and fixes.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates

Website

Latest articles

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles