Windows 11 22H2 arrives soon — are you ready to deploy?

The development of Windows 11 22H2 is in the home stretch, which means as an IT admin, I’m paying attention to some of the features and technologies it brings with it and planning ahead for deployment.

Like many users, I’m facing the Windows 11 “hardware issue” — I have few computers, either at home or at the office, that can officially support the new OS. (And I’m not one to recommend using hacks to get around the hardware block.)

Currently, you can pick up reasonably priced Windows 10 laptops that will support Windows 11 as well as Microsoft devices for education. With school starting soon, you might want to reach out to your children’s school technology departments to see whether they offer any back-to-school bargains that include Windows 11-supported devices.

In terms of Windows 11 22H2 itself, what am I looking forward to? Lots of little enhancements involving security. For example, Microsoft Defender SmartScreen will alert users when they store passwords insecurely, such as typing them in plain texts using Notepad. (It will also warn you if you’ve entered your Microsoft account passwords on phishing sites.)

Microsoft is again pushing to get rid of Server Message Block (SMB) version 1 (SMBv1). So, if you have any office — or home — NAS devices that can’t support SMBv2 or v3, it’s time to decide: do you want better  network security or do you prefer to just post a sticky note on your computer urging attackers to “hack me.”

One of the concerns that’s come up as 22H2 gets closer is the requirement for a Microsoft account during setup. (Once again, the key to avoiding this speed bump is to keep the PC off the internet while setting it up so you can work around the Microsoft account mandate.)

I strongly recommend that anyone using Bitlocker encryption on their hard drive reconsider using only a Local account instead of a Microsoft account. I guarantee you at some point you will have either a patching issue that triggers a Bitlocker recovery key event, or a hardware issue that requires the recovery key. I also guarantee that you’ll likely forget the super-secret place you stuck the printed-out recovery key or the USB flash drive where it’s stored, and you’ll have to totally rebuild that computer. It’s much better (and safer) to either store your Bitlocker recovery key in Azure AD (for enterprises) or in a Microsoft account (for home computers). You might still be in a panic, but you’re more likely to actually remember how to get to that recovery key.

One change in 22H2 I’m looking forward to is a new group policy default that includes an account lockout policy to mitigate Remote Desktop Protocol and other brute force password vectors. (The setting to allow admin account lockout is not currently in Windows 11 or Windows 10 releases and adds an additional group policy setting to machines.) For many years, admins couldn’t set an account lockout policy on Administrator accounts via RDP unless you left the password blank. Clearly this is not ideal and not recommended. This new setting is something I’ll be urging folks to deploy. (Note: this feature is supposed to be backported to Windows 10, but it’s unclear when this will occur.)

Of course, there are other new features and settings on the way: Tabs in File Explorer; better OneDrive integration with File explorer; added anticipation features that suggest actions when you perform certain tasks; a new Task Manager application; and drag and drop on the Taskbar. While you still can’t drag the Taskbar to the top or the right of your screen, there are plenty of third-party tools and software add-ons that allow you to customize Windows 11’s look.

Traditionally, this is when we start taking an operating system seriously as a platform we will eventually be using in the office. Even for home users (if your hardware supports it,) Windows 11 is becoming better behaved and an appropriate choice. That said, for users with PCs that don’t support Windows 11, Windows 10 is good enough for now. And by the time it hits end-of-life in October 2025, you will certainly need new technology. For the average Windows 10 user with completely viable hardware, I’d recommend you continue to use Windows 10 and then plan on an upgrade at some time in the future.

For now, it’s best to think of Windows 11 22H2 as an unofficial “Service pack” for Windows 11; it’s becoming more mature and more usable. And with its additional security protections, 22H2 will be a realistic option for users when it Microsoft starts rolling it out — if your hardware is up to the task.