Are you staying current? Some Windows 10 builds don’t receive updates. Keep up!

Were you an early adopter of Windows 10?  Are you wondering why you’re not receiving security updates anymore?

This issue is related to the Windows Lifecycle, and Windows 10 is a bit different due to the frequency at which releases are occurring.

Windows 10 “RTM” (version 1507, build 10240) had its last round of security updates around May 9, 2017 (https://support.microsoft.com/en-us/help/4015562/windows-10-version-1507-will-no-longer-receive-security-updates).

Windows 10 “November Update” (version 1511, build 10586) had its last round of security updates around October 10, 2017 (https://support.microsoft.com/en-us/help/4035050/windows-10-version-1511-will-no-longer-receive-security-updates).

The Windows 10 “Anniversary Update” (version 1607, build 14393) is expected to have its last round of security updates in March 2018.

Great….how do I know if I have “old” machines?

It does seem odd that you need to consider a Windows 10 machine “old”, but such is the way of life with the new update cycle of the OS.

Assuming you don’t have SCCM or some other management solution, the easiest way to check on your computers in your domain is to run the following PowerShell from a Domain Controller:

Import-Module ActiveDirectory

then

Get-ADComputer -Filter “operatingSystemVersion -like ‘*10240*'” -Properties

OperatingSystem,OperatingSystemVersion | select DistinguishedName,

OperatingSystem,OperatingSystemVersion

That will tell you what machines are “RTM.”  If you have a long list, or need it in a file, just run this, which will dump it to a file:

Get-ADComputer -Filter “operatingSystemVersion -like ‘*10240*'” -Properties

OperatingSystem,OperatingSystemVersion | select DistinguishedName,

OperatingSystem,OperatingSystemVersion  | Export-CSV .\Win10-10240.csv –

NoTypeInformation

For machines that are “November Update,” run:

Get-ADComputer -Filter “operatingSystemVersion -like ‘*10586*'” -Properties

OperatingSystem,OperatingSystemVersion | select DistinguishedName,

OperatingSystem,OperatingSystemVersion

And for machines that are “Anniversary Update,” run:

Get-ADComputer -Filter “operatingSystemVersion -like ‘*14393*'” -Properties

OperatingSystem,OperatingSystemVersion | select DistinguishedName,

OperatingSystem,OperatingSystemVersion

As future Windows 10 builds reach the “end-of-life” in regards to security updates, just keep adjusting your query.

I have a list of machines to update…now what?

If you have WSUS, you can leverage pushing updates by approving the appropriate update option.

If you have SCCM or similar tool, you should leverage that solution.

If not, you can notify your users to follow the instructions from Microsoft on https://www.microsoft.com/en-us/software-download/windows10 – you may need to add additional information in the email to assist depending on your users’ skill levels.

Hopefully this will help you stay ahead of the curve.  You will need to keep checking to see what the roadmap looks like for the version/builds of Windows 10 you have in your environment to make sure that you are on a build that will receive security updates.  Staying aware and ahead of the cutoff is important, since you don’t want to fall behind on security updates with all the exploits in the wild looking for weak links!

If you need help setting up WSUS, SCCM or other solutions to help keep your world secure, email info@peters.com. We are happy to help.

By | 2018-02-12T10:57:33+00:00 February 12th, 2018|IT Infrastructure Services|Comments Off on Are you staying current? Some Windows 10 builds don’t receive updates. Keep up!

About the Author:

John has been with Peters & Associates for over two decades. Over the years, John has diligently worked on the delivery of solutions matched to organizational business issues. As technologies have evolved, John has adapted skill-sets to continually exceed customer expectations and outcomes. John is a DePaul University alum with a Master’s in Computer Science with minors in Math and Physics. John’s capabilities are validated by industry certifications and accolades including CISSP, CCNP, MCSE, and many others. John has primary mentoring and managerial responsibilities over a dedicated engineering staff. With client satisfaction as a guiding star, John aligns delivery, escalation, consistency, and on-going training to make sure customers receive value day-in, day-out.