Inside the Windows 10 Fall Creators Update - 1E blogs

Inside the Windows 10 Fall Creators Update - 1E blogsSolutionsPlatformPricingResourcesCustomersAboutTake a TourTeamViewer DEX Helps withFrictionless ExperienceEnsures a smooth and uninterrupted digital experience for employees, minimizing frustrations and unnecessary disruptions.
Seamless IT OperationsOptimize processes with enhanced visibility and automation, driving proactive remediations, exceptional service, and reduced costs.
Real-Time Service Desk Troubleshooting & ResolutionResolve IT issues proactively and in real-time to reduce service desk incidents, minimize downtime, and maintain smooth, efficient operations.
Autonomous Digital Experience ManagementIdentify, notify, and fix compliance drift, digital friction, and end-user frustration issues.
TeamViewer DEX forMicrosoft IntuneLightweight, always-on communication, real-time actions, and automated client health remediation,
Device RefreshOptimize hardware spend while facilitating proactive hardware asset management
Software ReclaimGain clear insights into software usage and reclaim underused, redundant, or vulnerable software.
Core CapabilitiesIntelligenceBusiness ImpactExperience AnalyticsEndpoint TroubleshootingEmployee SentimentEndpoint AutomationApplication Experience Management (AXM)Content Distribution for Microsoft Configuration ManagerInventory InsightsPatch InsightsSynthetic MonitoringAdd-ons and ExtensionsAutomated Self Service for ServiceNowService Desk Augmentation for ServiceNowVirtual Desktop Experience (VDX)TeamViewer DEX PlatformHelps IT teams improve end user experience, tighten security, reduce costs, and evolve IT Operations from cost center to strategic enabler.
Platform overviewPlatform TourResource LibraryDig into original DEX analysis, case studies, on-demand webinars, and more.
BlogsBe a DEX leader with useful strategies, how-to guides, and fresh platform updates.
Use CasesSelect your specific use cases to see demo videos narrated by product experts.
DEX GlossaryUnderstanding key terms and concepts related to Digital Employee Experience.
Other ResourcesDEX HubRemediation Hub1E ExchangeDocumentationSupportTrainingWhat is Digital Employee Experience (DEX)?From the software and hardware used each day to IT interactions, DEX is the total of all digital touchpoints an employee encounters at work.
Guide to DEXRemediation hubOur CustomersDEX ROIProfessional ServicesTrust, Security, and ComplianceFederalCustomer Resources1E ExchangeDocumentationSupportTraining1Engage CommunityCustomer SuccessHow Britain’s Favorite Retailer has transformed endpoint management across more than 1,000 stores with 1E
Read case studyCompany OverviewPartnersEvents and WebinarsCareersNewsroomCSRContactAbout 1EAt 1E, we reimagine how technology serves people and create new ways for IT to shape the future of work.
Company Overview October 17, 2017Shaun CassellsInside the Windows 10 Fall Creators Update: The MVP Perspective Q and AThanks again to everyone for joining Nawzil Najeeb and me for the Windows 10 Creators Update MVP Webinar last week. There were so many questions—and lots of great ones! I hope I have answered them to your satisfaction, but please reach out to us if we missed something or if you need more information. If you'd like to learn more about the update and Windows as a service, we have another webinar next week with the CTO of Juriba. This webinar will go through what the latest updates mean for your organization. Register for that here.
In the meantime, you can re-watch our MVP webinar and check through the Q and A below.

Question: Is Peer-Caching full production or still kind of pre-release? I asked the same question of the windows and ConfigMgr team.  They have stated that they do NOT plan to add more features but only to work through some bugs.  There may be some new features in the next server release.  There is a Windows Insider for Server program as well.
Answer: Peer Cache – PC is an SCCM only feature.  Save for the name, it is almost identical to the SCCM 2007 Branch Distribution Points (BDP).  This means you do get some features of peer sharing but not until after your hardware inventory (HINV) is submitted. The location sharing is based on your last HINV so if you are on wifi and change subnets a lot… bad juju. Be aware any downloads or sharing are done via BITS.  This means you will want to actively throttle BITS to your worst case scenario.  Lots of other issues with Peer Cache.  With Windows 8 and newer there is Branch Cache but that looks to be phased out by Delivery Optimization.   Delivery Optimization does a lot of cool things but doesn't support anything older than Windows 10 1703.   Basically, you will end up in a mess of support, with lack nor transparency (no reports until 1710 DO), and lots of overhead.  There is a 3rd party solution that works in all of these scenarios and is in full compliance of SCCM.  That is 1E's Nomad alternative content provider (ACP).  A great solution that doesn't have kernel mode drivers, java, or breaks Microsoft requirements for support.

Question: ATP – is this feature available for Win Pro (in the enterprise)?
Answer: Check it out here!

Question: Can you please supply a link to windows release date info?
Answer: Sure. Nawzil talked about this link and this is for the Microsoft native website.

Question: Seems like they're actually only supported for 16 months, not 18 since they never release on time.  ie: 1709 still isn't out. Do you know if they'll make 1709 supported until April or may to make it an actual 18 months of support?
Answer: Microsoft says 18 months.  You are right though those dates are still in flux.  They have yet to announce the end of support date of 1703 which is the first on the SAC cadence.  WAAS is a new concept and there is a video by Michael Niehaus that details it here.

Question: Any noticeable performance impact with the Advanced Protection feature for Windows Defender?
Answer: ATP is in the Native 1709 code so there is no additional agent and all analysis is completed in the cloud.  The largest impact is the pause while ATP does investigation and analysis.  Most articles you'll find about performance state is less than malicious code in your environment, well yea, but that is anecdotal. Several articles have popped up recently showing that the investigation timeout can be configured.

Question: Are the updates cumulative? e.g. Can you go directly from version 1511 to 1709 or do you need to update from one version to next?
Answer: You do not need to step through intermediate builds.  You can go directly to the build you desire.  This will be a focus of some enterprises until they are updating SCCM CB 3 times a year and W10 twice a year.

Question: Businesses cannot keep up with 18-month cycles.  It takes 6 – 12 months to test and deploy!
Answer: Time to retire your windows 7 process and to design your new Windows as a Service (WAAS) process. Assuming you are already on W10 the testing process can be extended by using Windows Update for Business (WIP4Biz), Windows Analytics, and Upgrade Readiness.  I have seen companies do all LOB application testing in the WIP4BIz and then complete deployments with end-user scheduling in less than 2 months.   If you are not yet at W10 then review your BIOS to UEFI (Secure boot) strategy.  You have until Jan 2020 to be on Windows 10.

Question: Insider is not possible for us.  We have hundreds of apps and multiple hardware formats.  There is no way to test early Win 10 releases without severe disruption.  It still takes MS 3 – 6 months to make the latest release stable with constant updating.
Answer: All problems appear insurmountable until you are able to scope the issues.  I would strongly suggest reviewing telemetry (Scripts exist for OS's prior to Windows 10).  Then you can use Windows Analytics to review your Upgrade readiness.  This includes details on software and hardware to help you understand your environment.  As for MS patch stability, that is always a consideration, for example, the delta updates for

Oct 2017 patches were incorrectly released to SCCM and WSUS and broke many with ADR rules.  We will always have a degree of due diligence issue.

However, I would rather spend my time worrying about having a process agile and fast enough to react than be in analysis paralysis.   Side note: Agile does not mean fast.  Nor does fast mean agile.  You need both to be Modern.  There is a lot more to unpack in this question.  I would really like to follow up with you offline to talk about your environment.  I have a feeling we could post some great anonymous follow-up blogs.

Question: We don't have the resources to utilize Insider programs.  We have to wait until SCCM can handle the new OS and the VLSC edition is published.  By the time we get one out we have to start another.  Too disruptive and expensive!  No time to improve processes, solve user problems, all we do is update Win 10!
Answer: This is the fear everyone has.  Windows as a Service (WAAS) being a full-time job.  There is a multitude of tools that can greatly reduce the infrastructure, process, and items to be focused on.  This reminds me of the project triangle.  Fast, good, or cheap.  In a good organization, you can choose two.  In a poor one.  Sounds like you have Good locked down.  Microsoft is trying to make fast cheaper.

Question: Biggest flop ever!  Nobody will want Windows 10 S!
Answer: Windows 10 S and Windows 10 S Enterprise have very specific use cases.  Not only do they only use the Modern technologies that Microsoft espouses, but you can easily manage them as frontline workers.   I agree with you that due to the lack of enterprise-grade software in UWP that the "S" solution is not a viable solution for everyone everywhere.   However, we have to start somewhere and progress is being made.  I have a feeling we will see additional developments in this space.

Question: Exploit Guard is in all SKUs.
Answer: Thank you for the clarification.  ATP is licensed and your enterprise to do the analysis for exploits.  Exploit Guard allows anyone to check against the cloud definitions.  Exploit Guard is the native OS solution and replaces the EMET solution.

Question: Will it also upgrade the drivers? (the hardware drivers)
Answer: I am not aware of any specific driver updates.  However, you might find this article on why all WHQL drivers are dated June21st 2006 —Loved this quote:  "It's an awesome example of something that seems stupid and insignificant turning out to have a profound purpose."

Question: How do you propose I should keep 4,500 desktop and laptops across 90+ separate physical schools updated in an 18 month period?
Answer: This is a longer conversation and I would be happy to have it with you offline.  The problem breaks down into 4 categories.

Hardware being compatible (Analytics Upgrade readiness will help here) Software being tested and compatible (Windows Analytics really helps you focus here).  Lots of FUD here that can easily be scoped. Infrastructure – look for software solutions to reduce the number of servers and eliminate the network impact User process – scheduling and control by the end user to ensure your timing is not disruptive (WOL is always a good call for education) Question: So every windows 10 upgrade will be a clean install or it just retain the state with all settings and applications as in the previous version?
Answer: Upgrade is in place and leaves user state and applications untouched.  Upgrades are the recommend path once you are windows 10 with UEFI.  You will have the ability to back-out and upgrade assuming your space cleanup process has not run yet.  There are several triggers for cleanup like running out of space.   As for a clean install, you can use Imaging via SCCM to ensure that process is available for break-fix, new hire, replace, or security-based issues.I would be happy to talk more about the 4 major categories of Operating System Deployment (OSD).

Question: When will Windows 10 1703 go Current Branch for Business?
Answer: The term for Current Branch for Business (CBB) has been replaced by Semi-Annual Channel.  The process to promote a deployment from Semi-Annual Targeted to Channel is based on you testing targeted in your environment than going broad.

Question: Can windows S be patched using SCCM? Can we define these folders via GPO? Why not protect them all?
Answer: I believe Windows 10 S Enterprise is to be managed via Intune as S does not allow you to run non Store applications.  I have not seen any mention of SCCM/ConfigMgr in regards to Windows 10 S Enterprise.  I have put some feelers out to find out.
a. Controlled Folder Access – can be set via GPO, PowerShell, MDM
b. Why not protect them all – overhead would make the OS experience unfortunate

Question: I'm an insider too, however, I haven't found any concrete info about the programs allowed automatically through controlled folder access, do you guys have more insight about it?
Answer: Until Oct 17th all documents are marked as preview.

Question: If machines are on Windows 10 build 1511, will they be forced to update to RS1/build 1607?
Answer: Depends if you are pointing to Windows Update or controlled via WSUS or SCCM.  Assuming your machines are on 1511 right now that would imply they have not auto-updated to a newer build.  Are they forced? No.  But after 18 months Microsoft stops releasing security updates and will require an upgrade to a supported OS before you can receive support.

Question: How does the feature/threshold update work with BitLocker Encryption?
Answer: BitLocker as a Microsoft solution is handled natively during an update.

Question: If you upgrade from 1511 to 1709, SMBv1 will NOT be turned off?
Answer: March 2017 patches disabled SMBv1. Please remember you have to both patch and reboot for the change to apply.  If you install via a bare metal process (NOT upgrade in place) 1709 Education or Enterprise SKUs SMBv1 is not installed by default.

Question: There are a lot of features not required in Enterprise which is making LTSC more attractive for a stable build to avoid build change cost.
Answer: Long Term Saving Branch is for very specific scenarios.  I would not recommend LTSB for any internet connected device as there are too many exploits coming to quickly. LTSB has had issues with RSAT, software compatibility, MDM, windows hello, DoD requirements, lack or new hardware support (LTSB only supports silicon from when it was released), etc. That being said, LTSB does have very specific use cases as long as you are aware of all the pitfalls.

Question: Are Microsoft Store apps still only "metro" apps or can traditional desktop apps now also be in the Microsoft store?
Answer: Metro naming was replaced by Modern.  Modern is being updated to Flow (project Neon).  Modern apps can be either UWP or Desktop Bridge (bridge from Win32 applications).  They can be deployed via Microsoft Store, Windows Store for Business, and potentially via SCCM.  This is the future direction for Microsoft.  The UWP concept and Modern makes me wonder if they aren't trying to retire MSI.  That being said MSI is so universal it will never just disappear.

Question: Why wouldn't you just protect all folders by default with controlled folder access?
Answer: Anything in those folders is constantly monitored by Windows Defender

Question: Does it reinstall Store Apps?
Answer: During an upgrade, applications would not change.  However, new features may be added.

Shaun CassellsShaun is a Microsoft MVP and a Principal Consultant of Special Projects at 1E. A graduate of the University of Iowa, Shaun speaks at many conferences and conventions internationally every year.
More from ShaunRelated PostsDigital Employee Experience (DEX)Empowering the Future: Redefining the Digital Employee Experience with Autonomous DEXKatherine Cattini3 Min read
Digital FrictionDEX Revolution: Combatting and Shortening IT Outages with 1EMcKayla Young2 Min read
Digital Employee Experience (DEX)Overcoming IT Modernization Challenges1E3 Min read
AboutCompany OverviewPartnersFederalEvents and WebinarsCareersNewsroomPricingContactCompareTeamViewer DEX vs LakesideTeamViewer DEX vs NexthinkTeamViewer DEX vs TaniumPlatform TeamViewer DEX PlatformIntelligenceBusiness ImpactEmployee SentimentEndpoint AutomationEndpoint TroubleshootingExperience AnalyticsInventory InsightsPatch InsightsSynthetic MonitoringApplication Experience ManagementContent Distribution for Microsoft Configuration ManagerAutomated Self Service for ServiceNowService Desk Augmentation for ServiceNowVirtual Desktop Experience (VDX)TeamViewer Tensor + TeamViewer DEX Platform IntegrationSolutions Frictionless ExperienceSeamless IT OperationsMicrosoft IntuneDevice RefreshSoftware ReclaimResourcesResource LibraryBlogUse CasesDEX GuideDEX GlossaryRemediation, Automation, and DEX content hub1E ExchangeDocumentationSupportTrainingCopyright © 1E 2026 All Rights Reserved
PrivacyTerms and ConditionsCookies Policy