While Windows 11 may be making all the headlines lately, it is important to note that Windows 10 version 21H2 is on the horizon as well. Although Microsoft doesn’t have a firm release date as of yet, the near-final build made its way to the Release Preview channel for consumers and businesses recently.
Windows 10 version 20H2 came out on October 20, 2020, which means that we can expect version 21H2 to arrive in a similar timeframe as well. This also makes sense from the perspective of Windows 11’s staggered rollout, which began on October 5 (check out our review here). In fact, Microsoft might even decide to give its big OS refresh a few more weeks under the spotlight before letting people know that they also have Windows 10 version 21H2 as an option.
Version 21H2 is supposed to be a relatively minor upgrade but it is important to note that it is one of the two paths forward for PCs that do not meet Microsoft’s requirements for Windows 11. While users may be able to force install Windows 11 after signing a waiver on unsupported hardware, it’s possible that they won’t receive security updates. As such, it’s a relatively safer bet to update to Windows 10 version 21H2 if your PC does not support Windows 11.
That said, it is important to understand what Windows 10 version 21H2 is and what it brings to the table. Microsoft’s latest Windows 10 refresh is a follow-up to version 21H1, that was released back in May. Under Windows 10’s release cycle, the company releases two feature updates per year, and this is the second of them.
Let’s be clear: Windows 10 version 21H2 is an enablement package, just like version 21H1 was for version 20H2 before it. What this essentially means is that the “new” features available with this update are also present in version 21H1 before it, but in a dormant state. You won’t get any actual new features downloaded to your computer. This update will simply light up certain features that are already there.
Coming over to what features are being lit up, there’s not a whole lot. When Microsoft shared details about the feature update back in July, it outlined a grand total of three “scoped” features that will be enabled with Windows 10 version 21H2.
First, the OS will support WPA3 H2E standards for increased Wi-Fi security. H2E stands for “Hash-to-Element” and is an enhancement to the Wi-Fi Protected Access III (WPA3) standard. According to Cisco, WPA3 H2E is computationally much more efficient than its predecessor and is also resistant to side channel attacks that are used by malicious actors to steal credentials. The feature will certainly be welcomed by people who are actively engaged in the cybersecurity community.
Secondly, Microsoft has added a new deployment method for Windows Hello for Business called cloud trust. If you’re wondering what’s the difference between regular Windows Hello that you may use on your personal laptop versus Windows Hello for Business, look no further. The former is utilized by consumers to create a PIN or biometric gesture as an alternative method for sign-in, but it does not leverage from asymmetric or certificate-based authentication. Depending on the account type, a very simple password hash may be used. On the other hand, Windows Hello for Business is used by enterprises and is configured using Group Policy or mobile device management (MDM) policies. It always utilizes asymmetric or certificate-based authentication, which makes it much more robust in terms of security.
Currently, Windows Hello for Business supports two trust models, namely key trust and certificate trust. The third model enabled by Windows 10 version 21H2 is cloud trust, but interestingly, Microsoft appears to have no public documentation about it at all. The company has only stated that it will allow faster deployments for Windows Hello for Business, making it a matter of minutes. We were also able to dig up a comment made on Reddit by Microsoft engineer Steve Syfuhs, who says:
It’s a new form of Windows Hello that uses the “Cloud Trust” capability of FIDO logon. Normally you need to deploy AAD Connect with backsync to make Windows Hello key trust work, and the sync portion tends to take anywhere from 5 minutes to 30 minutes to a couple hours, and that’s annoying for lots of folks, not to mention a lot of effort.
Cloud Trust relies on what we built for Hybrid FIDO logon, where you run a single PowerShell script to create a trust from AAD to AD. This trust allows AAD to issue a special partial TGT that AD can accept and convert into a proper AD domain TGT. This was originally how FIDO logged you on to your domain, and now it’s being used for Windows Hello. It’s pretty slick and super easy to set up.
Finally, the third feature Microsoft is lighting up in Windows 10 version 21H2 is GPU compute support in Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments. This is being done to facilitate machine learning and other resource-intensive workloads. For those unaware, EFLOW enables people to run production Linux-based cloud-native workloads on Windows IoT and also to deploy Linux IoT Edge modules onto a Windows IoT device. GPU support for machine learning solutions running on WSL is something that Microsoft has been striving towards recently.
That’s pretty much it for the features that will be enabled with Windows 10 version 21H2. But perhaps, people will also be pleased to know that in light of the hybrid environment, the update will be delivered via Microsoft’s servicing technology, which is also used to offer monthly cumulative updates. This means that devices running Windows 10 version 2004 (May 2020 Update) or later will be able to enjoy a faster installation experience.
It is important to note that while Microsoft hasn’t revealed a firm release date for Windows 10 version 21H2 as of yet, it will definitely be released in this calendar year, likely before mid-November. Home and Pro editions will receive 18 months of support, whereas Enterprise and Education will get 30 months of support. The next Long Term Servicing Channel (LTSC) release of Windows will also be based on Windows 10 21H2. It will be released around the same time as general rollout with five years of support.
Similar to Windows 11 and the Windows 10 feature updates before it, Windows 10 version 21H2 will be an optional and free upgrade. However, Microsoft will likely push PCs with Windows 10 releases running out of support to upgrade to this version instead. Given the likely shift of engineering effort towards Windows 11, it’s possible that we can expect future Windows feature updates – if any – to be of similar nature, only offering enablement packages. Microsoft hasn’t confirmed that this is the last feature update for Windows 10 and we do know that the OS is supported until at least October 14, 2025.