Windows 10 Fall Creators Update (1709) Deprecated Features – PowerShell 2.0 is EOL among others

Fall Created Update (2017 RS3 1709) will be removing some more security holes.  I wonder if some of these are in response to the SMB1 fiasco (WannaCry for example).

  • TLS RC4 ciphers.
  • The SCCM Windows Hello deployed feature which has been replaced with the Registration Authority of Active Directory Federation Services
  • SysKey.exe gone in favor of Bitlocker
  • Enhanced Mitigation Experience Toolkit (EMET) is being removed for Windows Defined Exploit Guard (WDEG) feature
  • PowerShell 2.0 is very security holey – Twitter Tears Shed – Jeffery Snover
    • For example you can invoke PoSH 2.0 if it is installed.  Since it lacks logging you will have no idea what happened.  Most companies I work with just remove it from 1703.

Posted July 20th 2017 a list of features that are being depreciated or Removed from 1709.

Deprecated

Windows PowerShell 2.0

Applications and components should be migrated to PowerShell 5.0+.

Microsoft Paint

Will be available through the Windows Store. Functionality integrated into Paint 3D.

RSA/AES Encryption for IIS

We recommend that users use CNG encryption provider.

System Image Backup (SIB) Solution

We recommend that users use full-disk backup solutions from other vendors.

TLS RC4 Ciphers

To be disabled by default. For more information, see the following Windows IT Center topic:

TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016

Removed

Enhanced Mitigation Experience Toolkit (EMET)

Use will be blocked. Consider using the Exploit Protection feature of Windows Defender Exploit Guard as a replacement.

Syskey.exe

Removing this nonsecure security feature. We recommend that users use BitLocker instead. For more information, see the following Knowledge Base article:

4025993 Syskey.exe utility is no longer supported in Windows 10 RS3 and Windows Server 2016 RS3

TCP Offload Engine

Removing this legacy code. This functionality was previously transitioned to the Stack TCP Engine. For more information, see the following PFE Platform Blog article:

Why Are We Deprecating Network Performance Features (KB4014193)?

 

 

Full List Source: https://support.microsoft.com/en-us/help/4034825/features-that-are-removed-or-deprecated-in-windows-10-fall-creators-up

Advertisements

Author: shauncassells

Shaun Cassells, Senior Solutions Engineer, 1E Shaun is a Microsoft MVP Windows Insider MVP and executive at Central Texas Systems Management User Group (CTSMUG). Shaun is a frequent speaker at conferences like MMS, Gartner, TechEd Europe, TechEd North America, IT Dev Connections, System Center Rallies, and Systems Management User Groups (SMUGs). Shaun is an award winning blogger syndicated from www.shauncassells.com. Shaun specializes in analysis, optimization, and design of Tactical Solutions to Strategic Business Goals. Prior to joining 1E in 2010, he worked for a Global 100 company as the Configuration Manager Service Owner and Architect. Recently as a Principle Consultant at 1E, he accomplished design, review, and improvements to a variety of Configuration Manager environments from the very small to sites with a half million seats. He provided leadership that created a patented automated application rationalization and usage based OSD mapping solution in use by multiple fortune 500 companies. These days you can find Shaun traveling to help discover, review, and improve business productivity across the world.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s