Security and authentication
Several updates target core identity and authentication components, particularly lsasrv.dll, ci.dll, and skci.dll. These underpin scenarios involving Windows Hello, PIN logins, and certificate services. Even though labeled low risk, these areas are foundational and demand extra care in testing:
- Windows Defender Application Control (WDAC): Validate AppID tagging and policy updates post-reboot.
- LSASS (Local Security Authority Subsystem Service): Test authentication across AAD, AD, and workgroups. Use tools like runas.exe and confirm no regressions in NTLM, Kerberos, or certificate-based flows.
- BitLocker and VBS Security: Windows Hello and VPN connections should work uninterrupted. Reboot testing is essential to catch potential bootloader integrity issues.
Networking and remote access
This release includes updates to multiple RRAS-related DLLs (ipmontr.dll, ipsnap.dll, mprapi.dll), netbt.sys, and tcpip.sys, all of which underpin Windows’ networking stack.
- RRAS and Netsh: Validate remote configuration and scripting scenarios. Commands like netsh interface and MMC snap-ins must execute without issues.
- NetBIOS Controls: Non-admin users in the Network Configuration Operators group should only affect allowed scopes. Test firewall rules and registry protection.
- HTTP.sys and Web Services: Host internal web services and simulate browser-based traffic to confirm consistent response behavior under load.
Remote desktop and virtualization
Remote Desktop Protocol (RDP) support remains a high-impact area and will require validation with the following testing recommendations:
This story originally appeared on Computerworld
