In the latest round of updates, a series of enhancements and patches have been rolled out, focusing on various components crucial for maintaining system integrity and performance. Users are encouraged to engage in a series of verification tasks to ensure that their systems are functioning optimally.
- Begin by installing, uninstalling, and repairing MSI packages to confirm that the Windows Installer operates as intended.
- Next, connect and disconnect your cloud sync provider, such as OneDrive, several times, ensuring that synchronization remains functional after each restart.
- Enroll a device in Intune or your Mobile Device Management (MDM) solution, check the compliance status, and initiate a policy sync to validate settings.
Common Log File System and Storage
The Common Log File System driver (clfs.sys), which underwent significant hardening changes in March, is now receiving a follow-up patch. Additionally, updates are being applied to Storage Spaces (spaceport.sys) and app isolation file system drivers (bfs.sys, wcifs.sys) during this cycle.
- Run through Windows Update installation and rollback cycles, followed by multiple power cycles to ensure the system boots without issues each time.
- Install and uninstall a selection of representative applications in multiple cycles, confirming that each process concludes without errors.
- Utilize your standard backup solution to perform a backup, restore from it, and verify the integrity of the data.
- For those utilizing Storage Spaces, create a pool with mirrored and thin virtual disks, write data, and ensure that clean deletion is verified.
Office and SharePoint
April’s updates for Office focus specifically on MSI editions, including Excel 2016 (KB5002860), PowerPoint 2016 (KB5002808), Office 2016 shared libraries (KB5002859), and SharePoint Server editions from 2016 to 2019, as well as Subscription editions. Notably, these updates will not be applicable to Click-to-Run deployments such as Microsoft 365 Apps.
- Open and edit complex Excel workbooks that include formulas, macros, and external data connections; ensure to save and reopen them to verify their integrity.
- Create and edit PowerPoint presentations featuring embedded media and transitions.
- Across all patched server editions, validate operations within SharePoint document libraries, including co-authoring and workflow execution.
- Confirm that Office add-ins and line-of-business applications that integrate with Office continue to function correctly.
As we move through April, it is essential to prioritize testing for two High Risk components. Changes to Kerberos could potentially disrupt long-running services utilizing RC4 keytabs; thus, monitoring event IDs 201–209 is advisable, alongside maintaining rollback plans. The Remote Desktop client update also requires thorough validation, particularly concerning clipboard functionality, printer redirection, and session reconnection, especially in environments heavily reliant on RDP. Furthermore, validating Secure Boot and BitLocker remains critical as CVE-2023-24932 key rolling progresses. The five patches to the Projected File System driver elevate the importance of cloud sync testing this cycle, while the dual afd.sys updates and VPN/IPsec patches necessitate regression testing across remote-access infrastructure. It is important to note that Office updates are limited to MSI editions.
