“Version 2004 is full of feature changes and a number of functional and technical improvements

Welcome to the world of Windows 10 version 2004. Microsoft introduced this new version a bit earlier than it has done previously, and without much explanation to the community. When you look under the hood there’s a good reason why.

Version 2004 is full of feature changes and a number of functional and technical improvements – it seems Microsoft was eager to allow the community the chance to ‘kick the tires’ in this new OS version. We’ve taken a deep dive ourselves and wanted to share five features you should pay attention to.

As a note, the month indicator in version 2004 is “4” to avoid confusion with the release of Windows in 2003.


Windows Updates for Business

As someone responsible for Patch Management, I always start here. Why? Because security vulnerabilities can cripple any environment. In 2019, the U.S. dealt with a larger than usual amount of ransomware attacks that the potential cost damage exceeded $7.5 billion across multiple industries. The ability to easily push security patches and updates to devices with as little interruption has been key to closing the gap in this growing threat vector and now with the latest updates this can be achieved off network and zero-touch.

As a note, we recommend managing Windows Updates via Intune and Windows Update rings.

For administrators managing employees’ devices, Intune now allows for target versioning which allows for you to choose which version devices move to. You can leave a device on a target build until it reaches end of service. This feature is available via Group Policy as well for those still using traditional management.

Additional safeguards protect devices from upgrading to update versions with known issues. This means no downtimes for users due to a bad update. Controls are available to administrators to opt-out of this protection so testing can be performed on designated devices.

When it comes to installation tips and tricks admins are now able to delete the recovery partition from Windows to save space, allowing more storage on those devices. Machines can be imaged from the cloud or local disk meaning that businesses have more flexibility from the previous legacy options of a distribution server or onsite imaging device. During Covid-19, devices can be reimaged from a user’s home rather than sending the device back to the business.

Along with this feature is a change to ‘reset this PC’ that includes a cloud download option.


Security and Windows Hello

Security remains a key concern for Microsoft and the latest update to Windows Hello provides some new capabilities. More can be done remotely with limited support interaction. Here’s some of the new capabilities.

  • FIDO2 (Fast Identity Online 2) support across all major browsers.

  • Passwordless sign-in now enabled for Microsoft account on your Win10 device by going to Settings -> Sign-in options, then changing Make your device passwordless to On. Enabling this setting will switch all Microsoft based accounts to modern authentication (biometrics or PIN).

  • Windows Hello PIN sign-on has been added to Safe Mode.

  • Windows Hello for Business now has Hybrid Azure Active Directory support and phone number sign-in (MSA).

  • FIDO2 security key support is expanded to Azure Active Directory hybrid environments, enabling enterprises with hybrid environments to take advantage of passwordless authentication.


Windows Defender System Guard

This feature brings new compliance capabilities for System Management Mode (SMM) Firmware Protection. Traditionally, OS memory and secrets could be checked, but the updated version also allows for register and IO scanning.

Microsoft noted that these new capabilities will require new hardware. However, what type of new hardware wasn’t mentioned.



Windows Autopilot expands some setup capabilities

You can configure language settings in Autopilot and when an employee first signs-in, if the device has an active internet connection setup will skip the language, local and keyboard screens. In previous versions, this was only supported with self-deploying profiles.

This feature has been backported to versions 1909 and 1903 as well.


Improved Notification Controls for Users

It is now possible to turn off app notifications inline in the notification toast (pop up message in the bottom right of your desktop) by clicking the settings gear and choosing “Turn off all notifications for application-name.”

While this is a simple feature, users often are unaware that toast messages can be individually turned on or off. Having settings placed onto the toast messages directly is a nice user experience gain.


Cortana and Windows Search Have Been Separated

Microsoft’s digital assistant has been removed from Windows Search and the search bar that’s available by default on the Windows 10 taskbar. Now as a stand-alone application it can removed for those that do not want to include it in their environment.

Because Cortana is now an app, it can be uninstalled through the control panel, like any other desktop app.

Though improvements have been made the tool still has a long a way to go before being considered a real office assistance. We played with the updated app ourselves and found it has limited functionality. The app can’t open applications from the desktop and isn’t yet capable of searching for files, for example.

If you’d like to explore the Cortana app, here’s some useful information

  • Press [Windows Key + C] to launch the new Cortana interface

  • If you enable voice activation you can say, “Cortana” then ask a question

  • Cortana can perform Bing internet searches via voice or text commands


Simpler Bluetooth Pairing

Microsoft has added support for Bluetooth Quick Pair, a tool that in previous versions only supported a limited number of devices including Microsoft keyboards and mice.

This new feature allows for faster and easier access for setting up Bluetooth devices skip skipping painful driver installations or other software setup. In Windows 10 2004 it has been renamed to Swift Pair.



Windows 10 version 2004 brings new user-facing changes that will be welcome. In traditional fashion, some of the changes still need more time to reach maturity.

Under the hood, Microsoft continues to give administrators more control of their Windows fleets and the new configurations in Autopilot and in Intune are welcome changes.


Want to know more?

For a full breakdown of the upcoming additions and changes, see Microsoft’s “What’s New” article here.

If you are interested in switching to modern device management for you Windows 10 devices, check out our Intune for Windows service.

Microsoft Intune is a part of Microsoft Endpoint Manager and provides the cloud infrastructure, the cloud-based mobile device management (MDM), cloud-based mobile application management (MAM), and cloud-based PC management for your company.