What’s New and Changed
This section provides descriptions of and links to the Windows technical documents that are new or have been revised to reflect the functionality of the latest product version.
New Documentation
|
Specification |
Description |
Release date |
|---|---|---|
|
[MS-RDPETXT]: Remote Desktop Protocol: Text Input Virtual Channel Extension |
Specifies the Remote Desktop Protocol: Text Input Virtual Channel Extension, which enables text input and IME integration in virtualized or remote applications. This protocol is used to enable local input methods to operate on applications hosted in virtualized environments or on remote machines. This includes input methods such as speech dictation, software keyboard, IMEs, or handwriting. |
April 23, 2024 |
|
Specifies the USB Protocol: Platform Detection Extensions protocol based on the USB 3.2 specification and Microsoft OS 2.0 Descriptors. It extends the USB protocol with operating system detection to provide OS platform IDs to USB devices so they can take advantage of an operating system's special drivers and features. |
April 23, 2024 |
|
|
[MS-RDPECI] Remote Desktop Protocol: Core Input Virtual Channel Extension |
Specifies the Remote Desktop Protocol: Core Input Virtual Channel Extension, which enables remoting of keyboard and mouse pointer input over the UDP transport. This is an extension to the Basic Connectivity and Graphics Remoting Protocol. |
September 20, 2023 |
|
[MS-RDPEL]: Remote Desktop Protocol: Location Virtual Channel Extension |
Specifies the Remote Desktop Protocol: Location Channel Extension, which adds the ability to redirect the client's location (latitude, longitude and altitude) to a server so that location-based services running in a user session can provide a more contextualized experience where possible. |
September 20, 2023 |
|
[MS-RDPEMSC]: Remote Desktop Protocol: Mouse Cursor Virtual Channel Extension |
Specifies the Remote Desktop Protocol: Mouse Cursor Virtual Channel Extension enables remoting of mouse cursor bitmap over the UDP transport. This is an extension to the Basic Connectivity and Graphics Remoting Protocol. |
September 20, 2023 |
Technical Document Release
The following documents were updated for the Windows 11, version 24H2 operating system and/or the Windows Server 2025 operating system. These documents may also have been revised for content issues.
|
Specification |
Description |
Release date |
|---|---|---|
|
This document has been updated as follows: Body Opnum 28 in varBody VARIANT removed that VT_ARRAY can be combined with any of the other types and added VT_UI1 to the array type. |
April 23, 2024 |
|
|
This document has been updated as follows: Added information about the new 32K database pages feature and about delegated managed service accounts. |
April 23, 2024 |
|
|
This document has been updated as follows: Added a new class, msDS-DelegatedManagedServiceAccount, for managed service accounts. |
April 23, 2024 |
|
|
This document has been updated as follows: Added information about support for 32K database pages; a new operation, migrateADServiceAccount, that supports linking and unlinking accounts for migration; and the fixupObjectState attribute to set attributes on an object to default values. |
April 23, 2024 |
|
|
This document has been updated as follows: To specify client ticket validation to ensure its integrity: ● 2.2.2 Kerberos Ticket Validation Message Syntax: Added section to give NETLOGON_TICKET_LOGON_INFO Message usage. ● 2.2.2.1 NETLOGON_TICKET_LOGON_INFO Message: Added section to define structure used to begin the network ticket logon flow. ● 2.2.3 Kerberos Ticket Validation Response Message Syntax: Added section to give NETLOGON_VALIDATION_TICKET_LOGON message usage. ● 2.2.3.1 NETLOGON_VALIDATION_TICKET_LOGON message: Added section to define structure used to validate the logon ticket. ● 3.2 Kerberos PAC Validation Details: Changed from KERB_VERIFY_PAC_REQUEST to NETLOGON_TICKET_LOGON_INFO message to begin ticket verification. ● 3.2.5.1 Generating a NETLOGON_TICKET_LOGON_INFO Message: Added section to state the creation requirements. ● 3.2.5.2 Processing a NETLOGON_TICKET_LOGON_INFO Message: Added section to state the ticket verification process. |
April 23, 2024 |
|
|
This document has been updated as follows: Added a product behavior note about the RPC authentication level. In some client and server versions there is no error if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_PRIVACY. Applying [MSFT-CVE-2023-36004] raises the required authentication level and will return an error. |
April 23, 2024 |
|
|
[MS-CMRP]: Failover Cluster: Management API (ClusAPI) Protocol |
The document has been updated as follows: Added a method, ApiClusterNativeUpdateControl, reserved for future use. |
April 23, 2024 |
|
The document has been updated as follows: ● Section 2.2.13 KERB-SUPERSEDED-BY-USER: Added new section with structure definition that has the name and the realm of a Kerberos principal. ● Section 2.2.14 KERB-DMSA-KEY-PACKAGE: Added new section with structure definition that contains a list of keys supplied by the KDC to an authorized client. |
April 23, 2024 |
|
|
[MS-LCID]: Windows Language Code Identifier (LCID) Reference |
The document has been updated as follows: New identifiers were added for neutral and non-neutral locales. |
April 23, 2024 |
|
[MS-LSAD]: Local Security Authority (Domain Policy) Remote Protocol |
The document has been updated as follows: Added a note that clients must use RPC over TCP/IP for the LsarOpenPolicyWithCreds method, and documented the method which opens a context handle to the RPC server using the credentials in the RPC binding handle. |
April 23, 2024 |
|
[MS-LSAT]: Local Security Authority (Translation Methods) Remote Protocol |
The document has been updated as follows: Added additional information about updates to the SID type used in the LsarLookupNames4 and LsarLookupSids3 methods. |
April 23, 2024 |
|
The document has been updated as follows: Added four new data values to notify provisioning status that can be sent in the 1224 alert: PendingProvisioning, Bootstrapping, ExecutingProvisioning, and ProvisioningComplete. |
April 23, 2024 |
|
|
This document has been updated as follows: ● Section 3.1.5.7 loadBalancerMuxes: Added to version v6 activityState property with values NA, Active, or Standby. ● Section 1.7: Added URI version v7, and to product note version table. ● Section 3.1.5.2 credentials: Added X509CertificateSubjectName (v7) value to the type and value properties. ● Section 3.1.5.5 loadBalancers: Added updateBackendAddressPools property (v7). ● Section 3.1.5.5.2 backendAddressPools: To backendIPConfigurations property added Read/write (v7) to add/remove IP configurations. ● Section 3.1.5.35 Response Content for Errors: Updated error descriptions and added (v7) errors CommonNameExtractionFailed and UpdateBackendAddressPoolsNotAllowed. |
April 23, 2024 |
|
|
This document has been updated as follows: ● Section 3.1.4.2 Netlogon Negotiable Options: Reassigned option X to support Kerberos. ● Section 3.5.4 Message Processing Events and Sequencing Rules: Added NetrServerAuthenticateKerberos method to the method table. ● Section 3.5.4.4.3 NetrServerAuthenticateKerberos (Opnum 59): Added new method to mutually authenticate the client and the server using Kerberos. ● Section 6 Appendix A: Full IDL: Added NetrServerAuthenticateKerberos method (Opnum 59). |
April 23, 2024 |
|
|
[MS-OAPXBC]: OAuth 2.0 Protocol Extensions for Broker Clients |
This document has been updated as follows: Added two new optional HTTP headers "x-ms-SsoFlags" (2.2.1.3), and "x-ms-SsoFlagsSubstatus" (2.2.1.4) that provide information about the state of the automatic app sign in policy. |
April 23, 2024 |
|
This document has been updated as follows: ● Section 2.4 PAC_INFO_BUFFER: Changed ulType value 0x00000012 PAC Requestor to PAC Requestor SID, added SID to behavior note, and added value 0x00000014 for PAC Requestor GUID. ● Section 2.15 PAC_REQUESTOR_SID: Changed name of structure from PAC_REQUESTOR to PAC_REQUESTOR_SID. ● Section 2.16 PAC_REQUESTOR_GUID: Added section for PAC_REQUESTOR_GUID structure that MUST contain the Active Directory GUID of the client that requested the ticket. |
April 23, 2024 |
|
|
[MS-RDPEAR]: Remote Desktop Protocol Authentication Redirection Virtual Channel |
This document has been updated as follows: ● Section 2.2.1.2.1 KERB_ASN1_DATA: Set PDU values to zero and added PDU values table to product note. ● Section 2.2.2.1.6 UnpackKdcReplyBody: Set PDU values to zero and added PDU values table to product note. ● Section 3.1.5.6 RemoteCallKerbUnpackKdcReplyBody: Set PDU values to zero. |
April 23, 2024 |
|
[MS-RDPECI]: Remote Desktop Protocol: Core Input Virtual Channel Extension |
This document has been updated as follows: ● Section 2.2.2.2 PACKED_EVENT_TYPE_AND_FLAGS: Added input event type INPUT_EVENT_RELMOUSE a Relative Mouse Event. ● Section 2.2.2.7 TS_RELPOINTER_EVENT: Added section. Event is used to specify relative mouse pointer movement. |
April 23, 2024 |
|
[MS-RDPERP]: Remote Desktop Protocol: Remote Programs Virtual Channel Extension |
This document has been updated as follows: ● Section 2.2.2.2.3 HandshakeEx PDU (TS_RAIL_ORDER_HANDSHAKE_EX): Added railHandshakeFlags value TS_RAIL_ORDER_HANDSHAKE_EX_FLAGS_EXTENDED_SPI_3_SUPPORTED for additional system parameter flags. ● Section 2.2.2.4.1 Client System Parameters Update PDU (TS_RAIL_ORDER_SYSPARAM): Added 3 SystemParam values: RAIL_SPI_ACCENT_COLOR to emphasize important elements, RAIL_SPI_SYSTEM_USES_LIGHT_THEME that indicates if the system uses light mode by default, and RAIL_SPI_APPS_USE_LIGHT_THEME that indicates if applications use light mode by default. ● Section 2.2.2.4.6 Accent Color System Information Structure (TS_ACCENTCOLOR): Added section that defines parameters for the accent color accessibility feature. |
April 23, 2024 |
|
[MS-SAMR]: Security Account Manager (SAM) Remote Protocol (Client-to-Server) |
The document has been updated as follows: Added a new method, SamrAccountIsDelegatedManagedServiceAccount that verifies whether a specified account is a Delegated Managed Service Account and whether the calling context is authorized to use the account. |
April 23, 2024 |
|
[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3 |
The document has been updated as follows: ● MS-SMB2 protocol supports alternate network ports over TCP, QUIC and RDMA transports. SMB client and SMB server can connect and listen over configured ports. This is supported in Windows Server 2025 and Windows 11, version 24H2 onwards. ● Added mutual authentication and client access control for SMB over QUIC. Administrators can require SMB client to send its certificate to the server to be validated and can restrict which clients can access SMB over QUIC servers. Organizations can provide extra protection by restricting devices connecting to a trusted file server. ● Added support to compress data using lossless compression algorithm, LZ4. This is supported in Windows Server 2025 and Windows 11, version 24H2 onwards. ● The SMB2_GLOBAL_CAP_ENCRYPTION capability is only valid for SMB 3.0 and 3.02 dialects and when AES-128-CCM cipher is supported. |
April 23, 2024 |
|
The document has been updated as follows: Added a new method WitnessrUnRegisterEx to unregister for notifications from the server. This is supported in Windows Server 2025 and Windows 11, version 24H2 onwards. |
April 23, 2024 |
|
|
The document has been updated as follows: The pseudocode for GetWindowsSortKey has been updated for Windows Server 2025 and Windows 11 24H2. |
April 23, 2024 |
Technical Document Release
The following technical document was revised with product updates for Microsoft SQL Server 2022 and may also have been revised for content issues.
|
Specification |
Description |
Release date |
|---|---|---|
|
This document has been updated as follows: ● Clarified the mandate that until the packet size is confirmed by the server, a Length value larger than 4,096 bytes cannot be used. ● Defined the difference between the TDS 7.x version family, in which encryption is optional and negotiated in the TDS layer, and the new TDS 8.0 version, in which encryption is mandatory and handled in the lower layer before TDS begins functioning. ● Added prelogin features for communication between client and server to enhance the security and efficiency of login support. ● Added support to the COLUMNENCRYPTION feature extension for the ability to allow clients to cache column encryption keys when enclave computations are required. |
April 10, 2023 |