What's new in Windows 11, version 23H2
Windows 11, version 23H2 is a feature update for Windows 11. It includes all features and fixes in previous cumulative updates to Windows 11, version 22H2. This article lists the new and updated features IT Pros should know.
Windows 11, version 23H2 follows the Windows 11 servicing timeline:
- Windows 11 Pro: Serviced for 24 months from the release date.
- Windows 11 Enterprise: Serviced for 36 months from the release date.
Devices updating from Windows 11, version 22H2 use an enablement package. Most the files for the 23H2 update already exist on Windows 11, version 22H2 devices that have installed a recent monthly security update. Many of the new features have already been enabled on Windows 11, version 22H2 clients. However, some features are just in an inactive and dormant state because they are under temporary enterprise feature control. These new features remain dormant until they're turned on through the enablement package, a small, quick-to-install switch that activates all of the Windows 11, version 23H2 features.
Windows 11, version 23H2 is available through Windows Server Update Services (including Configuration Manager), Windows Update for Business, and the Volume Licensing Service Center (VLSC). For more information, see How to get the Windows 11, version 23H2 update. Review the Windows 11, version 23H2 Windows IT Pro blog post to discover information about available deployment resources such as the Windows Deployment Kit (Windows ADK).
To learn more about the status of the update rollout, known issues, and new information, see Windows release health.
Features no longer under temporary enterprise control
Temporary enterprise feature control temporarily turns off certain features that were introduced during monthly cumulative updates for managed Windows 11, version 22H2 devices. For the purposes of temporary enterprise control, a system is considered managed if it's configured to get updates from Windows Update for Business or Windows Server Update Services (WSUS). Clients that get updates from Microsoft Configuration Manager and Microsoft Intune are considered managed since their updates ultimately come from WSUS or Windows Updates for Business.
When a managed Windows 11, version 22H2 device installs version 23H2, the following features will no longer be under temporary enterprise feature control:
| Feature | KB article where the feature was introduced |
|---|---|
| Touch-optimized taskbar for 2-in-1 devices | February 28, 2023 - KB5022913 |
| Selecting Uninstall for a Win32 app from the right-click menu uses the Installed Apps page in Settings rather than Programs and Features under the Control Panel | September 2023 - KB5030310 |
| Windows Spotlight provides a minimized experience, opportunities to learn more about each image, and allows users to preview images at full screen. | September 2023 - KB5030310 |
| Copilot in Windows | September 2023 - KB5030310 |
| Dev Home | September 2023 - KB5030310 |
| Dev Drive | September 2023 - KB5030310 |
Features added to Windows 11 since version 22H2
Starting with Windows 11, version 22H2, new features and enhancements were introduced periodically to provide continuous innovation for Windows 11. These features and enhancements use the normal update servicing channels you're already familiar with. At first, new features are introduced with an optional nonsecurity preview release and gradually rolled out to clients. These new features are released later as part of a monthly security update release. For more information about continuous innovation, see Update release cycle for Windows clients Some of the features were released within the past year's continuous innovation updates and carry forward into the 23H2 annual feature update include:
Passkeys in Windows
Windows provides a native experience for passkey management. You can use the Settings app to view and manage passkeys saved for apps or websites. For more information, see Support for passkeys in Windows.
Windows passwordless experience
Windows passwordless experience is a security policy that promotes a user experience without passwords on Microsoft Entra joined devices. When the policy is enabled, certain Windows authentication scenarios don't offer users the option to use a password, helping organizations and preparing users to gradually move away from passwords. For more information, see Windows passwordless experience.
Web sign-in for Windows
You can enable a web-based sign-in experience on Microsoft Entra joined devices, unlocking new sign-in options and capabilities. For more information, see Web sign-in for Windows.
Declared configuration protocol
Declared configuration protocol is a new protocol for device configuration management that's based on a desired state model and uses OMA-DM SyncML protocol. It allows the server to provide the device with a collection of settings for a specific scenario, and the device to handle the configuration request and maintain its state. For more information, see What is the declared configuration protocol.
Education themes
You can deploy education themes to your devices. The education themes are designed for students using devices in a school. For more information, see Configure education themes for Windows 11.
Temporary enterprise feature control
Controls were added to temporarily turn off certain features that were introduced during monthly cumulative updates for managed Windows 11, version 22H2 devices. For more information, see Temporary enterprise feature control.
Multi-app kiosk
You can configure a multi-app kiosk, which displays a customized start menu of allowed apps. For more information, see Set up a multi-app kiosk on Windows 11 devices.
Copilot in Windows
Copilot in Windows provides centralized generative AI assistance to your users right from the Windows desktop. For more information, see Manage Copilot in Windows.
Windows Hello for Business authentication improvement
Peripheral face and fingerprint sensors can be used for Windows Hello for Business authentication on devices where Enhanced Sign-in Security (Secure Biometrics) has been enabled at the factory. Previously this functionality was blocked. For more information, see Common questions about Windows Hello for Business.
LAPS native integration
Use Windows Local Administrator Password Solution (LAPS) to regularly rotate and manage local administrator account passwords. For more information, see Local Administrator Password Solution (LAPS)
Federated sign-in
You can sign into Windows using a federated identity, which simplifies the experience for students. For example, students and educators can use QR code badges to sign-in. This feature is designed specifically for Education editions of Windows. For more information, see Configure federated sign-in for Windows devices.
Customize Windows 11 taskbar buttons
Policies to customize Windows 11 taskbar buttons were added to provide you with more control over the taskbar search experience across your organization.
Braille displays
The compatibility of braille displays was expanded. Braille displays work seamlessly and reliably across multiple screen readers, improving the end user experience. We also added support for new braille displays and new braille input and output languages in Narrator. For more information, see Accessibility information for IT professionals.
Dev Drive
Dev Drive is a new form of storage volume available to improve performance for key developer workloads. For more information, see Set up a Dev Drive on Windows 11.
Additional features
- Tabs for File Explorer: File Explorer includes tabs to help you organize your File Explorer sessions.
- Taskbar overflow menu: The taskbar offers an entry point to a menu that shows all of your overflowed apps in one spot.
- Suggested actions: Copied text in certain formats, such as phone numbers or dates, offer suggested actions such as calling the number or adding the event to your calendar.
- Task Manager enhancements: Process filtering, theme settings, and the ability to opt out of efficiency mode notification were added to Task Manager.
- Narrator improvements: Scripting functionality was added to Narrator. Narrator includes more natural voices.
In-box apps
- Microsoft Teams: Chat is being removed from the Microsoft Teams in-box app. Teams will no longer be pinned to the taskbar for enterprise editions of Windows 11, version 23H2 or later. To identify the appx package:
Get-AppxPackage -Name MicrosoftTeams - Dev Home: Dev Home is a new app that provides a central location for developers to start building, testing, and deploying Windows apps. For more information, see Dev Home. To identify the appx package:
Get-AppxPackage -Name Microsoft.Windows.DevHome
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for