Windows Insider Iso

[Janie Mccorey]

Thentried to disable the auto windows updates, because I have been shot in the foot more than once by MS pushing an update and breaking something. So I want to pick which updates I installed, like Windows 7 allowed. (Also their penchant for rearranging and hiding options and settings is super annoying - sorry one more rant)

The insider program pushes new stuff down on the user, and will eventually end up mutating your machine into a Windows 11 OS. And as those things are slowly installed, there is no way to get rid of them.

Then, the ISO you downloaded was a Windows Insider ISO in the first place. Windows Insider isn't an "option" while installing from a regular Windows ISO (and it also doesn't matter if your Microsoft Account has joined Insider, since this is a per-computer settings.)

The only polices you currently have configured, is that Windows will notify you of Windows Update downloads and you have configured Automatic Windows Update. If you want to remain on Windows 10 22H2 until it's no longer supported and replaced with a version that is supported, you will want to enable the following group polices:

Worth pointing out, cumulative updates released for Windows 10 22H2 will still be automatically installed, as the group polices you have enabled will not block them from being installed. The polices I have suggested will only allow you to remain on Windows 22H2 until it's no longer supported.

The insider program pushes new stuff down on the user and will eventually end up mutating your machine into a Windows 11 OS. And as those things are slowly installed, there is no way to get rid of them.

This is partially inaccurate. A Windows 10 machine opted into the Insider Preview program absolutely would not result in your machine being upgraded to any Windows 11. At this time, upgrading to Windows 11 is optional, and configuring ProductVersion to "Windows 10" would allow you to remain on Windows 10 until it was no longer supported.

Does anyone know what changes need to be made to make this work? I've solved a few other SSL decryption issues where decrypt-exceptions needed to be added or the CA imported as a trusted CA in the PA, but so far I have been unable to identify what needs to be done for this. I've seen decrypt-error and decrypt-cert-validation coming from this PC around the time of an update check so I know a cert probably needs to be added to the PA but have not yet been able to identify which one.

I temporarily used a decrypt profile that does not verify the CA but that alone did not fix it so we'll likely also need to add some exceptions as well. This was for testing - I am not going to keep a decrypt profile that does not verify CA.

I don't know in great detail about how it works, but I suspect it probably works differently. Normal windows downloads the updates - Insider updates download the build updates to upgrade to the next build. I believe this is more like an image then an update package.

Regardless of what the situation is, @OtakarKlier is right that you can't decrypt this traffic due to how the computer and Microsoft authenticate when pulling the updates from Microsoft's servers. I have multiple users utilizing the Insider program, myself included, and I didn't need to modify anything to get this to function correctly.

I am a little confused. You said you didn't need to modify anything to get it working but you also said you can't decrypt this traffic. Do you mean that you did needed to add to the no-decrypt URLs as per the article for the regular windows updates but after that you did not need to do anything else for windows insider updates?

You are right, we are early in the outgoing on 443 decryption so it is not yet widespread, and also most windows workstations and servers do get central updates. We are on all Windows 10 if it makes a difference, I have read some things saying it might get updates differently or from a different place. I was hoping I would not need to add decrypt exceptions for windows since some exist by default, but if needed I will add exceptions.

What I was trying to say is that I didn't need to modify anything for my users running Insider builds outside of the decryption exceptions that I've already put in place for other users to pull normal Windows Updates. As @OtakarKlier mentioned Updates require a few decryption exceptions for them to work properly.

Hi Guys,

I run the Windows Insider Preview on a PC at home and after updating to Build 21277.1000 this morning the PC began constantly crashing logging into the PC (would load to login screen fine and stay there - crash was about 30 seconds after logging in) with a familiar Green Screen stop crash and bugcheck. A quick troubleshoot and I found that its definitely being caused by Sophos Intercept X Endpoint and I have disabled it in startup.

Any ideas how to fix or do I need to wait until a new version of the Intercept X Client?

Cheers

Hi there, I just wanted to chime in because I'm also seeing the same error in my environment as Dread. Computers running the Windows 10 insider build 21277 will GSOD after login, unless 'Sophos Endpoint Agent' is disabled on startup. However, if the user launches Sophos Endpoint Agent afterwards, the computer will GSOD again.

We're also running version 2.10.8 of Intercept X. I disabled tamper protection and applied the hotfix in your link, but the computer still GSODs upon launch of Sophos Endpoint Agent. Do you have any other suggestions?

From the info provided, without the dump file to be able to run other commands it's hard to say much. There is a thread in a svchost.exe process seemingly terminating a CRITICAL_PROCESS: svchost.exe. From the stack it's hard to glean the origin of the stack.

Yes, that's what I disabled in the Startup pane in Task Manager. If I leave it enabled then shortly after login the computer will GSOD. Alternatively if you just launch Sophos Endpoint Agent from within the Sophos folder in the Start Menu, then that will also cause a GSOD.

Apologies for the delay getting back to this - I blame the Christmas/New Years period :)

I had to disable ALL Sophos Services from Startup via the MSConfig.exe, Selective Startup and disabling all Sophos Services there for the system to boot safely.

System still running fine up to today, just haven't had a chance to play with it ... I may have also been playing the crap out of Watch Dogs Legion ... :)

Windows Insider Build is Beta version release however I would like to know if you are seeing the error as mentioned in this link, where there is a pop-up notification stating "Your PC ran into a problem and will restart in 1 min"? We might also need to find the exact Sophos component which is causing the issue here with the help of this article.

I downloaded the trail version of Parallels 17. That installed flawlessly, and offered to download a version of Windows 11. It had to have been the Windows 11 Home Insider Preview as nothing else would have worked.

Here is my question. as it is an Insider Preview, how long can I run it? I mean, I will have to pay for the Parallels software but the Insider Preview is free. So as long as I keep updating it to the latest build, will it keep right on ticking or will it stop working eventually? I would be quite happy to run the Insider Preview as long as I can as long as it is not a security risk and as long as it does not crap out after a month.

the reality is I intend to use Windows very very rarely. there are only a few pieces of software that I cannot run natively on the Macbook Air. ( tax software, Financials like quicken, etc,) so I went with the Macbook Air first and will worry about Windows later.

sure, but existing users of Macbooks with M1 cpus will have encountered this already and likely already have the answer. I was availing myself of this friendly forum where people actually answer questions instead of pontificating on whose responsibility the topic is.

I think if I wanted to know the terms of a Microsoft license I would look on the Microsoft site rather than hoping someone may have run across the same situation. I was trying to provide you the mechanism for getting the correct answer as quickly as possible. But you are welcome to wait for someone to stop by who knows the terms of Microsoft's licensing agreements.

Microsoft and Apple do not work well together and I would rather get my information from the Apple side as they tend to be more forthcoming and not so hard to deal with. and to be honest, I trust a Mac user a lot more than a windows site

In my experience, Insider Previews can indeed time out, but as long as you're on the latest updates, you should be fine. I had a Windows 10 ARM VM that I used earlier, and when I tried to start it up after Windows 11 was released, I got a lot of notices telling me that I had to update and that the copy of Windows was no longer supported.

I'm not sure if Microsoft is going to be making an ARM version of Windows available to the public for licensing, but if they are, I definitely hope Apple will use it to bring back Boot Camp Assistant.

Also, I'm not sure if the Insider Preview copy of Windows is actually free. Sure, you can download it for free, but that's also true for production copies of Windows. Once Windows is up and running, the EULA might require you to purchase a Windows 11 Pro license to activate Windows (since that's the version of Windows that gets installed by Parallels by default).

I read somewhere on the Microsoft site that the Windows 11 version would not expire until sept 2022 which seems like a really long time. the wording they used however said "as long as you keep it updated" if possible, I would like to run the Insider Preview version until they come out with an official build that you can purchase once and for all, but my understanding is that will not be for a while because of an exclusive deal Microsoft had with Qualcomm

3a8082e126