Skip to content

Search the site

Windows 11 gets a comprehensive new build ft. BitLocker exclusion rules

Windows 11 Insider Preview Build 22579 hits the Dev channel...

Microsoft has pushed a new Windows 11 build (22579) to the developer channel. Available now for the Microsoft's Windows Insiders community of guinea pigs, the release features a lengthy list of bug fixes and improvements that will be welcomed by admins holding fire on the enterprise rollout of Windows 11.

Among the fixes in the Windows 11 build are ones for a bug that stopped phone connections working on certain devices, "a few high hitting Task Manager crashes", as well as issues "leading to Wi-Fi speed degradation" and another issue where "Start’s folders were still showing animations even if you had animation effects disabled": arguably a trivial yet frustrating UI issue of the kind that can so often bedevil early releases at this scale.

Windows 11 build 22579 lets admins exclude USBs from BitLocker

Perhaps more importantly, Microsoft said in Windows 11 Build 22579 it is "introducing a new policy so that IT administrators can exclude USB removable drives from BitLocker encryption," adding that the new BitLocker policy "will solve the problem of automatic or accidental encryption of storage built into specialized devices like video cameras, voice recorders, conferencing systems, medical devices and many more.

"When this policy is enabled, you will not be able to encrypt storage that is on the exclusion list, and you will not be prompted for encryption if you connect such storage to a device while “Deny write access to removable drives not protected by BitLocker” policy is enabled on it. This policy so far can only be configured via MDM custom OMA-URI" the Windows 11 said in a detailed March 18 update on Windows 11 build 22579.

IT admins can configure a BitLocker exclusion list policy in Intune, Microsoft's cloud-based remote device management service, which also recently announced a recent raft of welcome new toolings...

See: BitLocker used to hit servers in “intrusion with almost no malware”