This is a low-resolution version of the logo of Windows XP by Microsoft, protected by copyright

Windows release notes

Notes published the
17 - 21 minutes to read, 4289 words
Categories: security virtualization windows
Keywords: antivirus powershell security virtualization windows windows xp

Because reasons, I wanted to have an overview of which version of Windows introduced which changes compared to previous versions.

I have more or less used all Windows versions enlisted, some for more times, others for less, but still, memories get fuzzy when thinking which version changed what. Honestly, I also have better things to do than remember which version removed or added a certain feature.

Wikipedia has an article for every major version of Windows, so it was a good start where to gather pieces of information.

Also, VirtualBox helped a lot, permitting me to reinstall older Windows versions, and double-check if some things did work as expected.

I also learned some features I was not aware of.

I would like to link more often to official resources, but Microsoft has shown continuously and multiple times that their websites are not stable. Links are mostly unreadable and change with no indication that the original content is not there anymore.

So you either have to trust me, Wikipedia, and other unofficial resources, or test it by yourself (supposing you will be able to activate your Windows copy).

Windows 11

An overview can be found at on the Windows 11 page on Wikipedia.

Compared to the previous Windows version:

  • Multiple changes in the UI

    • taskbar

    • menu (it is centered, also the organization of the applications changed)

    • widgets (similar to Windows Vista/7)

    • rounded corners (like Windows XP, until Windows 8)

  • Has WSA (windows subsystem for android)

  • Requires TPM2

  • Drops support for BIOS-only devices

  • Drops support for 32 bit

  • Requires online account, integrates Microsoft teams

  • Drops support for WSL1

I think that favoring WSL2 over WSL1 is a step backward. WSL1 has better integration and does not cause issues with 3rd party virtualization software, maybe I should write a more detailed comparison down.

WSA is a nice addition, albeit I am not sure how useful it is on a desktop.

Sure, it is possible to install Android games on Windows, and if you are lucky also the application your bank requires you to install somewhere for logging into the website too.

On the other hand, applications written for those that are mainly touchscreen devices do not work well on devices with a mouse or trackpad.

Being able to execute Android applications on Windows means that developers need to create a program only for Android and call it a day. For the end-user, it has both benefits (they can use the application immediately also on Windows, and the experience is not necessarily worse than using a native application) and drawbacks (the experience will generally be subpar).

I fear that most advantages are only short-term (being able to execute programs that are otherwise not compatible with Windows) and in the long-term, there will be more disadvantages (some programs that used to have a native version for the desktop will develop only the mobile one).

Considering that it was already possible to execute Android applications on Windows (for example with BlueStacks), I fear that the disadvantages overweight the advantages, except that developers might test their Android programs on Windows too to ensure that at least it works.

Windows 11 also drops (probably rightfully) support for older platforms (BIOS-only, 32-bit, …​) but also requires some non-essential features for the end-user (in particular TPM2).

There are surely improvements (better performance in some areas⁠[1], bug-fixes, make some things more consistent …​) but what annoys me is that some components of the UI introduced a breaking change again, probably without a good reason (in fact, I would label some changes as regressions, check for example the Fitts' Law).

I am also unsure why never Windows versions are still bundled with older applications. Would you expect Windows 11 to be shipped with Internet Explorer 6, 7, or 8, and make leave it to the user to install the Edge browser? Surely not. Then why bundle it with PowerShell 5, when there is already PowerShell 7 installable on previous Windows versions?

I know they are "different products" with more or less the same name, and the same functionality, but the same holds for Microsoft Edge and Internet Explorer…​

Also requiring an online account is a bold move, not even Android requires it, it alienates (power) users, especially because it makes it harder to automate some operations, like setting up a new environment (virtual machines for example) automatically.

The UI change, TPM2, and requiring an online account might make sense from a business perspective, but as an end-user, they do not look like features, on the contrary, they lead to a machine where I have even less control over it.

Windows 10

An overview can be found on the Windows 10 page on Wikipedia.

Compared to the predecessors

  • It has virtual desktops

  • Windows sandbox

  • Cortana as a virtual assistant

  • Has WSL1 (can run some Linux binaries natively)

  • Has WSL2 (can run Linux binaries in a lightweight virtual machine)

  • Introduces universal search box

  • Supports out-of-the-box face recognition

  • can create a temporary windows virtual machine

  • Add support for arm devices

  • dark mode (note that with some hacks/themes, there was already some support since Windows XP)

  • reset settings functionality (never tested, something similar existed also in previous versions)

  • Universal apps

  • Integrates integrate ASLR, DEP, and other settings to enhance security (unfortunately EMET had a much better interface)

  • resize console

  • notepad support lf as line-terminator

  • integrated antivirus

  • symlinks as non-admin (since Windows 10 Creators Update it suffices to enable Developer Mode)

  • more reboots? https://www.dedoimedo.com/computers/windows-10-updates-progression-regression.html

Windows 10 did not introduce all those changes at once, the "Creators Update" is practically a new minor release, but as the product is always called "Windows 10" and not "Windows 10.1" it is hard to remember what feature came with which update, so I am listing most of them together.

Windows 10 also did a good job avoiding breaking changes (both in UI and functionalities), but it frustrated users by resetting some preferences.

The biggest difference with previous Windows versions is WSL; new possibilities for working in a Linux like-environment, or for executing GNU/Linux programs on Windows!

WSL1 is one of the biggest additions to Windows, one core piece of technology was already there since Windows NT 3.1(!).

The Microsoft POSIX subsystem and Windows Services for UNIX were not able to execute unmodified GNU/Linux binaries. I’ve never used those subsystems, so I am not sure how well they were integrated with the rest of the system.

WSL1 integrates with other Windows programs, even if there are some limitations.

WSL2 took WSL in another completely different direction, as Microsoft decided to ship a virtual machine as a subsystem. This technique has another set of limitations, in particular

  • the GNU/Linux files are stored in a virtual disk, and not directly on the Windows drive

  • it is not possible to execute Windows programs

  • it is harder to use WSL2 if Windows is installed inside a virtual machine (you need to enable support for nested virtualization)

The UI changes I am most grateful for are virtual monitors and a default dark theme.

Both of those features could be partially accomplished with third-party apps, but the system integration was not as good. In particular for the dark theme. As there is now a default dark theme, more software providers are developing a dark theme too for their applications.

Unfortunately, Windows 10 also continued the trend that began with Windows 8, adding an application that requires an internet connection, collecting data, and services like Cortana, web search, and insisting to create an online account …​

Different products that rely on virtualization technologies (for good or bad): WSL2, and Windows Sandbox.

While both are interesting and useful, unfortunately, the virtualization technology, as implemented, seems to make it difficult to use another program for handling virtual machines like VirtualBox or VMWare. Thus, as those are much more versatile, I prefer to rely on those instead of the new Windows features, and disable the offending features.

It seems that Windows 10 has been developed (or managed) by two different teams. One to add "innovative", welcome and long-requested features (WSL, virtual monitors, black theme, …​) and another for those more interested in graphical interfaces and research people (telemetry, moving settings between "classic" panel and new interface, resetting settings during updates, installing games automatically, …​)

This Windows version could have been the most IT and developer-friendly version one would have wished for, and without alienating normal PC users.

Windows 8.1

Windows 8.1 is more of a minor release but still had some notable changes compared to Windows 8.

  • start menu (like all other windows versions, but open-shell is still better)

  • fingerprint recognition

  • onedrive (renamed skydrive) integration

The most welcoming change is that it undoes some changes introduced with Windows 8. There is a customizable desktop, there is a start menu.

Now it looks more like a computer than a tablet.

It also changes some defaults which makes it much more user-friendly. For example, the desktop is shown by default.

The start menu is the metro desktop, but it’s better than Windows 8. There is an arrow that points downwards (granted, another symbol might have been better), and there one can find most, if not all applications: both Metro applications and classic. There is also a shutdown and search button.

Metro applications now have something similar to the system menu, which unfortunately disappears after some seconds, with a close and minimizes button. Those applications are also shown on the desktop, for example in the system bar(?), providing better integration between the classic and metro desktop.

Like previous Windows versions, the changes in the UI are more evolutionary.

Windows 8

Windows 8 introduce following changes

  • completely overhauls UI

    • no start menu

    • no classic desktop by default (as in screen with customizable wallpaper and icons) but metro UI

    • no rounded corners

    • ribbon in file explorer (and probably other programs too)

    • Charms bar

    • no close/minimize/maximize buttons and no system menu in the title bar (only "metro apps")

    • no widgets, but metro icons can change content

  • requires secure boot/UEFI, but also requires that it can be disabled on PC

  • support for NFC

  • optional integrated online account

  • Windows store

  • Support for virtual disks (VHD)

  • hardware profiles seem not to be possible anymore

The biggest change in Windows 8 is the interface. But contrary to previous Windows versions, where the changes were "evolutionary" (as in the main concepts were always the same and not too disruptive), Windows 8 came with an alternate UI paradigm, which finds its root on Windows Phone.

Most of the metro UI makes sense on a relatively small screen, where most of the time you are using only one maximized application. This would explain the absence of the title bar in metro applications.

What is also strange, is the absence of a tutorial or introduction guide. In particular considering that some elements are hidden in the metro UI, and are activated with gestures.

First, the most obvious, less important but at the same time most confusing change: there is no desktop and start menu. This means that more or less everyone will be confused, as those two components have always been there as there has been a GUI on Windows.

Gigantic icons might work well for touch devices…​ but the icons are too big, and there is a lot of wasted space on any type of monitor. On the other hand, most programs do not have a touch-friendly interface (unless using a pen), like the new ribbon interface in explorer.exe or the "classic" menu in notepad.exe, as those controls are often too small for fingers.

I’ve never used Windows 8 except on rare occasions, so I’ve decided to give it a try again.

After booting up, I was really disoriented.

  • How do I access all my files? There is no explorer or equivalent program.

  • How do I shut down the computer? Clicking on the username provides only the option for "change account picture", "lock" and "sign out" (I’ve used ⊞ Alt+F4 on the desktop and Ctrl+Alt+Del, both of them are unsatisfying)

  • How to access all other programs, for example, notepad.exe. (I’ve used ⊞ Win+R on the desktop)

  • If you open one of the few programs on the "metro desktop" (for example "Photos"), how do you close the window (I’ve used Alt+F4)? How do you open a second one? (I’ve used Alt+Tab, ⊞ Win+Tab shows only Metro applications)

Most of my solutions relied on using keyboard shortcuts, but what if you have a touchscreen device? Or you are one of those people that use the mouse for everything except typing text?

It is true that for any new system, there will be disorientation. But since most people already worked with another Windows version, one cannot simply dismiss all old patterns and habits.

Windows 7

  • changes in UI

  • XP mode virtual machine (only in some editions)

  • Support for SSD

  • integrated driver search

  • themes (better customization opportunities)

  • gadget still there

  • Support ⊞ Win+, ⊞ Win+, ⊞ Win+, ⊞ Win+ for moving windows around

The UI changes again, with less 3D effect, and less transparency/glass effect.

Adds support for new hardware, like SSD, and has an integrated online driver search.

Some editions had an integrated virtual machine called Windows XP Mode (it reminds me a little bit of WSL2, but I believe the used technology is a completely different one)

Windows Vista

  • vista failed attempt to trust computing

  • changes in UI

    • glass effect (if enough resources)

    • 3D effects (if enough resources)

    • desktop gadgets

    • shuffled settings

  • support for changing language

  • Transactional NTFS

  • UAC and integrity levels

  • Support for 64bit (compatible with 32-bit, contrary to Windows XP)

  • search service (instant search)

    • search programs in the menu

  • fax and scan(?)

  • sync and sharing

  • windows marketplace

  • Removes Clippy

  • required system resources

  • windows experiences index

  • virtualstore folder

  • Ctrl+Alt+Del does not open the task manager anymore, Ctrl+⇧ Shift+Esc does, and the task manager has not the option anymore to shut down the Computer, lock the PC or change User.

Windows Vista enhanced the UI in multiple places. Most settings are where they were in previous Windows versions, but there are a lot more visual effects, like transparent borders (glass effect), and 3D effects when switching windows.

Compared to Windows XP, Windows Vista introduced UAC, which makes it easier to execute a program as another user.

And obviously take advantage of UAC to execute the program that needs administrator rights from time to time.

For understanding UAC, one needs to consider that until Windows XP, the "normal" user was the one with administrator rights. It was possible to configure the PC in another way, but many programs would not work correctly, because they expected to be able to write and read in system directories.

Having UAC changed the status quo, and forced developers to be more careful where to write their data. And it also made the system usable, imagine having to switch user accounts because you want to execute one program that needs administrator rights (and at the time, it happened far too often with older programs). Most people would have turned UAC off.

Note 📝
It was already possible to create something similar on Windows XP with SuRun, but most people were not aware of it. Having something integrated into the system is much better. Also because to support older apps Microsoft developed some redirections in the file system and registry as compatibility features.

Part of UAC are also the integrity levels. Those can be used for limiting where programs can write their data, as described on this article:

Internet Explorer’s protected mode is implemented using the IL mechanism. The iexplore.exe process runs at Low IL and, in a system with default configuration, can only write to %USERPROFILE%\AppData\LocalLow and HKCU\Software\AppDataLow because all other objects have higher ILs (usually Medium).

If you don’t like surfing using IE, you can very easily setup your Firefox (or other browser of your choice) to run as Low integrity process (here we assume that Firefox user’s profile is in j:\config\firefox-profile):

C:\Program Files\Mozilla Firefox>icacls firefox.exe /setintegritylevel low J:\config>icacls firefox-profile /setintegritylevel (OI)(CI)low

Because firefox.exe is now marked as a Low integrity file, Vista will also create a Low integrity process from this file, unless you are going to start this executable from a High integrity process (e.g. elevated command prompt). Also, if you, for some reason (see below), wanted to use runas or psexec to start a Low integrity process, it won’t work and will start the process as Medium, regardless that the executable is marked as Low integrity.

It should be stressed that IL, by default, protects only against modifications of higher integrity objects. It’s perfectly ok for the Low IL process to read e.g. files, even if they are marked as Medium or High IL. In other words, if somebody exploits IE running in Protected Mode (at Low IL), she will be able to read (i.e. steal) all user’s data.

— Joanna Rutkowska
author of theinvisiblethings

Windows Vista also introduces a 64-bit version able to execute existing 32-bit programs. Note that having more than 4GB of RAM was still rare at the time, but 64-bit CPUs already existed.

Another change was support for multiple languages. With Windows XP, changing the language after having installed the system was hard, if possible at all.

Some versions of Windows Vista (apparently Ultimate and Enterprise) support changing language out of the box.

Another new feature is the transactional filesystem API. In theory, it could have simplified some processes. For example, avoid an installer leaving a half-installed application on the disk. Maybe there were some downsides, but the API is deprecated (but still present), but given its status, it does make little sense to use it.

The biggest disadvantage (at the time) of this Windows version where the resource usage (and I also remember some stability issues), and the fact that upgrading from XP was not free. Windows Vista added (compared to Windows XP) "a lot" of background processes, the biggest offender, probably, was file indexing, for providing an "instant search". At the time it was at least easy to disable.

Windows XP

  • changes in UI

    • colors

    • rounded borders

    • themes (3 preinstalled, Zune and possibly others)

  • integrated firewall (since SP3)

Whishlist

From time to time I wish Windows had certain features.

So why not list them here, and see if something changes?

Keyboard shortcuts

In particular, keyboard shortcuts for moving applications between virtual desktops. Currently, it is only possible with the mouse.

It would also be nice to be able to customize shortcuts.

A more user-friendly command-line environment by default

First, it should have a command like sudo. I would like to execute inside an existing console a program as another user, instead of opening a new console as another user and having two consoles.

In some situations, opening a new console (a graphical application) is not possible (like when I am connected via ssh). A workaround would be to connect remotely (for example with ssh) to the current machine as another user, but why should something like that be necessary?

After that, a command-line editor, like nano or vim.

And a package manager (which is not a store). Something like appget. It should also integrate with the update mechanism of Windows and the store. According to this article, winget "is bundled with Windows 11 and modern versions of Windows 10", but I am not able to find it.

Also, a htop-like program would be appreciated (again, opening a task manager is not always possible). There is NTop, but it’s not the same thing (yet).

Last but not least, a Cygwin environment (no WSL is not a Cygwin replacement). Or at least, the guarantee that Cygwin will continue to work, as currently, techniques like ASLR, possibly other mitigation techniques, antiviruses and other programs can be an issue.

Note that I am not asking Microsoft to develop all those new programs for free, they already exist. It’s just a matter of having a better environment by default.

Also including Cygwin by default, would at least ensure that developers of antiviruses would stop having so many false positives…​ and maybe provide a better API for emulating fork.

A hardened environment by default

The default user is still an administrator, maybe having a regular user by default would be better? In the meantime (since the introduction of UAC in Windows Vista), most if not all programs do not have issues.

Also, explorer could have saner defaults.

File extensions should be shown by default, and the execution of "common" double-extensions (like .doc.exe) should also be disabled by default. Both changes can already be done at least since Windows XP, but changing the default value would help a lot of people.

Also double-clicking on a file should always open it, and never execute it. At least, it should ask the user. This is a breaking change if implemented as described in this notes, but it is possible to make the change less invasive, by changing the behavior of explorer.exe and not the file association.

Also, executables should not be able to define their own icon and hide themself as another file type.

A more closed-up firewall by default would also help. Ideally, all ports should be closed by default. Instead, there are so many rules by default…​ and it is also not always clear which programs are going to break if you are going to close some port/delete some exceptions.

And do not ignore the entries in a hosts file!

The main issue is that it is harder to see if something is wrong if there are already fifty or more rules, while it is obvious if there is only a handful.

A more minimal system

I like to avoid creating e-waste (actually, any kind of waste), so I try to use what I have as long as it is possible. Changing hardware because a newer version of a program requires it is generally a bad thing. What should I do with the old but otherwise still-working PC?

Because of that, it would be nice having a more minimal or "lightweight" system.

TMP2 and an internet connection are no real system requirements. Windows does not need them for working.

Take for example optical drives. They were listed as a system requirement, but no Windows version complained about it if it was missing.

It would also be better if there were fewer background processes.

Most of them do not have clear descriptions, and others are hard, if not impossible, to stop without hacking the registry and deleting files.

I do not need to have my hard drive indexed. I also doubt there are good reasons for having one or more services running all the time in case one wants to install an application from the store. Why not just start the program that starts the installation when I click on "install"?

I also do not need candy crush, skype for business, or a lot of other unwanted software. in particular, Windows should not reinstall them automatically.

An online account is also an unneeded restriction.

On the other hand, a couple of tools for managing the system better, like some Sysinternals tools and/or PowerToys, or an advanced editor like notepad++ would be welcome.

Other wishes

  • preinstalled applications (browser, proposed editors, package manager, PowerShell) should be upgradeable/have an independent lifecycle from the operating system.

  • sandboxie. There is Windows sandbox, which offers similar features, but applications run in a separate virtual desktop, and it relies on those virtualization technologies that make using other platforms like VirtualBox more difficult.

  • One edition to rule them all. Depending on which Windows version you are using, there are different "editions". The professional edition, the home edition, the starter edition, the ultimate edition…​ It would be much simpler if there is one edition that supports all/most features (gpedit included), and then Microsoft selling separate products and programs (BitLocker, remote desktop, …​.), just like they already do. Granted, it is currently possible to update from one edition to another by just entering a license key (on older versions of Windows you had to reinstall the system…​), but why make it more complicated than it needs to be? Should there be an "Office Edition" with Microsoft Office installed?

  • Being able to execute explorer.exe as administrator (it is painful having to manage multiple files and type your password in the UAC dialog for every rename)

  • A better terminal emulator by default (like mintty)

  • Move from UTF-16/CodePages to UTF-8

  • An official offline activator for older/unsupported versions of Windows I have the license key for older Windows versions, but I might not be able to activate them. Depending on the version, it means I have only some limited time for using them before I need to reinstall the system.

  • Support and use mainly untyped symlinks. Make them compatible with WSL (1 and 2) and usable by programs. Hopefully it would replace all other symlink types on Windows.

  • Disable 8.3 filenames by default

  • Disable online search by default, or at least make it easy to disable it


1. and regression in others

Do you want to share your opinion? Or is there an error, some parts that are not clear enough?

You can contact me anytime.