Windows - Configuration - Windows 10 22h2 Feature Update

What the Windows 10 22H2 Feature Update Worklet does

This Automox Worklet™ performs an in-place feature update from earlier Windows 10 versions to 22H2, the final supported release of Windows 10. The Worklet detects the current version on each endpoint and automatically deploys the update for systems not yet at 22H2.

Windows 10 22H2 represents the culmination of Windows 10 development. Microsoft will continue releasing monthly security updates for 22H2 until October 2025, making it the stable baseline that IT operations teams should target for long-term compliance.

The Worklet examines registry keys including HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate.

The Worklet uses Microsoft's official Windows Update Assistant tool, which handles the entire caching and installation workflow silently. When the 22H2 feature package is fully cached on the endpoint, the system automatically reboots to complete the installation without user prompts.

Why upgrade Windows 10 to 22H2

Endpoints running outdated Windows 10 versions face imminent end-of-service and loss of security patch support. When Windows 10 21H2 and earlier releases reach their support lifecycle end dates, Microsoft stops publishing security updates for those versions, exposing endpoints to zero-day vulnerabilities that attackers actively exploit in the wild. Organizations with endpoints on unsupported Windows 10 versions violate compliance frameworks including PCI-DSS and HIPAA that mandate security patch currency, triggering audit failures and potential regulatory penalties.

Upgrading to 22H2 also delivers stability improvements and bug fixes that address issues users may experience on older releases. Many organizations report improved performance and compatibility after the feature update reaches completion.

For IT operations teams managing mixed Windows 10 versions, 22H2 consolidates your fleet on a single baseline. This standardization simplifies compatibility testing, reduces support burden, and aligns your environment with Microsoft's recommended configuration.

How the Windows 10 22H2 feature update process works

1. Evaluation phase: The Worklet checks the Windows version using WMI queries. If the endpoint runs Windows 11, it marks the endpoint as compliant and skips remediation. If Windows 10, it compares the build version against 10.0.19045 (the 22H2 build identifier). Endpoints already at 22H2 exit as compliant. All other Windows 10 versions trigger remediation.

2. Remediation phase: The Worklet sets Windows Update Group Policy registry keys to target the 22H2 release, then downloads the Windows Update Assistant executable directly from Microsoft using System.Net.WebClient. If TLS 1.2 is disabled, the script automatically enables it before download. Once the Windows Update Assistant runs silently with deployment flags, it begins downloading the 22H2 package in the background. When caching completes (typically one to two hours), the system automatically reboots without user prompts to apply the update.

Windows 10 22H2 update requirements

• Windows 10 operating system (any version prior to 22H2)

• Approximately 12 gigabytes of free disk space on the system drive

• TLS 1.2 protocol enabled (the script will attempt to enable it automatically if disabled)

• Network connectivity to download the Windows Update Assistant from Microsoft

• Local administrator privileges to modify registry and execute installation processes

• Worklet notifications set to off - the Windows Update Assistant controls reboot messaging

Expected system state after Windows 10 22H2 installation

Once the Worklet completes, endpoints report Windows 10 version 10.0.19045 and the evaluation phase marks them as compliant. The system automatically manages the reboot during off-hours using Windows Update Assistant notifications, which display the Microsoft-branded reboot countdown rather than Automox prompts.

After the feature update installation finalizes, endpoints boot into the Windows 10 Out-of-Box-Experience (OOBE) setup screen briefly, then complete the welcome workflow automatically. The Worklet completion status may not display in the Automox activity log because the final installation stage requires a reboot; but the evaluation phase will confirm success on subsequent policy enforcement runs when it detects the 22H2 build version.

How to validate windows 10 22h2 feature update changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for windows 10 22h2 feature update.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Get-CimInstance, Write-Output.

4. Validate remediation effects from script operations such as Test-Path, New-Item, Out-Null, then rerun evaluation for compliance.