- Install, uninstall, and repair MSI packages to verify Windows Installer functions correctly.
- Connect and disconnect your cloud sync provider (e.g. OneDrive) multiple times and confirm sync functions after restarts.
- Enroll a device in Intune or your MDM solution, verify compliance status, and trigger a policy sync.
Common Log File System and storage
The Common Log File System driver (clfs.sys) — subject of March’s major hardening change — picks up a follow-up patch. Storage Spaces (spaceport.sys) and app isolation file system drivers (bfs.sys, wcifs.sys) also receive updates this cycle.
- Run Windows Update install and rollback cycles, then power-cycle the machine multiple times to confirm the system boots normally each time.
- Install and uninstall a set of representative applications through multiple cycles and confirm each completes without error.
- Perform a backup using your normal solution, restore from it, and verify data integrity.
- If using Storage Spaces, create a pool with mirrored and thin virtual disks, write data, and verify clean deletion.
Office and SharePoint
April’s Office updates target MSI editions: Excel 2016 (KB5002860), PowerPoint 2016 (KB5002808), Office 2016 shared libraries (KB5002859), and SharePoint Server 2016, 2019, and Subscription editions. These will not install on Click-to-Run deployments such as Microsoft 365 Apps.
- Open and edit complex Excel workbooks with formulas, macros, and external data connections; save and reopen to verify integrity.
- Create and edit PowerPoint presentations with embedded media and transitions.
- Across all patched server editions, validate SharePoint document library operations, co-authoring, and workflow execution.
- Verify that Office add-ins and line-of-business applications integrating with Office continue to operate correctly.
April’s two High Risk components should top every testing queue. Kerberos changes could disrupt long-running services using RC4 keytabs; monitor event IDs 201–209 and keep rollback plans ready. The Remote Desktop client update warrants thorough validation of clipboard, printer redirection, and session reconnection, particularly in RDP-dependent environments. Secure Boot and BitLocker validation remains essential as CVE-2023-24932 key rolling continues. Five patches to the Projected File System driver elevate cloud sync testing this cycle. The dual afd.sys updates and VPN/IPsec patches warrant regression testing across remote-access infrastructure. Office updates are confined to MSI editions.
