Windows 10 reaches end of support on October 14, 2025. A great place to learn about all the Windows 10 Extended Security Updates (ESU) options is in our blog post, When to use Windows 10 Extended Security Updates. In this article, I will provide more detail on the Windows 10 lifecycle for Windows 365 across the following scenarios: * Existing Cloud PCs running Windows 10 * Creating new and reprovisioned Cloud PCs with Windows 10 * How to create a Windows 10 custom image with Extended Security Updates * ESUs for physical PCs that connect to Windows 365 * Microsoft 365 Apps support for Windows 10 * Windows 10 ESU support Existing Cloud PCs running Windows 10 On existing Cloud PCs running Windows 10 22H2 in Azure, ESUs are available at no additional cost—read about the Extended Security Updates (ESU) program for Windows 10 for more information. The ESU program enables PCs to continue to receive critical and important security updates. ESUs will be offered on Cloud PCs running 22H2 when Windows Update or Autopatch is run without requiring any admin action. Updates will be installed based on Windows Update configurations of each Cloud PC and are applied automatically after deployment. Creating new and reprovisioned Cloud PCs with Windows 10 Starting October 14, 2025 the Windows 10 gallery images have been removed and are no longer available to create new provisioning policies. If you still need to create Windows 10-based provisioning policies, please follow the process to create a custom image based on the Azure Marketplace Images that are available until April 14, 2026. Windows 365 provisioning policies that use Windows 10 22H2 gallery images (with or without Microsoft 365 Apps) will continue to work until April 14, 2026. After that date, these images will be retired and no longer available. For any provisioning policies that still reference these images, the image status will change to “out of support” and new provisioning attempts will fail. To learn more, please read Lifecycle policies and end of support for Cloud PC operating systems. The final monthly update to the Windows 365 Windows 10 gallery images will be the Windows 10 October 2025 update. Between October 2025 and April 2026, Cloud PCs created will need to install ESUs to be current. Microsoft recommends switching to Windows 11 for a more secure Windows experience. A Windows 10 22H2 image that contains the October 2025 update will remain published in the Azure Marketplace. This is the same version as published in Volume Licensing and Visual Studio downloads. It does not contain any Windows 365 or Microsoft 365 app customizations. How to create a Windows 10 custom image with Extended Security Updates After April 2026, customers that want to create a Windows 10 image will need to create a custom image and import it into Windows 365. Here’s how: * Create an Azure Virtual Machine using Windows 10 22H2 from Azure Marketplace. *  Note: the last Windows 10 image available is October 2025. * Perform a Windows Update to ensure the latest ESUs are installed. Multiple reboots may be required. * Review support details before installing Microsoft 365 apps. * Follow all instructions for creating and importing custom images into Windows 365. ESUs for physical PCs that connect to Windows 365 If users are connecting to Cloud PCs from Windows 10 physical PCs that are Intune-managed, each physical PC is automatically entitled to receive Windows 10 ESUs. This benefit’s purpose is to extend the life of Windows 10 PCs that do not meet Windows 11 hardware requirements. Note: Physical devices connecting to Windows 365 Frontline Shared and Windows 365 Reserve Cloud PCs are not eligible for free ESUs. Learn more about enabling Extended Security Updates (ESU). Microsoft 365 Apps support for Windows 10 Visit Windows 10 end of support and Microsoft 365 Apps to learn more. Windows 10 ESU support We will determine if the issue pertains to Windows 365 or with Windows 10. If the issue is determined to be with Windows 365, we will support as expected and work towards a resolution to your reported issue. If the issue is determined to pertain to the operating system, we will request/require an attempt to reproduce the same issue on a currently supported version of Windows 11. If that issue is able to reproduce on Windows 11, we will work that issue as it is supported. Once resolved, and if applicable, we can attempt to apply that same solution to the originally reported Windows 10 system. If the Windows 11 solution does not resolve the issue on Windows 10, we would recommend upgrading to Windows 11 as Windows 10 is no longer supported. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Did you know that hotpatch updates are significantly smaller than standard Windows updates? Rather than the larger cumulative packages that take more time to install on devices, hotpatch updates bring faster security and improved productivity. Their smaller size translates to optimized network performance, faster installation, and quicker compliance, among other benefits. Smaller updates, same security, smarter delivery Hotpatch enables devices to receive critical security updates without restarting. Instead of downloading the full monthly update, hotpatch delivers only the in-memory code changes needed to address security vulnerabilities. For several releases, the hotpatch package has been reported to be more than 10 times smaller than the standard cumulative update. Importantly, these significantly smaller packages still maintain the same level of security and compliance. Benefits of smaller updates for your organization Hotpatch updates don’t just save time. They drive business continuity by ensuring that users remain secure and productive, without disruption. By reducing update sizes, hotpatch unlocks new levels of efficiency: * Optimized network performance: Reduced download sizes result in lower bandwidth consumption, easing the load on corporate networks. Fewer megabytes travel across your network to allow large fleets to update smoothly without spikes in WAN usage. * Sustainability benefits: Smaller updates reduce energy consumption tied to downloading updates, reducing the carbon footprint significantly. * Faster security compliance: Smaller updates are faster to install and therefore help you achieve security compliance more quickly. These efficiency boosters add to the general benefit that hotpatching installs in the background with no interruption or restarts for increased user and IT productivity. Why is the hotpatch size smaller than standard cumulative update? Standard Windows cumulative updates are designed to be comprehensive. Each package contains not only the latest security fixes but also quality and feature updates, along with security and feature updates from previous releases. This way, any device can get fully up to date from a single package. But this also makes the update larger in size. Hotpatch takes a leaner approach: * Security-only updates: Hotpatch focuses exclusively on delivering security fixes, rather than combining them with quality and feature updates. This narrower scope significantly reduces package size. * Incremental model: Whereas standard updates carry forward all the past fixes and features, hotpatch updates build only on top of the most recent quarterly baseline update. Each hotpatch package contains only the incremental security changes for the specific months, within the current quarter. Note: If a device has been disconnected for a long time, expect its next update to be larger. First, it will receive the latest baseline, which would be the standard cumulative update, followed by the hotpatch update. What your hotpatching calendar looks like * Baseline update: Delivered on the first month of each quarter (January, April, July, and October). This is the same composition and size as the standard cumulative update. This update is released on the second Tuesday of the month. * Hotpatch updates: Delivered on the two months following the baseline update. Devices receive only incremental, security patches that are installed without a restart. These updates also get released on the second Tuesday of the month.  Find the detailed hotpatch release cycle here. Looking ahead With reduced patch sizes and fewer restarts, you can join thousands of enterprise customers in achieving your security compliance faster and focusing more on innovation. Hotpatch is part of the Microsoft commitment to simplify and modernize update management. Discover related resources to start with hotpatching today: * Check if your organization is ready for hotpatch updates. * Has your question already been asked? See Hotpatch for client: Frequently asked questions. * Learn about Windows Autopatch required to create and deploy hotpatch updates. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Are you a new Windows developer or looking to skill up on the latest in AI? This skilling snack is for you! Start at the top to learn about Windows Machine Learning (ML)—now generally available—or skip down to the resources that meet your current needs. Time to learn: 73 mins Get started with Windows Machine Learning (ML) * Windows ML is generally available: Empowering developers to scale local AI across Windows devices (10 mins): Ready to scale local AI across Windows devices? Learn how to build AI experiences that are more responsive, private, and cost-effective. Watch this one-minute video teaser for a quick introduction. * Introducing Windows ML: The future of machine learning development on Windows (10 mins): Preview Windows ML to create AI-infused applications with ease. It’s a cutting-edge runtime optimized for performant on-device model inference and simplified deployment with the foundation of Windows AI Foundry. * What is Windows ML (4 mins): Visit our technical documentation to learn more about how Windows ML works and what you’ll need to start using it. Get introduced to execution providers (EPs) and learn about automatic EP management for different hardware (CPUs, GPUs, and NPUs). * Get started with Windows ML (3 mins): Review your device and language-specific prerequisites before using Windows ML. Follow steps to install or update the Windows App SDK depending on whether you use C#, C++, or Python. Then download and register EPs. The latest from Microsoft Build * An IT pro’s guide to Windows at Microsoft Build 2025 (5 mins): Get a summary and links to on-demand sessions on developing with and for Windows. * Advancing Windows for AI development: New platform capabilities and tools introduced at Build 2025 (23 mins): See how Windows is becoming a better dev box for AI development. Find out about Windows AI Foundry, Windows ML, AI APIs, Model Context Protocol (MCP), improvements to Windows Developer tools, security, and more. Watch this one-minute video teaser! Additional resources for AI development in Windows * Copilot+ PCs developer guide (11 mins): This updated guidance for developers now includes Windows ML! Find out about device prerequisites, considerations for different silicon chips, unique AI features, and other helpful tips. * Windows AI Foundry (time varies): Bookmark this gateway to all things Windows AI Foundry as a unified, reliable, and secure platform. It supports the AI developer lifecycle from model selection, fine-tuning, optimizing, and deployment across CPU, GPU, NPU, and cloud. * Securing the Model Context Protocol: Building a safer agentic future on Windows (7 mins): Learn about MCP as a foundational layer of secure, interoperable agentic computing, currently in preview. Review the requirements, possibilities, and security controls that MCP covers for hosts, clients, and servers. What are you most excited about building next? Have you tried Windows ML yet? Leave us a comment below and share these resources with your peers! The Windows skilling snacks library has more on Windows and AI, as well as other topics of interest. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Building upon the big milestones in Windows we announced in August, yesterday we announced the availability of Windows 11, version 25H2! Be sure to check out our IT pro’s guide to Windows 11, version 25H2 and how Wi-Fi 7 is a game changer for enterprises. These blogs cover the Windows 11, version 25H2 release in depth—truly news you can use! My colleagues in Windows 365 also had a wealth of new features and capabilities announced throughout the month of September—you can read more about those below. And if you have a Copilot+ PC, be sure to check out our new AI agent in Settings—it allows you to search for settings using natural language queries. Give it a try and see for yourself! Without further ado, here’s the news for September 2025. New in Windows update and device management * [W11 25H2] Windows 11, version 25H2 reached general availability yesterday, September 30, 2025. In an IT pro’s guide to Windows 11, version 25H2, you can discover tools and resources to help you roll out version 25H2 at your organization. o   Read about how to get the newest version of Windows 11 and watch this video. o   Find release information and updates on known issues on the Windows release health hub. o   Wi-Fi 7 support for enterprise access points is now generally available in Windows 11, version 24H2 and version 25H2. Discover how your organization can benefit from better speed, high throughput, improved reliability, and enhanced security. * [INTUNE] There’s a change coming on December 2, 2025, to Microsoft Intune network service endpoints. If your organization uses outbound traffic policies based on IP addresses or service tags, be sure to review and update your firewall rules before December 2, 2025 to avoid service disruptions. Learn more about what you need to do to prepare. * [INTUNE] Have questions about simplifying endpoint management, unifying data across Microsoft solutions, and how to stay ahead of the curve in device and app security? Don’t miss this Tech Community Live—Microsoft Intune edition on October 6, 2025. Engineering and product team members will be on hand to answer your questions. Save the date and post your questions in advance. * [OFFICE HOURS] Join our continuing series of live Q&A for IT professionals. Product experts, servicing experts, and engineers will be on hand to answer your questions. RSVP for the next Windows Office Hours on October 16, 2025. New in Windows security * [PURVIEW] Discover the advantages of Microsoft Purview to help reduce data breaches across your organizations. Learn about key areas of impact and the steps you can take to modernize data security and governance strategies. Looking for ways to stay current with regulations, certifications, and reporting? Consider using Microsoft Purview Compliance Manager. For more information, dive into the insights offered in the Total Economic Impact™ (TEI) of Microsoft Purview study by Forrester Consulting. * [DEFENDER] Ready to consolidate fragmented security capabilities at your organization? Learn more about using the integrated tools and AI-powered insights in Microsoft Defender. It can help strengthen your organization’s security posture and build resiliency across hybrid and multicloud environments while benefiting from significant return on investment. * [SECURE BOOT] Take action now to prepare for the expiration of Secure Boot certificates in June 2026. Learn which new certificates will be available in the coming months to maintain UEFI Secure Boot continuity. Learn more from frequently asked questions about the Secure Boot update process. New in AI * [M365 COPILOT] Beginning in October, the Microsoft 365 Copilot app will automatically be installed on Windows client devices with Microsoft 365 desktop apps. The app simplifies access to Copilot and engagement with productivity features. Review the documentation to manage this change at your organization. * [WINDOWS ML] Big news for developers: With Windows ML, now generally available, developers can deliver real-time, secure AI workloads to Windows devices. Discover how to use Windows ML to deploy production experiences. * [AI IN WINDOWS] Catch up on using AI for Windows management and how to get started using Microsoft Copilot Chat. Parts 2 and 3 of our Skilling snack series on AI in Windows offer more resources to help you use AI for management and improved work experiences. Stay tuned for more snacks—coming soon. Install the September 2025 non-security update for Windows 11, version 24H2 to get this and other capabilities, which are rolling out gradually. * [FILE EXPLORER] Use AI actions in File Explorer to edit images or summarize documents. Right click (or press Shift+F10) on the file and select AI actions. (Note: This experience is not yet available for customers in the EEA.) * [MICROSOFT 365] AI actions in Microsoft 365 make it easier to work with your documents. Use Summarize action in Copilot to quickly generate summaries of files stored in OneDrive and SharePoint, eliminating the need to open each one. (Note: Requires an active Microsoft 365 subscription and a Copilot license. Microsoft account and Microsoft Entra ID supported.) * [COPILOT+ PC] Learn about new capabilities for Copilot+ PCs in this update. New in Windows Server For the latest features and improvements for Windows Server, see the Windows Server 2025 release notes and Windows Server, version 23H2 release notes. * [WINDOWS SERVER 2025] Learn how to prepare for and use N-4 media-based upgrades to move your organization’s physical devices and virtual machines directly to Windows Server 2025 from earlier versions of Windows Server. New in productivity and collaboration [W365] Four years after Windows 365 first came to market, it continues to transform the approach to AI-driven cloud computing. This month saw expanded availability of key features and capabilities and a host of new ones. Read about these capabilities and how they can help you address key priorities at your organization such as flexibility, security and resilience, and AI-enabled endpoint management. Here are just a few highlights: * [CLOUD APPS] Windows 365 Cloud apps are now in public preview. Learn about this new way to securely stream Windows apps to any device. * [FRONTLINE] Do you help support IT at U.S. government agencies? Windows 365 Frontline is now available for Government Community Cloud (GCC) and GCC High (GCCH). It provides frontline workers with secure, compliant access to Cloud PCs from any device. Learn more about the editions that will best meet your organization’s needs. * [HEALTH CHECK] Use the health check suite for proactive troubleshooting that helps ensure optimal performance across Windows 365 and Azure Virtual Desktop environments. [UPDATES] Review the September 2025 security update for Windows 11, version 24H2 and version 23H2. For additional details, please refer to the August 2025 non-security preview update release notes for Windows 11, version 24H2 and version 23H2. To preview what’s coming in October 2025, install the September 2025 optional non-security preview update for Windows 11, version 24H2, which includes the gradual rollout of: * [NARRATOR] Narrator now includes Braille Viewer, which shows on-screen text and its Braille equivalent on a refreshable Braille display. To open Braille viewer and start Narrator, press the Windows logo key+Ctrl+Enter, press Narrator key+Alt+B. Also new in Narrator: A smoother, more natural experience in Word, with improved voice feedback, reliable continuous reading, and better navigation for footnotes, comments, lists, and tables. * [TASKBAR] IT administrators no longer need to restart explorer.exe to apply the pinning policy. After applying the policy, pins should appear on the taskbar within approximately 8 hours. * [DESKTOP] You can now move the hardware indicators for brightness, volume, airplane mode, and virtual desktops to different positions on your screen. * [PASSKEYS] There is now seamless plugin passkey manager integration in Windows 11. To use plugin credential manager for passkeys, install a credential manager application that supports integration then go to Settings > Accounts > Passkeys > Advanced options. * [SETTINGS] More settings have moved from Control Panel to Settings. You can now add additional clocks, change your time server, and customize date and time formatting directly from Settings > Time & language > Date & time. Keyboard character repeat and cursor blink rate settings are now easier to find under Settings > Accessibility. Lifecycle milestones Check out our lifecycle documentation for the latest updates on Deprecated features in the Windows client and Features removed or no longer developed starting with Windows Server 2025. * [WMIC] The Windows Management Instrumentation Command-line (WMIC) tool is moving toward the next phase for removal from Windows. It will be removed when updating to Windows 11, version 25H2. Note: Only the WMIC tool is being removed – Windows Management Instrumentation (WMI) itself remains part of Windows. To prepare for a smooth transition, learn about using PowerShell or other tools for tasks previously completed with the WMIC tool. * [W10 EOS] Windows 10 end of support (EOS) is now less than two weeks away. The October 2025 monthly security update will be the last update available for this version. Consult helpful resources in this 60-day reminder message. * [W10 EOS] [IOT] Find out which versions of Windows 10 IoT Enterprise are impacted on October 14, 2025. * [W11 22H2] Windows 11, version 22H2 (Enterprise and Education editions) no longer receives non-security preview updates. Monthly security updates will continue through October 14, 2025, when version 22H2 officially reaches end of servicing. Consult helpful resources in this 60-day reminder message. * [W11 23H2] Windows 11, version 23H2 (Home and Pro editions) will reach end of servicing on November 11, 2025. Enterprise and Education editions will continue to be serviced through November 10, 2026 per the Modern Lifecycle Policy. Additional resources Looking for the latest news and previews for Windows, Copilot, Copilot+ PCs, the Windows and Windows Server Insider Programs, and more? Check out these resources: * Windows Roadmap for new Copilot+ PCs and Windows features – filter by platform, version, status, and channel or search by feature name * Microsoft 365 Copilot release notes for latest features and improvements * Windows Insider Blog for what’s available in the Canary, Dev, Beta, or Release Preview Channels * Windows Server Insider for feature preview opportunities * Understanding update history for Windows Insider preview features, fixes, and changes to learn about the types of updates for Windows Insiders September was another great month of new features and capabilities! Thank you for staying up on the latest news you can use. We’re looking to make this monthly summary more helpful to you! Please drop us a note below and let us know what information you most want to hear about. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Windows 11, version 25H2 is now available through Windows Autopatch and the Microsoft 365 admin center.i It is also available for download from the Microsoft Software Download Service and Visual Studio Subscriptions. Windows 11, version 25H2 will become available via Windows Server Update Services (WSUS) on October 14, 2025, with the October security update. Here is your guide to tools and resources to support your rollout of this update, plus some additional helpful information. In this release Windows 11, version 25H2 includes the same new features and enhancements delivered through our Windows 11 continuous innovation efforts. Some features that were behind temporary commercial control in Windows 11, version 24H2 are now enabled by default in version 25H2. These include: * AI actions in File Explorer * Click to Do (Copilot+ PC feature) * Agent in Settings (Copilot+ PC feature) The latest advances in update innovation also carry over with capabilities like quick machine recovery and hotpatching for Windows client available on version 25H2. Version 25H2 includes Wi-Fi 7 for enterprise connectivity. It’s designed to address evolving security needs while helping support reliable connectivity in high-density, high-throughput scenarios. You can start deploying Wi-Fi 7 enterprise-grade access points to eligible devices to take advantage of the same benefits already available to consumer devices. You also have the ability to remove select preinstalled Microsoft Store apps using policies on Windows 11 Enterprise and Windows 11 Education, version 25H2. By avoiding custom imaging and complex scripts, you’ll reduce operational overhead and create a cleaner, work-ready experience. This new capability is available via mobile device management (MDM) tools and Group Policy today, and it lights up in the Microsoft Intune Settings Catalog tomorrow! Deploying Windows 11, version 25H2 Windows 11, versions 24H2 and 25H2 use a shared servicing branch. That means that version 25H2 will be delivered as an enablement package, offering a fast, easy installation process like monthly Windows updates. If you’re not familiar with enablement packages, the features in Windows 11, version 25H2 were included in the latest monthly update for version 24H2. However, they were in an inactive and dormant state. An enablement package works like a small switch that activates the features in version 25H2, so the update from Windows 11, version 24H2 to version 25H2 takes place in roughly the same time as typical monthly Windows updates. As with all feature updates, you can use Windows Autopatch in Intune, or your preferred endpoint management solution, to roll out the update across your organization. We recommend that commercial organizations begin targeted deployments to validate that their apps, devices, and infrastructure work as expected with this new release. Tools and resources The deployment, security, and management tools you rely on have been refreshed for this update. * Windows 11, version 25H2 Security Baseline * Administrative templates (ADMX) for Windows 11, version 25H2 * Group Policy Settings Reference spreadsheet for Windows 11, version 25H2 * Windows 11 Enterprise Evaluationii We’ve also updated the Windows release health hub with release information for Windows 11, version 25H2 as well as the pages for sharing information on known issues. The Windows 11, version 25H2 update history page—where you’ll find release notes for monthly and out-of-band updates—will be available with the first monthly update for version 25H2 on October 14, 2025. Bookmark https://aka.ms/Windows11/25H2/UpdateHistory now for easy access to release notes. Lifecycle information for Windows 11, version 25H2 Today, September 30, 2025, marks the start of 36 months of servicing support for Enterprise and Education editions of Windows 11, version 25H2. Home and Pro editions receive 24 months of support. For more information, see the Windows 11 Lifecycle FAQ. Where can I get help with deploying Windows 11 feature updates? If you want to lower the cost of managing updates for your IT team, benefit from built-in protections such as feature update safeguards, and get Windows security updates faster without a restart, get started with Windows Autopatch. Windows Autopatch is included with Windows Enterprise E3 (or higher), Windows A3 (or higher), F3, and Microsoft 365 Business Premium, and can help you easily deliver both feature and quality updates for Windows, as well as driver updates. If you need additional help, tips, or best practices, join Windows Office Hours every third Thursday on the Windows Tech Community! We assemble experts from the Windows, Microsoft Intune, and Windows 365 product teams, as well as adoption and security specialists, to answer your questions in chat. Submit questions during the live one-hour event or post them in advance if that time doesn’t work for you. Our next event is Thursday, October 16, 2025. It's also a good idea to follow the Windows IT Pro Blog—and follow us on LinkedIn or @MSWindowsITPro on X—to keep up with the latest Windows announcements and new feature releases! Finally, if you’re interested in exploring new features in Windows 11 prior to release, join the Windows Insider Program. Access preview builds of Windows 11, provide feedback directly to Microsoft, and assess how your apps, hardware, and processes perform in early environments. Want to work directly with the Windows engineering teams to develop solutions that better meet your needs? Join the Customer Connection Program. iDownloads in the Microsoft 365 admin center and similar channels may be delayed. iiThe Arm64 Enterprise Evaluation will be released at a later date. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

We’re excited to announce the general availability of Wi-Fi 7 support for enterprise access points. Starting with the September 2025 Windows preview non-security update, a significant leap forward in wireless networking reaches Windows 11, version 24H2 and later. Windows 11 has already supported Wi-Fi 7 for consumer access points since 2024. Now, your organization can also benefit from better speed, high throughput, improved reliability, and enhanced security for modern enterprise environments that support Wi-Fi 7 enterprise access points. Wi-Fi settings show a Windows device connected to a Wi-Fi 7 enterprise access point. What makes Wi-Fi 7 a game-changer for enterprises The performance enhancements introduced by Wi-Fi 7 in the consumer space are now being extended to enterprise environments. Wi-Fi 7 for enterprise is designed to address evolving security needs while helping support reliable connectivity in high-density, high-throughput scenarios. Here’s what helps make Wi-Fi 7 a game-changer for enterprises: * Required WPA3-Enterprise authentication * Seamless roaming and enterprise-specific enhancements * Performance benefits Required WPA3-Enterprise authentication Security is a shared responsibility. Through collaboration across hardware and software ecosystems, we can build more resilient systems secure by design and by default, from Windows to the cloud, enabling trust at every layer of the digital experience. Wi-Fi 7 for enterprise helps ensure that all devices connecting to your enterprise networks benefit from stronger encryption protocols, resistance to brute-force attacks, and enhanced protection for sensitive data in transit. By enforcing WPA3-Enterprise, Wi-Fi 7 helps eliminate legacy vulnerabilities and sets a new baseline for secure, high-performance connectivity in modern enterprise environments. Learn how to Import Wi-Fi settings for Windows devices in Microsoft Intune. You can find more details on how to stay more secure with Windows through our updated Windows Security book. Seamless roaming and enterprise-specific enhancements Enterprise Wi-Fi networks are not just about peak speed. They must also help deliver easier connectivity as users move around a campus or building. Wi-Fi 7 enterprise includes advanced roaming capabilities to help ensure that laptops, tablets, and other devices can more easily transition among access points. These enhancements include Opportunistic Key Caching (OKC) on AKM 5 and 802.11r Fast Transition (FT) on AKM 3.i Performance benefits Wi-Fi 7 enterprise supports the multiple benefits inherited from the consumer version and aligned to the Institute of Electrical and Electronics Engineers (IEEE) standards: * Multi-link operation (MLO) allows devices to use multiple bands (2.4 GHz, 5 GHz, or 6 GHz) concurrently to avoid network congestion and maintain connectivity. * 320 MHz ultra-wide bandwidth in 6 GHz doubles the speed to your devices and enables new possibilities for high bandwidth and low latency applications—and scenarios using applications such as augmented reality (AR)/virtual reality (VR). * 4096-QAM modulation helps increase the data transmission by 20% and improve the quality of video streaming, video conferencing, and more. Unlock the advantages of Wi-Fi 7 for your organization Wi-Fi 7 for enterprise connectivity on Windows is the result of deep collaboration across the ecosystem. Wi-Fi silicon vendors and Wi-Fi enterprise access point manufacturers together help ensure that Wi-Fi 7 is ready for real-world enterprise deployments. To begin taking advantage of Wi-Fi 7 in your organization, review the following prerequisites: * Wi-Fi 7-capable Windows release: Devices must be on Windows 11, version 24H2, updated with the September 2025 preview non-security update or later. * Wi-Fi 7-capable Windows enterprise laptops: Devices must be equipped with Wi-Fi 7-capable chipsets. * Certified Windows Wi-Fi 7 driver support: Update enterprise Wi-Fi drivers and validate them for Wi-Fi 7 enterprise functionality in Windows. Wi-Fi 7 drivers will be available soon through your device original equipment manufacturer (OEM) or independent hardware vendor (IHV). For specific release dates, please contact your OEM/Wi-Fi chip manufacturer directly. * Wi-Fi 7 Enterprise access points: Deploy Wi-Fi 7 enterprise grade access points in your organization. With these components in place, you’re ready to enable next-generation wireless connectivity across your enterprise environments. So, begin delivering enhanced performance, security, and connectivity for users and workloads today. Learn more: * Faster and more secure Wi-Fi in Windows * What Is Wi-Fi 7? | Microsoft Surface * Wi-Fi Alliance® introduces Wi-Fi CERTIFIED 7™ | Wi-Fi Alliance --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A. iSee the latest wireless networking standard from the Institute of Electrical and Electronics Engineers (IEEE), Current Status and Directions of IEEE 802.11be, the Future Wi-Fi 7

Are you up to date on Microsoft 365 Copilot Chat? Have you tried AI agents with it yet? The articles, downloads, and videos offered in this collection will help you brush up on different ways to access and manage these AI innovations. Don’t miss these helpful resources to set yourself and others up for success! Time to learn: 85 mins Access Microsoft 365 Copilot Chat * Start using Microsoft 365 Copilot Chat (3 mins): Get started with Copilot Chat to improve your work experience. Get an overview of its functions, the user interface, and basic access and management tips. Choose where to start: o   Access Microsoft 365 Copilot Chat on the web. o   Download the Microsoft 365 Copilot app from the Microsoft Store. Manage Microsoft 365 Copilot Chat * Updated Windows and Microsoft 365 Copilot Chat experience (13 mins): Read about managing the Copilot experience on Windows client devices. From enhanced data protection to device identity to policies and controls, get details from our official documentation. * Pin Microsoft 365 Copilot Chat to the navigation bar (5 mins): As an admin, pin Copilot Chat to the navigation bar for users signed in with their Microsoft Entra account. * New experiences coming to the Copilot key (3 mins): Do you manage devices with the Copilot key? If so, configure the target app that will open with the WindowsAI/SetCopilotHardwareKey policy. For devices without the physical key, use Windows key+C. * Copilot Analytics improves access and reporting on Microsoft 365 Copilot Chat and agents (7 mins): Looking for the number of active Copilot users, licensing data, or AI use adoption scores? Read about the unified reporting experience combining the Copilot Dashboard and Microsoft Viva Insights. Additional reporting is available through the Microsoft 365 admin center. Use agents in Microsoft 365 Copilot Chat * Agents in Microsoft 365 Copilot Chat (3 mins): Use agents to help you automate and execute frequent tasks tailored to your sphere and focus of work. Read about how to enable, author, and manage agents. * Copilot agent management and controls | Digital deep dive: Copilot Control System (51 mins): Discover how the Copilot Control System in the Microsoft 365 admin center enables you to manage Copilot agents. You will learn how to stage rollout agents, manage the cost of agents within Copilot chat, use the "Agents and Connectors" page for lifecycle management, and more. * AI agents hub – Microsoft adoption (time varies): Help your organization get started with agents. Choose Microsoft 365 Copilot as your product to browse scenarios, templates, examples, and training resources of most interest. Check out resources by role and function whether you design, build, deploy, or manage agents. Bookmark additional resources * Copilot Chat Success Kit (time varies): Download the full set of resources to help your organization get started with Copilot Chat. It includes the IT controls guide, implementation summary guide for leaders, user onboarding materials, and more. Check out Copilot Chat scenarios for different functions from customer service to sales and choose from nine available languages. * Bookmark the Copilot learning hub (time varies): Keep learning about Copilot and agent experiences. Build your confidence with multimedia resource collections. * Microsoft Copilot Studio (time varies): Subscribe to this YouTube channel for the latest video tips on how to use Copilot Studio. Transform customer and employee experiences with AI built into Microsoft Copilot Studio. Customize Microsoft Copilot for Microsoft 365 or build your own experiences. * Microsoft 365 Copilot release notes (time varies): Check out the latest features and improvements for Microsoft 365 Copilot, released in the second and fourth week of each month. Browse what’s generally available (Current Channel for Microsoft 365 apps) and specific to each platform. * Microsoft 365 Roadmap (time varies): Get a left-to-right view of the latest innovations with this roadmap tool. Set the product filter to Microsoft Copilot (Microsoft 365) to see what’s in development, what’s in preview, what’s rolling out, and what’s broadly available today. Limit your search to your desired platforms, status, release phase, cloud instance, and timeline to help you plan. What resources did you find most useful? Do you know of additional resources that would help a peer get started with Microsoft 365 Copilot Chat? Feel free to add it to the comments section below! And if you’ve missed any AI-related topics or looking for something else, check out our growing Windows skilling snacks library. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Windows 365 Cloud Apps are now available to all customers during public preview. Thank you to the customers, partners, and MVP’s who provided invaluable feedback during the private preview. Your feedback helps guide and prioritize the Windows 365 Cloud Apps feature roadmap. What are Windows 365 Cloud Apps? Windows 365 Cloud Apps allow administrators to give users access to specific apps delivered from the cloud instead of a full Cloud PC. This is ideal for organizations that want to streamline app delivery, reduce overhead, and modernize their virtual desktop infrastructure (VDI) environments. Windows 365 Cloud Apps runs on Windows 365 Frontline Cloud PCs in shared mode. The Windows 365 Frontline licensing model enables shared Cloud PC access for shift-based or part-time workers, allowing unlimited users per license with one active session at a time. Since Windows 365 Cloud Apps streams only essential applications like Outlook or Word without loading a full desktop, it is ideal for task-based roles. Together, Frontline and Cloud Apps deliver a flexible, resource-optimized solution for dynamic workforces, especially in frontline environments like retail, healthcare, and government. New for public preview Cloud Apps were previously supported in the Windows App during private preview. Recent changes have improved the experience for end-users, including automatically launching OneDrive and a Windows 365 filter on the Apps page of the Windows App. Now, organizations can take advantage of a secure, scalable solution to modernize how applications are accessed and managed across their workforce. By streaming only the apps users need—without provisioning full desktop environments—Windows 365 Cloud Apps helps reduce complexity and supports flexible workstyles. Windows 365 Cloud Apps in Windows App Looking ahead As organizations embrace Windows 365 Cloud Apps, Microsoft is focused on simplifying app delivery even further—making it faster, easier, and more intuitive for IT admins to deploy custom line-of-business apps at scale. Currently, customers must create custom images to deliver custom line-of-business apps as Cloud Apps. While this works, private preview participants complained that the process is outdated. As requested by customers, we are working to make Intune the single pane of glass for app deployment, enabling them to publish Intune Apps as Cloud Apps. Customers are already using Intune Autopilot in place of custom images, so we will similarly support Intune’s approach to modern app delivery for Windows 365 Cloud Apps. Customers will be able to include custom apps in a Cloud App policy’s Autopilot device preparation to publish them as Cloud Apps. How to Get Started To use Windows 365 Cloud Apps with a Windows 365 Frontline license, check out Cloud App documentation and follow the guidelines to try out the feature and evaluate Cloud Apps as an option for migrating apps to the Windows Cloud. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Big news for U.S. government agencies and contractors: Windows 365 Frontline in dedicated mode is now generally available with support for Government Community Cloud (GCC) and GCC High (GCCH) customers. This milestone brings new deployment flexibility and cost efficiency for Windows 365 Cloud PCs to U.S. government organizations. Windows 365 Frontline for GCC/GCCH joins Windows 365 Enterprise and Windows 365 Government as options for the public sector. Whether you’re supporting shift-based, part-time, or temporary workers, this offering meets the unique needs of government teams without compromising on compliance or control. Users can access secured, compliant Cloud PCs from any device, without requiring an individual license for each user. What is Windows 365 Frontline? Windows 365 Frontline is designed for organizations to provide cost-effective, secure, and scalable Cloud PC capabilities to users who need part-time or occasional access, helping organizations modernize shared workstations and reduce IT overhead. Windows 365 Frontline in dedicated mode enables shift-based, part-time, or temporary workers to access Cloud PCs during their working hours. A single license enables up to three Cloud PCs, each assigned to a different user, but only one Cloud PC can be active at a time. This is ideal for environments where users work in rotating shifts or have non-concurrent schedules. With new support for GCC and GCCH, government agencies can now deploy Windows 365 Frontline Cloud PCs in dedicated mode, meeting standards such as CJIS, IRS 1075, and FedRAMP High. For users who only require intermittent access to a Windows 365 Cloud PC, Windows 365 Frontline in shared mode enables a single license to be shared by a group of users, one at a time. When each user logs out, the desktop session resets, and no user data is retained. Windows 365 Frontline in shared mode is available to government organizations in our Windows 365 Frontline for FedRamp offering, with additional work in development for GCC and GCCH environments. How can Windows 365 Frontline help government agencies? Government organizations often face complex challenges—budgetary constraints, strict compliance requirements, and a diverse workforce. Windows 365 Frontline for GCC and GCCH in dedicated mode helps solve these with: * Cost optimization: Instead of buying a Windows 365 license for every employee, agencies can use dedicated-mode Windows 365 Frontline licenses across shifts. Up to three employees working different shifts can share one license even as they access a personalized, persistent Cloud PC, dramatically reducing costs. * Compliance: Built to meet FedRAMP High, CJIS, and IRS 1075 standards, Windows 365 Frontline for GCC and GCCH ensures secured access to sensitive data while maintaining regulatory compliance. * Operational efficiency: Replace legacy VDI with a scalable, secured, and easy-to-manage Cloud PC experience. Provisioning is done via Microsoft Intune, and Cloud PCs are managed just like physical devices. * Flexibility for staff: Support rotating staff, shared workstations, and contingent workers with persistent Cloud PCs that are available when needed—and powered off when not. Built for government, powered by Azure Windows 365 Frontline for GCC/GCCH is provisioned in U.S. government data centers, ensuring data residency and compliance. It integrates seamlessly with Microsoft Intune and Microsoft Entra ID, offering a familiar experience for IT admins and users alike. Choose the best fit for your organization’s needs Windows 365 has multiple editions suitable for the public sector: Windows 365 Enterprise, Windows 365 Government, and Windows 365 Frontline for GCC/GCCH. Read Robert Nishi’s Windows IT Pro Blog for more information about choosing the right Windows 365 offering for your agency’s needs and contact your Microsoft account team with additional questions. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Windows 365 introduced the Cloud PC four years ago, securely streaming personalized Windows desktops, apps, settings, and content from the Microsoft Cloud to any device. Windows 365 and its integration with Microsoft Intune sets the standard for simplicity in cloud endpoint management. At the same time, we are constantly looking for new ways to accelerate IT decision-making, enhance the quality of outcomes, and uncover cost-savings opportunities for our customers. The release of Copilot in Intune support for Windows 365 is one step of many on that journey, enabling IT administrators to leverage advanced AI-driven insights and automation to manage their Cloud PCs more effectively. In this blog, we will cover the capabilities that we have released into general availability. Learn more about Copilot in Intune with Windows 365 to get started today. Simplify Cloud PC management Copilot in Intune helps endpoint admins quickly get information about their Windows 365 Cloud PCs wherever they are in the Intune portal. Suggested prompts quickly provide data and insights that are contextualized to the Windows 365 page that the admin is viewing, providing both summarized trends and per-Cloud PC content. From anywhere within Intune, admins can use natural language to discover prompts to get the same insights—potentially combining Cloud PC information from Windows 365 and device information from Intune—for a holistic understanding of what they are investigating. IT administrators can manage costs more effectively from a single portal by using Copilot in Intune. By combining license inventory data from the Microsoft 365 Admin Center with user assignments to provisioning policies in the Windows 365 pages, Copilot helps streamline cost oversight and resource allocation. Copilot in Intune can offer guidance, like the availability of Cloud PC licenses Identify and resolve issues Discover issues and identify solutions without having to navigate across multiple interfaces. Copilot can summarize relevant connectivity metrics to identify areas of focus and provide suggested mitigations to improve performance. Prompts that can help in identifying issues could include “Summarize Cloud PCs that cannot connect” or “Show Cloud PCs that are undersized”. Copilot in Intune offers guidance on performance and usage Get in-context recommendations Windows 365 has a rich set of reports to help admins get the information they need to troubleshoot issues, plan their environments, and manage costs. By combining the data available today with the natural language capabilities of Copilot, admins can now move directly from data to insights. These insights lead to actionable recommendations supported by Windows 365 documentation, streamlining IT management processes. What’s next The AI journey for Windows 365 has only just started. Microsoft is continuing to look for new ways to simplify the IT admin experience and reduce complexity for customers. In the future, we will continue to evolve our tool and AI experiences to centralize insights and automate common workflows to help admins quickly prioritize workloads and remediate issues. We invite you to explore the robust integrations available within Intune where AI assistance helps you easily manage end user connection quality, identify provisioning issues, and optimize your licenses into streamlined process with Copilot. To get started or learn more about our enhancements visit Copilot in Intune with Windows 365. To learn more about the latest in Windows 365, join the Windows 365 Tech Community. For IT professionals looking to provide feedback and help Windows engineers improve and grow our products, consider joining the Microsoft Management Customer Connection Program at https://aka.ms/JoinCommunity. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

On any device running Windows 11, Windows 365 Boot allows you to sign in directly to your Cloud PC as the primary Windows experience. When you power on the device, you'll be taken straight to the familiar Windows 11 login screen. Once authenticated, you're quickly connected to your secured, personalized Windows 365 Cloud PC. Widely appreciated for its simplicity and convenience, Windows 365 Boot lets you access your Cloud PC simply by signing in with your own credentials on any Windows 11 device. We’re pleased to announce that the following new features for Windows 365 Boot are now generally available. Connection Center access at logon Windows 365 Boot now includes built-in access to the Windows 365 Connection Center. Users with multiple Cloud PCs can choose their Cloud PC during logon and access all device actions on the Cloud PC card, including view, manage, restart, troubleshoot, and more via the ellipses (...) menu. The Connection Center upon logon Enhanced troubleshooting & diagnostics With our new error-handling improvements, users can take immediate action if something goes wrong. When a user encounters an error message, hitting the Cancel button will take them directly to the Connection Center. From there, they can troubleshoot their Cloud PC—restart it, check its status, or take other recovery actions— giving them a clear path to resolution. As a result, issues are resolved faster and the user stays productive. Error screen message A smoother connection experience We’ve enhanced the connection logic to reduce login delays, minimize disconnections, and allow for a more streamlined connection experience to each user’s Cloud PC. The connection sequence Built-in Cross-Region Disaster Recovery Windows 365 Boot now supports Cross-Region Disaster Recovery. When configured, it enables built-in cross-region disaster recovery by allowing users to connect to their Cloud PCs from any supported region. With the Windows 365 Cross-Region Disaster Recovery license, organizations can ensure business continuity. In the event of a regional outage, users can quickly reconnect to a backup Cloud PC hosted in another region, minimizing disruption and maintaining productivity on their Windows 365 Boot device. The Connection Center showing Built-in Cross Region Disaster Recovery Windows 365 Boot display settings support Windows 365 Boot now allows users to easily fine-tune their display settings straight from the Settings app on their Windows 11 Boot device. Display settings in the Windows 365 Boot Settings App Requirements for Windows 365 Boot: * Windows 11-based endpoints (Windows 11 Pro and Enterprise) * Microsoft Intune Administrator rights * Windows 365 license. See the Create provisioning policies page for guidance on how to create Cloud PCs. Getting started New to Windows 365 Boot? Check out our overview on Microsoft Learn about how to roll out Windows 365 Boot in your organization. Already using Windows 365 Boot? Make sure your devices are updated to the latest supported version to take advantage of these new capabilities. To get the latest build, ensure you’re on version 2.0.704.0 of the Windows App. The rollout has begun and will reach 100% within two months. If you would like to get the latest build sooner, please reach out in the comments section below. Stay tuned for more updates, and as always, keep the feedback coming. We’re building this together — with you. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

To further optimize the user experience for Azure Virtual Desktop and Windows 365, Microsoft has introduced a health check suite. This diagnostic platform is designed to proactively identify issues on end-user devices, improving reliability and performance across supported platforms. What are health checks? Health checks are automated diagnostics that run at key moments in the user journey: * When the Windows App starts * When a resource connection fails * When the user manually reruns the checks * Upon changes in network connectivity status These checks help detect compatibility and connectivity issues before they impact the user experience. The health check suite The suite currently includes three core checks: 1. Windows version compatibility Ensures the installed OS version is compatible with the Windows App, preventing potential functionality issues (available only on Windows platform). 2. Network connection Verifies that the local device is connected to a network and can access the internet, a prerequisite for cloud-based services. 3. Service reachability Confirms the device can connect to essential endpoints required for Azure Virtual Desktop and Windows 365 functionality. A full list of endpoints is available here. Getting started Run health checks from the Device Health Report Panel in the Windows App for Windows, or via the Help menu in the Windows App for MacOS, iOS and Android devices: * Click the device health button to open the panel. * Select "Check again"/ “Run health checks” to rerun diagnostics. * View results and follow remediation steps if errors are detected. * Access logs directly from the health menu using the "Open Log"/ “Open Log Folder” button. Platform and cloud support Currently, health checks are supported on: * Public cloud environments (Government clouds not yet supported) * Platforms: Windows, iOS, macOS and Android Final thoughts The health check suite offers IT admins and end users transparent, proactive troubleshooting to ensure optimal performance in their Azure Virtual Desktop and Windows 365 environments. As support expands and features evolve, users can expect even greater reliability and diagnostic precision.   --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

To further optimize the user experience for Azure Virtual Desktop (AVD) and Windows 365 (W365), Microsoft has introduced a health check suite. This diagnostic platform is designed to proactively identify issues on end-user devices, improving reliability and performance across supported platforms. What are health checks? Health checks are automated diagnostics that run at key moments in the user journey: * When the Windows App starts * When a resource connection fails * When the user manually reruns the checks * Upon changes in network connectivity status These checks help detect compatibility and connectivity issues before they impact the user experience. The Health Check suite The suite currently includes three core checks: 1. Windows version compatibility Ensures the installed OS version is compatible with the Windows App, preventing potential functionality issues (available only on Windows platform). 2. Network connection Verifies that the local device is connected to a network and can access the internet, a prerequisite for cloud-based services. 3. Service reachability Confirms the device can connect to essential endpoints required for AVD and W365 functionality. A full list of endpoints is available here. Getting started Run health checks from the Device Health Report Panel in the Windows App for Windows, or via the Help menu in the Windows App for MacOS, iOS and Android devices: * Click the device health button to open the panel. * Select "Check again"/ “Run Health Checks” to rerun diagnostics. * View results and follow remediation steps if errors are detected. * Access logs directly from the health menu using the "Open Log"/ “Open Log Folder” button. Platform and cloud support Currently, health checks are supported on: * Public cloud environments (Government clouds not yet supported) * Platforms: Windows, iOS, macOS and Android Final thoughts The Health Check suite offers IT admins and end users transparent, proactive troubleshooting to ensure optimal performance in their AVD and Windows 365 environments. As support expands and features evolve, users can expect even greater reliability and diagnostic precision.   --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Windows 365 Frontline supports shift-based employees and contractors in critical industries such as healthcare, retail, manufacturing, and large customer support centers where downtime is not an option and disaster recovery is essential. Expanding Cross-region Disaster Recovery to Frontline in dedicated mode provides these organizations protection against regional outages, safeguarding productivity and service continuity. Following the public preview announcement, we are excited to announce that Cross-region Disaster Recovery for Frontline in dedicated mode is now generally available. This Windows 365 add-on feature creates “snapshots” of Cloud PCs in customer-defined, geographically distant locations. In the event of a regional outage, these snapshots can be recovered as Cloud PCs running in the selected backup location, helping keep your users productive even if their primary region goes down. Cross-region Disaster Recovery was first introduced for Windows 365 Enterprise, and now Windows 365 Frontline users with dedicated Cloud PCs have the same rapid failover option. This capability is especially relevant for industries and organizations that are highly regulated or have workflows requiring geographic separation between primary and backup Cloud PC locations. Configuration and use Unlike many traditional disaster recovery solutions, Windows 365 Cross-region Disaster Recovery was designed to be configured and used with minimal—or even no—prior disaster recovery experience. Configuration can be completed in a few minutes. In the event of an outage, recovery may be activated with just a few clicks and typically in less than five minutes. In addition to configuration and activation, Windows 365 Cross-region Disaster Recovery has been integrated into various reports and flows. Reports alert administrators if an outage has taken place and provide full context of the configuration and status of each Cloud PC using Windows 365 Cross-region Disaster Recovery. After the outage is resolved, administrators are notified and can deactivate Cross-region Disaster Recovery in minutes. How do I get the Windows 365 Cross-region Disaster Recovery add-on? * Windows 365 Cross-region Disaster Recovery is provided as an add-on license to Windows 365 Enterprise and Windows 365 Frontline. It is not currently available for any other Windows 365 offering. * Windows 365 Cross-region Disaster Recovery can be applied to the Enterprise Cloud PCs and Frontline Dedicated Cloud PCs that the user is licensed to use. Please contact sales for details. FAQ Q: Are the geographies and regions available for Windows 365 Cross-region Disaster Recovery limited? A: In general no, because any geography or region where Windows 365 is available may be used as a backup region, and any of those areas can be selected by the administrator. Administrators should carefully consider the location of Cloud PC users, as well as data sovereignty, when selecting backup regions. Q: If a user has multiple Cloud PCs, can each device have a different Windows 365 Cross-region Disaster Recovery configuration? A: No. At this time, all Cloud PCs associated with a user will have the same Windows 365 Cross-region Disaster Recovery configuration. Q: What is the restore time objective (RTO) and restore point objective (RPO) for Windows 365 Cross-region Disaster Recovery? A: RPO is defined by the cadence of point-in-time restore snapshots. The RTO is targeting four hours as a performance goal for Cloud PC tenants with up to 50,000 Cloud PCs. The performance of Cross-region Disaster Recovery is anticipated to increase as actual deployment sizes increase to maintain an RTO of four hours. Q: Can one Cross-region Disaster Recovery for Windows 365 Frontline license be used by multiple users? A: No, The Cross-region Disaster Recovery add-on is licensed on a per-user basis and is only for the individual to whom it is assigned. Each user who intends to use Windows 365 Cross-region Disaster Recovery must have their own eligible license. Next Steps Learn more about: * Windows 365 Cross-region Disaster Recovery * Point-in-time restore for Windows 365 Enterprise * Windows 365 and Azure network connections * Azure regions and zones   --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

Learn what you need to manage AI in Windows like a pro. Find out what’s coming and what’s already available to your organization through the latest Windows updates. Check out the controls you need to tailor the AI experience to your organizational standards. And keep in mind that AI can also enhance your management efforts! Time to learn: 30 mins * Windows 11 Roadmap (time varies): See what Windows 11 AI features are currently available for validation, are coming soon, or are generally available. We recommend the Windows Insider Program for validation. Visit and filter this roadmap website by Windows version, channel, device type, and status to help you manage change for your estate. * Microsoft 365 Copilot release notes (time varies): Here’s where you can read about the latest new features, firmware updates, and more. * Configure the agent in Windows Settings (3 mins): The new on-device AI can help you and users at your organization find and change settings on a PC. Check eligibility requirements and learn how to configure the agent using Microsoft Intune, Configuration Service Provider (CSP), or Group Policy Object (GPO). * Introducing Mu language model and how it enabled the agent in Windows Settings (9 mins): Learn about the technology that makes the agent in Windows Settings possible. * AI innovations grounded in transparency and control (5 mins): What are your compliance and change management control needs when it comes to AI? Use built-in controls and policies to manage how you introduce AI innovations to Copilot+ PCs across your organization. Start managing Recall (preview), Click to Do (preview), improved Windows Search, and more. * Policy CSP – WindowsAI (time varies): Control how AI-powered features behave across managed Windows 11 devices. You can enable or disable components such as snapshot saving, Recall export, and Click to Do, define storage limits for Recall data, and set app or Uniform Resource Identifier (URI) exclusions to protect sensitive content. These policies help you tailor the AI experience to meet organizational privacy, compliance, and performance needs. * Introducing Copilot in the Microsoft 365 admin center (9 mins): Watch how to streamline your daily admin tasks with Microsoft 365 Admin Copilot. Quickly recap key updates, monitor service health, and track important changes—all in one place. Which of these prompt suggestions will save you most time? * What controls exist for Microsoft 365 Copilot and agents? (4 mins): Watch how you can use your current IT administrator tools to control, measure, and report on Copilot usage at your organization. Protect your data, govern access and usage, monitor agent status and lifecycle, and report and measure impact of Copilot on your organization. Want more skilling while snacking? Check out our Windows skilling snacks library! We’re adding more learning on Windows and AI, so stay tuned!   --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

If you’ve ever taken a long road trip, you know how great it feels to finally arrive: “We made it!” This August, we’re celebrating some big milestones for Windows—thanks for joining us on the journey. Here are just a few highlights! You asked for easier management of Windows quality updates during the out-of-box experience (OOBE), and we’re excited to announce that this feature is now available. You also wanted a way to back up and restore user settings on Windows devices—and we’ve delivered that, too. With Windows 11, your users can enjoy even better security and get up and running faster on new devices. Windows 11, version 25H2 is now available in the Release Preview Channel of the Windows Insider Program (WIP). See Releasing Windows 11, version 25H2 to the Release Preview Channel for more details. And this is just the beginning—there are plenty more exciting updates this month, so keep reading to catch all the news! New in Windows update and device management * [BACKUP] If you’re looking for a way to streamline backup and restore of settings and the list of Microsoft Store apps for users at your organization, Windows Backup for Organizations is now available. With this capability, it’s simple and secure to save user preferences and restore them on a new or reimaged device. To get started, check your prerequisites and configure Backup and Restore policies. * [OOBE] Starting with the September 2025 security update, you can get the latest Windows quality updates during the out-of-box experience (OOBE) by default. Discover how to manage this capability with a policy setting to maintain control over updates while aligning with organizational security requirements. * [HOTPATCH] With the hotpatching feature of Windows Autopatch, you can apply security updates to Windows without requiring a restart, minimizing downtime and interruptions to user experiences. To take advantage of hotpatching, virtualization-based security (VBS) must be enabled to help ensure endpoints are secure. Learn how to enable VBS for hotpatch readiness. * [W365] Discover key benefits of Windows 365 Reserve, now in limited public preview, to help strengthen business continuity, simplify IT admin, and apply your organization’s security posture by default. * [W365] Windows 365 is now supported in Korea Central. Create Cloud PCs with data stored in the Korea Central region, and select the geography in provisioning policies to help meet performance and residency needs. * [OFFICE HOURS] Have you attended Windows Office Hours yet? Join our continuing series of live Q&A for IT professionals. Product experts, servicing experts, and engineers will be on hand to answer your questions. RSVP for the next Windows Office Hours on September 18, 2025. New in Windows security * [TRENDS] With AI, agents, and other emerging technologies, there are increased risks that can disrupt security. Learn about five major shifts that are redefining the security landscape and actions to take at your organization to address these disruptions. * [ZERO TRUST] Integrate Zero Trust with cloud-native Windows to enhance security and compliance. Read about the principles your organization can adopt to help protect data, optimize performance, and prepare for future challenges and how to use Microsoft Intune to manage devices in alignment with Zero Trust. * [SFI] Don’t miss the launch of the first wave of Microsoft Secure Future Initiative patterns and practices, a new library of actionable guidance designed to help organizations implement security measures at scale. * [NETLOGON] Microsoft has introduced a hardening change to strengthen the Microsoft RPC Netlogon protocol by blocking Remote Procedure Calls (RPC) anonymous requests used to locate domain controllers. Learn more about the Audit Mode and Disabled Mode and Netlogon RPC Hardening. New in AI * [AI IN WINDOWS] Catch up on the latest with Windows and AI in this Skilling snack: Get started with AI in Windows. Stay tuned for more skilling snacks on different aspects of Windows and AI—coming soon! * [GPT-5] Try GPT-5 while working in Microsoft 365 Copilot or Microsoft Copilot Studio. With its real-time router, high-throughput model, and a deeper reasoning model, this is OpenAI’s latest model for web and work data. * [AGENTS] Help your tailor-built agents deliver more accurate and context-aware response by connecting it to the Model Context Protocol (MCP) Server. With this guidance, you’ll use the Microsoft Learn MCP Server, create a custom MCP connector with Power Apps, create a custom agent in Copilot Studio, add the MCP server tool to the agent, and test it. * [COPILOT+ PC] Consult the New Technology: The Projected Total Economic Impact™ of Microsoft Copilot+ PCs report to help you calculate cost savings and business benefits of Copilot+ PCs. Install the August 2025 non-security update for Windows 11, version 24H2 to get this and other capabilities, which are rolling out gradually. * [AI MODELS] Go to Settings > Privacy & security > Text and Image Generation to see which third-party apps have recently used generative AI models provided by Windows. You can also choose which apps are permitted to use them—putting you in charge of your device’s AI experience. * [COPILOT+ PC] Learn about new capabilities for Copilot+ PCs in this update. New in Windows Server For the latest features and improvements for Windows Server, see the Windows Server 2025 release notes and Windows Server, version 23H2 release notes. * [VM] Start your transition from VMware to Windows Server with Hyper-V with the VM conversion tool in Windows Admin Center, now in public preview. To get started, ensure you're running the Windows Admin Center v2 GA release, then install the tool directly from the Extensions settings. New in productivity and collaboration [DaaS] Microsoft is reimagining Desktop as a Service (DaaS) and AI for the modern workforce. Learn more about this vision and how it supports new business models, sustainability, productivity, and a holistic platform that empowers people and simplifies IT. [UNIVERSAL PRINT] Take advantage of the pull print capability, now generally available in Universal Print anywhere. Pull print provides key benefits for your organization including improved admin control and management, enhanced security and privacy, simplified user experience, cost savings, and cross-platform support. [UPDATES] Review the August 2025 security update for Windows 11, version 24H2 and version 23H2. For additional details, please refer to the July 2025 non-security preview update release notes for Windows 11, version 24H2 and version 23H2. To preview what’s coming in the September 2025 security update release, install the August 2025 optional non-security update for Windows 11, version 24H2, which includes the gradual rollout of: * [SYSTEM DIALOG] When an app requests access to location, camera, microphone, or other device capabilities, Windows shows a redesigned system dialog box. To emphasize the privacy prompt, the screen dims slightly, and the prompt appears at the center of the screen. * [SEARCH] When you use Search from the Windows taskbar, a new grid view will help you more quickly and accurately identify the desired image within your search. * [WIDGETS] There are more widget options and support for lock screen widget personalization. * [FILE EXPLORER] Dividers separate top-level icons in the File Explorer context menu. * [TASK MANAGER] Task Manager now uses standard metrics to show CPU workload consistently across all pages, aligning with industry standards and third-party tools. * [HELLO] A redesigned Windows Hello interface supports communication across authentication flows including the Windows sign-in screen, passkey, and more. Lifecycle milestones Check out our lifecycle documentation for the latest updates on Deprecated features in the Windows client and Features removed or no longer developed starting with Windows Server 2025. * [W10 EOS] Windows 10 end of support (EOS) is now less than two months away. The October 2025 monthly security update will be the last update available for this version. Consult helpful resources in this 60-day reminder message. * [W10 EOS] [IOT] Find out which versions of Windows 10 IoT Enterprise are impacted on October 14, 2025. * [W11 22H2] Windows 11, version 22H2 (Enterprise and Education editions) no longer receives non-security preview updates. Monthly security updates will continue through October 14, 2025, when version 22H2 officially reaches end of servicing. Consult helpful resources in this 60-day reminder message. * [W11 23H2] Windows 11, version 23H2 (Home and Pro editions) will reach end of servicing on November 11, 2025. Enterprise and Education editions will continue to be serviced through November 10, 2026 per the Modern Lifecycle Policy. * [POWERSHELL 2.0] Starting in August 2025, Windows 11, version 24H2, will no longer include Windows PowerShell 2.0. Most users won’t be affected, as newer versions such as PowerShell 5.1 and PowerShell 7.x remain available and supported. If you use older scripts or tools that depend on PowerShell 2.0, update them to avoid compatibility issues. Additional resources Looking for the latest news and previews for Windows, Copilot, Copilot+ PCs, the Windows and Windows Server Insider Programs, and more? Check out these resources: * Windows Roadmap for new Copilot+ PCs and Windows features – filter by platform, version, status, and channel or search by feature name * Microsoft 365 Copilot release notes for latest features and improvements * Windows Insider Blog for what’s available in the Canary, Dev, Beta, or Release Preview Channels * Windows Server Insider for feature preview opportunities * Understanding update history for Windows Insider preview features, fixes, and changes to learn about the types of updates for Windows Insiders Like every great road trip, our journey doesn’t end here. Next month we’ll cruise into even more exciting updates. Buckle up, and I’ll be back in September with another edition of Windows news you can use. We always aim to make this monthly summary more helpful to you! Please drop us a note below and let us know what you most want to hear about. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

We are pleased to announce that we have enabled Windows 365 in Korea Central. Customers can now create Cloud PCs with data stored in the Korea Central region. This helps meet performance and data residency needs for organizations operating in Korea. Korea Central can now be selected within provisioning policies when you select the South Korea geography: With this update, organizations have even more flexibility in choosing where to deploy their Cloud PCs. Locating Cloud PCs closer to users helps improve responsiveness and supports regional compliance requirements. We’re continuing to expand Windows 365 into additional Azure regions to meet the evolving needs of global customers. Our goal is to make Cloud PCs available wherever your workforce is, helping you deliver a seamless and secure experience. Learn more about Windows 365 supported regions. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

We’re excited to announce the general availability of Windows Backup for Organizations! This new feature allows your organization to seamlessly back up Windows 10 or Windows 11 settings and effortlessly restore them on a Microsoft Entra joined device. As of today, you can also enable backup of the list of installed Microsoft Store apps, with the ability to restore them to the user’s Start menu as well. Read on to explore the latest capabilities and learn how to get started with Windows Backup for Organizations. Key benefits of Windows Backup for Organizations As announced at Microsoft Ignite in November 2024, Windows Backup for Organizations provides a simple and secure way to save user settings and Microsoft Store apps. This ensures you can quickly restore a familiar experience on a new device, or after a device reset or reimage, getting users back to work faster with the following benefits: * Reduced troubleshooting: Confidently reset devices sooner. Users can quickly recover their settings and restore their list of Microsoft Store apps with minimal effort. * Seamless user experience: Smoothly transition devices from Windows 10 to Windows 11 using a saved backup. * Enhanced productivity: Minimize downtime and maximize user productivity. Restore users’ preferences, helping them get back to work faster. Back up and restore user settings and Microsoft Store apps To use the backup functionality, ensure: * Devices are Microsoft Entra joined or Microsoft Entra hybrid joined. * Devices are running a supported version of Windows 10, version 22H2 or Windows 11, version 22H2 or later. * Devices have the August 2025 Windows security update or newer. This update includes the Windows Backup app for backing up Windows settings and the list of Microsoft Store apps. * The backup policy is enabled via mobile device management (MDM) or Group Policy. Learn more about these settings in our official documentation. To restore settings and Microsoft Store apps to the Start menu, ensure: * Devices are Microsoft Entra joined. * Devices are running Windows 11, version 22H2 or later. * Devices are preprovisioned with at least the August 2025 Windows security update prior to users going through out-of-box experience (OOBE). Otherwise, they should have the following base OS versions when going through OOBE: Windows 11, version 22H2 build 22621.3958 or newer; Windows 11, version 23H2 build 22631.3958 or newer; or Windows 11, version 24H2 build 26100.1301 or newer. Important: If your device is on a build older than the specified versions, make sure to enable the “Install Windows quality updates” policy setting on the Enrollment Status Page in Intune. This will deliver the latest applicable quality updates at the end of OOBE to ensure a smooth restore experience. To learn more, visit Get ready for Windows quality updates out of the box. * You have either Microsoft Intune service administrator or Global administrator permissions. * You have configured the Windows Backup and Restore option to “On” for the entire tenant. You can do this from the Microsoft Intune admin center > Devices > Enrollment > Windows > Enrollment options. * Users log in using the same Microsoft Entra account used for the backup. Getting started Windows Backup for Organizations is an opt-in feature that is disabled by default. You, as an IT admin, must configure Backup and Restore policies. (Note: The Restore setting is rolling out gradually, so check back in about a week if you don’t see it in your Intune tenant.) Once enabled, backups run automatically every eight days, saving user settings and preferences to the organization’s tenant data store. Users can also manually trigger a backup by opening the Windows Backup app and selecting Back up. Enabling the EnableWindowsBackup policy is required to make the Windows Backup app available. Learn more in our official documentation. Screenshot of the Windows Backup app, showing the option to back up preferences on a device. The restore process is available during OOBE when a user signs in with their Microsoft Entra ID. Here’s what it looks like: * The restore policy is enabled by IT. * The user powers on a new or reimaged device. * The user signs in with the same Microsoft Entra ID used during backup. * The user then sees the options to restore a previous backup or set up the device as new.The OOBE screen shows the user their latestbackupandofferstorestore their oldPC. * If the user selects More options, they’ll see any additional backups from other devices available to them (if applicable).The OOBE screen asks the user to choose the PC from which they want to restore their preferences. * The user selects from the list of available devices and selects Continue.The OOBE screen shows the “Restore” in progress for the selected device. The remaining OOBE process is the same as the standard OOBE process. After OOBE is completed, the user profile is loaded, and user preferences are restored automatically. Visit our official documentation for details on how to configure policies, what the experience looks like for users, and a list of frequently asked questions. That’s where you’ll also find a comprehensive list of settings and Microsoft Store apps that are backed up and restored. Get ready for Windows 10 end of support – October 14, 2025 Now’s the time to prepare! Try out Windows Backup for Organizations to boost your resilience and simplify your move to Windows 11. With Windows 10 support ending on October 14, 2025, ease your transition to Windows 11. For large-scale upgrades and device continuity, Windows Backup for Organizations helps reduce migration overhead, minimize user disruption, and strengthen device resilience against incidents. Note: While Windows Backup for Organizations can easily help you move to Windows 11 with your settings and Microsoft Store apps already in place, there are circumstances that could prevent you from replacing Windows 10 devices before the end of support. If needed, consider the options outlined in Plan for Windows 10 EOS with Windows 11, Windows 365, and ESU. To learn more about Extended Security Updates (ESU), please visit When to use Windows 10 Extended Security Updates. This is just the beginning. We’re continuing to evolve the Windows Backup for Organizations experience. More enhancements are on the way to help your organization stay ready for what’s next. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

The world of work is undergoing a profound transformation. reshaping how organizations operate, innovate, and compete. In this landscape, Desktop as a Service (DaaS) is emerging as a strategic enabler, not just a technical solution. It’s redefining how businesses empower their people, secure their data, and adapt to constant change. Microsoft is at the forefront of reimagining DaaS, extending beyond virtual desktops to deliver a platform for business agility, resilience, and human-centric innovation. Our Leader position in the Gartner Magic Quadrant™ for Desktop as a Service for three consecutive years, we believe, reflects our commitment to driving this evolution. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available at aka.ms/DaasMQ2025. Our vision goes even further with the unique combination of DaaS and AI leadership. With innovations like Microsoft Copilot, Security Copilot, and agentic experiences powered by custom silicon and NPUs, customers benefit from intelligent automation, personalized support, and continuous improvement. The vision is realized through a holistic platform—one that empowers people, simplifies IT, and adapts to the unique needs of businesses across industries, enabling them to unlock new models of work, drive efficiency, and support their teams anytime, anywhere. The following five pillars illustrate how Microsoft is building the next generation of digital workspaces, setting new standards for what’s possible in the modern enterprise. Building the next generation of digital workspaces 1. Empowering the modern workforce: Microsoft’s deep enterprise footprint means we understand the complexities of today’s organizations. Windows 365 and Azure Virtual Desktop are designed to meet the needs of every worker, from frontline staff to global teams, enabling secure access to resources anywhere, anytime. 2. Building an integrated ecosystem: True transformation happens when technologies work seamlessly together. By integrating Windows 365 and Azure Virtual Desktop with Microsoft 365, Intune, Defender, and other core services, we simplify management, enhance security, and create a unified experience that supports productivity and compliance at scale. 3. Scaling with global reach and trust: With data centers worldwide, Microsoft offers unmatched geographic coverage and compliance capabilities. Our customers can confidently navigate regulatory requirements and deliver consistent experiences to users in every region. 4. Enabling flexibility and choice: No two organizations are alike. That’s why we offer flexible licensing and deployment models—fully managed with Windows 365 or customizable with Azure Virtual Desktop—so customers can choose the approach that best fits their strategy and growth plans. 5. Innovating for the future: We’re investing in AI-driven management, performance optimization, and user experience enhancements. Our roadmap is clear: empower organizations to harness the full potential of cloud desktops, drive continuous improvement, and anticipate the needs of tomorrow’s workforce. The strategic impact of DaaS DaaS is about enabling new business models, supporting sustainability goals, unlocking talent across borders, and delivering seamless productivity for every organization. With Windows 365 and Azure Virtual Desktop, organizations can more easily embrace digital transformation rethink processes, reduce costs, build resilient operations, and empower their teams to work securely and efficiently – anytime, anywhere. For complimentary access to the Gartner, Magic Quadrant for Desktop as a Service report, please click here.   Note: Gartner, Magic Quadrant for Desktop as a Service, By Stuart Downes, Sunil Kumar, Todd Larivee, 11 August 2025. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

Get the latest Windows quality updates during the out-of-box experience (OOBE) by default. This much awaited improvement is coming to your eligible Microsoft Entra joined or Microsoft Entra hybrid joined devices running Windows 11, version 22H2 and later. It will be available starting with the September 2025 Windows security update. You can manage this new capability with a policy setting. With Windows Autopilot and Microsoft Intune (or alternative management solutions), you can maintain seamless control over quality update behavior during provisioning, while ensuring alignment with organizational security and compliance requirements. Manage your OOBE update experience in Microsoft Intune When Windows quality update support is available in the Windows Autopilot Enrollment Status Page (ESP) at the end of August 2025, you’ll see the new quality update setting enabled by default. You’ll be able to control whether updates are installed during OOBE if you meet these criteria: * Your devices are on Windows 11, version 22H2 or later and on any of the following SKUs: Pro, Enterprise, Education, or SE. * You use Microsoft Intune to manage Windows quality updates. * You’ve assigned a Windows Autopilot Enrollment Status Page (ESP) profile to devices using either Windows Autopilot preregistered device group or using the “All devices” assignment. * Your devices have one of the following required updates that include the new setting: o   Devices that get the August 2025 OOBE zero-day patch (ZDP) update will have this capability. o   Devices imaged with the June 2025 Windows non-security update or later already include the new setting. Note: At this time, if you’re not using device ESP, you won’t be able to turn off Windows updates during OOBE. This might be the case if you enroll devices using Windows Autopilot device preparation policies. These devices will have updates applied by default. The new setting The new setting is available to you to confirm or control this experience: * Go to the Microsoft Intune admin center. * Navigate to Devices > Enrollment > Enrollment Status Page. * Select the ESP profile you wish to check or create a new one and go to its Settings tab. * Locate the new setting called Install Windows quality updates (might restart the device). If its value is set to “Yes,” you’re set to install quality updates during provisioning! Note: Preexisting ESP profiles will have Install Windows quality updates set to “No.” You can edit this setting to enable the updates. New ESP profiles will default to “Yes.”   The Enrollment Status Page (ESP) profile settings in the Microsoft Intune admin center, with a new setting to Install Windows quality updates set to “Yes.” As we’ve preannounced, the device will check Windows Update at the last page of OOBE and install any applicable quality updates. That way, the user will start out with the latest security and quality updates at first sign in. The final OOBE screen shows the message for an in-progress Windows update. Recommendation for pause and deferral settings Want to ensure that quality updates during OOBE respect pause and deferral settings? Assign your Windows Update rings profile to the same Windows Autopilot preregistered device group as your ESP profile or using the “All devices” assignment. During the device phase of provisioning, the ESP will ensure that the settings from the Windows Update rings policy are synchronized prior to exiting the page. That way, settings are in place before the final Windows Update page checks for updates. Note: If these requirements aren’t met, the pause and deferral settings might be inconsistently applied during OOBE. Alternative management solutions for OOBE updates Some non-Microsoft mobile device management (MDM) solutions are also capable of using the ESP functionality. How can you determine if that’s the case for you? Check if your MDM provider has developed its own ESP functionality using features or protocols offered by Microsoft to reliably deliver certain policies during OOBE. If they have selected the ESP profile as eligible to be applied, designate the ESP profile as a tracked policy when creating it. You must enable ESP to ensure that the latest Windows quality updates indeed get installed during OOBE. Ready for an improved OOBE? With this new default experience, you can: * Complete the devices’ OOBE with the latest approved quality updates already applied. * Enhance security from day 1. * Reduce post-deployment update overhead. Thank you again for your feedback and helping us make Windows better! --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

AI has become an essential ingredient in the latest recipes for Windows productivity, accessibility, and management. Welcome to this buffet of options from software to hardware to tools and functions. Start at the top to understand the broader implications of AI on the Windows ecosystem or jump straight to your topic of interest to learn more. Time to learn: 82 mins * AMA: Windows and AI experiences (49 mins): Watch on demand how we answer your and your peers’ questions about Windows and AI. We talk about specific AI features, the Windows Roadmap, Copilot+ PC features, security solutions, and much more. Check out the questions and answers in the comments underneath the video for a more comprehensive experience. * Improved Copilot experiences for commercial organizations (2 mins): Read how Microsoft 365 Copilot Chat and the Microsoft 365 Copilot app have evolved since they launched. Help improve productivity for users in your organization by pinning Microsoft 365 Copilot Chat to the navigation bar and downloading the Copilot Success Kit. * Untangling this thing called AI in a Windows ecosystem (20 mins): Watch this video to explore the various Copilot offerings available. Did you know you can build your own models in the cloud or locally on the neural processing unit (NPU)? Learn about this as well as Microsoft 365 Copilot and Copilot+ PCs more generally. Discover why data management is the key to AI success and how these powerful tools can enhance productivity, streamline workflows, and safeguard your data. Learn how AI can transform your business, empower your users today, and where we're headed in the future! * Updated Windows and Microsoft 365 Copilot Chat experience (9 mins): To keep up with the latest, visit this documentation. Learn about using and managing enhanced enterprise data protection (EDP), Microsoft Entra accounts, the Copilot app, the Copilot hardware key, and more. * Preparing for the AI-fueled future: IT generation.next (22 mins): Just starting your journey in the tech industry? Hear what your peers are discovering about Microsoft Copilot and AI’s role in today’s life and work. We know there’s a lot to discover about AI! Stay tuned for more “skilling snacks” on various areas of AI and Windows! In the meantime, visit our Windows skilling snacks library for more learning opportunities. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

If you're looking to bring hotpatch to your environment, there’s one key requirement to start with: virtualization-based security (VBS) must be enabled on your devices. The good news? Enabling VBS is straightforward, and we’ll show you how, whether you're testing on a single device or deploying at scale with Microsoft Intune. With the hotpatching feature of Windows Autopatch, you can apply security updates to Windows without requiring a restart. This helps minimize downtime and prevents the interruption of user experiences. Hotpatching is no longer just an emerging solution; it’s becoming a trusted part of the update strategy for organizations of all sizes. Across industries, IT teams are embracing the ability to improve patch compliance and reduce risk without the operational disruption of traditional update cycles. Why VBS is critical for hotpatching VBS uses hardware virtualization to isolate a secure region of memory, protecting against kernel-level exploits and other advanced threats. It’s a foundational requirement for enabling hotpatching on Windows client, and it helps ensure your endpoints are secure and ready for patching. Enable VBS Before you enroll devices in hotpatch updates, check that devices meet the hardware requirements for VBS (e.g., virtualization support, Trusted Platform Module 2.0). Watch our video and read further on how you can enable, validate, and monitor VBS at scale or manually. Check out why we recommend using Microsoft Intune. Then learn how you could use PowerShell and Windows Command Prompt instead of Intune. Let’s walk through the video steps. Time saver: Enabling VBS at scale with Microsoft Intune For production environments, Microsoft Intune provides a scalable and policy-driven approach to enable VBS across your device fleet. Windows Autopatch is built on top of Intune, so using your current management experience will save you time and effort. Just follow this step-by-step guide to configuring policies in the Intune admin center. * Go to Devices > Manage Devices > Configuration. * Under the Policies tab, create a new profile by selecting Create > New policy. * In the Create a profile flyout, select Windows 10 and later. * For profile type, select Settings catalog. * On the next screen, name your profile under Basics. * Navigate to the Configuration settings tab and select Add settings. * In the Settings picker flyout, start typing “Virtualization Based Technology” and select it from the search results. * Locate and select the Hypervisor Enforced Code Integrity setting name among the results to enable memory integrity. Configuration tab in the Intune admin center with the Settings picker flyout * Complete the wizard by setting scope, assignments, and reviewing your configuration. Note: You can also use the HypervisorEnforcedCodeIntegrity node in the VirtualizationBasedTechnology configuration service provider (CSP) to enable VBS. We don’t recommend using Group Policy Objects (GPOs) for enabling VBS with Intune environments because the relevant GPOs are deprecated. Consider importing your GPOs into Intune instead. Enabling VBS manually on a single device If you're validating configurations or running a pilot, you can enable VBS manually using either PowerShell or Windows Command Prompt. PowerShell method Use the following PowerShell script to enable VBS:    $registryPath = "HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard"    $parameters = @{    Path = $registryPath   Name = "EnableVirtualizationBasedSecurity"    Value = "0x1"    Force = $True    PropertyType = "DWORD"  }  New-ItemProperty @parameters   Windows Command Prompt method Alternatively, enable VBS using this command in an elevated command prompt:    Reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 1 /f     Validate and monitor VBS enablement Restart your devices to ensure that VBS turns on. Once enabled, it will take some time for the policy to be deployed to the target devices in scope. Check the VBS status and monitor it for any issues in one of the following ways. In the Intune admin center From the Microsoft Intune admin center, go to Devices > Managed devices > Configuration. Select the CSP policy you’ve created and review the results, as illustrated below. See device configuration policies with Microsoft Intune. VBS configuration policy status in the Intune admin center In PowerShell In PowerShell, change the value of VirtualizationBasedSecurityStatus from 0 to whatever value you’ve selected for VBS. See Enable memory integrity for detailed instructions. VBS status shown in PowerShell In Windows Settings If applied through CSP, check VBS enablement on each device manually in Windows Settings. Navigate to Accounts > Access work or school and select the accounts managed by your organization. Under Areas managed, review listed policies. If you see VirtualizationBasedTechnology, VBS is enabled on the device. VBS status shown in Windows Settings Finally, use Intune reporting to monitor compliance and troubleshoot any deployment issues. For help, visit Monitor device configuration policies in Microsoft Intune. By enabling VBS, you're not only meeting the prerequisites for hotpatching—you’re also strengthening your organization’s security posture with minimal overhead. Learn how to get started and enroll in hotpatch updates today: * Hotpatch updates * Release notes for hotpatch on Windows 11, version 24H2 Enterprise clients * Hotpatch for client: Frequently asked questions * Windows Autopatch: Frequently asked questions --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

We are excited to share that Universal Print anywhere, the feature that brings "pull print" functionality to Universal Print, reached general availability. We are excited to announce that Universal Print anywhere, a new feature that enables users to print securely from any location and retrieve their documents at any printer—a capability known as "pull print"—has reached general availability. This enhancement empowers users with greater flexibility and privacy, allowing them to release print jobs only when they are physically at the printer of their choice, reducing the risk of sensitive information being left unattended and making the printing experience more convenient and secure. We want to thank you for participating in our public preview adopting the functionality, your feedback has been invaluable to bring this functionality to market. Universal Print anywhere is ready for production deployments across Microsoft 365 organizations. What is Universal Print anywhere? Universal Print anywhere transforms how users interact with corporate printers by enabling them to print from anywhere and securely release their jobs to any printer in the organization. This "pull print" functionality builds on Universal Print's existing secure release capabilities, allowing users to print without having to choose a specific printer in advance. With Universal Print anywhere, employees can: * Print from any device to any corporate printer without choosing a destination printer in advance * Authenticate at any printer to securely release their jobs * Prevent confidential documents from being left unattended * Reduce toner and paper waste from uncollected prints   Universal Print anywhere pull-print management blade in the Azure portal Key benefits for organizations Enhanced Security and Privacy Universal Print anywhere ensures that confidential documents are never left on printers for unauthorized viewing. Users must authenticate at the printer before their jobs are released, maintaining document security in shared printing environments. Simplified User Experience Gone are the days of choosing the right printer from a long list. Users simply print, then walk to any available printer in their organization to retrieve their documents. This seamless experience reduces support tickets and improves productivity. Reduced Waste and Cost Savings By requiring user authentication before printing, organizations can reduce paper and toner waste from forgotten or uncollected print jobs. This leads to measurable cost savings and support for sustainability initiatives. Cross-Platform Support Universal Print anywhere works seamlessly across Windows and macOS devices, ensuring all employees can take advantage of pull print functionality regardless of their device preference. How Universal Print anywhere works The deployment architecture remains straightforward and builds on your existing Universal Print infrastructure: * Printer Registration: Printers are registered to Universal Print directly or through the Universal Print connector. * Secure Release Configuration: Administrators configure the secure release option for each printer they want to include in the pull print experience. * User Authentication: Users print as normal to the pull print printer, then authenticate at any configured member printer to retrieve their jobs. Administrator control and management Universal Print anywhere provides administrators with enhanced control over the printing experience: * Print Option Management: Configure specific print options for Universal Print anywhere printer shares, with end users only seeing administrator-approved options. * Printer Membership Control: Administrators can configure which printers are members of the pull print printer group, providing flexibility in determining which devices participate in the anywhere printing experience. Coming Soon: enhanced Partner integration Universal Print anywhere is designed to work with existing printer infrastructure and partner solutions. In the coming months, we will be extending this feature to enable original equipment manufacturers (OEMs) to integrate their badge release technologies to securely release print jobs at the printer, ensuring compatibility with existing authentication systems and providing even more flexibility for organizations with diverse printer fleets. Getting started with Universal Print anywhere Universal Print anywhere is now available to Microsoft 365 organizations worldwide. The feature is included with your existing Universal Print licensing at no additional cost. For more details, please refer to the Universal Print licensing documentation. Ready to implement Universal Print anywhere in your organization? We recommend referring to the comprehensive Universal Print anywhere documentation for detailed setup instructions and best practices. The documentation provides step-by-step guidance for both organizations already using Universal Print and those new to the service. Additional Resources: * Universal Print documentation * Universal Print Tech Community * Universal Print integrations --- Disclaimer: This blog post is for informational purposes only and outlines Microsoft’s current product direction and plans. Product availability, licensing terms and capabilities may vary by region and are subject to change. All third-party trademarks are the property of their respective owners.   Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

Following our June 18  disclosure, we are excited to announce that the limited public preview of Windows 365 Reserve is now live —offering secure and on-demand Cloud PC access from anywhere when you need it most. In today’s always-connected workplace, even a single device failure can ripple across an organization—halting productivity, delaying deliverables, and straining IT teams. Multiply that disruption across thousands of employees, and the impact becomes massive. Exacerbated by cyberattacks, the cost of employee and device downtime is no longer theoretical—it’s a business-critical concern. That’s why we’re introducing Windows 365 Reserve: a modern, secure, and scalable solution that helps employees stay productive and connected when the unexpected strikes. What is Windows 365 Reserve? Windows 365 Reserve is a standalone, Windows 365 offering that provides temporary, secure, and dedicated Cloud PC access when a user's primary PC is unavailable, granting users up to 10 days of Cloud PC access per year. With this solution, organizations can proactively establish protections that reduce both financial and operational impacts when disruptions arise. If a user's device unexpectedly fails, administrators can swiftly provide secure, pre-configured Cloud PCs—ensuring employees regain access and productivity from any secondary device while their primary device is repaired or replaced. Through Windows 365 Reserve, organizations can: * Proactively cover employees for quick response to unexpected device interruptions * Deploy on-demand Cloud PCs with all necessary corporate applications and settings * Manage these temporary Cloud PCs alongside other devices within Microsoft Intune * Enable secure employee access from any secondary device, anywhere via the web or Windows App Key Benefits of Windows 365 Reserve * Restore productivity fast Proactive setup ensures administrators can quickly deploy fully configured Cloud PCs to users when their primary device is unusable—complete with Microsoft 365 apps, Microsoft Intune policies, and secure access from any device. This provides minimal disruption and fast return to productivity. * Simplified IT management Manage Windows 365 Reserve Cloud PCs like any other device via Microsoft Intune—centralized policies, automated provisioning, and simple license control. The license provides a user up to 10 days of Cloud PC access per year, with flexibility to use this time consecutively or divide as needed. Windows 365 Reserve simplified management aims to minimize IT workload during outages or incidents while providing control over when Cloud PC time is used. * Secured by design Windows 365 Reserve follows Zero Trust principles, applies your organization’s security posture by default, and allows easy access revocation through Microsoft Intune with admin controls —making it a secure fallback option during outages or incidents. Strengthening business continuity with Windows 365 Reserve We’ve heard customer concerns about challenges preparing for disruptions from device loss, theft, delays, malfunctions, and an increase in disruptive incidents such as malware and ransomware. With Windows 365 Reserve, organizations have peace of mind knowing that, when disruption occurs, a safety net is in place. It extends the resiliency and security of Windows 365 to information workers using physical Windows PCs or tablets today. Administrators can quickly provide preconfigured Cloud PCs and minimize downtime. This proactive approach to endpoint continuity helps to keep teams productive when unforeseen device issues arise. Note: while Windows 365 Reserve delivers enhanced availability, it remains subject to scale limitations such as Azure capacity constraints and requires a network connection to connect to use the Windows 365 Reserve Cloud PC. Windows 365 Reserve – the IT admin experience Deploying Windows 365 Reserve was designed to be simple and quick, frontloading decision making to ease on-demand Cloud PC provisioning down the road. Once licenses have been purchased for the organization’s tenant, admins create a provisioning policy for their Windows 365 Reserve licenses. The Windows 365 Reserve provisioning policy is a simplified version of the Windows 365 Enterprise and Windows 365 Frontline provisioning policy, and determines: * Which geography the Cloud PCs will be created in * Which Microsoft Entra user groups will get reserve coverage * (Optional) Which major gallery image version, language pack, and scope tags will be applied to the Cloud PC when provisioned To maximize efficiency, provisioning success, and ability to scale in widespread disruption events, Windows 365 Reserve automatically selects the following on behalf of customers: * One default Cloud PC size * The region, based on capacity, within the geography the Cloud PCs will be created in * Microsoft Hosted Network (MHN); Azure Network Connections (ANC) and custom networks are not supported * The latest gallery image version that is supported in the region at provisioning time; custom images are not supported Admins can create Windows 365 Reserve provisioning policies in Intune. Provisioning policy and user group assignments must be set at least seven days before admins can provision Reserve Cloud PCs. After this period, those Cloud PCs can be provisioned on demand any time while the license is active. Unlike Windows 365 Enterprise and Windows 365 Frontline, Windows 365 Reserve Cloud PCs are not created automatically when the provisioning policy is created. Instead, administrators can use Intune to quickly deploy Reserve Cloud PCs to users experiencing device issues, with pre-configured apps, settings, and security policies for fast productivity.   Admins can provision Windows 365 Reserve Cloud PCs for select users and groups. Windows 365 Reserve provides up to 10 days of Reserve Cloud PC access per user per year. Windows 365 Reserve offers administrators timely notifications when a user's Cloud PC access is approaching expiration, ensuring there are no unexpected interruptions. When users return to their primary device, admins can deprovision the Cloud PC from Intune to preserve remaining access time for later, while the license is active.   Admins can deprovision the Windows 365 Reserve Cloud PC, pausing the “days left” counter. Windows 365 Reserve – the end-user experience Once deployed, end users can access the temporary Cloud PC from any device – managed devices or unmanaged, personal devices; depending on their organizations’ policies – using the web or Windows App. Users will receive clear instructions and can conveniently view the expiration date of their Windows 365 Reserve Cloud PC. Clear end-user messaging and expiration date End users can click to connect securely and be redirected to a full desktop environment with their organization's resources. Windows 365 Reserve notifies users when their Cloud PC access is approaching expiration. When end users return to their primary device, they can deprovision their temporary Cloud PC from the Windows App to reserve access time for future use. Pending expiration notice starting at 3 days prior to expiration; end user can “return” their Cloud PC to preserve remaining access time for later, while the license is active. Note: Windows 365 Reserve is in preview; admin and end-user designs are subject to change. Not all features may be available at launch, and feature set may vary as the product evolves. Join the gated public preview! Windows 365 Reserve is currently in gated public preview. While participation is limited, you can complete this form or contact your Microsoft account team to express interest in participating in the preview and receive updates from the Windows 365 Reserve team. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.

This month, there are several improvements based on feedback we have heard from you, our customers. You’ve told us you want Windows to start and stay up to date with minimal interruptions. I’m happy to share that new Windows media includes updated Microsoft Store apps, and that hotpatch updates are generally available for both Windows x64 and Arm64 devices. We’re also continuing to add more resources to your update management toolbox. Speaking of staying up to date, we continue to hear confusion about the lift involved with moving to Windows 11 and cloud-native management with Microsoft Intune. If you’re looking for quick, accurate information on recommended scenarios and the steps it takes to get there, check out our new guide on the Windows IT Pro Blog. And speaking of quick, accurate information, the Ask Microsoft Anything (AMA) sessions from this week’s Windows edition of Tech Community Live are now available to watch on demand. Quickly catch up on answers to frequently (or not so frequently) asked questions about Windows Autopilot, update and driver management, Microsoft Connected Cache and Delivery Optimization, and AI experiences. Now let’s move on to the latest news you can use! New in Windows update and device management * [AUTOPATCH] If you’re looking for a proven, step-by-step approach to gradually roll out Windows 11 to eligible Windows 10 devices, explore Windows Autopatch groups. Windows Autopatch groups can make the process faster and easier with phased deployments, readiness insights, and reporting so you can upgrade with confidence. * [HOTPATCH] Hotpatching is now generally available for Windows 11, version 24H2 Arm64 devices. Learn how to get your Arm64 devices hotpatch ready and start benefiting from faster security compliance and increased productivity. * [OPTIMIZATION] Microsoft Connected Cache is now generally available for enterprise and education organizations. Save significant bandwidth during Windows 11 upgrades, device provisioning, application installation, and monthly updates. * [RESILIENCY] Built to help you respond to the unexpected with speed, precision, and security, quick machine recovery is now generally available. When enabled, it automatically detects and fixes widespread issues on Windows 11 devices using the Windows Recovery Environment (WinRE). Learn how to customize the experience with the Intune Settings Catalog UI, and explore the new design that will now appear for end users during unexpected restarts, all a part of Resilience in action for Windows devices. * [BUILT-IN APPS] If you use media refreshed in or after June 2025 to install Windows 11, version 24H2 or Windows Server 2025, that media now includes up-to-date versions of Windows built-in apps. * [RESOURCES] Looking for information to help you more easily manage Windows Updates? Explore a guide to the essential documentation, communications, and resources that you need in your organizations’ update management toolbox. New in Windows security * [HPA] Enhance Microsoft 365 security by eliminating high-privilege access (HPA). Eliminating HPA helps ensure users and applications have only the necessary access rights. Learn more about how you can enhance your organization’s security posture. * [COPILOT] Security Copilot in Microsoft Intune and Microsoft Entra are now generally available. Discover how Microsoft Entra and Intune play a critical role in modern security strategies and serve as the foundation for implementing a Zero Trust model. * [INTUNE] You can use the Microsoft Intune Connector for Active Directory to join computers to an on-premises domain during Windows Autopilot provisioning. After users first sign in to the device, it will be Microsoft Entra hybrid joined. New in Windows Server For the latest features and improvements for Windows Server, see the Windows Server 2025 release notes and Windows Server, version 23H2 release notes. * [HOTPATCH] Hotpatching for Windows Server 2025 is now generally available for on-premises and hybrid environments through Azure Arc. Learn more about hotpatching for on-prem servers, prerequisites to enroll in hotpatching for Azure Arc-connected Windows Server 2025 machines, and subscription details. New in productivity and collaboration Here are highlights from the July 2025 security update for Windows 11, version 24H2 and version 23H2: * [TASKBAR] [24H2] The taskbar now resizes icons to fit more apps when space runs low, keeping everything visible and easy to access. * [SETTINGS] [24H2] The Settings homepage for managed devices now includes cards tailored for enterprise use. * [SHARE] [24H2] [23H2] When users share links or web content using the Windows share window, they’ll see a visual preview for that content. * [ACCESSIBILITY] [24H2] In addition to a redesign, the Accessibility menu in Quick settings features text descriptions for assistive technologies like Narrator and Voice access. For additional details, please refer to the June 2025 non-security preview update release notes for Windows 11, version 24H2 and version 23H2. If you want to preview what’s coming in the August 2025 security update release, install the July 2025 optional non-security update for Windows 11, version 24H2, which starts the gradual rollout of: * [START] [24H2] Apply Start menu pins only once with the Configure Start Pins policy. On first sign-in, users receive the Start menu pins you set as the IT admin. They can then personalize their pinned layouts. Lifecycle milestones Check out our lifecycle documentation for the latest updates on Deprecated features in the Windows client and Features removed or no longer developed starting with Windows Server 2025. * [WINDOWS 11 22H2] Windows 11, version 22H2 (Enterprise and Education editions) no longer receives non-security preview updates. Monthly security updates will continue through October 14, 2025, when version 22H2 officially reaches end of servicing. * [WINDOWS 11 23H2] Windows 11, version 23H2 (Home and Pro editions) will reach end of servicing on November 11, 2025. Enterprise and Education editions will continue to be serviced through November 10, 2026 per the Modern Lifecycle Policy. * [JSCRIPT9LEGACY] Beginning with Windows 11, version 24H2, JScript9Legacy—based on JScript9—is enabled by default to handle scripting processes and operations. It provides improved security and performance features, and it’s more compatible with modern web standards. Learn more from these FAQs. * [EOS] Windows 10 end of support (EOS) is now three months away. Find resources to help you get ready, check if current devices are eligible for the upgrade, and learn more about the Extended Security Update (ESU) program. For extra insights, watch the Technical Takeoff session on myths and misconceptions around Windows 10 EOS. * [WIN10 EOS] [IOT] One size does not fit all when it comes to Windows 10 EOS for Windows 10 IoT Enterprise. Find out which versions of Windows 10 IoT Enterprise are impacted on October 14, 2025. Additional resources Looking for the latest news and previews for Windows, Copilot, Copilot+ PCs, the Windows and Windows Server Insider Programs, and more? Check out these resources: * Windows Roadmap for new Copilot+ PCs and Windows features – filter by platform, version, status, and channel or search by feature name * Microsoft 365 Copilot release notes for latest features and improvements * Windows Insider Blog for what’s available in the Canary, Dev, Beta, or Release Preview Channels * Windows Server Insider for feature preview opportunities Thanks for reading! We’ll be back next month with even more news you can use. If I can make this monthly summary more helpful to you, please leave a comment below. Our goal is to make it easier to plan for and manage Windows in your organization. --- Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q\&A.