datacenter Archives

Winsage

December 8, 2024

Microsoft releases final Windows Server 2025 preview build in 2024

Microsoft has released Windows Server 2025 build 26334 for Windows Insiders, marking the final update for the year, with the next expected in January 2024. This build includes Desktop Experience and Server Core installation options for Datacenter and Standard editions, as well as the Annual Channel for Container Host and Azure Edition for virtual machine evaluation. The branding remains Windows Server 2025 in this preview, and issues reported should reference Windows Server vNext preview. Users enrolled in Server Flighting will receive this build automatically. New features include Windows Defender Application Control for Business (WDAC), which enforces a list of permitted software to minimize the attack surface, and improved accessibility for Windows Admin Center (WAC), allowing installation directly from the Windows Server Desktop for Datacenter or Standard preview users. There are known issues, including a labeling error that may reference Windows 11, which Microsoft plans to fix in a future release. Windows Server build 26334 is valid until September 15, 2025, with specific installation keys provided for Server Standard and Datacenter editions, while no key is required for Azure Edition.

Winsage

November 21, 2024

An end to rebooting? Microsoft’s latest change means you won’t need to restart your work laptop for every Windows update any more

Microsoft is rolling out hotpatching capabilities to Windows 11 Enterprise and Microsoft 365 users, allowing for rebootless updates. This feature enables users to download and install security updates without interrupting their work. Hotpatch updates activate immediately upon installation, reducing system downtime and improving efficiency by updating in-memory code without needing additional binaries. This process enhances security by allowing quicker installations and minimizing vulnerability time. Hotpatching has been available for Windows Server 2022 Datacenter: Azure Edition since February 2022, but there are no plans to extend this feature to Windows 11 Home and Pro editions at this time.

Winsage

November 20, 2024

Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365

Microsoft has introduced hotpatching in preview for Windows 365 and Windows 11 Enterprise 24H2 client devices, allowing security updates to be installed without rebooting. Hotpatching, which has been part of the Windows ecosystem since February 2022, enables background installation of security updates, patching in-memory code without disrupting user activities. These updates provide a complete set of OS security patches without additional features. The update cycle includes cumulative security updates in January, April, July, and October, with hotpatch updates in the intervening months, reducing required restarts from twelve to four annually. Organizations must have a Microsoft subscription that includes Windows Enterprise E3 or E5, devices running Windows 11 Enterprise version 24H2 or later, and Microsoft Intune for management to utilize hotpatching. Eligible organizations can enable hotpatch updates through a new Windows quality update policy in Intune. Devices not meeting the criteria will continue to receive standard monthly security updates.

Winsage

November 15, 2024

November delivers a heap of Microsoft patches for admins

Microsoft released updates addressing 89 CVE-listed security vulnerabilities, including two actively exploited flaws: CVE-2024-49039 (Windows Task Scheduler, CVSS 8.8) allowing privilege escalation, and CVE-2024-43451 (NTLM spoofing, CVSS 6.5) enabling account impersonation. Other critical vulnerabilities include CVE-2024-43602 (Azure CycleCloud, CVSS 9.9) allowing remote code execution, CVE-2024-43498 (.NET and Visual Studio, CVSS 9.8) exploitable via malicious requests, and CVE-2024-43639 (Windows Kerberos, CVSS 9.8) leading to remote code execution. CISA added the Windows Task Scheduler and NTLMv2 vulnerabilities to its Known Exploited Vulnerabilities Catalog and reported an increase in zero-day exploitations in 2023 compared to 2022. Citrix, Intel, AMD, and Adobe also released patches for various vulnerabilities.

Winsage

November 4, 2024

Windows Server 2025 now generally available, with advanced security, improved performance, and cloud agility – Microsoft Windows Server Blog

Windows Server 2025 is now generally available, featuring enhanced security capabilities such as improvements to Active Directory, SMB hardening with SMB over QUIC, and Delegate Managed Service Accounts for automated password management. It also introduces hybrid cloud capabilities like hotpatching enabled by Azure Arc, easy Azure Arc onboarding, and unified network policy management. The platform supports demanding workloads with built-in GPU partitioning, NVMe storage performance improvements, and significant enhancements in Hyper-V performance and scalability. System Center 2025 has been released alongside Windows Server 2025, offering improved management capabilities. Microsoft Ignite 2024 will showcase these features, and existing Windows Server customers can access Azure management tools at no extra cost.

Winsage

November 4, 2024

Big update for admins as Windows Server 2025 lands

Windows Server 2025 has been released, featuring significant updates including a larger Active Directory Domain Services database page size of 32k, enhancements in Software Defined Networking (SDN), improved security protocols for Server Message Block (SMB), and better virtualization capabilities. It is available in Standard, Datacenter, and Datacenter: Azure editions, and upgrades are possible from Windows Server 2012 R2. Key features removed include WordPad, the SMTP service, and the IIS 6 management console, while the Windows PowerShell 2.0 engine is no longer supported. Features no longer receiving development support include all versions of NTLM, the Computer Browser driver and service, and VBScript. The hardware requirements include a 64-bit processor with a minimum of 1.4 GHz, support for the x64 instruction set, POPCNT instruction, and SSE4.2 instruction set. Known issues include installation text appearing in English in non-English environments and a "boot device inaccessible" error in some iSCSI setups. Windows Server 2022 will remain under mainstream support until October 13, 2026, while Windows Server 2025 will receive mainstream support until October 9, 2029, followed by extended support until October 10, 2034.

Winsage

October 25, 2024

Windows Server 2025 Insider Preview build 26311 is now available

Microsoft has released Windows Server build 26311 for the Windows Server Insider Program, branding it as Windows Server 2025. The change log for build 26311 is similar to build 26304 and includes the Windows Defender Application Control for Business (WDAC), which enhances security by enforcing a list of authorized software. The Windows Server 2025 Security Baseline Preview allows users to apply over 350 preconfigured security settings categorized by server roles: Domain Controller, Member Server, and Workgroup Member. Known issues include incorrect labeling for the flight, problems with WinPE PowerShell scripts, intermittent upgrade failures from Windows Server 2019 or 2022, issues with archiving event logs, and installation recommendations related to Secure Launch/DRTM. Downloads are available in various formats, but may not be accessible in certain regions due to Microsoft's sales suspension in Russia. The preview is set to expire on September 15, 2025.

Winsage

October 12, 2024

Windows Server 2025 Insider Preview build 26304 adds Windows Defender Application Control

Microsoft has released build 26304 of Windows Server for the Windows Server Insider Program, transitioning to the Windows Server 2025 branding. The key feature introduced is Windows Defender Application Control for Business (WDAC), which enforces a strict list of approved software and includes a predefined default policy for implementation via PowerShell cmdlets. The Windows Server 2025 Security Baseline Preview is also available, featuring over 350 preconfigured settings based on Microsoft’s best practices, categorized by server roles such as Domain Controller, Member Server, and Workgroup Member. Users are advised to preview the security baseline only on test systems due to potential irreversible configurations. The new build will be automatically delivered to Server Flighting participants, and the updated Feedback Hub app is available for Server Desktop users. Known issues include mislabeling in flight references, PowerShell script malfunctions in WinPE, intermittent upgrade failures from previous Windows Server versions, potential crashes when archiving event logs, and restrictions for those with Secure Launch/DRTM code path enabled. Downloads are available in limited regions, with previews for Windows Server Long-Term Servicing Channel and Datacenter Azure Edition in various formats. The preview keys are valid only for preview builds, and the preview is set to expire on September 15, 2025.

Winsage

September 27, 2024

Windows Server build 26296 is out with Windows Admin Center improvements and more

Windows Server Insiders can explore a new preview build, numbered 26296, which introduces enhancements such as the ability to install Windows Admin Center directly from the desktop and access the new Feedback Hub app for Windows Server users. Key features of build 26296 include: - Windows Admin Center (WAC) can be downloaded and installed directly from the Windows Server Desktop for users of the Windows Server 2025 preview. - The new Feedback Hub app is available for Server Desktop users and should automatically update to the latest version. Known issues in this build include: - A Sysprep issue that affects generalizing images. - Confusion with the flighting label that may reference Windows 11. - Problems with the installation of PowerShell in WinPE. - Intermittent upgrade failures for those validating upgrades from Windows Server 2019 or 2022. - An issue with archiving event logs causing the Windows Event Log service to crash. - Recommendations against installing this build if Secure Launch or DRTM code paths are enabled. Links and activation keys for downloading this build are available in the announcement post on the official Tech Community forums.

Winsage

September 23, 2024

Windows Server 2025 gets hotpatching option, without reboots – Help Net Security

Organizations transitioning to Windows Server 2025 can utilize hotpatching, which allows security updates to be applied to running processes without rebooting the system. This feature, previously available in Windows Server 2022 Azure Edition, will be accessible on various platforms, including on-premises and virtual environments. Hotpatching reduces the need for reboots, easing the workload for server administrators and simplifying patch management. For Windows Server 2025 Standard and Datacenter editions, hotpatching will be managed through Azure Arc. Windows Server 2025 is currently in its Preview phase and is expected to be released by the end of 2024, introducing new security features and phasing out some legacy functionalities.