enterprise management Archives

Winsage

November 20, 2025

Evicting Copilot: The Insider’s Guide to Purging AI from Windows 11

Microsoft's Windows 11 has introduced Copilot, an AI assistant aimed at enhancing productivity, but it has faced criticism from users concerned about privacy and resource usage. Copilot offers features like document summarization and image generation, but some users have labeled it an unwelcome presence. During the March 2025 Patch Tuesday, some users experienced Copilot being inadvertently uninstalled. Privacy concerns and performance issues have led many to seek ways to disable or remove Copilot, with methods including hiding the Copilot button, using Group Policy Editor, editing the Windows Registry, and uninstalling the app through Settings or PowerShell commands. In corporate environments, IT administrators can disable Copilot using Intune or Group Policy. Users have reported that Windows updates can reinstall Copilot, prompting them to disable automatic updates or block related domains. Recent user sentiment indicates growing fatigue with AI features, and there is potential for Microsoft to introduce easier opt-out options in future updates.

Winsage

November 18, 2025

Microsoft is bringing native Sysmon support to Windows 11, Server 2025

Microsoft is integrating Sysmon into Windows 11 and Windows Server 2025, eliminating the need for separate deployments of Sysinternals tools. This integration will allow users to utilize custom configuration files for filtering captured events, which will be logged in the Windows event log. Sysmon is a free tool that monitors and blocks suspicious activities while logging events such as process creation, DNS queries, and executable file creation. It will be easily installable via the "Optional features" settings in Windows 11, with updates delivered through Windows Update. Sysmon will retain its standard features, including support for custom configuration files and advanced event filtering. Key events logged by Sysmon include process creation, network connections, process access, file creation, process tampering, and WMI events. Comprehensive documentation and new enterprise management features will be released next year.

Winsage

November 18, 2025

Microsoft to integrate Sysmon directly into Windows 11, Server 2025

Microsoft will integrate Sysmon into Windows 11 and Windows Server 2025, eliminating the need for standalone deployment. Sysmon will allow users to utilize custom configuration files for event filtering, logging events in the Windows event log. It tracks events such as process creation, DNS queries, executable file creation, changes to the clipboard, and auto-backup of deleted files. Users can access Sysmon through "Optional features" in Windows 11 and receive updates via Windows Update. Key events logged by Sysmon include process creation, network connections, process access, file creation, process tampering, and WMI events. Comprehensive documentation and new enterprise management features will be released next year.

Winsage

May 6, 2025

Microsoft pushes fix for Windows 11 update 0x80240069 errors

Microsoft has resolved an issue that affected the delivery of Windows 11 24H2 feature updates via Windows Server Update Services (WSUS) after the installation of the April 2025 security updates. Users reported upgrade problems, specifically encountering error code 0x80240069 during attempts to update from Windows 11 23H2 or 22H2. The update complications primarily impact enterprise environments using WSUS, while home users are less likely to experience these issues. Microsoft is rolling out a fix through Known Issue Rollback (KIR) for enterprise-managed devices, requiring IT administrators to implement the KIR Group Policy on affected endpoints. Additionally, Microsoft is addressing a separate issue where some PCs were upgraded to Windows 11 despite Intune policies preventing such upgrades.