Server 2025

Winsage
July 1, 2026
Microsoft has restored GIF functionality in the Emoji Panel for Windows 11 users after the retirement of the Tenor GIF search engine's API, which caused disruptions starting June 30. The company has transitioned to GIPHY as the new GIF provider, implemented in the preview cumulative update KB5095093 released on June 23 for Windows 11 versions 24H2, 25H2, and 26H1. Users are advised to install the latest updates to restore GIF functionality. Microsoft is also working on a solution for users on Windows 11 23H2 and Windows Server 2025. The KB5095093 update includes the Point-in-Time Restore feature and addresses various bugs and known issues.
Winsage
June 29, 2026
Microsoft has extended the availability of Windows Server 2022 hotpatching until 2027, specifically for the Windows Server 2022 Datacenter: Azure Edition. Mainstream support for Windows Server 2022 will end on October 13, 2026, while extended support will last until October 14, 2031. Hotpatching allows administrators to apply security updates without server downtime, although quarterly cumulative updates requiring a reboot will still occur. This feature is exclusive to Azure Edition users, with no similar support for on-premises users of Windows Server 2022. Additionally, hotpatch updates are being introduced for Windows 11 24H2 Enterprise clients and are now the default for Windows Autopatch.
Winsage
June 18, 2026
Microsoft resolved an installation issue affecting the June 2026 security updates (KB5094122) on Windows Server 2016 systems that had not previously installed the KB5087537 update, which was a prerequisite. Users had encountered 0x80070002 or FILENOTFOUND errors. Microsoft acknowledged the problem and confirmed that affected devices should no longer experience installation failures for the June 2026 update. Additionally, Microsoft fixed a similar issue with the May 2026 Windows 11 security update (KB5089549) that resulted in 0x800f0922 errors due to insufficient space on the EFI System Partition. They also warned users about potential installation issues with error codes 0x80073712 or 0x800f0993 on devices upgraded to Windows 11 24H2 or 25H2. Furthermore, Microsoft addressed a boot issue for Windows Server 2025 devices after the April 2026 update and a bug affecting installation failures for updates since May 2025 using the Windows Update Standalone Installer (WUSA). Lastly, they are investigating a separate issue preventing third-party applications from launching essential Office programs after the June 2026 updates.
Tech Optimizer
June 18, 2026
Microsoft's Build event highlighted its new AI agent, Scout, while SQL Server received limited attention, raising concerns about its future following Rohan Kumar's departure. Arun Ulag now oversees SQL Server, but analysts note a shift in priorities with SQL Server seemingly less emphasized. The 2022 SQL Server release was viewed as more of a marketing effort than a response to customer needs. Despite the introduction of vector search in SQL Server 2025, competitors had already offered similar features. Microsoft is shifting towards open-source solutions and PostgreSQL, although it reassured users of its commitment to SQL Server. SQL Server, launched in 1989, remains popular, ranking behind Oracle and MySQL. The on-premises database market is lucrative, generating significant revenue, and SQL Server holds a substantial share. Microsoft is unlikely to abandon this profitable segment, aiming to transition users to Azure SQL and SQL database within Fabric. However, migration compatibility issues may arise. Microsoft is also investing in PostgreSQL offerings to compete in the cloud database market, which is evolving rapidly. AWS currently leads in cloud DBMS revenue, posing a challenge for Microsoft. Despite uncertainties, support for SQL Server 2025 is guaranteed until 2036.
Winsage
June 13, 2026
Microsoft has introduced DNS over HTTPS (DoH) on Windows Server 2025, enhancing network security by encrypting DNS traffic for client-to-server communications. This feature, previously available only in Windows client editions, is now part of Microsoft's Zero Trust architecture. DoH routes DNS traffic through HTTPS secured with TLS certificates, preventing eavesdropping and safeguarding DNS data from tampering. It adheres to the IETF DNS over HTTPS standard (RFC 8484) and can integrate with existing infrastructure, allowing organizations to maintain unencrypted DNS traffic if needed. DoH is available for Windows Server 2025 systems updated to the latest Patch Tuesday release, and Microsoft has provided guidance on enabling this feature. However, DNS traffic exchanged between two DNS servers will not be encrypted by DoH.
Winsage
June 13, 2026
Microsoft has rolled out support for DNS over HTTPS (DoH) in Windows DNS Server as part of the Windows Server 2025 update. This feature enhances the security of DNS communications through encryption and server authentication, allowing encrypted client-to-resolver traffic in on-premises DNS environments. DoH encrypts DNS queries and responses using HTTPS, protecting sensitive information from interception or alteration. It also uses digital certificates for DNS server authentication to reduce spoofing and impersonation risks. The feature is compatible with existing Windows DNS Server configurations and supports both encrypted and traditional DNS. DoH support is available on Windows Server 2025 with the June 9, 2026 update or newer. Administrators must configure a trusted TLS certificate and enable DoH in the DNS Server service to deploy this feature. Microsoft plans to extend encryption capabilities to include communication between the Windows DNS Server and upstream DNS resolvers in the future.
Winsage
June 12, 2026
Microsoft resolved an issue affecting the installation of Windows updates released since May 2025, which primarily impacted users using the Windows Update Standalone Installer (WUSA) from a network share, especially in enterprise environments. The problem was significant for devices running Windows 11 24H2/25H2 and Windows Server 2025, but did not occur when handling a single .msu file or when files were stored locally. In August 2025, Microsoft acknowledged that updates installed using WUSA might fail with error ERRORBADPATHNAME when multiple .msu files were involved. A Known Issue Rollback Group Policy was implemented in September 2025 to mitigate the impact on home and non-managed business devices. The issue was ultimately resolved with cumulative updates released in June 2026 for Windows 11 (KB5079391) and Windows Server 2025 (KB5094125). Microsoft provided a workaround for users experiencing difficulties with prior updates by suggesting they save .msu files locally for installation. Users were also advised to wait at least 15 minutes after installing an .msu file via WUSA before checking the Update History page. Additionally, Microsoft had previously addressed another issue in April 2025 that affected enterprise customers installing security updates via WSUS, which recurred in the August 2025 updates. Microsoft warned customers about potential issues with installing the latest monthly updates on devices upgraded to Windows 11 24H2 or 25H2.
Winsage
June 11, 2026
Microsoft has resolved an issue affecting certain Windows Server 2025 devices that were booting into BitLocker recovery mode after the April 2026 security update. This issue was linked to specific BitLocker Group Policy configurations and required users to input their BitLocker recovery key upon the first restart after the update. However, this key would only need to be entered once for subsequent restarts, provided the group policy configuration remained unchanged. The problem primarily affected enterprise systems rather than personal devices. The issue arose under specific conditions: BitLocker was enabled on the operating system drive, a particular Group Policy was set, the Secure Boot State PCR7 Binding was "Not Possible," the Windows UEFI CA 2023 certificate was present, and the device was not already using the 2023-signed Windows Boot Manager. Microsoft released fixes in the KB5094125 and KB5093998 updates to address this problem, preventing devices with incompatible group policy configurations from installing the 2023-signed Windows Boot Manager. Event ID 1032 in the System event log indicates the issue when Windows updates are installed. For IT administrators unable to deploy the latest updates, it is recommended to remove the Group Policy configuration before installing updates or to implement a Known Issue Rollback (KIR) on affected devices. Additionally, Microsoft had previously addressed similar BitLocker recovery issues in August 2024 and May 2025.
Winsage
June 10, 2026
On June 9, 2026, Microsoft announced a vulnerability in Windows BitLocker, identified as CVE-2026-50507, which allows unauthorized attackers with physical access to bypass BitLocker Device Encryption. The flaw is categorized under CWE‑306, indicating a missing authentication check for a critical function, and has a CVSS v3.1 base score of 6.8. It affects various versions of Windows 10, Windows 11, and Windows Server from 2012 R2 to 2025. Microsoft released security updates to address the vulnerability, and it was classified as “Exploitation More Likely.” Although there is no evidence of active exploitation, proof-of-concept code exists. Organizations are advised to implement multi-factor configurations and reassess device handling and security protocols.
Winsage
June 8, 2026
Microsoft has rolled out new Defender patches for Windows 11 ISOs, aligning with its commitment to security updates. Updates for Microsoft Defender for Endpoint's endpoint detection and response (EDR) will no longer be included with monthly Windows security updates or Patch Tuesdays; they will now be delivered via Microsoft Update. This change aims to allow faster deployment of EDR enhancements independently of the operating system's update cycle. The rollout for Windows 10 began in late May 2026, with plans to extend support to Windows 11 and other versions by fall 2026. EDR updates will be delivered using KB5005292, contingent on prerequisite updates. Systems must run Sense version 10.8798.25857.1000 or later and have specific Windows updates installed to qualify for the new delivery method. Organizations should align their update policies with this new approach before the broader rollout. In case of significant issues, the EDR update can be reverted using a specific command. Further details are available in the Microsoft 365 Admin Center under message ID MC1381119.
Search