Server 2025 Archives

Winsage

April 13, 2026

Microsoft tightens Windows 11 driver security rules

Microsoft will enforce a new mandate requiring all hardware drivers to comply with the Windows Hardware Compatibility Program (WHCP) standards starting April 1, 2026. This change will eliminate the "cross-signing" system that allowed older drivers with expired certificates to remain trusted. The enforcement of WHCP certification will apply to various versions of Windows 11 and Windows Server 2025. Users may face blocks when installing older drivers on new systems, but existing installations will not be immediately disrupted. Microsoft plans to introduce an "allow list" for vetted legacy drivers to ensure essential equipment remains operational during the transition. The initial rollout will occur in "evaluation mode," allowing Microsoft to monitor driver behavior without blocking software. For corporate environments, Microsoft offers "Application Control for Business" to allow specific software while maintaining security measures.

Winsage

April 7, 2026

Windows 11 is phasing out old kernel drivers: Microsoft will permanently end cross-signing in April

On March 26, 2026, Microsoft announced that starting with the April security update, it will eliminate trust in kernel drivers from the previous Cross-Signed Program for Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. Only drivers that have passed the Windows Hardware Compatibility Program (WHCP) or are on Microsoft's allow list will be allowed to load by default. This change aims to enhance security by establishing a robust chain of trust and addressing vulnerabilities associated with old kernel drivers. Users of older hardware that rely on specialized drivers may face challenges, as drivers not WHCP-signed or explicitly allowed will be excluded from the trusted zone.

Winsage

March 31, 2026

Microsoft’s April 2026 Windows Update Ends Trust for Cross-Signed Kernel Drivers

Microsoft will eliminate default trust for kernel drivers signed through the outdated cross-signed root program with the April 2026 Windows update. All new kernel drivers must be certified via the Windows Hardware Compatibility Program (WHCP). This change will affect Windows 11 builds 24H2, 25H2, and 26H1, as well as Windows Server 2025, with future versions following the same standards. The update will begin in evaluation mode, monitoring driver loads for compliance before transitioning to enforcement mode. An allow list of reputable drivers will be maintained for legacy hardware, and enterprises can use Application Control for Business policies to authorize specific drivers. Users with older hardware may face compatibility issues if their drivers are not WHCP-certified.

Winsage

March 28, 2026

A critical Windows security fix puts legacy hardware on borrowed time

Microsoft is enforcing a new kernel trust policy affecting Windows versions 11 24H2, 25H2, 26H1, and Windows Server 2025 to enhance security and integrity. This policy follows the deprecation of a previous program in 2021, which expired associated certificates, although third-party drivers signed by that program remain broadly trusted. Initially, systems will enter an evaluation mode to monitor and audit driver loads for compatibility issues, lasting until a runtime of 100 hours and 2-3 boot-start restarts are achieved. If all drivers are deemed trustworthy, the new policy will be activated; otherwise, the system will stay in evaluation mode until compliance issues are resolved.

Winsage

March 27, 2026

Microsoft tells crusty old kernel drivers to get with the Windows Hardware Compatibility Program

Microsoft is enhancing the security of the Windows kernel by eliminating trust for kernel drivers not certified through the Windows Hardware Compatibility Program (WHCP) starting with the April 2026 Windows Update. This change specifically targets kernel drivers signed by the now-obsolete cross-signed root program, which has been associated with security vulnerabilities. The new policy will initially be introduced in an "evaluation mode" to monitor and audit driver loads for potential compatibility issues. Custom kernel drivers can still be used under the Application Control for Business policy, but must be signed by an authority within the device's Secure Boot Platform Key or Key Exchange Key variables. The changes will impact Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025.

Winsage

March 25, 2026

Microsoft Removes Registry Hack for Faster NVMe SSDs in Windows 11

Microsoft has removed a registry hack that allowed users to unlock faster speeds for NVMe SSDs, following the introduction of native NVMe SSD support in Windows Server 2025. This change aims to enhance SSD performance by eliminating the need for the previous method that translated NVMe commands into SCSI commands, which caused latency and reduced speeds. Currently, Windows 11 does not support native NVMe SSD processing and continues to use the older command conversion method. Although the registry hack is now obsolete, third-party tools like ViVeTool can still enable this feature through specific commands, but using such tools carries risks.

Winsage

March 23, 2026

Microsoft blocks registry trick that unlocked performance-boosting native NVMe driver on Windows 11 — workarounds still exist to enable support, however

Microsoft has disabled a registry modification that allowed Windows 11 users to activate native NVMe support. This change was noted in the latest Insider builds of Windows 11. The registry trick had previously improved random write performance by up to 85% and enhanced random I/O across various drives and CPUs. However, it caused compatibility issues with third-party SSD management tools and could trigger recovery prompts from BitLocker. Users can still enable native NVMe support using a third-party utility called ViVeTool, which requires an elevated command prompt and a system reboot. The timeline for official native NVMe support in Windows 11 versions 25H2 and 26H2 is uncertain.

Winsage

March 17, 2026

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft is implementing a two-phase initiative to disable the hands-free deployment feature in Windows Deployment Services (WDS) due to a critical remote code execution vulnerability (CVE-2026-0386) identified on January 13, 2026. This vulnerability arises from improper access control related to the Unattend.xml file, which is transmitted over an unauthenticated RPC channel, allowing attackers on the same network segment to exploit it. Successful exploitation could grant SYSTEM-level privileges and compromise OS deployment images. The initiative includes: - Phase 1 (January 13, 2026): The hands-free deployment feature will remain operational but can be disabled. New Event Log alerts and registry key controls will be introduced to enforce secure practices. - Phase 2 (April 2026): The hands-free deployment feature will be completely disabled by default for administrators who have not modified registry settings. Administrators can temporarily re-enable the feature by setting AllowHandsFreeFunctionality = 1, but this is not secure. Recommendations include reviewing WDS configurations, applying security updates, setting registry keys for secure behavior, monitoring Event Viewer for alerts, and considering alternative deployment methods. Microsoft’s KB article 5074952 provides further guidance for impacted organizations.

Winsage

March 11, 2026

New Windows-native NVMe driver benchmarks reveal transformative performance gains, up to 64.89% — lightning-fast random reads and breakthrough CPU efficiency

Microsoft's native NVMe driver, initially released for Windows Server 2025, is now available for Windows 11, enhancing SSD performance. Users can achieve performance gains through registry tweaks. Benchmark tests showed significant improvements in random read bandwidth and input/output operations per second (IOPS). In a test with AMD EPYC 9754 processors and Solidigm P5316 SSDs, the following results were observed: - 4K Random Read: Non-Native Driver 6.1 GiB/s, Native Driver 10.058 GiB/s (+64.89%) - 64K Random Read: Non-Native Driver 74.291 GiB/s, Native Driver 91.165 GiB/s (+22.71%) - 64K Sequential Read: Non-Native Driver 35.596 GiB/s, Native Driver 35.623 GiB/s (+0.08%) - 128K Sequential Read: Non-Native Driver 86.791 GiB/s, Native Driver 92.562 GiB/s (+6.65%) - 64K Sequential Write: Non-Native Driver 44.67 GiB/s, Native Driver 50.087 GiB/s (+12.13%) - 128K Sequential Write: Non-Native Driver 50.477 GiB/s, Native Driver 50.079 GiB/s (-0.79%) Random read latency decreased significantly, with 4K and 64K read times dropping by 38.46% and 13.39%, respectively. However, 64K sequential write latency increased by 39.85%, while 128K sequential write latency rose by 12.43%. The NVMe driver also showed favorable CPU usage results during sequential read and write operations. It is not enabled by default in Windows 11, requiring users to make registry changes to activate it.

Winsage

March 6, 2026

Windows Server 2025 Native NVMe: Storage Stack Overhaul and Benchmark Results

On December 15, 2025, Microsoft announced native NVMe support in Windows Server 2025, marking a significant evolution in data management and access. The new architecture replaces Disk.sys with NVMeDisk.sys, allowing direct communication from the filesystem to hardware via StorMQ, eliminating latency and enhancing performance. Testing revealed increased read speeds, particularly in random 4K and 64K benchmarks, with significant reductions in average read latency and lower CPU usage during sequential operations. Write operations showed modest improvements. A registry modification is required to enable this feature, and caution is advised due to potential complications with NVMe drives when deduplication is enabled.