Windows Server

Winsage
July 25, 2025
Microsoft is ending support for Windows 10, prompting users to consider upgrading to Windows 11, though many older PCs may not meet compatibility requirements. Flyby11 is a utility that helps users bypass these restrictions by making the system appear as if it is running on Windows Server, thus avoiding checks for processor compatibility, TPM, and Secure Boot. Flyby11 is free but does not guarantee a smooth upgrade experience, and users are advised to back up their data before proceeding. To use Flyby11, users must download and unzip the latest version, check their system's compatibility, and initiate the upgrade process by dragging and dropping a Windows 11 ISO file into the interface. Potential issues include hardware and applications not functioning correctly, persistent notifications about incompatibility, and lack of support from Microsoft for incompatible devices. Users may also miss out on updates, although they can manually retrieve some from the Microsoft Update Catalog. Alternatives to upgrading include purchasing a new PC, continuing to receive Windows 10 updates for another year, or switching to a different operating system like Linux, which is compatible with older hardware.
Winsage
July 22, 2025
Microsoft has identified an issue with the Cluster service on Windows Server 2019 following the installation of the July security update KB5062557, released on July 8th. This issue causes the Cluster service to repeatedly stop and restart, leading to nodes failing to rejoin the cluster, entering quarantine states, and causing virtual machines to restart multiple times. Administrators using BitLocker on Cluster Shared Volumes may also face additional errors. Microsoft has advised affected organizations to contact their business support teams for assistance while a mitigation strategy is being developed. Additionally, Microsoft is working on a resolution to be included in a future Windows update.
Winsage
July 21, 2025
Windows administrators need to keep their systems updated for security and performance, with control over the timing and type of updates being crucial. There are three primary methods for managing Windows updates: 1. Per-client updates: Default for standalone clients, offering minimal control. 2. Windows Server Update Services (WSUS): Centralized management since 2005, allowing extensive control but requiring more administrative effort. 3. Windows Update for Business (WUfB): A cloud-based model providing greater control through tools like Group Policy and Mobile Device Management (MDM). WUfB offers several advantages, including policy-based management, granular control over deployments, and the elimination of on-premises WSUS servers. To implement WUfB, organizations must meet specific requirements, including using Windows 10/11 Pro, Enterprise, or Team editions, Azure AD joining, and having the necessary licenses such as Microsoft 365 Business Premium. Administrators can defer feature updates for up to 365 days and quality updates for up to 30 days using Group Policy. They can create servicing rings for managing update deployments, such as testing, pilot, and rollout rings. Configuration involves creating Group Policy Objects (GPOs) linked to the appropriate Organizational Units (OUs) and setting relevant policies. WUfB reporting is available through the Azure Portal, allowing administrators to monitor update statuses and troubleshoot devices.
Winsage
July 16, 2025
Microsoft has announced that Secure Boot certificates for Windows devices will begin to expire in June 2026, which may affect device functionality and security. An out-of-band update (KB5064489) was released on July 13, 2025, to address immediate security concerns and prepare systems for the certificate transition. This update includes essential quality improvements and fixes issues related to the startup of certain Azure Virtual Machines when Virtualization-Based Security (VBS) is enabled. The update is cumulative and incorporates previous security fixes. Users are advised to install the update promptly and review guidance for updating their certificates before the expiration deadline.
Winsage
July 16, 2025
Microsoft released the KB5062553 update for Windows, which caused boot failures in some Generation 2 Azure Virtual Machines (VMs) with Trusted Launch disabled. In response, Microsoft issued an emergency patch, KB5064489, applicable to Windows 11 and Windows Server 2025, to address these issues. Affected VMs may experience boot failures if Virtualization-Based Security (VBS) is enforced via registry key. Users are advised to check if their VMs are created as “Standard” and if VBS is enabled. The KB5064489 update is not automatically deployed and must be manually downloaded from the Microsoft Update Catalog, with specific installation methods outlined.
Winsage
July 15, 2025
Microsoft released an emergency update to address a bug affecting Azure virtual machines (VMs) that prevented them from launching when the Trusted Launch setting was disabled while Virtualization-Based Security (VBS) was enabled. This issue emerged during the July Patch Tuesday security updates and impacted Windows Server 2025 and Windows 11 24H2, specifically affecting VMs using version 8.0 with VBS provided by the host. The root cause was identified as a secure kernel initialization issue, which has been fixed with the KB5064489 out-of-band update. Administrators are advised to check if their VMs are created as "Standard" and if VBS is enabled. If affected, they should install the out-of-band update instead of the July 8th KB5062553 Patch Tuesday update and consider using the Trusted Launch security feature. Microsoft has also updated Windows Server 2025 VM images to include the latest cumulative update addressing this bug.
Search