Windows Archive
Nothing is sacred. With this update, we are introducing the ability to rewrite content in Notepad with the help of generative AI. You can rephrase sentences, adjust the tone, and modify the length of your content based on your preferences to refine your text. ↫ Dave Grochocki at the Windows Insider Blog This is the reason everything is going to shit.
Today, Microsoft announced the general availability of Windows Server IoT 2025. This new release includes several improvements, including advanced multilayer security, hybrid cloud agility, AI, performance enhancements, and more. Microsoft claims that Windows Server IoT 2025 will be able to handle the most demanding workloads, including AI and machine learning. It now has built-in support for GPU partitioning and the ability to process large datasets across distributed environments. With Live Migration and High Availability, it also offers a high-performance platform for both traditional applications and advanced AI workloads. ↫ Pradeep Viswanathan at Neowin Windows Server IoT 2025 brings the same benefits, new features, and improvements as the just-released regular Windows Server 2025. I must admit I’m a little unclear as to what Windows Server IoT has to offer over the regular edition, and reading the various Microsoft marketing materials and documents don’t really make it any clearer for me either, since I’m not particularly well-versed in all that enterprise networking lingo.
Microsoft has confirmed the general availability of Windows Server 2025, which, as a long-term servicing channel (LTSC) release, will be supported for almost ten years. This article describes some of the newest developments in Windows Server 2025, which boasts advanced features that improve security, performance, and flexibility. With faster storage options and the ability to integrate with hybrid cloud environments, managing your infrastructure is now more streamlined. Windows Server 2025 builds on the strong foundation of its predecessor while introducing a range of innovative enhancements to adapt to your needs. ↫ What’s new in Windows Server 2025 article It should come as no surprise that Windows Server 2025 comes loaded with a ton of new features and improvements. I already covered some of those, such as DTrace by default, NVMe and storage improvements, hotpatching, and more. Other new features we haven’t discussed yet are a massive list of changes and improvements to Active Directory, a feature-on-demand feature for Azure Arc, support for Bluetooth keyboards, mice, and other peripherals, and tons of Hyper-V improvements. SMB is also seeing so many improvements it’s hard to pick just a few to highlight, and software-defined networking is also touted as a major aspect of Server 2025. With SDN you can separate the network control plane from the data plane, giving administrators more flexibility in managing their network. I can just keep going listing all of the changes, but you get the idea – there’s a lot here. You can try Windows Server 2025 for free for 180 days, as a VM in Azure, a local virtual machine image, or installed locally through an ISO image.
Another day, another Windows Recall problem. Microsoft is delaying the feature yet again, this time from October to December. “We are committed to delivering a secure and trusted experience with Recall. To ensure we deliver on these important updates, we’re taking additional time to refine the experience before previewing it with Windows Insiders,” says Brandon LeBlanc, senior product manager of Windows, in a statement to The Verge. “Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot Plus PCs by December.” ↫ Tom Warren at The Verge Making Recall secure, opt-in, and uninstallable is apparently taking more time than the company originally planned. When security, opt-in, and uninstallable are not keywords during your design and implementation process for new features, this is the ungodly mess that you end up with. This could’ve all been prevented if Microsoft wasn’t high on its own “AI” supply.
There’s been more controversy regarding Microsoft’s Recall feature for Windows, with people supposedly discovering Recall was being secretly installed on Windows 11 24H2. Furthermore, trying to remove this secretly installed Recall would break Explorer, as it seemed Explorer had a dependency on Recall. Unsurprisingly, this spread like wildfire all across the web, but I didn’t report on it because something about it felt off – reports were sporadic and vague, and there didn’t seem to be any consistency in the various stories. Well, it turns out that it is a big misunderstanding arising from Microsoft’s usual incompetence. “Ever since the Recall security fiasco in summer, all insider and production builds lack Recall completely,” explains Windows watcher Albacore, in messages to The Verge. Albacore created the Amperage tool that allowed Recall to run on older Snapdragon chips. The references we’re seeing in current installs of 24H2 are related to Microsoft making it easier for system admins to remove Recall or disable it. “Ironically, Microsoft going out of its way to make removal easier is being flipped into AI / spying / whatever hoaxes,” says Albacore. “Microsoft has an ungodly complex and long winded system for integrating development changes into a mainline build, parts of the optional-izing work were most likely not merged at once, and thus produce crash loops in very specific scenarios that slipped testing,” explains Albacore. ↫ Tom Warren at The Verge What this story really highlights is just how little trust Microsoft has left with its very own users. Microsoft has a history of silently and secretely re-enabling features users turned off, re-installing Edge without any user interaction or consent, lots of disabled telemetry features suddenly being turned on again after an update, and so on. Over the years, this has clearly eroded any form of trust users have in Microsoft, so when a story like this hits, users just assume it’s Microsoft doing shady stuff again. Can you blame them? All of this is made worse by the absolutely dreadfully bad messaging and handling of the Recall feature. The shoddy implementation, the complete lack of security, the severe inability to read the room about the privacy implications of a feature like Recall, combined with the lack of trust mentioned above, and you have a very potent cocktail of misinformation entirely of Microsoft’s own making. I’m not trying to excuse Microsoft here – they themselves are the only ones to blame for stories like these. I have a feeling we’re going to see a lot more Recall problems.
There’s a date looming on the horizon for the vast majority of Windows users. While Windows 11 has been out for a long time now, most Windows users are using Windows 10 – about 63% – while Windows 11 is used by only about 33% of Windows users. In October 2025, however, support for Windows 10 will end, leaving two-thirds of Windows users without the kind of updates they need to keep their system secure and running smoothly. Considering Microsoft is in a lot of hot water over its security practices once again lately, this must be a major headache for the company. The core of the problem is that Windows 11 has a number of very strict hardware requirements that are mostly entirely arbitrary, and make it impossible for huge swaths of Windows 10 users to upgrade to Windows 11 even if they wanted to. And that is a problem in and of itself too: people don’t seem to like Windows 11 very much, and definitely prefer to stick to Windows 10 even if they can upgrade. It’s going to be quite difficult for Microsoft to convince those people to upgrade, which likely won’t happen until these people buy a new machine, which in turn in something that just isn’t necessary as often as it used to be. That first group of users – the ones who want to upgrade, but can’t – do have unofficial options, a collection of hacks to jank Windows 11 into installing on unsupported hardware. This comes with a number of warnings from Microsoft, so you may wonder how much of a valid option this really is. Ars Technica has been running Windows 11 on some unsupported machines for a while, and concludes that while it’s problem-free in day-to-day use, there’s a big caveat you won’t notice until it’s time for a feature update. These won’t install without going through the same hacks you needed to use when you first installed Windows 11 and manually downloading the update in question. This essentially means you’ll need to repeat the steps for doing a new unsupported Windows 11 install every time you want to upgrade. As we detail in our guide, that’s relatively simple if your PC has Secure Boot and a TPM but doesn’t have a supported processor. Make a simple registry tweak, download the Installation Assistant or an ISO file to run Setup from, and the Windows 11 installer will let you off with a warning and then proceed normally, leaving your files and apps in place. Without Secure Boot or a TPM, though, installing these upgrades in place is more difficult. Trying to run an upgrade install from within Windows just means the system will yell at you about the things your PC is missing. Booting from a USB drive that has been doctored to overlook the requirements will help you do a clean install, but it will delete all your existing files and apps. ↫ Andrew Cunningham at Ars Technica The only way around this that may work is yet another hack, which tricks the update into thinking it’s installing Windows Server, which seems to have less strict requirements. This way, you may be able to perform an upgrade from one Windows 11 version to the next without losing all your data and requiring a fresh installation. It’s one hell of a hack that no sane person should have to resort to, but it looks like it might be an inevitability for many. October 2025 is going to be a slaughter for Windows users, and as such, I wouldn’t be surprised to see Microsoft postponing this date considerably to give the two-thirds of Windows users more time to move to Windows 11 through their regular hardware replacements cycles. I simply can’t imagine Microsoft leaving the vast majority of its Windows users completely unprotected. Spare a thought for our Windows 10-using friends. They’re going to need it.
Windows 11, version 24H2 represents significant improvements to the already robust update foundation of Windows. With the latest version, you get reduced installation time, restart time, and central processing unit (CPU) usage for Windows monthly updates. Additionally, enhancements to the handling of feature updates further reduce download sizes for most endpoints by extending conditional downloads to include Microsoft Edge. Let’s take a closer look at these advancements. ↫ Steve DiAcetis at the Windows IT Pro Blog Now this is the kind of stuff we want to see in new Windows releases. Updating Windows feels like a slow, archaic, and resource-intensive process, whereas on, say, my Fedora machines it’s such an effortless, lightweight process I barely even notice it’s happening. This is an area where Windows can make some huge strides that materially affect people – Windows updates are a meme – and it’s great to see Microsoft working on this instead of shoving more ads onto Windows users’ desktops. In this case, Microsoft managed to reduce installation time, make reboots faster, and lower CPU and RAM usage through a variety of measures roughly falling in one of three groups: improved parallel processing, faster and optimised reading of update manifests, and more optimal use of available memory. We’re looking at some considerable improvements here, such as a 45% reduction in installation time, 15-25% less CPU usage, and more. Excellent work. On a related note, at the Qualcomm Snapdragon Summit, Microsoft also unveiled a number of audio improvements for Windows on ARM that will eventually also make their way to Windows on x86. I’m not exactly an expert on audio, but from what I understand the Windows audio stack is robust and capable, and what Microsoft announced today will improve the stack even further. For instance, support for MIDI 2.0 is coming to Windows, with backwards compatibility for MIDI 1.0 devices and APIs, and Microsoft worked together with Yamaha and Qualcomm to develop a new USB Audio Class 2 Driver. In the company’s blog post, Microsoft explains that the current USB Audio Class 2 driver in Windows is geared towards consumer audio applications, and doesn’t fulfill the needs of professional audio engineers. This current driver does not support the standard professional software has standardised on – ASIO – forcing people to download custom, third-party kernel drivers to get this functionality. That’s not great for anybody, and as such they’re working on a new driver. The new driver will support the devices that our current USB Audio Class 2 driver supports, but will increase support for high-IO-count interfaces with an option for low-latency for musician scenarios. It will have an ASIO interface so all the existing DAWs on Windows can use it, and it will support the interface being used by Windows and the DAW application at the same time, like a few ASIO drivers do today. And, of course, it will handle power management events on the new CPUs. ↫ Pete Brown at the Dev Blogs The code for this driver will be published as open source on GitHub, so that anyone still opting to make a specialised driver can use Microsoft’s code to see how things are done. That’s a great move, and one that I think we’ll be seeing more often from Microsoft. This is great news for audio professionals using Windows.
It’s no secret that a default Windows installation is… Hefty. In more ways than one, Windows is a bit on the obese side of the spectrum, from taking up a lot of disk space, to requiring hefty system requirements (artificial or not), to coming with a lot of stuff preinstalled not everyone wants to have to deal with. As such, there’s a huge cottage industry of applications, scripts, modified installers, custom ISOs, and more, that try to slim Windows down to a more manageable size. As it turns out, even Microsoft itself wants in on this action. The company that develops and sells Windows also provides a Windows debloat script. Over on GitHub, Microsoft maintains a repository of scripts simplify setting up Windows as a development environment, and amid the collection of scripts we find RemoveDefaultApps.ps1, a PowerShell script to “Uninstall unnecessary applications that come with Windows out of the box”. The script is about two years old, and as such it includes a few applications no longer part of Windows, but looking through the list is a sad reminder of the kind of junk Windows comes with, most notably mobile casino games for children like Bubble Witch and March of Empires, but also other nonsense like the Mixed Reality Portal or Duolingo. It also removes something called “ActiproSoftwareLLC“, which are apparently a set of third-party, non-Microsoft UI controls for WPF? Which comes preinstalled with Windows sometimes? What is even happening over there? The entire set of scripts makes use of Chocolatey wrapped in Boxstarter, which is “a wrapper for Chocolatey and includes features like managing reboots for you”, because of course, the people at Microsoft working on Windows can’t be bothered to fix application management and required reboots themselves. Silly me, expecting Microsoft’s Windows developers to address these shortcomings internally instead of using third-party tools. The repository seems to be mostly defunct, but the fact it even exists in the first place is such a damning indictment of the state of Windows. People keep telling us Windows is fine, but if even Microsoft itself needs to resort to scripts and third-party tools to make it usable, I find it hard to take claims of Windows being fine seriously in any way, shape, or form.
We’ve pulled together all kinds of resources to create a comprehensive guide to installing and upgrading to Windows 11. This includes advice and some step-by-step instructions for turning on officially required features like your TPM and Secure Boot, as well as official and unofficial ways to skirt the system-requirement checks on “unsupported” PCs, because Microsoft is not your parent and therefore cannot tell you what to do. There are some changes in the 24H2 update that will keep you from running it on every ancient system that could run Windows 10, and there are new hardware requirements for some of the operating system’s new generative AI features. We’ve updated our guide with everything you need to know. ↫ Andrew Cunningham at Ars Technica In the before time, the things you needed to do to make Windows somewhat usable mostly came down to installing applications replicating features other operating systems had been enjoying for decades, but as time went on and Windows 10 came out, users now also had to deal with disabling a ton of telemetry, deleting preinstalled adware, dodge the various dark patterns around Edge, and more. You have wonder if it was all worth it, but alas, Windows 10 at least looked like Windows, if you squinted. With Windows 11, Microsoft really ramped up the steps users have to take to make it usable. There’s all of the above, but now you also have to deal with an ever-increasing number of ads, even more upsells and Edge dark patterns, even more data gathering, and the various hacks you have to employ to install it on perfectly fine and capable hardware. With Windows 10’s support ending next year, a lot of users are in a rough spot, since they can’t install Windows 11 without resorting to hacks, and they can’t keep using Windows 10 if they want to keep getting updates. And here comes 24H2, which makes it all even worse. Not only have various avenues to make Windows 11 installable on capable hardware been closed, it also piles on a whole bunch of “AI” garbage, and accompanying upsells and dark patterns, Windows users are going to have to deal with. Who doesn’t want Copilot regurgitating nonsense in their operating system’s search tool, or have Paint strongly suggest it will “improve” your quick doodle to illustrate something to a friend with that unique AI Style™ we all love and enjoy so much? Stay strong out there, Windows folks. Maybe it’ll get better. We’re rooting for you.
I finally seem to be recovering from a nasty flu that is now wreaking havoc all across my tiny Arctic town – better now than when we hit -40 I guess – so let’s talk about something that’s not going to recover because it actually just fucking died: Windows 7. For nearly everyone, support for Windows 7 ended on January 14th, 2020. However, if you were a business who needed more time to migrate off of it because your CEO didn’t listen to the begging and pleading IT department until a week before the deadline, Microsoft did have an option for you. Businesses could pay to get up to 3 years of extra security updates. This pushes the EOL date for Windows 7 to January 10th, 2023. Okay but that’s still nearly 2 years earlier than October 8th, 2024? ↫ The Cool Blog I’d like to solve the puzzle! It’s POSReady, isn’t it? Of course it is! Windows Embedded POSReady’s support finally ended a few days ago, and this means that for all intents and purposes, Windows 7 is well and truly dead. In case you happen to be a paleontologist, think of Windows Embedded POSReady adding an extra two years of support to Windows 7 as the mammoths who managed to survive on Wrangel until as late as only 4000 years ago. Windows 7 was one of the good ones, for sure, and all else being equal, I’d choose it over any of the releases that cam after. It feels like Windows 7 was the last release designed primarily for users of the Windows platform, whereas later releases were designed more to nickle and dime people with services, ads, and upsells that greatly cheapened the operating system. I doubt we’ll ever see such a return to form again, so Windows 7 might as well be the last truly beloved Windows release. If you’re still using Windows 7 – please don’t, unless you’re doing it for the retrocomputing thrill. I know Windows 8, 10, and 11 are scary, and as much as it pains me to say this, you’re better off with 10 or 11 at this point, if only for security concerns.
Windows 11 2024 Update, also known as version 24H2, is now publicly available. Microsoft announced the rollout alongside the new AI-powered features that are coming soon to Windows Insiders with Copilot+ PCs and Copilot upgrades. Unlike recent Windows 11 updates, version 24H2 is a “full operating system swap,” so updating to it will take more time than usual. What is going as usual is the way the update is being offered to users. Microsoft is gradually rolling out the update to “seekers” with Windows 11 versions 22H2 and 23H2. That means you need to go to the Settings app and manually request the update. ↫ Taras Buria at Neowin I’ve said it a few times before but I completely lost track of how Windows releases and updates work at this point. I thought this version and its features had been available for ages already, but apparently I was wrong, and it’s only being released now. For now, you can get it by opting in through Windows Update, while the update will be pushed to everyone later on. I really wish Microsoft would move to a simpler, more straightforward release model and cadence, but alas. Anyway, this version brings all the AI/ML CoPilot stuff, WiFi 7 support, improvements to File Explorer and the system tray, the addition of the sudo command, and more. The changes to Explorer are kind of hilarious to me, as Microsoft seems to have finally figured out labels are a good thing – the weird copy/cut/paste buttons in the context menu have labels now – but this enhanced context menu still has its own context menu. Explorer now also comes with support for more compression formats, which is a welcome change in 2007. To gain access to the new sudo command, go to Settings > System > For developers and enable the option. For the rest, this isn’t a very impactful release, and will do little to convince the much larger Windows 10 userbase to switch to Windows 11, something that’s going to be a real problem for Microsoft in the coming year.
As part of our vision for simplified Windows management from the cloud, Microsoft has announced deprecation of Windows Server Update Services (WSUS). Specifically, this means that we are no longer investing in new capabilities, nor are we accepting new feature requests for WSUS. However, we are preserving current functionality and will continue to publish updates through the WSUS channel. We will also support any content already published through the WSUS channel. ↫ Nir Froimovici What an odd feature to deprecate. Anyone with a large enough fleet of machines probably makes use of Windows Server Update Services, as it adds some much-needed centralised control to the downloading and deployment of Windows updates, so you can do localised partial rollouts for testing, which, as the CrowdStrike debacle showed us once more, is quite important. WSUS also happens to be a local tool, that is set up and run locally, instead of in the cloud, and that’s where we get to the real reason WSUS is being deprecated. Microsoft is advising IT managers who use WSUS to switch to Microsoft’s alternatives, like Windows Autopatch, Microsoft Intune, and Azure Update Manager. These all happen to run in the cloud, giving up that control WSUS provided by running locally, and they’re not free either – they’re subscription services, of course. I mean, technically WSUS isn’t free either as it’s part of Windows Server, but these cloud services come on top of the cost of Windows Server itself. Nobody escapes the relentless march of subscription costs.
Are you developing a game for Windows, and are you working on input handling? At first, it could reasonably be assumed that mouse and keyboard should be the simplest parts of this to deal with, but in reality, they are not – at least if we are talking about Windows. In fact, several extremely popular AAA games ship with severe mouse input issues when specific high-end mice are used, and some popular engines have issues that are still extant. In this article we’ll explore a few reasons why that is the case, and end up with a solution that works but is still unsatisfactory. I assume that there is a whole other level of complexity involved in properly dealing with accessories like steering wheels, flight sticks, and so on in simulators, but so far I never had the pleasure of working on a game that required this, and this article will not cover those types of input devices. ↫ Peter ‘Durante’ Thoman So, what is the problem? Basically, there are two ways to handle mouse input in Windows: if you use batched raw input processing, which is pretty much a requirement, you need to also choose whether or not to keep legacy input enabled. If you keep it enabled, the legacy input will add so much junk to your message queue it can negatively impact the performance of your game quite harshly. If you disable it, however, something really fun happens: you can no longer move the game window… Because the Windows UI uses legacy input. Thoman has a solution that he and his company uses, and he considers it an ugly hack, but they just don’t know of a better way to solve this issue. Thoman keeps legacy input enabled, but just limits the number of message queue events per frame that are being processed (they limit it to 5). As far as they can tell, this doesn’t seem to have any negative side effects, but it’s clearly a bit of an ugly hack that shouldn’t be necessary. I found this a rather interesting niche topic, and I wonder how many people have struggled with this before, and what kind of other solutions exist.
Last week, Julio Merino published an article I wish someone had written ages ago: a fair, unbiased look at the differences between Windows NT in its original form and UNIX roughly at the time of the initial releases of Windows NT. Merino, who has a long career in tech and has made contributions to several operating systems, does a great job cutting through the fanboyism and decades’ worth of conventional wisdom, arriving at the following conclusion that I think many of us here will share even without diving into the great depth of his article. NT was groundbreaking technology when it launched. As I presented above, many of the features we take for granted today in systems design were present in NT since its inception, whereas almost all other Unix systems had to gain those features slowly over time. As a result, such features don’t always integrate seamlessly with Unix philosophies. Today, however, it’s not clear to me that NT is truly “more advanced” than, say, Linux or FreeBSD. It is true that NT had more solid design principles at the onset and more features that its contemporary operating systems, but nowadays… the differences are blurry. Yes, NT is advanced, but not significantly more so than modern Unixes. What I find disappointing is that, even though NT has all these solid design principles in place… bloat in the UI doesn’t let the design shine through. The sluggishness of the OS even on super-powerful machines is painful to witness and might even lead to the demise of this OS. ↫ Julio Merino You should definitely read the whole thing, and not just the conclusion, as it will give you some great insight into some of the differences between the two approaches, and how the UNIX and Windows NT worlds learned from each other and grew together. It’s well-written, easy to read, and contains a ton of information and details about especially Windows NT most people are probably not aware of. Reading through the article helped my crystallise a set of thoughts I’ve been having about the future of Windows, and in particular, the future of Windows NT as a short-hand for the kernel, lower-level frameworks, and everything else below the graphical layer. I think there’s a major change coming to Windows NT, something so big and unheard of it’s going to be the most defining moment in Windows NT history since its very first release. There’s a few facts that lie at the root of my conclusion. First, ever since the very beginning, Windows NT has been developed in roughly the same way: behind closed doors by a group of specialists inside Microsoft, and every now and then we got a massive dump of new code in the form of a major Windows release. It’s only recently that Microsoft has started taking a more rolling release approach to Windows development, with smaller updates peppered throughout the year, with different release branches users can subscribe to. Second, despite many of us almost equating Microsoft with Windows – or perhaps with Windows and Office – the reality of it is that Windows hasn’t been the primary driver for revenue for Microsoft for a while now. In Microsoft’s fiscal year of 2023, Windows made up just 10% of the company’s total revenue that year, which amounts to $22 billion out of a total revenue of $211 billion. Azure alone is almost four times as large at $80 billion, and even LinkedIn – yes, LinkedIn – is good for $15 billion in revenue, making Windows only about a third more profitable than the most soulless social network in human history. Third, despite Windows’ decreasing revenue share, the operating system is becoming ever larger in scope. Not only does it need to cover the literally infinite possible combinations of x86 hardware in both the desktop/laptop and server space, it now also needs to cover what is surely going to be a growing market for ARM hardware, starting with laptops, but surely expanding to desktops and servers, too. Microsoft needs to foot the bill for all of this development, and for how much longer can the company justify spending an inordinate amount of money on a massive army of Windows developers, when the revenue they bring in is such a small part of the company, and a part that’s decreasing every year, to boot? Fourth, the competition Windows faces is surprisingly strong. Not only are macOS, Chrome OS, and even the Linux desktop doing better than ever, mobile computing is also competing with Windows, and that’s a space Microsoft is simply not present in at all. This is especially pressing in the developing world, where often people’s first and only computing experience is mobile – through Android, mostly – and Microsoft and Windows simply don’t play any role. Given these facts, there’s only one reasonable course of action for Microsoft. I think the company is going to address all of these issues by releasing large parts of Windows NT as open source. I base this on a gut feeling bourne out of the above facts, and not on any form of insider information, and there is a 99.9% chance that I am wholly, completely, and utterly wrong. Still, deep down, I feel like releasing Windows as open source makes the most sense considering the challenges the operating system and its parent company are facing. You and I are going to witness Windows NT’s source code being published as open source on GitHub by Microsoft within 5-7 years, accompanied by an open governance model wherein contributions are welcomed and encouraged. Even if such a step will not be taken by Microsoft, I am convinced that, in the future, when today’s employees and executives write and publish their memoirs, it will contain a lot of discourse on the very serious consideration that took place within the company in the past to do so. You can quote me on this. And then laugh at me when it inevitable turns out I’m wrong.
The consequences of the massive CrowdStrike failure for Windows are slowly coming into focus. Microsoft recently held a security summit with some of the large security software vendors, and the company is making several rather vague promises about what it’s going to do to make sure an incident like CrowdStrike never happens again. A key part of these promises is the realisation that security software really shouldn’t be running in the kernel, and to make that possible, MIcrosoft will need to add several security features in userspace. Both our customers and ecosystem partners have called on Microsoft to provide additional security capabilities outside of kernel mode which, along with SDP, can be used to create highly available security solutions. At the summit, Microsoft and partners discussed the requirements and key challenges in creating a new platform which can meet the needs of security vendors. ↫ David Weston at the Windows Blogs This is easier said than done, as moving things from kernel to userspace tends to incur a performance penalty, as well as making it harder to detect software with bad intentions early enough. Microsoft is going to have do some serious reworking of both the kernel and userspace when it comes to security before it’ll be able to completely close up the kernel and make it impossible for security software to mess around in kernelspace. Microsoft doesn’t offer any concrete steps or measures quite yet, so we’ll have to wait and see just how far they’re willing to go. There’s really not much else to say at this point – empty platitudes, vague promises, and tons of marketing speak don’t secure an operating system, after all.
The MAS project, a group of people working on an open source Windows and Office activator featuring HWID, Ohook, KMS38, and Online KMS activation methods, discovered quite a neat and interesting bug in the code responsible for licensing in Windows. In our ongoing work to bypass Windows licensing checks, we occasionally stumble upon bugs that we choose to keep secret. This decision allows us to preserve potential future activation methods by avoiding bug fixes, while also giving us valuable tools for testing or developing new methods. One such discovery, which we’ve named “Keyhole”, turned out to be a highly effective DRM bypass. It gave users the ability to license any Microsoft Store app or any modern Windows edition with ease. ↫ The MAS project There were quite a number of roadblocks to overcome here, such as Microsoft’s code obfuscation tool, called Warbird, which was already done by someone else, after which they could really start digging into the code responsible for handling Microsoft Store and Windows licenses. They then discovered that circumventing the license blocks that hold the actual license information was dead simple – every license block is followed by a signature block covering all the data that comes before it. It turns out that messing with the licensing system was as simple as… Adding data after that signature block. That was it. As it turns out, data after the signature block isnt checked at all… and it can even override data that came before it. Whenever two blocks of the same type are stored together, the last one overrides all the others before it. So, if we want to change any license data, we can just make a block for it and put it after the signature block! This method lets us make licenses for anything sold on the Microsoft Store, including Windows, from any other Microsoft Store license. And since there are so many free apps with licenses, we now had the ability to make as many as we wanted for whatever we wanted. This bug essentially punched a hole straight through CLiP’s DRM, so we decided to name it “Keyhole”. ↫ The MAS project This opened up a massive hole in Microsoft’s licensing tools and DRM, and allowed the MAS project to pretty much do whatever they wanted. They could even do things that used to be impossible, such as “activating Enterprise LTSC with a digital license, or even activating a legitimate KMS server with a generic key”. Sadly, the fun didn’t last long, as right around the same time, Cisco TALOS discovered this same bug, reported it to Microsoft, who then proceeded to fix it. the MAS project also discovered something else incredibly interesting, something which further highlights the seemingly terrible lack of quality assurance and code quality inside Microsoft. They noted that the kernel driver responsible for licensing looked incredibly shoddy, full of what they call “odd choices and compromises”. In fact, they soon realised that they had seen this code before: it was a straight-up copy/paste job from the licensing DRM found on the Xbox One. And there’s the same bug that’s in CLiP, but in Xbox code. In fact, we weren’t too surprised to find this, as we found that almost all of CLiP, from the XML format of the licenses to the TLV-based license blocks, is copy-pasted straight from the Xbox One’s DRM system. ↫ The MAS project Code reuse obviously makes sense in some situations, but the fact Microsoft even copy/pasted entire sections of code from the Xbox One straight into the Windows kernel as a kernel driver seems rather irresponsible. Shouldn’t code added to the Windows kernel and installed on billions of devices be vetted a little better than this?
We are proud to announce that version 1.6 of the Windows App SDK is now available! Whether you’re looking for the incredible performance boost and footprint reduction of Native AOT support, enhancements for deploying your package, or quality of life improvements for controls like PipsPager and RatingControl, WinAppSDK 1.6 offers a raft of new features, performance boosts and structural changes that enable you to make your native Windows apps better than ever before. The Windows App SDK provides a rich set of APIs and tools to help you build beautiful and fast Windows desktop apps, including any C++ Win32 or C# .NET app. You can harness the modern controls and polish of WinUI 3, which ships as part of the WinAppSDK, or if you have an existing app that uses Win32 such as WPF, you can take advantage of only the parts of the SDK that you need. The WinAppSDK also stays up to date with frequent and OS-independent releases so your app can always access the latest innovations. ↫ Duncan MacMichael at the Windows Blogs There’s actually quite a few nice and welcome updates in version 1.6, most prominently the aforementioned Native AOT. This stands for native Ahead-Of-Time (AOT) compilation, and, as the name suggests, compiles your application ahead of time for the architecture it’s going to run on. This reduces the size of the application package and greatly improves the startup time. Another welcome improvement is that the embedded Edge WebView2 SDK is no longer hard-coded, but a NuGet reference, so developers can choose to use any version of the webview they want, preferably the newest version. There’s a lot more in here, so if you’re a Windows developer trying to use the latest set of tools from Microsoft – this one’s for you.
Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all. Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer? ↫ Maya Posch I like the Windows Control Panel, and approaches like it. They’re easy to use, they allow you to have multiple settings panels open at the same time, they can be easily extended by third parties – for better or worse – and they make it easy to find things with colourful, recognisable icons. The current Windows Settings application is a massive regression, as is the change from macOS’ iconic and incredibly user-friendly System Preferences to the new System Settings application. KDE also moved to a sidebar design I’m not a fan of, and GNOME has had a similar unpleasant, monochrome sidebar, too. It’s not big enough of an issue to make a huge deal out of, and the KDE sidebar settings application is at least marginally usable, but I really do wish someone would have the guts to undo this general trend, because it’s getting harder and harder to find the settings I want at a glance, and not allowing you to open multiple settings panels at the same time is a huge loss. And a small note: this article uses the Windows 3.x Control Panel as its starting point, but both Windows 1.x and 2.x had a Control Panel as well. It’s an old concept, for sure.
Despite reports to the contrary, Microsoft has stated that Recall will not be uninstallable after all. The feature did show up in the Windows Features dialog, but apparently, that was a bug. “We are aware of an issue where Recall is incorrectly listed as an option under the ‘Turn Windows features on or off’ dialog in Control Panel,” says Windows senior product manager Brandon LeBlanc in a statement to The Verge. “This will be fixed in an upcoming update.” ↫ Tom Warren at The Verge The company is not committing to saying it will not ever be uninstallable, probably because the European Union might have something to say about that. At the very least you’ll be able to turn Recall off, but it seems actually removing it might not be possible for a while.
After spending a few months in complete radio silence about Recall, Microsoft finally emerged with a statement that its controversial feature will make a comeback later this year, in October, to be more precise. In preparation for the release, Microsoft quietly made a big change in Windows 11 version 24H2 on Copilot+ PCs, namely, adding the ability to uninstall Recall (via Deskmodder). ↫ Taras Buria Recall, a half-baked security nightmare of a feature trying to catch the AI hype train, uninstallable using a Windows 95-era Windows Features dialog, is a better summary of the current state of Windows than anything anyone could put into words. Nobody cares about Windows, least of all Microsoft, and I have the sneaking suspicion that could Microsoft get away with it, they would put the source code to large parts of the Windows platform on GitHub to “outsource” its development to the community and fire even more employees. Is anyone excited about new Windows releases? Is anyone looking forward to new features? Because it feels like every new releases, every new feature, just causes more dread, more exasperation, more what is it this time? than genuine excitement and happiness. Everything coming out of Microsoft when it comes to Windows ever since the release of Windows 11 is just… Sadness.