Starting in mid-April 2026, Microsoft allows you to upgrade Windows Server 2019 and Windows Server 2022 directly to Windows Server 2025 through Windows Update — no installation media (ISO file or DVD) required. The process is called an in-place upgrade, meaning your installed applications, settings, and server roles remain unchanged while only the operating system version changes. This article covers the prerequisites, the exact registry change you need to make, the step-by-step procedure for both the graphical desktop and the text-only Server Core installation, and the important cases where you must not use this method.

Source

Windows 365 Reserve is Microsoft's short-term Cloud PC solution for users whose primary physical device becomes unavailable. Since its general availability in December 2025, only IT admins could provision these Cloud PCs through Microsoft Intune. A public preview announced on April 28, 2026 adds an optional setting that lets users start the provisioning process themselves from the Windows App, without waiting for IT intervention.

Source

Microsoft announced agentic features for Copilot in Outlook, expanding from single-task assistance to continuous, multi-step automation of email and calendar work. These features let Copilot act independently on your behalf — prioritizing messages, drafting follow-ups, responding to meeting invites, and resolving scheduling conflicts. Access is currently limited to Microsoft's Frontier early-access program and requires a Microsoft 365 Copilot license. This article explains what the new features do, what your infrastructure must look like, and how you enable access as an administrator.

Source

Windows 11 is getting a new recovery feature called point-in-time restore, currently available as a preview in the Canary Insider channel (build 29576). It lets you roll back an entire PC—including the operating system, apps, settings, and local files—to a snapshot taken within the last 72 hours. Unlike the older System Restore feature, point-in-time restore captures the full system state on a schedule and is designed to be managed remotely in the future. This article covers how it works, how to configure it, and where its current limitations lie.

Source

Microsoft released a new policy in April 2026 that lets you remove the Microsoft Copilot consumer app from managed Windows 11 devices using Group Policy or Microsoft Intune. The policy is called RemoveMicrosoftCopilotApp and is part of the April 2026 Windows security update. Alternatively, you can uninstall Copilot with PowerShell or Intune.

Source

Microsoft is rolling out several long-requested changes to the Windows Update experience in Windows 11. You can now skip updates during initial device setup, pause them for up to 35 days with no limit on how many times you extend the pause, and restart or shut down your PC without being forced to install a pending update. Driver, .NET (Microsoft's application runtime framework), and firmware updates will be bundled into a single monthly restart cycle. These changes are currently rolling out to Windows Insiders in the Dev and Experimental channels.

Source

Microsoft has released LiteBox, an open-source Library Operating System (Library OS) designed to strengthen security through application sandboxing. LiteBox minimizes the attack surface by restricting application access to system resources. While the core relies on Rust, the project includes specific low-level components written in C and Assembly. Additionally, LiteBox enables running Linux applications on Windows.

Source

Anthropic has spent the last year turning Claude into the darling of power coders just as AI usage has exploded across companies, workflows, and entire industries, pushing demand for agentic coding tools to unprecedented levels. In this environment of runaway adoption, a brutal miscalculation on compute and capacity is now blowing Anthropic’s strategy up in public. In a rare, sharply critical video, AI YouTuber Matthew Berman explains how opaque quotas, shifting policies, and confusing restrictions are undermining Anthropic’s once brilliant flywheel and handing OpenAI an effortless PR win. In this post, I summarize his critique, explain why I stopped trusting Anthropic for professional work a while back, and outline why building provider-agnostic agents is the only sane strategy in this unstable industry.

Source

Microsoft has released a new version of the Logstash output plugin for Microsoft Sentinel in public preview. The plugin replaces the older authentication method—a shared workspace key—with Microsoft Entra ID app-based authentication and routes data through Azure Monitor's Data Collection Rules. This article explains how the plugin works, what you need to set it up, and its current limitations.

Source

Microsoft announced on April 15, 2026, a second paid security update period—called "Period 2"—for Exchange Server 2016 and 2019. This extends coverage from May through October 2026 for organizations unable to complete their migration to Exchange Server Subscription Edition (SE). The program covers only security-related patches and requires a separate purchase via a Microsoft Enterprise Agreement. This article explains what the program includes, who qualifies, and the practical limitations.

Source

The April 2026 Patch Tuesday updates add anti-phishing protection to the Windows Remote Desktop client (mstsc.exe). The change — assigned CVE-2026-26151 — means that opening an .rdp file now triggers a security dialog that lists all requested resource-sharing settings, each disabled by default. Files without a verifiable publisher show a red "Caution: Unknown remote connection" banner. The update affects Windows 10 and Windows 11 versions 23H2 and later.

Source

Rufus is a free, open-source tool that creates bootable USB drives for installing Windows. Version 4.14 Beta, released on April 21, 2026, adds a new option to disable or remove preinstalled Microsoft apps such as Copilot, Teams, and Outlook during a fresh Windows installation. It also introduces a fully silent, unattended installation mode and an option to deploy a Secure Boot policy file at install time. This article explains what these new features do, how to use them, and where to be careful.

Source

Remote Desktop Protocol (RDP) has supported extensibility through virtual channels for decades, but the modern approach—dynamic virtual channels (DVCs)—is what you need today, especially in cloud environments like Azure Virtual Desktop and Windows 365. This article explains what DVCs are, how they differ from the older static model, how a plugin is structured and registered, and how to get started with Microsoft's newly released sample repository.

Source

Azure Migrate, Microsoft's cloud migration hub, gained a new capability in April 2026: automated, agentless discovery and assessment of SMB and NFS file shares hosted on Windows and Linux servers. The feature extends Azure Migrate's existing workload coverage — which already included servers, databases, and web apps — to file shares. It recommends which of Microsoft's two Azure Files storage tiers is appropriate for each share and estimates monthly costs. Previously, file share migration planning relied on manual scripts or spreadsheets. This article explains how the feature works, what you need to use it, and where its limitations lie.

Source

At FabCon and SQLCon 2026 in Atlanta, Microsoft announced additions to Microsoft Fabric, its integrated data and analytics platform. The highlights include the Database Hub—a unified management console for major Microsoft database services—Fabric IQ, a new semantic layer that gives AI tools a structured understanding of business data, and a series of updates to OneLake, the shared data storage layer that underpins Fabric. This article provides simple introductions to OneLake, Fabric, Database Hub, and Fabric IQ, and outlines other new features announced in Atlanta.

Source

Microsoft released new security and governance controls for Microsoft 365 Copilot, introducing Data Loss Prevention (DLP) policies that inspect prompts before Copilot processes them, protecting web searches from leaking sensitive data, and enabling bulk remediation of overshared SharePoint files. The Copilot Dashboard gained expanded access, user satisfaction tracking, and CSV export. This article explains what each feature does technically, how to configure the relevant policies, and where the current limitations are.

Source

Microsoft introduced new SCIM 2.0 APIs for Microsoft Entra. The APIs now support bidirectional provisioning, which allows external identity systems to provision users and groups directly into Entra. SCIM (System for Cross-domain Identity Management) is an open internet standard that defines a common HTTP-based protocol for managing user accounts across different systems. Previously, Entra could only push user data to other applications via SCIM. Now, it also accepts incoming SCIM requests. The APIs follow a consumption-based pricing model, require an Azure subscription, and are generally available in the Microsoft public cloud.

Source

Microsoft's Conditional Access Optimization Agent uses AI to continuously scan your Microsoft Entra ID environment for policy gaps and recommend remediations. It requires a Microsoft Entra ID P1 license and a Microsoft Security Copilot subscription. Several new features are in public preview, including context-aware recommendations, deep gap analysis across all policies, and phased policy rollouts. This article explains what Conditional Access policies are, how the agent works, what you need to run it, and where its limitations lie.

Source

Microsoft has released a new unified monitoring and reporting platform for Windows 365 Cloud PCs into public preview in April 2026. It is built into the Microsoft Intune admin center and consolidates health, performance, and configuration data that was previously scattered across multiple locations. This article explains what the platform monitors, how you access it, and where its current limitations lie.

Source