Microsoft released a new policy in April 2026 that lets you remove the Microsoft Copilot consumer app from managed Windows 11 devices using Group Policy or Microsoft Intune. The policy is called RemoveMicrosoftCopilotApp and is part of the April 2026 Windows security update. Alternatively, you can uninstall Copilot with PowerShell or Intune.

Source

Microsoft released KB5079387 to the Release Preview Channel, covering Windows 11 versions 24H2 (build 26100.8106) and 25H2 (build 26200.8106). The update is a non-security preview of the upcoming monthly quality update and delivers improvements across security management, Group Policy, Remote Desktop, File Explorer, printing compatibility, and display handling. Some features roll out gradually; others are available immediately upon installation.

Source

Starting with the February 2026 preview updates for Windows 11 24H2 and 25H2, Microsoft has made Group Policy Preferences (GPP) debug logging configurable directly in Local Group Policy via gpedit.msc. Previously, these settings were primarily managed through domain-based Group Policy Objects (GPOs); enabling them via Local Group Policy typically required manually copying the GroupPolicyPreferences .admx/.adml templates into the local PolicyDefinitions store. You can now enable per-CSE (client-side extension) event logging and file-based tracing on individual client devices without a domain controller.

Source

Microsoft released version 2602 of the Security Baseline for Windows Server 2025, approximately eight months after the previous version 2506. The update adds 10 new Group Policy settings and removes one, focusing on NTLM auditing, printer security, and authentication hardening. Most of the new policies were already included in the Windows 11 Security Baselines since 2022 and are now being backported to the server edition. The baseline is available as part of the Microsoft Security Compliance Toolkit 1.0.

Source