At CES 2025 in Las Vegas this week, Microsoft’s head of Windows devices, Pavan Davuluri, announced that Phi Silica, a Small Language Model (SLM), will be integrated into the Windows runtime as part of Copilot in the first quarter of 2025 to provide offline use and performance boosts whilst also paving the way for additional features and privacy enhancements made possible through local processing.
What’s a Language Model?
Before diving into the details, it’s important to understand what a language model is. Language models are designed to comprehend, generate, and perform human-like language tasks, having been trained on vast amounts of data. However, not all language models are the same – they come in different sizes, large and small, each with unique strengths and weaknesses tailored to specific requirements.
The main differences between small and large language models lie in their size, capabilities, and resource requirements.
LLMs are ideal for applications needing high accuracy and versatility, such as advanced search, chatbots and content generation.
SLMs are generally more suited for specific, lightweight applications, like mobile apps and edge devices and laptops such which have local NPUs like Copilot+ PCs.
SLMs are coming to Windows 11
The Phi Silica SLM, which was first showcased at Microsoft Build in Seattle in May 2024, is designed to complement the Large Language Model (LLM) that runs in the cloud allowing specific AI workloads and processing to be run locally or handed over and run in parallel with the cloud based LLMs.
Small, but mighty, on-device SLM
Microsoft
Why? Well, whilst LLMs are typically faster and more accurate, they require cloud-based operations and can be costly to run and inflict subscription fees (think Microsoft 365 Copilot). SLMs, on the other hand, can run many and other AI-driven applications and tasks locally on PCs, ensuring privacy and preventing data leakage to the cloud. However, SLMs are less sophisticated and require dedicated Neural Processing Units (NPUs) to provide these local AI capabilities. Hello Copilot+PCs.
Copilot+ PCs and AI PCs
The NPUs (Neural Processing Units) in Copilot+ PCs are designed to be highly power-efficient, capable of performing trillions of operations per second (TOPS) while consuming very little power. Specifically, on devices with Snapdragon X Elite processors, the Phi Silica model’s context processing uses only 4.8 milliwatt-hours (mWh) of energy on the NPU.
Additionally, the token iterator stage of the model shows a 56% improvement in power consumption compared to running on the CPU. This efficiency allows Phi Silica to operate without overloading the CPU and GPU, ensuring smooth performance and minimal impact on other applications.
Microsoft said that features like Windows Recall, Click-to-Do and other AI functionalities will soon be able to leverage these SLMs. Phi Silica uses a 3.3 billion parameter model, fine-tuned by Microsoft for both accuracy and speed and will. Improve performance, enhance privacy and enable more “offline” usage.
In this review I look at the Surface Laptop 7 which I’ve been using daily for the past 3 weeks. We look at asterics, performance, battery life and more. It’s the first Copilot+PC from Microsoft which is set to yet again set the standards on the future of AI powered Windows devices!
I first got my hands on one of these devices last month at Microsoft Ignite 2024 in Chicago, where I had the pleasure to spend time with the global Surface Team in the community hub in the middle of the Ignite Expo Hall.
On show were the very latest Surface Copilot + PCs which feature the Qualcomm Snapdragon X powered devices that deliver over 45 Trillion Operations per Second (TOPS) of NPU power.
As part of the demo showcase, the devices were running the latest “insider” builds of Windows 11 where new innovative AI features within Windows, such as Recall and Click-To-Do, as well as updates to apps from leading developers including Adobe who were showcasing the next wave of innovation that is possible by harnessing the power of local NPUs on these new Copilot + PCs.
My History with Surface
I’ve been a fan of Surface many years, having owned, borrowed, or used numerous models since we transitioned to Surface around the Surface Pro 4 era. I even had a Surface Pro v1 and a Surface RT with Arm chipset running Windows 8 back in 2012 – devices I still have today in my “museum”.
As a Microsoft MVP, I’m also lucky to get access to demo and trial devices through the year which has given me some great perspectives of the continual evolution, advancements and innovation that Surface brings, not only to end user compute, but to the development and innovation of Windows.
Until recently, my daily device has been the Surface Pro 9 5G. This is a Qualcomm powered ARM device running Windows on Arm (WoA). I also have a smaller (Intel powered) Laptop Go, which I use when traveling light!
My latest laptop, and the focus of todays’ blog is the 13.8″ Surface Laptop 7. This is the latest generation of Copilot+ PCs. It is powered by the latest Qualcomm Snapdragon X Elite Arm processor and it truly a thing of beauty!
Not only does Surface Laptop 7 look absolutely gorgeous, with its premium sleek black finish, but the ‘instant on’ feature and Windows Hello ESS (which stands for Enhanced Sign-in Security) means that I am signed in instantly – no delay, and no “looking for you”. You click the button; the device wakes up and you are in.
Windows Hello ESS uses specialized hardware and software components, including Virtualization Based Security (VBS) and Trusted Platform Module 2.0 (TPM 2.0), to isolate and protect biometric data. This ensures that biometric data, like facial recognition or fingerprint information, is securely stored and processed
What are Copilot+ PCs?
The Qualcomm Snapdragon powered Copilot+ PC is designed to deliver an unparalleled user experience, combining cutting-edge technology with seamless performance and truly all day battery life combined with whisper quiet operation. These are powered by Qualcomm Snapdragon Plus and Elite processors (Arm processors) and run Windows on ARM as the core Windows Operating System.
Windows has traditionally run on machines that are powered by x86 / x64 processors, but more recently, also runs on devices powered by Arm processors. That is the case for the current generation of Copilot+PCs like Laptop 7 and Surface Pro 11.
Arm-powered devices are particularly interesting because the power-frugal nature of the Arm architecture enables these devices to offer longer battery life while delivering great performance. Arm Systems on Chip (SoC) often include other key features such as a powerful CPU, GPU, Wi-Fi & mobile data networks, as well as Neural Processor Units (NPUs) for accelerating AI workloads.
For most users, the differences between Windows on Arm and Windows running in x86/x64 are invisible other than the performance and efficiency improvements Arm based devices can bring to Windows.
The Laptop 7 I have been using is the 13.8 inch device with 32GB RAM and 1TB SSD.
Surface Laptop 7: The Out of Box Experience
From the moment I unboxed the device it gleamed with the high quality, premium elegance that is Surface. People often ask me what it is about Surface that I love compared to “other” brands.
Surface Laptop 7 Copilot+ PC
You only have to hold and feel a Surface to fall in love with it. It is truly elegant and premium device in every way, but more importantly, Surface is designed to showcase the very best of the Windows and is always the innovator and leader upon which other OEMs are “inspired” to copy. From touch screen, 2-in-1,to pen and ink and Windows Hello, these features were all born with Surface. Copilot+ PCs are no different. The stage is set for the future of AI powered devices.
Next there is the sustainability factor. Surface is built from more recycled materials with the enclosure being constructed of >67.2% recycled materials, including 100% recycled aluminum. Surface Laptop is another step toward Microsoft’s goal to be carbon negative, water positive, and achieve zero waste by 2030.
Surface Laptop 7: What’s under the hood?
This is a Surface through and through. High Quality, premium finish, and fantastically put together with the all the best hardware to make Windows shine.
Horse Power – Unlike the Surface Laptop 1-6, Laptop 7 is powered by ARM processors. Microsoft offer a choice of Snapdragon X Plus (10-core) or Snapdragon X Elite (12-core). The 15-inch version by comparison only offers the Snapdragon X Elite.
Connectivity: Surface Laptop 7 ships with the latest Wi-Fi 7 and Bluetooth 5.4, along with two USB-C Thunderbolt 4 ports, and and “old-skool” USB-A. There’s also a 3.5mm headset jack, a microSDXC card slot, and the standard Surface-Connect Port too! The device can be charged via the Surface Port and/or USB-C.
Cameras and Video: The “web-cam2 is a 1080p Full HD camera for your Teams or Webex calls and also incorporates the Windows Hello Biometric / Facial security. Video and images are enhanced by Windows Studio Effects powered by the Surface Laptop 7’s local NPU.
Audio: On board we get the usual Dual Studio Mics with AI powered voice focus, OmniSonic stereo speakers with Dolby Atmos® and support for Bluetooth LE Audio
Display – The screen on the 13.8″ Surface Laptop 7 supports a resolution of 2304 x 1536 with contrast ratio of 1400:1 and refresh rate of 120Hz. The screen is fully multi-point touch enabled and is finished with a coating of Corning’s Gorilla Glass 5. The is no Surface Pen support (but to be honest, the form factor doesn’t really lend itself to pen and ink).
Keyboard: Surface Laptop gives you a full size keyboard. The is plenty of travel in the keys and decent traction. The keys also have back-lighting with different levels of brightness. You also get a sizeable trackpad. You even get the Copilot Key 🙂
Surface Laptop 7: Secure from Chip to Cloud
Surface Laptop 7 (along with Surface Pro 11), powered by Qualcomm Snapdragon, are also examples of Microsoft’s commitment to robust security through their chip-to-cloud approach.
Central to this security architecture is the Microsoft Pluton TPM 2.0, which provides a hardware-based root of trust, ensuring that sensitive data, such as encryption keys and user credentials, are securely stored and protected from tampering. This is complemented by Windows 11’s Secured-Core PC capabilities, which integrate hardware, firmware, and software protections to defend against sophisticated cyber threats and attacks.
Additionally, these devices feature Windows Hello face authentication with Enhanced Sign-in Security, offering seamless and secure biometric authentication. This leverages advanced facial recognition algorithms and hardware-level security to provide a fast and secure login experience.
Finally, Microsoft Defender is fully integrated at hardware and Operating System level to provide comprehensive enterprise protection against malware, viruses, and other cyber threats, further enhancing identity and privacy protection.
These features make Surface Laptop 7 and Surface Pro 11 secure, reliable choices for users and organisations who need the highest levels of protection for their data and privacy.
App Support – Will my Apps Work with ARM?
In short yes (almost certainly).
Application compatibility with Windows on Arm has always been a concern and I have seen many people, and organisations avoid “non Intel” Windows devices for fear their app will not work.
Outside the original Surface RT, I have been using ARM based Surface devices since the Surface Pro X. Today, I am yet to encountered any apps that do not work on my ARM powered devices. Every applications I use (including some from Adobe) now have native ARM versions of their apps.
Prism Emulation works as a software simulator, just-in-time compiling blocks of x86 instructions into Arm64 instructions with optimisations to improve performance of the emitted Arm64 code.
For any app you encounter for where there is not an ARM-native app, Windows 11 leverages Microsoft’s PRISM emulator. This provides x86 and x64 emulation to run non-ARM native apps in emulation mode, which the Surface Laptop 7 runs perfectly well. The benefit of using (and having) native ARM applications however is to allow users to fully benefit from the power and battery efficiency that these devices offer over the intel variants.
Microsoft App Assure is a service designed to help organisations ensure their applications run smoothly on Windows 11, including those on ARM-based devices. With App Assure, Microsoft offers expert support to resolve any compatibility issues, providing peace of mind when transitioning or updating applications to run on ARM architecture. This support is crucial for organisations embracing the efficiency and performance benefits of Windows on ARM.
Printers and Peripherals – will they work on ARM?
In short – most will.
When considering a transition to Windows on ARM devices, one of the primary concerns is whether printers and other peripherals will work seamlessly. Personally I have no issues at all. I use a Surface Dock, blue tooth keyboard and mouse, USB external webcam and an Epson Ink Jet Printer. Most modern peripherals will work without issues.
Printers (well older ones) can be a little more challenging due to lack of driver support, but Microsoft is actively working to improve this by developing more ‘Class drivers’ for legacy hardware.
Whilst the situation is improving, organisations with older or specialised hardware (we see a lot in education and manufacturing) may find they need to still with Intel variants for now, or at least check compatibility before moving to Windows on ARM.
Microsoft's approach of replacing legacy drivers with "class drivers" is part of their broader strategy to simplify and standardise driver support across Windows devices, including ARM-based systems. Class drivers are intermediate drivers that provide a simple interface between a vendor-written "minidriver" and the Windows operating system. This means that instead of each hardware manufacturer creating and maintaining their own drivers, they can use a standardised class driver provided by Microsoft.
Better Together – Windows 11 and Copilot+PCs
Windows 24H2 (along with some new Windows features that are currently in Preview) are set to revolutionise the user experience with a suite of new AI-powered tools designed to enhance productivity and streamline tasks.
Among the most anticipated features is Windows Recall, which allows users to search for files, emails, and web pages by describing what they remember, rather than relying on keywords. This feature, powered by multiple AI models running locally on the device, aims to significantly reduce the time spent searching for information.
Windows Recall (Preview)
Click to Do enables quick actions with text or images found in Recall’s snapshots (or from any screen), making it easier to copy text or share images. This is similar to Google Circle-To-Do feature you might have on your smart phone!
Another exciting addition is the Windows Copilot Runtime, which integrates over 40 different AI models, including a Small Language Model (SLM) and an Optical Character Recogniser. These enable the new tools like Click-To-Do along with new Windows features such as Live Captions, Auto Super Resolution, Generative Fill and Windows Studio Effects.
These all work locally (using the NPU) without sending data to the cloud. These tools not only enhance accessibility and visual quality but also provide a seamless and efficient user experience.
This prevents the CPU getting overloaded and slowing down your device, making things like Teams call with video filters applied, much less processor intensive and better quality.
Surface Laptop 7: Value for Money
Pricing of course varies by region and also your sector. It also varies if you are a consumer or corporate, so if buying for work, speak to you Microsoft Surface Partner.
On Microsoft’s official website, pricing for Surface Laptop 7 starts at £944 (inc VAT).
The model I am using is the 13.8″, Snagdragon X Elite with 32GB RAM and 1TB SSD which took the price up to just over £1,500.
In comparison (everyone always compares to Apple), the cost of the Mac Book Pro 14″ of close to equivalent spec is just shy of £2,000
Surface Laptop 7 – Summing it up
In the past few weeks, using Surface Laptop 7 has really enforced my love and passion for Surface and Windows on Arm powered devices and the future potential of Copilot+PCs.
Compared to a Intel Powered Surface Laptop 6, everything about this device feels faster and more responsive compared to any previous device (even my ARM powered Surface Pro 9) that I have used.
The device is lightening fast, silent (like it makes no noise at all) as it has no fans, and battery life averages over 17 hours of actual use between charges (and that is connected to an external screen too). I never take power supply when I go out.
The device wakes up and signs me in instantly when I lift the lid, thanks to Windows Hello ESS and when working, the device doesnt even apprear to get warm.
Video and Audfio Quality is enhanced by the new Windows Studio Effects in Windows 11, which leverages the NPU for superior audio quality and voice isolation and features like Eye Contact and local background blurring has a huge impact on video calls.
The new and exciting AI features like Microsoft Recall and Click- to-Do (in preview), along with the other Windows 11 enhancements are also great to use (these only run on Copilot+PCs today).
If you are not a fan of PWA (progressive web apps), the Microsoft is bringing good news. Windows Insiders are getting a new version of the Copilot app for Windows 10 and 11 which replaces the web-based application with a new native version.
The old app (or current app if you are not a Windows Insider) is a Progressive Web App which limits some of the Windows control such as quick view that is available in native Windows Apps. recently ChatGPT published their Windows App into the Microsoft Store and this latest update from Microsoft now makes the Copilot a real app too!
With this update, the previous Copilot progressive web app (PWA) is replaced with a native version. After installing the Copilot app update, when you run Copilot, you will see it appear in your system tray.
Microsoft Windows Insider Team
Whilst it’s hard to notice immediately differences, after installing the updated version (1.24112.123.0) Copilot on Windows is now a “proper” app rather than a WebApp.
This also means that Quick View can be used now with Copilot which lets you move the quick view window and resize it to suit your workflow. By default, the Copilot app in Windows uses the RegisterHotKey function and sets Alt + Space keyboard shortcut to open Copilot in Quick View mode which can be used to open and close Copilot’s quick view whenever you need it.
If you need to switch / flip back to the main Copilot app window, then this can be done by clicking the icon at the top left corner of the quick view window.
Devices with the dedicated Copilot key will open the Copilot app up the main window.
Microsoft has recently expanded the testing of its innovative Recall AI feature to Intel- and AMD-powered AI and Copilot Plus PCs. Initially available on Qualcomm-powered devices only, this feature is now accessible to a broader range of devices for testing.
Initially recalled due to privacy concerns this is now in Public Preview for Windows Insiders on the Dev Channel.
Recall works by taking screenshots of almost everything you do on your Copilot+ PC, (these are devices with dedicated NPUs that run at 45 Trillion Operations per Second (TOPS) or more). Recall makes it easy to search and recall past activities such as “the train route I was looking at on Tuesday” rather then scanning back through Internet search history.
Recall on Copilot+ PCs
This feature is entirely optional to use, but when enabled enabled, helps users find previous work, content or Internet data through natural language search or an interactive scrollable timeline.
As the user, you are completely in control of what snapshots are saved and how long for, and have the ability to delete them as needed, ensuring upmost privacy and security. Snaps shots require TPM, secure boot and Windows Hello to be active on the device and Microsoft has not access to the data which is encrypted on your device.
The power of Edge AI
Unlike services like Copilot, Recall and many of the newer Copilot+ PC features leverage local LLM models on the device as well as the NPU’s present on Copilot+ PC devices like the Surface Laptop 7 and Pro 11 range. As such when you install the #WindowsInsider Dev builds, you’ll also notice that Windows Updates installs a number of processing services as well as the Phi Silica LLM.
Recalls’ enhanced security and privacy
Microsoft has implemented many new security updates and controls to address initial concerns raised by security folk and early testers.
As I mentioned, accessing snapshots now requires Windows Hello for authentication, and the feature mandates the use of BitLocker and Secure Boot. Additionally, Recall can now automatically detects and excludes sensitive information like credit card details and passwords from being saved.
Click-to-Do and more AI features
Alongside Recall, Microsoft is also allowing Insiders on Copilot+ PCs to test out Click to Do feature, which recognise text and images in snapshots and content in screen allowing users to perform actions like copying text, invoking Copilot, saving and editing images and more. This functionality extends beyond Recall, enabling users to take actions on images and text with a simple Windows + Q key or Windows Key + mouse click.
In Paint, the new Cocreator top lets you create art and images by simply typing in text prompts. The Photos app has also been updated with new tools including Image Creator, which lets users make images from text prompts, and Restyle Image, which lets users add different artistic styles to their existing photos. You also get powerful generative erase tools which can be accessed directly from the app or from Click-To-Do.
These tools use local AI and analysis models on the Copilot+ PCs to work efficiently on the device itself through the use of the NPU.
Conclusion
Microsoft initially only made these features available for Snapdragon (ARM based) Copilot+ PCs but with this update they are continuing to u lease the new AI features in Windows 11 to more devices. The expansion of Recall to Intel and AMD Copilot+ PCs marks a step forward in enhancing user experience and productivity on this next generarion of devices.
Copilot was very much front and center at Microsoft Ignite last month. However, the Windows ecosystem also had lots of coverage. This includes Windows 11, new devices, Windows 365, and Windows 365 Link. Along with this, Microsoft talked in depth about the importance of the new Windows Security Initiative.
This forms part of the Secure Futures Initiative , a wider efforts to ensure everything access the Microsoft eco-system is secure by design and secure by default.
The Windows Security Intuitive is a comprehensive effort to ensure that Windows remains the most reliable and secure platform on earth. This blog summarise the key Windows and Devices announcements from Ignite 2024.
The Windows Keynote session at Ignite was delivered Pavan Davuluri, Aidan Marcuss, Navjot Virk and David Weston and can be viewed here on demand from Microsoft.
Windows 11 – The Most Secure Windows Ever
Windows 10 is end of life in October 2025, but Windows 11 has been mainstream now since 2021. Windows has always been the platform for innovation, meeting the needs of over a billion customers across enterprise, public sector, education, creators, developers and engineers. With this comes Microsoft’s responsibility to deliver the most reliable and secure platform.
The “CrowdStrike incident” back in July 2024, which impacted 8.5 million devices, was a stark reminder of the need for vigilance and innovation and the need to have better controls in place to protect the core of the Windows OS. “EU policy prevents Microsoft restricting access to its kernel”, but Microsoft have, following the global incident, announced the Windows Resiliency Initiative. This initiative aims at making Windows more reliable and secure for all customers, including those with mission-critical workloads but introducing changes to how both Microsoft and third-parties manage critical workloads and updates within Windows 11.
Changes After the Crowdstrike Incident
In the key note, David Weston shared insights from conversations with hundreds of customers, including CISOs, CIOs, and incident responders. The feedback highlighted the need for easier recovery, stronger resilience of critical security tools, and overall platform security. Microsoft is addressing these needs through the Windows Resilient Security Platform, which allows security product developers to build products outside of kernel mode, reducing complexity and improving recovery.
“In addition to the work we are doing with CISA as part of Microsoft’s Secure Future Initiative, we are heavily investing in safe languages to enhance the safety of our code. This commitment also aligns with CISA’s secure by design pledge. We’re applying this new approach to our security platform and other key areas like Microsoft Surface’s firmware and the Pluton security processor firmware. Part of becoming resilient is also increasing the prevention of attacks, so more security has been built into the operating system and not bolted on later. This reduces complexity and ensures you deploy less software that could become the next failure point. This is why we are targeting the most critical elements of Windows 11.”
David Weston | VP Enterprise and OS Security | Microsoft
Changes in Windows coming…
Improving Windows Reliability – with new capabilities to enable security product developers to build their products outside of kernel mode. This is known as the Windows Resilient Security Platform, which provides a flexible security API set and data collection points that can be used to build endpoint security products like detection and response or antivirus outside of the kernel. This change will help end-user protection and antivirus products provide a high level of security and easier recovery, with less impact on Windows in the event of a crash or mistake
Quick Machine Recovery – This solution can execute targeted fixes from Windows Update on machines, even when Windows is unable to boot. This will allow for quick deployment of fixes that address files, drivers, or any other operation needed to recover a non-bootable machine.
Strengthening Security Tools and Drivers – Microsoft are working with industry-leading security partners and the US Cybersecurity and Infrastructure Security Agency (CISA) to define new ways to increase resilience across the ecosystem. This includes adopting safe deployment practices, conducting additional security and compatibility testing for components like security kernel drivers, and developing strengthened incident response processes for streamlined coordination.
Enhancing Identity Protection – To combat the increasing risk and success in cases of sophisticated phishing attacks, Microsoft has hardened Windows Hello, the built-in industry leading multi-factor authentication (MFA) solution. Windows Hello now supports passkeys, which means much of the web can be protected with MFA seamlessly. This enhancement ensures that users no longer need to choose between a simple sign-in and a safe one. This is one step further to help customers remove passwords from their environment.
Local Administrator Protection – Microsoft is introducing administrator protection to address the challenge of over-privileged users and applications. With admin protection, everyone (even admins) will have standard user permissions by default and can make Windows system changes, including app installation, only when necessary and after authorising the change using Windows Hello. This reduces the risk of attacks by ensuring that employees, not malware, remain in control of Windows.
Deep Collaboration with CISA – Microsoft and the CISA are providing a framework for the IT industry as a whole to ensure that all partners, customers, and organisations can stay ahead of evolving security threats. This collaboration aims to deliver software that is safe, secure, and resilient through secure by design, secure by default, and secure through delivery practices.
These changes and improvements are part of Microsoft’s commitment to making Windows reliable and secure for all customers, including mission-critical workloads. The Windows Resiliency Initiative represents a significant step forward in ensuring that Windows remains the most secure and reliable platform on earth.
Windows 11 – Ease of Migration, Management and Updates
Windows 11 builds on Windows 10 technologies and further simplifies the management and migration process to Windows 11. Windows 11 can be managed with the same tools and processes used for Windows 10, ensuring minimal disruption to the workforce. The compatibility with App Assure guarantees that all apps will work seamlessly on Windows 11.
In contrast, Windows 11 updates are 40% smaller in size, making it easier to stay up to date and reducing impact on users/employees as well as on network bandwidth, disk-space and time.
Windows 10 to Windows 11 – Compatibility with App Assure
App Assure is a key component of the Windows 11 upgrade experience as it was in the Windows 7 to Windows 10 experience. App Assure ensures that all apps are compatible with the new operating system through millions of real life feedback, crash reports and user feedback. This application compatibility is backed by Microsoft’s promise to address any app issues that may arise, providing peace of mind for businesses transitioning to Windows 11. The App Assure portal provides guidance, assurance and clarity of application and application version compatibility.
Updates, Hotfixes, and Autopatch
Windows 11 is introducing several new features to streamline updates and hotfixes.
Quick Machine Recovery allows targeted fixes from Windows Update on machines that are unable to boot, ensuring quick recovery during incidents.
Windows Hotpatch, available through Autopatch settings in Intune, delivers Patch Tuesday security updates directly to employees seamlessly in the background without requiring a restart, reducing interruptions and speeding up the deployment of security updates.
Windows Hotpatch is one that is super important. By using Windows Hotpatch through Autopatch settings in Intune, Microsoft say that 65% of Patch Tuesday security updates are delivered directly without requiring a restart. This significantly reduces restarts and interruptions, allowing security updates to be deployed 60% faster.
According to Forrester research, moving to Windows 11 delivers an impressive 250% return on investment over three years compared to Windows 10.
Windows Backup for Entra ID
Another exciting new feature announced at Microsoft Ignite is Windows Backup for Entra ID. This feature, available in public preview in early 2025, will help organisations ensure a seamless transition of use settings and preferences when setting up a new PC or performing a traditional reinstall which is typical with OS upgrades in larger enterprises.
With Windows Backup, employees can easily transfer their desktop background, icon size, and other preferences to a new device, ensuring a consistent and familiar experience. This reduces the time spent on setup, allowing employees to be productive faster and significantly reducing IT overhead and help desk calls.
Windows 11 – New devices and un-paralleled performance
Speed and Performance
Windows 11 is designed to deliver superior speed and performance. Bear in mind WIndows 10 is 10 years old and was designed for a pre-pandemic world and a world where AI didn’t touch the end-point.
Newer Windows 11 devices offer double the battery life and more than three times the performance of older Windows 10 devices.
Microsoft’s introduction of Copilot+ PCs and AI-PCs, built for AI workloads, is setting a new new standard for productivity, combining advanced AI inferencing capabilities with top-notch security and performance. Satya said in his key note that all applications will be rebuilt as AI apps and Windows is no different. Microsoft are re-writing their apps and OS for the AI era and simple examples include simple in-box tools like Notepad and Paint that have advanced AI capability.
Leading vendors like Adobe are adding new capabilities in their applications that leverage local NPUs found in new Windows 11 Copillot+ and AI PCs
The New Generation of Devices in Copilot+ PCs
The new generation of devices in Copilot+ PCs is designed to harness the full potential of AI. These devices (again bvery centre stateg at Ignite) come equipped with advanced AI inferencing capabilities, enabling them to handle complex workloads with ease. Their Neural Processors (NPUs) can operate at more than 45 Trillion Operations a Second (TOPS) providing the fastes edge AI processing in the world. The integration of AI into these devices not only enhances productivity but also ensures that security measures are robust and effective.
With features like real-time threat detection and automated responses, Copilot+ PCs provide a secure and efficient environment for businesses and consumers.
The day after Ignite, Microsoft also released Recall and Click-To-Do into public preview for users enrolled on the Windows Insider Programme.
Windows 11 – Sustainability and Windows 365
Modernising isn’t just about cost savings; it’s about the collective responsibility and impact on the global economy, our business and the environment. Microsoft has committed to advancing sustainability, and adopting Windows 11 helps in achieving your company’s sustainability goals.
Microsoft boldly shared that Windows 11 reduces energy use as the “world’s first carbon-aware OS” and offers Energy Saver, increasing energy efficiency by up to 22%.
Microsoft talked about their own devices, Surface which are manufactured using recycled materials and more renewable energy. As an example, Surface enclosures use 100% recycled aluminum alloy and 100% recycled rare earth materials. They also used this time to share existing and new programs to help organisations reduce e-waste with the recycling and refurbishment opportunities available across our ecosystem partners such as Cisilion. There’s a dedicated sustainability site for Surface -> here <-
Microsoft also shared several examples of how organisations can extend the life of (and even breath new life into) older hardware with Windows 365 without sacrificing security protection or experience.
Windows 365 and Windows 365 Link
Microsoft shared how Windows 365 plays can not only play a crucial role in this sustainability effort but also used the opportunity to announce their new dedicated “thin client” device called Windows 365 Link.
Priced at $349 and available from Spring 2025, these dedicated low power, sustainability built devices can provide local compute power but with no IT footprint to securely streams employees full personal Windows 11 desktop with all their apps, content, and settings directly from the Microsoft Cloud.
Windows 365 can run on any device include Web, dedicated devices like Windows 365 Link, and even mobile devices on iOS and Android as well of course as legacy Windows 10 devices and even Windows 11.
The flexibility of Windows 365 allows businesses in any sector and any size to reduce their IT infrastructure and management complexity while providing a consistent and secure experience for employees. Windows 365 is designed to complement your Windows 11 end user computing estate, enabling more endpoints and form factors, and unlocking more value and options for businesses.
Windows 365 is also great for contractors, testing migrations to Windows 11 and also for running secure workloads as well as for education and front line workers.
What have I missed?
There were lots of announcement around Windows and Devices at Ignite. The Windows Security Initiative clearly represents a significant step forward in ensuring that Windows remains the most secure and reliable platform.
With new enhanced security measures, simplified management and migration, seamless compatibility with App Assure, and innovative update mechanisms, Windows 11 is promising to deliver unparalleled speed, performance, security, agility and management.
In a move that has surprised few, Microsoft has once again delayed the rollout of its controversial Recall feature for Copilot AI PCs. Initially planned for a June release to coincide with the new Copilot+PCs launch, Recall was then postponed to October while Microsoft addressed initial concerns around privacy and security.
This week however, Microsoft has yet again delayed this again with testing for Windows Insiders coming (so we are told) in December, which unfortunately falls after Ignite.
Microsoft Recall….
Security Concerns and Refinements
Recall’s primary value is to create a timeline of screenshots that users can scroll through and search. However, early testing revealed by security researchers discovered that the core database storing these screenshots and tagging was not encrypted, posing a massive security risk.
Microsoft have since addressed this by fully encrypting the database and requiring Windows Hello authentication for access.
Microsoft have also confirmed that Recall will now be an opt-in feature, allowing users to completely uninstall it if they choose.
Microsoft’s Cautious Approach
Brandon LeBlanc, senior product manager of Windows, enforced Microsoft’s commitment to delivering a secure and trusted experience with Recall.
Microsoft need to get this right in order to maintain trust with its customer base. He stated that the additional time is necessary to refine the feature before previewing it with Windows Insiders. Despite these assurances, social media shows huge skepticism about whether Microsoft will meet the new December deadline and even if they might scrap the feature all together. This will be a shame, as the value around it looks. Promising and is really ( currently) the one killer reason consumers were looking at when looking at investing in Copilot+ PCs outside of the huge battery life that these Qualcomm Snapdragon Powered devices deliver.
The repeated delays and security issues surrounding Recall highlight broader concerns within the AI industry.
There is a growing perception that companies are rushing to release new features without fully considering the potential consequences.
Microsoft’s cautious approach with Recall is a step in the right direction, but it also underscores the need for more rigorous testing and security measures in AI development.
Will Recall still be exclusive to Copilot+ PCs?
That’s a good question.
When Microsoft announced the Copilot+PC back in June, Recall was the flagship feature and it was unique to the device’s (and kinda stole the show).
Since then AMD and Intel have released their new AI PC chipsets offering similar NPU performance to the Snapdragon chips in Copilot+ PCs like Surface Pro 11 and Surface Laptop 7.
We now have NPU turbocharged PCs with Snapdragon® X Series, AMD Ryzen™ AI 300 Series and Intel® Core™ Ultra 200V Series devices after all.
We don’t know if this will remain an exclusive (I don’t see why it would) and if all the “exclusive AI features” that are part of Windows 11 24H2 will soon be lit up in any decide with a dedicated NPU.
From what I can… It will be supported… But some features are limited to Snapdragon, so we will have to wait and see….
Coming soon then… Or will it?
While the future of Recall still remains uncertain, Microsoft’s efforts to address security concerns and refine the feature are commendable, I just hope they haven’t missed the boat. We’ve already seen Apple quietly move forward with Apple Intelligence (clever) and it’s now embedded in MacOS. Microsoft need to move quick and innovate here to regain confidence and innovative is their mission to empower every person on the planet to achieve more (with their technology)!
Consumers, IT professionals, industry experts and social media will be keenly observing whether the Recall gets the release and value reputation it received back in June, with a secure and functional version of Recall to define what AI can really do in Windows.
I hope succeeds and brings life to the new AI PCs and Copilot+PCs or of it quietly gets canceled as skeptics seem to think…
Microsoft is taking a significant step forward in enhancing the Windows Hello experience on Windows 11. This overhaul, now in beta testing for Windows Insiders will bring a more intuitive and visually appealing interface for both facial, passkeys and fingerprint recognition.
New Windows Hello experience on Windows 11
Cleaner, More Intuitive UI
The revamped Windows Hello UI is designed to streamline the authentication process. Users will notice new iconography and visual changes that make switching between authentication options more intuitive. Whether you’re logging into your device or using passkeys for websites and apps, the experience is now more seamless and user-friendly.
Enhanced Passkey Integration
One of the standout features of this update is the improved passkey integration.
New passkey process in testing on Windows 11
Previously, using passkeys from a mobile device involved scanning QR codes and navigating an outdated UI. The new system simplifies this process, allowing for quicker and more secure authentication. Additionally, Microsoft has also introduced a new API for third-party password and passkey managers, enabling developers to integrate directly with the Windows Hello experience.
Future-Proofing Authentication
This update is not just about aesthetics; it’s about future-proofing authentication on Windows 11.
By supporting passkeys from mobile devices and enabling synchronization with third-party apps, Microsoft is ensuring that users have a secure and efficient way to manage their credentials and also allows them to be seemlessly and securely added to your Microsoft Account.
We redesigned Windows security credential user experiences for passkey creating a cleaner experience that supports secured and quick authentication.. Users will now be able to switch between authentication options and select passkey / devices more intuitively.
Currently available to Windows Insiders in the beta channel, and will hopefully hit testers on the other Insider channels soon. This new Windows Hello experience is expected to roll out to all Windows 11 users in the coming months.
Are you looking forward to seeing new Windows Hello UI?
As Microsoft prepares to end support for Windows 10 on October 14, 2025, users have a critical decision to make. They must either migrate to Windows 11 or pay for extended security updates (ESU). Microsoft will offer distinct options for consumer (home) customers. They will also offer options for commercial customers who want or need to continue using Windows 10 after this date.
Consumer Pricing for ESU
We know that commercial enterprises were going to have the “cost” option of paying for extended updates while they “complete” they migration / move to Windows 11, but in the first time in history, Microsoft have also announced that consumers can will also have the option to purchase a single year of Extended Security Updates (ESU) for a one off $30 (£25) cost.
Commercial Pricing for ESU
Pricing to commercial customers will be based on tiered pricing options with pricing set-out at
$61 per device per year for the first year
$122 per device for the second year, and
$244 per device for the third year.
Organisations needed or wishing to pay for ESU for their devices for 3 years will therefore incur costs of $427 per device.
Extended Security Updates: A Temporary Solution
Microsoft’s ESU program will provide a lifeline in helping any organisation or consumer unable or unwilling to upgrade to Windows 11 before October 14th, 2025, (when Windows 10 enters end of support).
Bear in mind though that these ESU updates are just security and zero-day updates. There will be no new features, bug fixes, or technical supportincluded.
These are, of course, optional, but there are huge risks for continuing to use Windows 10 devices without protection from security exploits or newly discovered vulnerabilities.
This is especially true for commercial organisations. They lack protection from security and vulnerability updates.
The Risks of Running an Unsupported OS
Running an operating system without security updates poses significant risks, both for consumers and businesses including:
Increased Vulnerability to Cyber Attacks: Without regular security patches, systems become prime targets for hackers. Vulnerabilities that are discovered post-support will remain unpatched, leaving systems exposed to malware, ransomware, and other cyber threats.
Compliance Issues: For businesses, using unsupported software can lead to non-compliance with industry regulations. It can also lead to non-compliance with standards. This may result in hefty fines and legal repercussions. This can also affect security certifications. These include Cyber Security and Cyber Security Plus. It also impacts trust from customers and business partners.
Operational Disruptions: Security breaches can cause significant downtime, disrupting business operations and leading to financial losses. For consumers, this could mean losing access to important personal data and services.
Higher Long-Term Costs: While the initial cost of ESU might seem manageable, the long-term financial impact of a security breach can be devastating.
The best approach is to start planning the move to Windows 11 now. There are just over eleven months to do this. For consumers, this could mean upgrading. It could also mean replacing their devices with ones capable of running Windows 11. Windows 11 was released and started shipping on new devices in 2021.
Will my device run Windows 11?
Microsoft have a useful website which show the minimum system specifications for Windows 11 which you can access –> here <-
In reality any device newer that 4-5 years old should have no problem running Windows 11, , but in short, you need a device with at least:
Processor: 1 GHz or faster and min of 2 core.
RAM: 4 GB or more.
Storage: 64 GB or larger storage device / HDD / SDRAM – you’ll much more in reality.
System Firmware: UEFI, Secure Boot capable.
TPM: Trusted Platform Module (TPM) version 2.0. (this is important)
Graphics Card: Compatible with DirectX 12 or later with WDDM 2.0 driver.
Display: High definition (720p) – must be greater than 9” diagonally.
Tools to check compatibility
Another really easy way to check your device (if you are a consumer of want to check a couple of devices) is to the use the PC HealthCheck App. This can be downloaded from https://aka.ms/GetPCHealthCheckApp if it’s not already installed on your Windows 10 device.
When you run the tool, you get one of three outcomes. If you device passes, you’ll see a “meets requirements” message, and if it fails, you’ll receive a “doesn’t currently meet”. Coprate devices may see a message stating that “your organisation manages updates” and as such check with IT department (though I suspect they are already on it!)
Commercial Customers IT departments can easily check Windows 11 eligibility using Microsoft Intune or System Centre.
Conclusion
The decision to stick with Windows 10 and not migrate to Windows 11 should not be taken lightly. While ESU provides a temporary solution, the risks associated with running an unsupported OS far outweigh the benefits.
The risks of not updating (or paying for extended security updates) are too high. It is only acceptable if your device is never connected to the internet. Additionally, you should avoid using external sources such as USB devices.
Upgrading to Windows 11 ensures continued security. It also provides access to the latest features and support. This makes it a wise investment for both consumers and businesses.
Q&A
What about my anti-virus applications? In reality these will still work as will any application you are running on your machine. You will need to check with the antivirus provider to check that they will still support Windows 10, but as long as they do and you pay the subscription to them, it shouldn’t impact these anti-virus signature updates.
What about other software like Office Apps? Well Office 2016 and Office 2019 also go end of support in October 2025. You’ll need to upgrade these too if you want to get feature updates and security updates and fixes. You will likely find other software vendors like Adobe will also stop supporting Windows 10 (as many did with Windows 7). You’ll need to check with the software provider.
Can I upgrade the hardware in my device to get compliant? That is also an option. After running the compatibility checker, you may find that upgrading your hard drive, adding more memory or swapping other components may “get your device compliant”. In most cases this isn’t cost effective.
As technology advances, the distinction between AI-PCs and Copilot+ PCs becomes increasingly important. Both types of devices leverage dedicated AI chip sets to enhance the user experience. They support new and upcoming software features. These devices prepare us for the continual wave of AI innovation. Under the name, what are the differences between the specifications and ability of these two types of “next generation” devices?
This blog aims to summarize the similarities and differences between the AI-PC, as dubbed by Intel. It also discusses the Copilot + range of PCs powered by Snapdragon ARM based chip sets.
The AI-PC
AI-PCs, like the Microsoft Surface Laptop 6, are powered by Intel chipsets and are the first of their next generation of personal computers designed to handle complex AI tasks efficiently. These PCs are equipped with Intel Core Ultra processors which also include a dedicated Neural Processing Unit (NPU), which accelerates AI and machine learning workloads directly on the device, providing up to 10 TOPS (Trillion Operations Per Second) of AI performance.
This means faster performance for tasks like real-time language translation, image creation, and enhanced multimedia experiences such as object removal, blur and audio isolation without relying heavily on cloud services or throttling the PCs CPU.
For the average user, this translates to a smoother, more responsive computing experience with smarter features. For IT professionals, it means robust performance for data-intensive applications and improved security through local processing and devices which will perform in a more unified way without “subtle” tasks like back-ground blur in video calls, hammering the CPU or consuming more internet bandwidth.
The Copilot + PC
Copilot+ PCs represent the pinnacle of AI-enhanced computing, designed to deliver unparalleled performance and support for AI-infused applications and extensions. These PCs are powered by Qualcomm’s Snapdragon X Series processors. They feature a turbocharged Neural Processing Uni (NPU). This NPU is capable of performing over 40 trillion operations per second (TOPS). This advanced hardware allows real-time AI functionalities. These include language translation, image generation, and intelligent task management directly on the device. For the average user, this means a seamless, responsive experience with smarter, more intuitive features. For IT pro’s Copilot+ PCs provide more robust performance for data-intensive and AI applications. They enhance security through local processing.
This can also reduce reliance on cloud services with the ability run “some” AI workloads locally depending on what has been coded of course by the software vendor. Examples of this might be background blur which as trivial as it may sound it network and compute intensive and can be performed on an NPU far better and with far less compute power.. This combination of powerful hardware and specialized software makes Copilot+ PCs a significant change in both personal and professional settings.
Copilot+ PCs, on the other hand, take this AI integration a step further. Some examples are the recently released Surface Laptop 7 and Surface Pro 11 devices from Microsoft. There are also devices from all other major manufacturers. These devices feature powerful and dedicated NPUs. They also come with Windows 11 – Copilot “exclusive” software and services enabled. These devices need Copilot+PCs to use them.
Interactions like “click-to-do” and Microsoft’s Recall leverage the advanced NPU’s capabilities. They provide enhanced AI features directly on the device. These interactions reduce CPU and GPU workloads. They allow local AI compute, which will in the long term support local language models.
Despite the differences, both AI-PCs and Copilot+ PCs bring enhanced performance for handling AI workloads. These devices provide a more integrated and advanced AI experience, thanks to the combination of powerful hardware and specialised software. At the time of writing the Copilot+ PC range deliver more AI-grunt than AI-PCs. However, the Intel-based AI-PCs will likely be more adopted by large enterprise organisations. These organisations still need to run older legacy applications. These applications have not yet been compiled to run on Windows on Arm (WoA). WoA is needed for Copilot+ PCs which are built on ARM chipsets and not Intel.
Spotting the Difference
The subtle differences between AI PCs and Copilot+ PCs. As endpoint technology continues to evolve, the gaps will most likely close. The 2025 edition of these technologies will continue to evolve. There is also new AI “optimised” PCs from AMD but I have not reviewed these here.
The main way to spot a Copilot+ PC or AI-PC vs an older generation device is the presence of a dedicated “Copilot key”.
The list below highlights the key things found on Copilot + PCs
AI Integration: Copilot+ PCs (currently) offer a more integrated AI experience. They include specialised software and features designed to enhance productivity. On the other hand, AI-PCs provide general AI capabilities without the specialized software. Copilot+ PCs are needed to run new Windows features like recall and Click-To-Do.
Dedicated AI Key: Copilot+ PCs include a dedicated Copilot key for quick access to AI-powered assistance. This key is not available in “some” AI-PCs. Older generation PCs also lack this feature.
Connectivity: Some Copilot+ PCs feature advanced connectivity options. These options include 5G, which is not typically found in AI-PCs or older generation devices.
Exclusive Software Features: Copilot+ PCs come with enhanced productivity tools like Recall and Click-To-Do. They also include other third-party features from Adobe, for example.
Conclusion
These new generation of AI-PCs and Copilot+ PCs bring more than just an annual chip set refresh. They are the ennoblement for the current and next wave of creativity. They drive productivity and innovation with the increasing number of AI-powered or AI-enhanced applications.
As always, Surface sets the standard – with their innovative anti reflective and HDR display technology, elegant and sleek design, sustainable and repairable design and unique features like the versatile kickstand along with fluidity of the Slim Pen 2 on Surface Pro, they empower users to achieve more and create without limits.
Using Cloud PCs, like Windows 365, could be a strategic move as you plan and migrate from Windows 10 to Windows 11 (which you need to do by October 14th, 2025, if you want to avoid paying for Extended Support Updates (ESU).
Here I discuss a use of Windows 365 as a way to delay the migration to Windows 11, whilst also. Enhancing the migration readienaa, testing and user experience in the Shift to Windows 11 as well as, of course the other benefits that Cloud technology can bring to businesses of all sizes, geographies and sectors.
Why Windows 365?
Windows 365 is a cloud-based service that brings the power and security of a Windows operating system to any device including mobile devices and some modern smart TVs.
Windows 365 streams a full (dedicated) Windows desktop from the cloud, providing highest levels of security, application compatibility and bandwidth optimisation.
It allows users to access their desktop and personalised settings, apps, and data from anywhere with an internet connection and without the need for VPN (though access over VPN or secure remote access is supported).
Image (c) Microsoft
This flexibility makes it an alternative choice for using legacy or older hardware. It is also ideal for bring your own device scenarios and contractors.
Additionally, it supports testing and dual running different operating systems. Benefits around flexibility and accessibility are huge for both users and IT.
Flexibility and Accessibility
Device Independence: Windows 365 lets users access your Windows environment from any device. This includes a PC, tablet, smartphone, and even some smart TVs. This means helps support you can continue using older hardware while still benefiting from the latest Windows 11 features. BYOPC (Bring Your Own PC) is also a key use case.
SecureRemote Work Enablement: Windows 365, helps support hybrid and remote work models. Employees can access their Cloud PCs from anywhere, ensuring productivity and continuity and secure remote access which levergage key Microsoft zero trust security principles include password less, MFA and risk based conditional access.
Management is also super simple with Cloud PC with everything managed from Intune. This includes.
Simplified Management and deployment.
Centralised Management: Windows 365 integrates with Microsoft’s Endpoint Management service (Intune). IT administrators can manage all devices and Cloud PCs from a single console. This simplifies updates, security policies, and compliance management. Cloud PCs can also leverage update technologies such as Windows AutoPatch. For more complex deployments or mixed AVD, Citrix and Windows365 you can also use third party tools such as Nerdio.
Fast Onboarding: Employees (new and existing) can be onboarded quickly by provisioning Cloud PCs within minutes. This reduces the time and effort needed to set up new devices. They can also be accessed across multiple devices for maximum flexibility and agility…
Seamless OS Switching – Windows 365 includes Windows 365 Switch. This feature allows users to easily switch between a local PC and a Cloud PC. Users can be assigned multiple Cloud PCs, for example Windows 10 and Windows 11. This setup is great for testing and learning a new OS like Windows 11.
As you’d imagine, Security is paramount and there’s no shortage of enhanced security for Cloud PCs.
Enhanced Security
Built-in Security Features: Windows 365 includes advanced security features like multi-factor authentication, conditional access, password-less authentication and advanced data encryption. These features help protect sensitive information and reduce the risk of security breaches.
Always Up to Date: Cloud PCs are automatically updated with the latest security patches and updates. This ensures that your systems are always protected against the latest threats. Cloud PCs also support full cloud management technologies include Auto Pilot and Windows Auto Patch.
What about pricing… after all, Cloud PCs require a license subscription to use with pricing for Windows 365 varying based on the specification of the Cloud PC needed.
Costs efficiencies and advoidance
Reduced Hardware Costs: Leverage Windows 365 can help can extend the life of existing hardware (for example hardware that cannot run Windows 11) and reduce the need for frequent hardware upgrades since they can be upgraded with just a change of license key!
Frontline worker efficiencies. Windows 365 Frontline provides the same feature stack and benefits of Windows 365 with the added flexibility to provide Cloud PCs for up to three users with the purchase of a single Windows 365 license, making it ideal for frontline and shift workers as well as seasonal staff.
Scalable and Upgradable: Windows 365 offers flexible subscription plans. These plans can be scaled up or down based on your organization’s needs. This enables businesses to manage costs more effectively. You can choose the right sized Cloud PC for the right task and the right user.
Device Management: Since there is no physical device to manage, management of devices is available remotely around the globe with employee devices being able to be provisioned, updated and recovered 100% remotely.
Support for Windows 10 Extended Security updates are also included with the Windows 365 license which not only helps extend the life of older (but perfectly working devices) and is also great to sustainability!
Smooth Migration: Migrating to Windows 365 can be straightforward. Tools and support are available. They help transfer user profiles, documents, and settings seamlessly.
Conclusion
Windows 365 can not only be a physical device alternative for any organisation, but also be used to help ensure a smooth transition from Windows 10 to Windows 11. Windows 365 can help organisations maintain productivity. It enhances security and breathes more life into legacy or older hardware.
It also supports Windows 10 Operating Systems, with Windows 10 Extended Security Updates included at no additional cost helping to extend the life of older devices that can’t run Windows 11 for up to another three years!
Most of the time, security and annual and semi annual feature updates in Windows are built on the same core OS platform. This means that the changes and new features in these updates are / updated on top of that particular OS build.
This is not the case with the latest Windows 11 24H2 Update which is starting to roll out now.
Why is the Windows 11 24H2 update different?
Unlike previous updates to Windows 11, Windows 11 24H2 is delivered as an update to existing devices with Windows 11 installed. This update is essentially a whole new version of Windows and yes, some have dubbed it Windows 12 – because it is, in all purposes a new OS version that is installed over (OS Swap) on the top of the existing OS – making it a new version.
This approach is the same as when Windows 11 was released back in 2021 and was (of course) an OS upgrade on-top of Windows 10. Many saw Windows 11 as “just a UI refresh.” But it was actually a totally new build of Windows. It had major architectural and security changes throughout the OS. Updates like Windows 11 version 22H2 and version 23H2 introduced many new features, but these updates were fundamentally built on the same underlying Windows 11 OS platform.
Windows 24H2 is a new OS
Windows 11 24H2 update is built on a totally new platform (codenamed Germanium) which brings fundamental under-the-hood changes to the core of the Windows 11 Operating System. Many of these updates and changes will not be obvious or event visible to a typical user, but many of them are fundamental changes. For example, one significant improvement with this release is much better optimisation for ARM based devices such as the new Snapdragon Powered Copilot+ PC devices like the Surface Laptop 7.
This is also why this update launched preinstalled on Snapdragon X series PCs. The feature set wasn’t completely finished when they launched, but the code base was needed to take advantage of the new features which are now rolling out.
The question asked by many is – “Is Windows 11 24H2 really Windows 12 then“?
So why isn’t it called Windows 12?
Good question. Well, whilst this is a major update under the hood the UI does look the same as before, and in terms of new features for existing PCs, many of the new things are subtle and reflective of the ongoing tweaks and changes such as finally moving those legacy “Control Panel” updates to Settings. As such there is nothing in 24H2 that really says “hey – this is a brand-new operating system” – and that’s a good thing I think (right now anyway).
In the past, we typically received a “new version” of Windows release every three or so years, and as such it was possible to “upgrade” from one to the next if you were willing to buy a new Windows license (or a new device with a new license).
Of course, most people did not want to do that, which meant that most of us (consumers anyway), only got a new OS update when they bought a new PC/Laptop – which included the latest license you needed. for the “current OS”. That’s how Windows upgrades worked for most people anyway!
Windows 11 version 24H2, it is basically the same thing. Whilst this update is available for existing PCs (it’s also free) there’s very little that is new and shiny for existing devices.
All the big news and new features are part of the new generation of devices – the Copilot+ PCs and AI PCs – and most of those new AI features will only work (be activated) on these new devices – since they need a PC with a chipset that includes an NPU with over 40TOPS of performance – this is basically new devices launched after June 18, 2024 (or even later, if you want to get an AI PC based on the AMD or Intel PC).
So back to the point, yes Copilot+ and AI PCs are essentially Windows 12 with all the features it introduces but still under then branding (as the UI has not changed) as Windows 11.
What does a Copilot+ PC and Windows 11 24H2 Bring then?
Right now, what Copilot+ devices do add some cool new AI features which I would say currently appeal to tech enthusiasts and those that run AI workloads (or plan too). You do get live captions with real-time translation in any app, have the ability to use new AI features in apps like Paint using a “cached” LLM on the device and new you’ll soon get features like Recall, Click-To-Do, and generative fill which are also huge new features that are all exclusive to those new Copilot+ and AI PCs devices.
Will there be a Windows 12?
We don’t know to be honest – not yet anyway. It is clear to me that Microsoft are working to ensure they don’t abandon or upset their existing users and create confusion.
With Windows 10 going end of support in October 2025 (that’s a year from now), creating a Windows 12 brand will likely up-set many businesses that are in a transition from Windows 10 to Windows 11.
This version of Windows 11, will include a whole load of features that will be exclusive to the newer AI PC hardware such as the Surface Laptop 7 and Surface Pro 11. This still creates an incentive for people to buy new PC with shiny features (that makes PC companies like Dell, HP, Lenovo, and Microsoft happy) whilst still ensuring the Windows 11 OS is modern and fresh. Existing devices can still upgrade to Windows 24H2, but they won’t get these new AI features (you need that NPU remember).
Will Microsoft ever unveil plans to release a formal Windows 12? I really don’t know at the moment. I think a new “branded” version will come at some point in the next couple of years. They may just call it Windows – something we thought Microsoft were going to do when Windows 10 was released.
What do you think – should Windows just be called Windows 25H1 for example, or do we prefer a version number. I’m a Windows / Surface MVP and I don’t know any more than you right now (of course if I did, I couldn’t tell you – but I honestly do not know!)
Microsoft (off the back of Windows 11 24H2 release this week) have unveiled a series of updates to their AI infused Copilot+ PCs, aimed at enhancing the user experience with innovative features.
Copilot+PCs are a new category of PCs released this year by leading OEMs including and debuted by Microsoft and are equipped with NPUs. These devices come in Intel, AMD, and Qualcomm-powered Windows on Arm configurations. Microsoft introduced several new features for both types of these advanced PCs. The newly launched Windows 11 2024 Update (version 24H2) brings new functionalities for all Windows 11 users, with some exclusive enhancements specifically for Copilot+ PC owners.
These updates further demonstrates Microsoft’s commitment to baking AI assistance into more and more manual or semi manual tasks, and are designed to make everyday tasks more intuitive and efficient, leveraging the power of AI to transform how we interact with our new shiny devices.
New AI experiences in Copilot Plus PCs
These new features are summarised in an extensive Copilot / Windows Blog but the key ones I have summarised below.
Enhanced Search: Find stuff faster and easier.
One of the standout features in this update is the new Enhanced Search. Here, Microsoft has integrated AI-driven improvements deep into Windows search, making it significantly more powerful and user-friendly.
With these enhancements, users can now find files, images, and emails with ease, even if they don’t remember the exact names. Better than a simple search index (you know, that thing that used to grind your PC to a halt), this AI search understands context and can retrieve relevant results based on partial information or related keywords.
Image (c) Microsoft.
For instance, if you’re looking for a presentation you worked on last month but can’t recall the title, simply typing in related terms like “presentation” and “last month” will bring up the correct file. This feature is huge change for how we find and retrieve information and is more human connected in terms of how we think and ask. Plus, if you are anything like me, it should reduce the time spent searching for documents and allowing users to focus on their work.
“AI-powered search makes it dramatically easier to find virtually anything,” says Yusuf Mehdi, executive vice president and consumer chief marketing officer at Microsoft. “You no longer need to remember file names and document locations, nor even specific names of words. Windows will better understand your intent and match the right document, image, file, or email”.
Yusuf Mehdi |Executive VP and CMO | Microsoft.
For images this will work extremely well as you won’t need to know the file name and can search for pictures using words, even if the search word isn’t part of the file name!
The improved Windows search will first show up in File Explorer on Copilot Plus PCs from November.
This improved search will also be available “in the coming months” in the main Windows search interface and through the search box that appears in the Settings interface. You can type things like “duplicate my screen” into the Settings search box and it will help you find the right settings.
Click to Do: Interacting directly with your screen.
This feature really caught my attention and is definitely one I think I will use.
Click to Do will allows users to interact directly with images and text on their screen to perform quick actions. As an example you might be viewing a webpage or a pdf and see a phone number. You’ll be able to click on it to initiate a call, or clicking on an address to open it in your maps application. This feature streamlines workflows by reducing the number of steps needed to complete tasks.
Image (c) Microsoft
Click to Do works by understanding everything you’ve seen on your screen and enabling useful shortcuts to actions to help you more quickly search, learn, edit, shop, or act on those items… It works on any windows, document, image, or even video”
Yusuf Mehdi |Executive VP and CMO | Microsoft.
As an example, you could use Click to Do to perform a visual search on an item that appears in a YouTube video you’re watching or a page you are viewing in a browser. Click to Do is also context-aware, assisting with text-related actions like rewriting, summarising documents, explaining text, and sending emails.
Microsoft have said Click to Do will begin testing with Windows Insiders on Copilot Plus PCs in October, with a gradual rollout planned for November.
The previously announced Recall feature will also be available to Windows Insiders in October on Qualcomm-powered devices, before being rolled out to Windows Insiders on Intel- or AMD-powered Copilot Plus PCs in November.
I think this could be a real time saver for me and for anyone who does a lot of research, works with high volumes of information and has lots of open windows on their screen(s). By enabling direct interaction with on-screen content, it should help minimise interruptions and keeps the focus on what your are doing without having to open other tools.
Generative AI in Paint: Bringing modern tech to a staple app.
Microsoft Paint is also getting another significant upgrade (which has been in testing with Windows Insiders for a few months) with the introduction of new generative AI tools. These new tools ncluding generative fill, image generation (using Designer) and generative erase, that bring capabilities similar to those found in advanced photo editing software like Photoshop. Layers was also introduced to Paint earlier this year.
Copilot UI : The human touch.
Finally, Microsoft are revamping the general Copilot experience. This is not just about adding new features (though there are some) but are more about a total overhaul and part of their vision to make AI a more human-centric experience.
Their goal is to differentiate Copilot from other AI tools like ChatGPT and Gemin, by focusing on usability and user satisfaction. This approach ensures that the technology adapts to the user’s needs, rather than the other way around.
Microsoft has given the Windows App “GA” status and released to the masses along with long awaited mobile app support which will open more doors and use cases for Windows Cloud PCs and Virtual Desktops. This will allow businesses to bring the power of Windows to virtually any device. Whether you’re using macOS, iOS, iPadOS, Android, or even another Windows PC, you can now stream a copy of Windows seamlessly.
You can read the full Microsoft Blog on this > here <
What’s so good about the Windows App?
Havig been in preview for some time (previously there were multiple apps to use for different virtualised experiences on Windows such as Remote Desktop app, different websites and third-party apps etc) but now we have a new single experience 🙂 This provides:
Unified Experience: The Windows App serves as a single place to streaming all your corporate and development Windows desktops including Windows 365, Azure Virtual Desktop, and Remote Desktop services.
Customisable Home screen: Which allows users to tailor the app to suit their needs by pinning specific desktops, configuring the join experience and even simple configuration of things like multi-tasking and app switching with Windows 11 (known as Windows 365 Switch).
Multi-Screen Support: The Windows App lets users customise and extend their experience (just like a traditional / physical desktop) with multiple display support.
USB Redirection: Windows App allows full support of local USB devices including speakers, mics, webcams, storage devices, and printers as if they are directly connected to your Cloud PC.
Single Sign On – The Windows App supports single sign on with Windows 365 and AVD with Entra ID.
Who can use the Windows App?
Presently, the app is limited to Microsoft work and school accounts, making it ideal for professionals and students who need to access their work PCs remotely. It’s not available for consumers, but it does make Windows 365 and AVD simple to use on personal BYOD devices that need to access work devices. Something I do often.
Downloading the Windows App
The Windows app is available for download from the Microsoft Store and the Apple App Store. It is also available on the Google Play store but is now in public preview.
User Experience
The user experience is fantastic and shows the attention to detail, listening to user feedback and alignment with the core Windows Development team. Microsoft have said that the Windows App will start shipping as standard out of box app on Coporate Devices running Windows 11 too.
Windows 365 Desktop on Samsung S24 via TV
Windows App on Samsung S24 through TV
The image above (which is pretty cool) is Windows 365 Running on my Samsung S24 displayed through a TV (using Samsung Dex) – and yes, I am using Copilot on PowerPoint.
Windows 11 Experience below
The Future
I’d love to see Windows App come to more devices like high-end TVs and tablets in the future just like Microsoft have done with Xbox Game Streaming.
Microsoft has released a bunch of firmware updates which should fix some annoying issues.
One of the great things about Microsoft owning the hardware and software eco system (in the realm of Surface and Windows), is the telemetry data they have across the board and the ownership they take across hardware and software.
According to Microsoft there’s been some issues affecting Surface Pro 8, Pro X and Laptop 6 which have (hopefully) been fixes with this latest update. Let’s dive into the specifics of what these updates address for each device.
Surface Pro 8 (Intel)
Some or the reported issues with Surface Pro 8 include issues with Surface Slim Pen, flickering screen issues when using the Surface Dock 2, and even issues with the built in USB-C ports. This update should fix all those ensuring a smoother and more reliable experience.
Surface Pro X (Arm)
One of my favourite devices (big fan of Windows on ARM), but many users have reported camera issues with the camera app hanging or the camera locking and showing as not working until a reboot. There has also been issues regarding the keyboard when using in Windows Recovery Environment (WinRE) or Windows Preinstallation Environment (WinPE). This firmware update addresses these issues.
Surface Laptop 6 (Intel)
A stable for many businesses, the Surface Laptop 6 has seen a number of odd issuesnpartixukar with the fan and cooling system with reports of the laptop’s fans running excessively (and not turning off), even when the device isn’t under heavy load. This not only affects battery life but can also be quite distracting. This latest update should fix this issue by optimising the fan behavior and improving the system’s response to internal temperature changes, especially when connected to an external monitor and peripherals.
How to get the firmware updates
If you’ve been experiencing any of these issues with your Surface device, then updating your device is simple. In most cases these updates will be deployed as part of the regular patch schedule across your business, but if you need to check and deploy manually, then simply head over to Windows Update and download and install any pending updates for your device.
Windows OS and Surface firmware updates are essential for maintaining the performance and reliability of your Surface devices even if you are not experiencing any of the issues above.
I run a monthly fireside chat panel discussion with IT and Business leaders from a handful of our Cisilion customers. Today, we talked about the outage and reflected on if, can and what we, the industry and our vendors need to do to minimise/prevent this vast impact happening again.
If you missed the "show" - you can watch it below.
September 2024 – Cisilion Fireside Chat
In our September 2024, fireside chat, our panel and I delved into the significant impact and lessons that can be learned from the CrowdStrike outage in July which is estimated to have cost more than $10B US and affected more than 8.5 million Windows devices when CrowdStrike distributed a faulty configuration update for its Falcon sensor software running on Windows PCs and servers.
This update featured a “modification” to a configuration file which was responsible for screening named pipes [Channel File 291]. The faulty update caused an out-of-bounds memory read in the Windows sensor client that resulted in an invalid page fault. The update caused machines to either enter into a bootloop or boot into recovery mode.
Today’s fireside chat conversation covered a range of topics, from the immediate effects of the outage to long-term strategies for enhancing cybersecurity resilience.
The Immediate Impact of the CrowdStrike Outage
The panel began by addressing the widespread disruption caused by the CrowdStrike outage. We discussed the outage’s extensive reach, affecting millions of devices and various sectors, including healthcare, finance, and transportation. In my intro to the episode, I mentioned that “It was really hard to believe…such a small relatively trivial and small update could impact so many people, devices and organisations“. This set the stage for a deeper exploration of the outage’s implications on cybersecurity practices.
As we kicked off, I praised the collaboration between Microsoft and CrowdStrike in addressing the outage. He mentioned that despite initial blame-shifting in the media, there was a concerted effort to resolve the issue, showcasing the importance of vendor cooperation in crisis management. The panel in short didn’t think there was much more Microsoft could have done – the key was updates and openness which is so critical in a global issue like this – as people and businesses need updates and answers as well as help in restoring systems which both Microsoft and CrowdStrike did in drones.
Vendor Reliance and Preparedness
Ken Dickie(Chief Information and Transformation Officer at Leathwaite), emphasised the importance of incident management and the worlds’ reliance on third-party and cloud providers. He shared his insights into the challenges of controlling the fix and the revelation of technology’s utility nature to leadership teams stating that it can be hard to explain to “IT” on “how little control we had over the actual fix“. Matthew Wallbridge(Chief Digital and Information Officer at Hillingdon Council) echoed the sentiment, stressing the need for preparedness and the role of people in cybersecurity, stating, “It’s less about the technology, it’s more about people.”
Supply Chain Risks
Matthew raised concerns about supply chain risks, highlighting recent attacks on media and the need for better understanding and mitigation strategies. This part of the discussion underscored the interconnected nature of cybersecurity and the potential vulnerabilities within the supply chain.
GoherMohammed (Group Head of InfoSec at L&Q Group.) mentioned the impact on their ITSM due to vendor reliance in the supply chain, which degraded their service, emphasising the need for resilience and contingency plans. This led to further discussions about how important understanding the importance of the Supply Chain validation is in our security and disaster recovery planning and co-ordination. Matt talked frequently about “control the controllable” but ask the right questions to the ones (vendors) you can’t control. Goher said that whilst L&Q were not directly affected, they did experience “degraded service due to supply chain impacts“, emphasising the need for resilience and contingency plans and review of that of their supply chain(s).
Resilience and Disaster Recovery Planning
The conversation then shifted to strategies for enhancing resilience. Here I discussed how we at Cisilion are revisiting our own disaster recovery plans to include scenarios like the Crowdstrike outage.
We discussed a lot about the cost of resilience and that there is a “limit” to what you can mitigate against before the cost skyrockets out of control with very little reduction in risk. It was agreed there are many things that can’t “easily” be mitigated in this particular scenario, but that we can be better prepared.
The panel talked about various strategies that “could be considered” including recovering to “on-prem”, re-visiting the considerations around multi-cloud strategies and the potential benefits of edge computing in mitigating risks associated with device reliance.
We also discussed whether leveraging technologies such as Cloud PCs, and Virtual Desktops have a part to play in recovery and preparation as well as whether using Bring Your Own Devices would/could/should be a bigger part of our IT and desktop strategy, along with, of course SASE technology to secure access.
Goher advised “do a real audit, understand the most critical assets, the impact they have further down the line and whether there is more that can be done to mitigate against outage/failure/issue“. This led us into an interesting side discussion around Secure Access Service Edge (SASE) – emphasising the “importance of not relying on trusted devices alone”.
The Human Aspect of IT Incidents
David Maskell (Head of IT and Information Security at Thatcham Research) brought a crucial perspective to the discussion, focusing on the human aspect of IT incidents. He reminded the audience of the importance of supporting IT teams during crises, highlighting the stress and pressure they face. The panel agreed with David, all of whom emphasised the importance of ensuring teams are looked after, highlighting the human aspect of managing IT incidents especially when things are not directly controllable (such with Cloud outages) and the need for good, solid communications to the business.
Ken also reflected on leadership’s reaction to the outage, emphasising the “gap in understanding the reliance on technology” that many business leaders (especially those not from a techy background) have”. The days of “it’s with IT to fix” are clearly not as simple as they once were!
Conclusion: The Path Forward
As we concluded the discussion, the panel dwelled over the lessons and tips to offer viewers, each other and the industry.
In general the guidance acoss the panel were around
The importance of regular security reviews, external audits, and business continuity testing.
The need to adopt a proactive stance around cyber security and technology outages, ensuring that their teams are prepared (they run testing and attack/outage simulations).
Ask more questions of your supply chains – they may be your weakest link. Are they secure, and are their recovery plans robust?
Map your critical systems and know the impact on an outage – what is the continuity plan – if devices are affected, how can people access your technology – look at Cloud PCs (such as Windows 365), can you support the use of personal devices (look at SASE technologies such as Cisco Secure Connect)
Review your technology dependencies. It’s not necessarily about multi-vendor but this might be a consideration – even for backup.
In summary, the CrowdStrike outage serves as a stark reminder of the vulnerabilities inherent in our reliance on technology and the critical need for comprehensive cybersecurity strategies.
Back in May, Microsoft unveiled the next generation of PCs with the Copilot + PC which was released for consumers. Today (4th September 2024), Microsoft has once again set a new benchmark with the introduction of Copilot+ PCs for Business users.
Like their consumer counter parts, these next generation “AI devices”, which include the Surface Pro 11th Edition and Surface Laptop 7th Edition, are designed to revolutionise productivity and creativity in the business world. Copilot+ PCs are also shipping from other OEMs such as Dell, Lenovo, Acer, HP etc.
Copilot+ PCs are equipped with the most powerful Neural Processing Units (NPUs) available for Windows PCs, delivering blazing-fast processing power. This allows businesses users to handle the toughest tasks with ease, up to 90% faster than previous models. The integration of advanced AI features, such as live captions and real-time translations, ensures that your team can work smarter and more efficiently.
This blog, re-dives into the main differences between Copilot+ PCs and “non-Copilot PCs”, the improvements over previous models, and why these advancements are crucial for businesses and aims to answer the “why now” questions.
Non-Copilot PCs: Traditional PCs rely more on cloud-based AI processing (since they did not have NPUs), or required the CPU to do the grunt work, which can slow down performance and is dependent on internet connectivity.
Non-Copilot PCs: While still powerful, these devices do not benefit from the same level of AI optimisation and processing efficiency, due to lack of NPU which are key for efficient processing of AI workloads.
Non-Copilot PCs: Typically rely on Wi-Fi or wired connections, which may not offer the same level of mobility and security.
Power, Performance, Productivity
This is the “why now” for Copilot+ PCs. More than just a device refresh, this new class of devices brings exceptional performance, never seen before battery life and the fastest application performance on Windows to date.
Built around the user – Surface Copilot+ PCs provide a seamless and intuitive experience. These devices come with features like adaptive colour, optional OLED and HDR displays, and a flexible kickstand (Surface Pro) making them adaptable to any work environment. The all-day battery life (up to 22 hrs) ensures that your people stay productive without frequent interruptions.
Security: Copilot+ PCs come with advanced security features, including the Microsoft Pluton security processor and Windows Hello biometric authentication. Together these provide robust protection against both physical and digital threats and work seemlessly with your device management tools such as Intune. This comprehensive security framework ensures that your data remains safe and easily managed across the organisation. These enhanced security measures in Copilot+ PCs provide a higher level of protection, making them a more secure choice for businesses handling sensitive data.
Future Proofed Investment : As businesses increasingly turn to AI to innovate, having the right hardware is crucial. Surface Copilot+ PCs are built to scale and adapt as AI capabilities evolve, ensuring that your investment remains relevant and valuable. These devices support local development and execution of AI models, providing the agility needed to stay competitive.
What SKUs are available?
As discussed, there are two standout devices – Laptop 7, Pro 11 and the Surface Pro 5G. Here are the key specs and features from a hardware perspective to note:
Surface Laptop 7
Launch Date: 12th September 2024
Size Options: 13.5″ and 15″
Processors: Snapdragon® X Plus / Snapdragon® X Elite
NPU: Qualcomm® Hexagon™ (45 TOPs)
Graphics: Qualcomm® Adreno™ GPU
Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
NFC – Allows use of the built-in NFC reader to sign in with an NFC security key.
Copilot Key: Yes – for quick access to Copilot in Windows 11
Surface Pro 11
Launch Date: 12th September 2024
Processors: Snapdragon® X Plus / Snapdragon® X Elite
NPU: Qualcomm® Hexagon™ (45 TOPs)
Graphics: Qualcomm® Adreno™ GPU
Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
NFC – Allows use of the built-in NFC reader to sign in with an NFC security key.
Copilot Key: Yes – for quick access to Copilot in Windows 11
Options: New flex Premium keyboard designed to be used either attached to your Pro for the ultimate laptop set-up or detached as a standalone keyboard for a new level of flexibility.
New Surface Pro 5G
Launch Date: October 2024
CPU Options: Available with Intel I5/I7 and Snapdragon X Plus / Snapdragon® X Elite
NPU: Qualcomm® Hexagon™ (45 TOPs)/ Intel AI boost
Graphics: Qualcomm® Adreno™ GPU / Intel graphics
Copilot key: Key – for quick access to Copilot in Windows 11
Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
NFC– Allows use the built-in NFC reader to sign in with an NFC security key.
Conclusion
Surface Copilot+ PCs stand out due to their advanced AI integration and superior performance. Unlike non-Copilot+ PCs, which may lack dedicated NPUs, Copilot+ PCs offer specialised hardware designed to handle AI tasks efficiently. This results in faster processing times and more accurate AI-driven features.
Video (c) Microsoft
Surface Copilot+ PCs are not just another piece of hardware; they are a strategic investment in your business’s future. By equipping your team with these advanced devices, you can unlock new levels of productivity, security, and innovation, positioning your business for success in an AI-driven world.
As we wait for the big 24H2 update due this autumn, Microsoft has quietly rolled out an optional update (going by the name KB5041587) for Windows 11, bringing a host of improvements and new features.
While this update is not mandatory, it does offer several enhancements that make it worth installing (especially if you have a PC powered by an AMD CPU).
Overall, the KB5041587 update for Windows 11 brings a range of valuable enhancements for users who frequently share files with Android devices, includes improvements to Narrator, voice typing, and File Explorer.
Here’s a breakdown of what this update entails and why you might want to install it.
Performance Boosts for AMD CPUs
One of the most notable improvements in the KB5041587 update is the performance boost for AMD’s latest CPUs. Users with Ryzen 5000, 7000, and 9000 series processors with up to a 13 percent increase in performance.
This enhancement addresses the previously disappointing performance of these CPUs, making it a significant update for AMD users.
Enhanced File Sharing with Android Devices
This update introduces a new feature that allows users to send files directly to an Android phone via Windows Share.
Unlike Nearby Sharing, the Android device does not need to be in close proximity to the PC. Instead, it just needs to be paired via Phone Link.
This feature simplifies the process of transferring photos and documents, making it more convenient and efficient.
Improvements to Narrator and Voice Typing
Windows 11’s Narrator feature, which reads out loud the contents of documents and websites, has received improvements in speed and accuracy.
These enhancements are particularly noticeable when using the Edge browser and reading large documents.
Additionally, voice typing has been optimized to allow for faster spelling of characters and more commands for text manipulation.
Bug Fixes in File Explorer
Several bugs in File Explorer have been addressed in this update. Issues such as the Ctrl + F keyboard shortcut not starting a search and the Shift + Tab shortcut losing keyboard focus have been fixed.
These fixes contribute to a smoother and more reliable user experience when navigating and managing files.
Installing the update
Unlike the regular security and fix updates, the KB5041587 update must be manually installed.
If you wish to install this one, you will need to navigate to Settings > Windows Update and select the update for installation. This manual process ensures that users have control over whether they want to incorporate these new features and fixes.
Qualcomm’s Snapdragon X series processors are specifically crafted for PCs, particularly Windows on Arm and Copilot Plus PCs available from HP, Dell, Lenovo, Acer and of course Microsoft Surface. The processors inside these latest generation of devices, integrate the renowned Snapdragon technology from premium smartphones with the demanding performance needs of the PC domain. The goal is to deliver a processor that competes with Intel and Apple in terms of performance, while also offering the energy efficiency typical of smartphones and providing cutting edge NPU performance to power existing and upcoming AI powered applications.
Arm vs Intel: The Copilot Plus PC Revolution
Copilot Plus PCs, like the Surface Laptop 7 are powered by these Snapdragon X Arm chips. The fundamental components shared by all Snapdragon X series chips include Qualcomm’s custom Arm-based Oryon CPU, rather than Intel’s x86, an enhanced version of their Adreno GPU (derived from their mobile devices), the Hexagon NPU for on-chip AI capabilities, and cutting-edge networking technology supporting the latest Wi-Fi 6 & 7 and 5G standards.
On the software front, Microsoft offers an emulation layer within Windows on Arm (WoA) to facilitate the running of x64 applications not yet native to Arm processors. Notably, there is an extensive collection of native Arm applications from Microsoft, Adobe, and other prominent developers.
About the Snapdragon X chipset options
Snapdragon X comes in two major flavours. The X Elite, which powers the first wave of top-tier Copilot Plus PCs, and the X Plus, destined for the more affordable range of Copilot Plus PCs (You’ll see most vendors providing options for both).
Today, Qualcomm has a total of four different Snapdragon X SKUs – three under the X Elite branding and one more affordable X Plus unit. You can see the subtle differences below, with the main differentiator being CPU cores and performance.
All current Snapdragon X models boast a remarkable 45TOPS Neural Processing Unit (NPU), which means they are all equipped to handle the same AI features. An NPU enhances the traditional CPU by adding machine learning (AI) specific computational abilities. An NPU is not only faster but also more energy efficient. This offloads work from the CPU, allowing the NPU to manage AI tasks, similar to how a GPU handles graphics-intensive tasks.
Snapdragon X Elite
12 Oryon CPU cores
Clock speeds up to 4.2Ghz
4.6 TFLOPS GPU (Graphic Processing Unit)
45 TOPS NPU (Neural Processing Unit)
Snapdragon X Plus
10 Oryon CPU cores.
Clock speeds up to 3.4Ghz
3.6 TFLOPS GPU
45TOPS NPU
What about the new Surface Line up?
Snapdragon X offers competitive performance against not just Intel’s latest chips, but also against the Apple M3 and M4. The real star though (not a fan of just CPU benchmarks personally), is that battery life is simply incredible compared to previous generations of devices with initial testing and reports (from others such as here and here) showing these devices comfortably exceeding the demands of a busy workday, positioning these laptops as genuine contenders to the MacBook (which has always somehow always won for battery life). Running emulated x86 apps under emulation will (and does) run the CPU harder which will in turn impact battery life.
This next generation of AI powered PCs sch as Surface Laptop 7 and Surface Pro 10 are two such devices offering superior power, power efficiency and extreeeeeeemley long batter life.
Battery Life Wins
That said, tests by PC Magazine, revealed a result of almost 25 hours usage – making “Surface Laptop one of the longest-latest laptops we’ve ever tested on battery“. In comparison a 13-inch MacBook Air lasted “just” 21 hours and 38 minutes in their testing.
Surface Pro 10 and Surface Laptop 7 are the the first Copilot+ PC which feature these new Snapdragon X Elite and Snapdragon X Pro processors.
PC Magazine said in their comprehensive hands-on review of Surface Laptop 7 that
“…this is easily the best Arm chip we’ve tested yet in a PC. The CPU and GPU performance are there and deliver at least competitive benchmark numbers relative to current-gen Intel and AMD offerings in the early going. Qualcomm is to be commended for that.” | PC Magazine
What is your view on these Copilot Plus PCs? Have you got one yet – what are your first impressions?
Microsoft is reviewing their options and looking to push for significant changes to their Windows security architecture in the after math of the major outage caused by a “faulty” CrowdStrike update last a couple of week back. The impact of the faulty update, is thought to have afftected around 8.5 million Windows devices and services when the faulty update caused Windows devices to reboot and enter their protected recovery mode.
Microsoft acknowledges the inherent ‘tradeoff’ kernel-level cybersecurity solutions pose and confirms the root cause of the global outage.
This has prompted Microsoft to reassess the level of control that third party security vendors have over the deepest parts of their operating system and they are considering limiting kernel- level access for these vendors.
“This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience“. | John Cable | Microsoft see blog post,
Time to bring control back?
John Cable, Microsoft’s VP of program management for Windows servicing and delivery, discussed passionately their viewpoint in a blog post named “Windows resiliency: Best practices and the path forward.” In this post, he emphasised the need for “end-to-end resilience” and discussed potential changes Microsoft are reviewing that could mean restricting kernel access for third party security vendors such as CrowdStrike.
Snipit from John Cable’s blog post | July 2024
The CrowdStrike update bug, which resulted in widespread system crashes, has clearly highlighted the risks associated with allowing third-party security apps and services to operate at the kernel level – a new approach is needed.
Privileged access, though advantageous for detecting threats, can result in disastrous failures if mishandled. Microsoft is investigating alternatives that circumvent future kernel access issues, including VBS enclaves and the Azure Attestation service. Employing Zero Trust methodologies, these solutions aim to bolster security without incurring the dangers inherent in kernel-level operations.
Why do Microsoft let third parties access the kernel?
In short, they dont have much choice (see below).
While Microsoft may be looking to further restrict access to its Windows kernel going forward, they have used this event to explain why third-parties antivirus and security vendors to access the “core of Windows” the first place.
The Windows kernel is a deep layer of its operating system. Kernel-level cybersecurity lets developers do more to protect machines, can perform better, and can be harder for threat actors to alter or disable.
When a kernel-level cybersecurity solution loads at the earliest possible time, it gives users (and companies) the most data and context possible when threats arise and also ensures protection can kick in at the earliest stage of the Operating Systems boot up stage rather than waiting for the OS to load and then running as a normal system process.
The EU may prevent changes over anti-trust claims
Whilst this makes common sense to most, after all why shouldn’t Microsoft be able to restrict access to ensure stability of an operating system used by more than a billion users, their push for change is likley to face resistance from both cybersecurity vendors and regulators.
Back in 2006, Microsoft tried to restrict kernel access around the release of Windows Vista, but was met with opposition and a ruling that preventing them doing this, citing anti compete. In contrast, however, Apple successfully managed to lock down their kernel level access in macOS in 2020. The market for Windows software is of course far larger than Apple’s MacOS and Microsoft is an open platform for developers to build upon so any changes will need to be done in a way that make this possible without preventing developers software doing what they are supposed to do!
Microsoft has attributed part of the CrowdStrike outage to the 2009 European Union antitrust agreement, which mandates that Microsoft must provide kernel-level access to third-party software vendors. Conversely, Apple started to phase out kernel extensions in macOS in 2020, encouraging software vendors to adopt the “system extension framework” due to its reliability and security advantages.
It is not the first and wont be the last time either that the EU have played the anti-trust card. Microsoft has recently had to decouple Teams from Microsoft 365 as a response to competitors such as Zoom citing Mcirosoft have an unfair advantage. They have had recent claims against them with Internet Explorer and Edge.
Zero Trust Kernel Protection mayt be the way forward
The blog post indicates that Microsoft is not proposing a complete shutdown of access to the Windows kernel. Rather, it highlights alternatives like the newly introduced VBS enclaves, which offer an isolated computing environment that doesn’t necessitate kernel mode drivers for tamper resistance.
“These examples use modern Zero Trust approaches and show what can be done to encourage development practices that do not rely on kernel access…We will continue to develop these capabilities, harden our platform, and do even more to improve the resiliency of the Windows ecosystem, working openly and collaboratively with the broad security community vendors”. John Cable | MicrosoftWindows VP
Trade off between “anti-compete” and stability.
Microsoft acknowledges that the tradeoff of kernel-level cybersecurity products is that if it glitches out, it can’t be easily fixed, saying in their blog that. “all code operating at kernel level requires extensive validation because it cannot fail and restart like a normal user application.”
As such companies have to demonstrate strict quality and testing controls over their software. The CrowdStrike issue occurred since this wasn’t a new product but” simply” and software patch by CrowdStrike that… well, went wrong.
Microsoft can’t vet every patch and every update released by their “trusted” ISVs/third parties, especially when it comes to security updates which these security vendors need to roll out requently.
“There is a tradeoff that security vendors must rationalise when it comes to kernel drivers. Since kernel drivers run at the most trusted level of Windows, where containment and recovery capabilities are by nature constrained, security vendors must carefully balance needs like visibility and tamper resistance with the risk of operating within kernel mode.” | Microsoft
What ever happens – businesses still need to have backup and remediation processed in place.
In response to the CrowdStrike incident, Microsoft deployed over 5,000 support engineers to aid affected organizations and provided continuous updates via the Windows release health dashboard. They rapidly developed recovery tools to assist companies in their recovery efforts, while emphasising the significance of business continuity planning, secure data backups, and the adoption of cloud-native strategies for managing Windows devices to bolster resilience against future incidents.
Further whitepapers and guidance will be released in the coming months and I expect this will lead to Microsoft, and their third party vendors releasing more recovery tools and guidance.
Summary
Microsoft “confirmed that CrowdStrike’s analysis that this was a read-out-of-bounds memory safety error in the CrowdStrike developed CSagent.sys driver,” Microsoft explained in their technical analysis of the crash and why the impact was so huge in a technical paper published last week.
Reviewing the security architecture and access to the kernel is definately needed, but their approach and desire to prevent future issues with third party glitches will likley be at the brunt of complaints from third party security vendors and the EU anti-compete regulators.
Apple “seem” to have a much easier ride when it comes to doing what they want – they say “jump” and developers say “how high”. Microsoft repeatedly have to “please” regulators far more – this recent huge global impact, may work in Microsoft’s favour however, to bring some control and governance in the name of system and business stability which I am sure will get the backing of everyone and every organisation impacted.
One thing is for certain -Microsoft wont take this sitting down. They will work hard to continue to protect their OS which is run on billions of devices and used by almost all coporations, education and crititical infrastrucutre. Change will happen!
Last month, Microsoft announced the next generation of AI powered PCs from Microsoft and many other OEMs including Acer and Lenovo which leverage the latest Snapdragon ARM chipsets from Qualcomm. I covered this on a previous post here....
Yesterday (June 18th 2024), Microsoft’s own devices (the Surface Laptop 7 and Surface Pro 11) were officially available today to buy and any pre-orders were shipped to customers worldwide 🙂
Microsoft describes Copilot+ PCs as the “most intelligent” Windows PCs ever created. These new processors are capable of performing over 40 trillion operations per second. These PCs also offer long long long battery life and give access to advanced AI tools.
These latest Copilot+ PCs from Microsoft are sleek, lightweight, and elegantly designed to enhance productivity They ship with dedicated NPUs (for processing AI workloads on-chip) and have the longest battery life of any Surface ever.
Microsoft say that the new Surface Laptop and Surface Pro are Copilot+ PCs, are the fastest, most intelligent Windows PCs on the market. They are available in four colour options and start at $999 Estimated Retail Price (ERP) USD on Microsoft.com or at a Microsoft Experience Center (aka store).
What is a Copilot+PCs?
Copilot+ PCs represent a new category of Windows 11 PCs, equipped with a dedicated neural processing unit (NPU), which is a specialised type of processor designed for AI-intensive tasks such as real-time translations and image generation, capable of executing over 40 trillion operations per second (TOPS).
Are Copilot+PC only available from Microsoft?
No. Copilot+PCs are a new generation of PC devices which combined Windows on ARM (WoA) technology, Snagdragon powered chipsets and new updates and features built into Windows.
Other manufacturers are also making Copilot+PCs include (but not limited to).
Copilot+PCs are designed for personal, small business and commercial/enterprise. Devices for Business such as the Surface for Business Range will start shipping in September 2024. More details can be found here.
What can Copilot+PCs do that others cannot?
Microsoft refers to new Copilot+ PC experiences which will be baked in to the next versions of Windows 11 and are advanced AI features unique to Copilot+ PCs that accelerate your productivity and creativity. This will include new AI features such as Recall, Cocreator in Paint, Windows Studio Effects, automatic super resolution and Live Captions.There are many more coming and expect to see new AI powered experiences such as offline Copilot coming to Copilot+PC devices in the future. These features require powerful neural processing units (NPUs) –so will be exclusive to the Copilot+ PC class of devices.
One super cool feature to call out for gamers is the new Auto Super Resolution (Auto SR) feature which integrates smoothly with Windows, automatically boosting the frame rates of existing games in real time and delivering detailed visuals. This feature is said to surpasses the capabilities of standalone PC hardware. Initially, Auto SR will be exclusive to Copilot+ PCs that have a Qualcomm Snapdragon® X Series processor and will support a select list of games available at a third-party open-source site, which Microsoft has provided compatibility data for.
Do I need a special version of Windows 11?
No – all new Copilot+ PCs running a Snapdragon® X Series processor will have Copilot+ PC experiences pre-installed. Microsoft will be continuing to update and enhance the Copilot+ PC experiences, so there will be new Windows Updates coming which will enable new features delivered as part of the usual Windows Update process. Only Copilot+PCs will get the new AI features.
What about devices with the latest AI chips from Intel and AMD ?
Microsoft are partnering with Intel and AMD as well to bring Copilot+ PC experiences to PCs with their processors in the future.
Microsoft also have a real good FAQ section on their website about Copilot+PCs.