Category: Windows 11

Posted on

Windows and Devices – Summary of Ignite Announcements

Introduction

Copilot was very much front and center at Microsoft Ignite last month. However, the Windows ecosystem also had lots of coverage. This includes Windows 11, new devices, Windows 365, and Windows 365 Link. Along with this, Microsoft talked in depth about the importance of the new Windows Security Initiative.

This forms part of the Secure Futures Initiative , a wider efforts to ensure everything access the Microsoft eco-system is secure by design and secure by default.

The Windows Security Intuitive is a comprehensive effort to ensure that Windows remains the most reliable and secure platform on earth. This blog summarise the key Windows and Devices announcements from Ignite 2024.

The Windows Keynote session at Ignite was delivered Pavan Davuluri, Aidan Marcuss, Navjot Virk and David Weston and can be viewed here on demand from Microsoft.

Windows 11 – The Most Secure Windows Ever

Windows 10 is end of life in October 2025, but Windows 11 has been mainstream now since 2021. Windows has always been the platform for innovation, meeting the needs of over a billion customers across enterprise, public sector, education, creators, developers and engineers. With this comes Microsoft’s responsibility to deliver the most reliable and secure platform.



The “CrowdStrike incident” back in July 2024, which impacted 8.5 million devices, was a stark reminder of the need for vigilance and innovation and the need to have better controls in place to protect the core of the Windows OS. “EU policy prevents Microsoft restricting access to its kernel”, but Microsoft have, following the global incident, announced the Windows Resiliency Initiative. This initiative aims at making Windows more reliable and secure for all customers, including those with mission-critical workloads but introducing changes to how both Microsoft and third-parties manage critical workloads and updates within Windows 11.

Changes After the Crowdstrike Incident

In the key note, David Weston shared insights from conversations with hundreds of customers, including CISOs, CIOs, and incident responders. The feedback highlighted the need for easier recovery, stronger resilience of critical security tools, and overall platform security. Microsoft is addressing these needs through the Windows Resilient Security Platform, which allows security product developers to build products outside of kernel mode, reducing complexity and improving recovery.

“In addition to the work we are doing with CISA as part of Microsoft’s Secure Future Initiative, we are heavily investing in safe languages to enhance the safety of our code. This commitment also aligns with CISA’s secure by design pledge. We’re applying this new approach to our security platform and other key areas like Microsoft Surface’s firmware and the Pluton security processor firmware. Part of becoming resilient is also increasing the prevention of attacks, so more security has been built into the operating system and not bolted on later. This reduces complexity and ensures you deploy less software that could become the next failure point. This is why we are targeting the most critical elements of Windows 11.”

David Weston | VP Enterprise and OS Security | Microsoft

Changes in Windows coming…

  • Improving Windows Reliability – with new capabilities to enable security product developers to build their products outside of kernel mode. This is known as the Windows Resilient Security Platform, which provides a flexible security API set and data collection points that can be used to build endpoint security products like detection and response or antivirus outside of the kernel. This change will help end-user protection and antivirus products provide a high level of security and easier recovery, with less impact on Windows in the event of a crash or mistake
  • Quick Machine Recovery – This solution can execute targeted fixes from Windows Update on machines, even when Windows is unable to boot. This will allow for quick deployment of fixes that address files, drivers, or any other operation needed to recover a non-bootable machine.
  • Strengthening Security Tools and Drivers – Microsoft are working with industry-leading security partners and the US Cybersecurity and Infrastructure Security Agency (CISA) to define new ways to increase resilience across the ecosystem. This includes adopting safe deployment practices, conducting additional security and compatibility testing for components like security kernel drivers, and developing strengthened incident response processes for streamlined coordination.
  • Enhancing Identity Protection – To combat the increasing risk and success in cases of sophisticated phishing attacks, Microsoft has hardened Windows Hello, the built-in industry leading multi-factor authentication (MFA) solution. Windows Hello now supports passkeys, which means much of the web can be protected with MFA seamlessly. This enhancement ensures that users no longer need to choose between a simple sign-in and a safe one. This is one step further to help customers remove passwords from their environment.
  • Local Administrator Protection – Microsoft is introducing administrator protection to address the challenge of over-privileged users and applications. With admin protection, everyone (even admins) will have standard user permissions by default and can make Windows system changes, including app installation, only when necessary and after authorising the change using Windows Hello. This reduces the risk of attacks by ensuring that employees, not malware, remain in control of Windows.
  • Deep Collaboration with CISA – Microsoft and the CISA are providing a framework for the IT industry as a whole to ensure that all partners, customers, and organisations can stay ahead of evolving security threats. This collaboration aims to deliver software that is safe, secure, and resilient through secure by design, secure by default, and secure through delivery practices.

These changes and improvements are part of Microsoft’s commitment to making Windows reliable and secure for all customers, including mission-critical workloads. The Windows Resiliency Initiative represents a significant step forward in ensuring that Windows remains the most secure and reliable platform on earth.

Windows 11 – Ease of Migration, Management and Updates

Windows 11 builds on Windows 10 technologies and further simplifies the management and migration process to Windows 11. Windows 11 can be managed with the same tools and processes used for Windows 10, ensuring minimal disruption to the workforce. The compatibility with App Assure guarantees that all apps will work seamlessly on Windows 11.

In contrast, Windows 11 updates are 40% smaller in size, making it easier to stay up to date and reducing impact on users/employees as well as on network bandwidth, disk-space and time.

Windows 10 to Windows 11 – Compatibility with App Assure

App Assure is a key component of the Windows 11 upgrade experience as it was in the Windows 7 to Windows 10 experience. App Assure ensures that all apps are compatible with the new operating system through millions of real life feedback, crash reports and user feedback. This application compatibility is backed by Microsoft’s promise to address any app issues that may arise, providing peace of mind for businesses transitioning to Windows 11. The App Assure portal provides guidance, assurance and clarity of application and application version compatibility.

Updates, Hotfixes, and Autopatch

Windows 11 is introducing several new features to streamline updates and hotfixes.

  • Quick Machine Recovery allows targeted fixes from Windows Update on machines that are unable to boot, ensuring quick recovery during incidents.
  • Windows Hotpatch, available through Autopatch settings in Intune, delivers Patch Tuesday security updates directly to employees seamlessly in the background without requiring a restart, reducing interruptions and speeding up the deployment of security updates.

Windows Hotpatch is one that is super important. By using Windows Hotpatch through Autopatch settings in Intune, Microsoft say that 65% of Patch Tuesday security updates are delivered directly without requiring a restart. This significantly reduces restarts and interruptions, allowing security updates to be deployed 60% faster.

According to Forrester research, moving to Windows 11 delivers an impressive 250% return on investment over three years compared to Windows 10.

Windows Backup for Entra ID

Another exciting new feature announced at Microsoft Ignite is Windows Backup for Entra ID. This feature, available in public preview in early 2025, will help organisations ensure a seamless transition of use settings and preferences when setting up a new PC or performing a traditional reinstall which is typical with OS upgrades in larger enterprises.

With Windows Backup, employees can easily transfer their desktop background, icon size, and other preferences to a new device, ensuring a consistent and familiar experience. This reduces the time spent on setup, allowing employees to be productive faster and significantly reducing IT overhead and help desk calls.

Windows 11 – New devices and un-paralleled performance

Speed and Performance

Windows 11 is designed to deliver superior speed and performance. Bear in mind WIndows 10 is 10 years old and was designed for a pre-pandemic world and a world where AI didn’t touch the end-point.

Newer Windows 11 devices offer double the battery life and more than three times the performance of older Windows 10 devices.

Microsoft’s introduction of Copilot+ PCs and AI-PCs, built for AI workloads, is setting a new new standard for productivity, combining advanced AI inferencing capabilities with top-notch security and performance. Satya said in his key note that all applications will be rebuilt as AI apps and Windows is no different. Microsoft are re-writing their apps and OS for the AI era and simple examples include simple in-box tools like Notepad and Paint that have advanced AI capability.

Leading vendors like Adobe are adding new capabilities in their applications that leverage local NPUs found in new Windows 11 Copillot+ and AI PCs

The New Generation of Devices in Copilot+ PCs

The new generation of devices in Copilot+ PCs is designed to harness the full potential of AI. These devices (again bvery centre stateg at Ignite) come equipped with advanced AI inferencing capabilities, enabling them to handle complex workloads with ease. Their Neural Processors (NPUs) can operate at more than 45 Trillion Operations a Second (TOPS) providing the fastes edge AI processing in the world. The integration of AI into these devices not only enhances productivity but also ensures that security measures are robust and effective.

With features like real-time threat detection and automated responses, Copilot+ PCs provide a secure and efficient environment for businesses and consumers.

The day after Ignite, Microsoft also released Recall and Click-To-Do into public preview for users enrolled on the Windows Insider Programme.

Windows 11 – Sustainability and Windows 365

Modernising isn’t just about cost savings; it’s about the collective responsibility and impact on the global economy, our business and the environment. Microsoft has committed to advancing sustainability, and adopting Windows 11 helps in achieving your company’s sustainability goals.

Microsoft boldly shared that Windows 11 reduces energy use as the “world’s first carbon-aware OS” and offers Energy Saver, increasing energy efficiency by up to 22%.

Microsoft talked about their own devices, Surface which are manufactured using recycled materials and more renewable energy. As an example, Surface enclosures use 100% recycled aluminum alloy and 100% recycled rare earth materials. They also used this time to share existing and new programs to help organisations reduce e-waste with the recycling and refurbishment opportunities available across our ecosystem partners such as Cisilion. There’s a dedicated sustainability site for Surface -> here <-

Microsoft also shared several examples of how organisations can extend the life of (and even breath new life into) older hardware with Windows 365 without sacrificing security protection or experience.

Windows 365 and Windows 365 Link

Microsoft shared how Windows 365 plays can not only play a crucial role in this sustainability effort but also used the opportunity to announce their new dedicated “thin client” device called Windows 365 Link.

Priced at $349 and available from Spring 2025, these dedicated low power, sustainability built devices can provide local compute power but with no IT footprint to securely streams employees full personal Windows 11 desktop with all their apps, content, and settings directly from the Microsoft Cloud.

Windows 365 can run on any device include Web, dedicated devices like Windows 365 Link, and even mobile devices on iOS and Android as well of course as legacy Windows 10 devices and even Windows 11.

The flexibility of Windows 365 allows businesses in any sector and any size to reduce their IT infrastructure and management complexity while providing a consistent and secure experience for employees. Windows 365 is designed to complement your Windows 11 end user computing estate, enabling more endpoints and form factors, and unlocking more value and options for businesses.

Windows 365 is also great for contractors, testing migrations to Windows 11 and also for running secure workloads as well as for education and front line workers.

What have I missed?

There were lots of announcement around Windows and Devices at Ignite. The Windows Security Initiative clearly represents a significant step forward in ensuring that Windows remains the most secure and reliable platform.

With new enhanced security measures, simplified management and migration, seamless compatibility with App Assure, and innovative update mechanisms, Windows 11 is promising to deliver unparalleled speed, performance, security, agility and management.

Links:

Posted on

Recall “Recalled” Again: Microsoft’s Copilot+PC Flagship Feature Faces Further Delays

Recall Recalled again feature image

In a move that has surprised few, Microsoft has once again delayed the rollout of its controversial Recall feature for Copilot AI PCs. Initially planned for a June release to coincide with the new Copilot+PCs launch, Recall was then postponed to October while Microsoft addressed initial concerns around privacy and security.

This week however, Microsoft has yet again delayed this again with testing for Windows Insiders coming (so we are told) in December, which unfortunately falls after Ignite.

Microsoft Recall….

Security Concerns and Refinements

Recall’s primary value is to create a timeline of screenshots that users can scroll through and search. However, early testing revealed by security researchers discovered that the core database storing these screenshots and tagging was not encrypted, posing a massive security risk.

Microsoft have since addressed this by fully encrypting the database and requiring Windows Hello authentication for access.

Microsoft have also confirmed that Recall will now be an opt-in feature, allowing users to completely uninstall it if they choose.

Microsoft’s Cautious Approach

Brandon LeBlanc, senior product manager of Windows, enforced Microsoft’s commitment to delivering a secure and trusted experience with Recall.

Microsoft need to get this right in order to maintain trust with its customer base. He stated that the additional time is necessary to refine the feature before previewing it with Windows Insiders. Despite these assurances, social media shows huge skepticism about whether Microsoft will meet the new December deadline and even if they might scrap the feature all together. This will be a shame, as the value around it looks. Promising and is really ( currently) the one killer reason consumers were looking at when looking at investing in Copilot+ PCs outside of the huge battery life that these Qualcomm Snapdragon Powered devices deliver.

The verge covered this in an exclusive interview

Wider AI privacy concerns

The repeated delays and security issues surrounding Recall highlight broader concerns within the AI industry.

There is a growing perception that companies are rushing to release new features without fully considering the potential consequences.

Microsoft’s cautious approach with Recall is a step in the right direction, but it also underscores the need for more rigorous testing and security measures in AI development.

Will Recall still be exclusive to Copilot+ PCs?

That’s a good question.

When Microsoft announced the Copilot+PC back in June, Recall was the flagship feature and it was unique to the device’s (and kinda stole the show).

Since then AMD and Intel have released their new AI PC chipsets offering similar NPU performance to the Snapdragon chips in Copilot+ PCs like Surface Pro 11 and Surface Laptop 7.

We now have NPU turbocharged PCs with Snapdragon® X Series, AMD Ryzen™ AI 300 Series and Intel® Core™ Ultra 200V Series devices after all.

We don’t know if this will remain an exclusive (I don’t see why it would) and if all the “exclusive AI features” that are part of Windows 11 24H2 will soon be lit up in any decide with a dedicated NPU.

From what I can… It will be supported… But some features are limited to Snapdragon, so we will have to wait and see….

Coming soon then… Or will it?

While the future of Recall still remains uncertain, Microsoft’s efforts to address security concerns and refine the feature are commendable, I just hope they haven’t missed the boat. We’ve already seen Apple quietly move forward with Apple Intelligence (clever) and it’s now embedded in MacOS. Microsoft need to move quick and innovate here to regain confidence and innovative is their mission to empower every person on the planet to achieve more (with their technology)!

Consumers, IT professionals, industry experts and social media will be keenly observing whether the Recall gets the release and value reputation it received back in June, with  a secure and functional version of Recall to define what AI can really do in Windows.

I hope succeeds and brings life to the new AI PCs and Copilot+PCs or of it quietly gets canceled as skeptics seem to think…

Posted on

Windows Hello is getting a much welcomed face-lift

Microsoft is taking a significant step forward in enhancing the Windows Hello experience on Windows 11. This overhaul, now in beta testing for Windows Insiders will bring a more intuitive and visually appealing interface for both facial, passkeys and fingerprint recognition.

New Windows Hello experience on Windows 11

Cleaner, More Intuitive UI

The revamped Windows Hello UI is designed to streamline the authentication process. Users will notice new iconography and visual changes that make switching between authentication options more intuitive. Whether you’re logging into your device or using passkeys for websites and apps, the experience is now more seamless and user-friendly.

Enhanced Passkey Integration

One of the standout features of this update is the improved passkey integration.

New passkey process in testing on Windows 11

Previously, using passkeys from a mobile device involved scanning QR codes and navigating an outdated UI. The new system simplifies this process, allowing for quicker and more secure authentication. Additionally, Microsoft has also introduced a new API for third-party password and passkey managers, enabling developers to integrate directly with the Windows Hello experience.

Future-Proofing Authentication

This update is not just about aesthetics; it’s about future-proofing authentication on Windows 11.

By supporting passkeys from mobile devices and enabling synchronization with third-party apps, Microsoft is ensuring that users have a secure and efficient way to manage their credentials and also allows them to be seemlessly and securely added to your Microsoft Account.

We redesigned Windows security credential user experiences for passkey creating a cleaner experience that supports secured and quick authentication.. Users will now be able to switch between authentication options and select passkey / devices more intuitively.

Microsoft Windows Team

Microsoft Windows team talk more about in their recent Windows Insider Blog.

Availability and Rollout

Currently available to Windows Insiders in the beta channel, and will hopefully hit testers on the other Insider channels soon. This new Windows Hello experience is expected to roll out to all Windows 11 users in the coming months.

Are you looking forward to seeing new Windows Hello UI?

Posted on

The Cost of Not Migrating to Windows 11

As Microsoft prepares to end support for Windows 10 on October 14, 2025, users have a critical decision to make. They must either migrate to Windows 11 or pay for extended security updates (ESU). Microsoft will offer distinct options for consumer (home) customers. They will also offer options for commercial customers who want or need to continue using Windows 10 after this date.

Consumer Pricing for ESU

We know that commercial enterprises were going to have the “cost” option of paying for extended updates while they “complete” they migration / move to Windows 11, but in the first time in history, Microsoft have also announced that consumers can will also have the option to purchase a single year of Extended Security Updates (ESU) for a one off $30 (£25) cost.

Commercial Pricing for ESU

Pricing to commercial customers will be based on tiered pricing options with pricing set-out at

  • $61 per device per year for the first year
  • $122 per device for the second year, and
  • $244 per device for the third year.

Organisations needed or wishing to pay for ESU for their devices for 3 years will therefore incur costs of $427 per device.

Extended Security Updates: A Temporary Solution

Microsoft’s ESU program will provide a lifeline in helping any organisation or consumer unable or unwilling to upgrade to Windows 11 before October 14th, 2025, (when Windows 10 enters end of support).

Bear in mind though that these ESU updates are just security and zero-day updates. There will be no new features, bug fixes, or technical support included.

These are, of course, optional, but there are huge risks for continuing to use Windows 10 devices without protection from security exploits or newly discovered vulnerabilities.

This is especially true for commercial organisations. They lack protection from security and vulnerability updates.

The Risks of Running an Unsupported OS

Running an operating system without security updates poses significant risks, both for consumers and businesses including:

  • Increased Vulnerability to Cyber Attacks: Without regular security patches, systems become prime targets for hackers. Vulnerabilities that are discovered post-support will remain unpatched, leaving systems exposed to malware, ransomware, and other cyber threats.
  • Compliance Issues: For businesses, using unsupported software can lead to non-compliance with industry regulations. It can also lead to non-compliance with standards. This may result in hefty fines and legal repercussions. This can also affect security certifications. These include Cyber Security and Cyber Security Plus. It also impacts trust from customers and business partners.
  • Operational Disruptions: Security breaches can cause significant downtime, disrupting business operations and leading to financial losses. For consumers, this could mean losing access to important personal data and services.
  • Higher Long-Term Costs: While the initial cost of ESU might seem manageable, the long-term financial impact of a security breach can be devastating.

The best approach is to start planning the move to Windows 11 now. There are just over eleven months to do this. For consumers, this could mean upgrading. It could also mean replacing their devices with ones capable of running Windows 11. Windows 11 was released and started shipping on new devices in 2021.

Will my device run Windows 11?

Microsoft have a useful website which show the minimum system specifications for Windows 11 which you can access –> here <-

In reality any device newer that 4-5 years old should have no problem running Windows 11, , but in short, you need a device with at least:

  • Processor: 1 GHz or faster and min of 2 core.
  • RAM: 4 GB or more.
  • Storage: 64 GB or larger storage device / HDD / SDRAM – you’ll much more in reality.
  • System Firmware: UEFI, Secure Boot capable.
  • TPM: Trusted Platform Module (TPM) version 2.0. (this is important)
  • Graphics Card: Compatible with DirectX 12 or later with WDDM 2.0 driver.
  • Display: High definition (720p) – must be greater than 9” diagonally.

Tools to check compatibility

Another really easy way to check your device (if you are a consumer of want to check a couple of devices) is to the use the PC HealthCheck App. This can be downloaded from https://aka.ms/GetPCHealthCheckApp if it’s not already installed on your Windows 10 device.

When you run the tool, you get one of three outcomes. If you device passes, you’ll see a “meets requirements” message, and if it fails, you’ll receive a “doesn’t currently meet”. Coprate devices may see a message stating that “your organisation manages updates” and as such check with IT department (though I suspect they are already on it!)

Commercial Customers IT departments can easily check Windows 11 eligibility using Microsoft Intune or System Centre.

Conclusion

The decision to stick with Windows 10 and not migrate to Windows 11 should not be taken lightly. While ESU provides a temporary solution, the risks associated with running an unsupported OS far outweigh the benefits.

The risks of not updating (or paying for extended security updates) are too high. It is only acceptable if your device is never connected to the internet. Additionally, you should avoid using external sources such as USB devices.

Upgrading to Windows 11 ensures continued security. It also provides access to the latest features and support. This makes it a wise investment for both consumers and businesses.

Q&A

  1. What about my anti-virus applications? In reality these will still work as will any application you are running on your machine. You will need to check with the antivirus provider to check that they will still support Windows 10, but as long as they do and you pay the subscription to them, it shouldn’t impact these anti-virus signature updates.
  2. What about other software like Office Apps? Well Office 2016 and Office 2019 also go end of support in October 2025. You’ll need to upgrade these too if you want to get feature updates and security updates and fixes. You will likely find other software vendors like Adobe will also stop supporting Windows 10 (as many did with Windows 7). You’ll need to check with the software provider.
  3. Can I upgrade the hardware in my device to get compliant? That is also an option. After running the compatibility checker, you may find that upgrading your hard drive, adding more memory or swapping other components may “get your device compliant”. In most cases this isn’t cost effective.

Posted on

AI-PCs vs Copilot+ PCs: Understanding the Difference

As technology advances, the distinction between AI-PCs and Copilot+ PCs becomes increasingly important. Both types of devices leverage dedicated AI chip sets to enhance the user experience. They support new and upcoming software features. These devices prepare us for the continual wave of AI innovation. Under the name, what are the differences between the specifications and ability of these two types of “next generation” devices?

This blog aims to summarize the similarities and differences between the AI-PC, as dubbed by Intel. It also discusses the Copilot + range of PCs powered by Snapdragon ARM based chip sets.

The AI-PC

AI-PCs, like the Microsoft Surface Laptop 6, are powered by Intel chipsets and are the first of their next generation of personal computers designed to handle complex AI tasks efficiently. These PCs are equipped with Intel Core Ultra processors which also include a dedicated Neural Processing Unit (NPU), which accelerates AI and machine learning workloads directly on the device, providing up to 10 TOPS (Trillion Operations Per Second) of AI performance.

This means faster performance for tasks like real-time language translation, image creation, and enhanced multimedia experiences such as object removal, blur and audio isolation without relying heavily on cloud services or throttling the PCs CPU.

For the average user, this translates to a smoother, more responsive computing experience with smarter features. For IT professionals, it means robust performance for data-intensive applications and improved security through local processing and devices which will perform in a more unified way without “subtle” tasks like back-ground blur in video calls, hammering the CPU or consuming more internet bandwidth.

The Copilot + PC

Copilot+ PCs represent the pinnacle of AI-enhanced computing, designed to deliver unparalleled performance and support for AI-infused applications and extensions. These PCs are powered by Qualcomm’s Snapdragon X Series processors. They feature a turbocharged Neural Processing Uni (NPU). This NPU is capable of performing over 40 trillion operations per second (TOPS). This advanced hardware allows real-time AI functionalities. These include language translation, image generation, and intelligent task management directly on the device. For the average user, this means a seamless, responsive experience with smarter, more intuitive features. For IT pro’s Copilot+ PCs provide more robust performance for data-intensive and AI applications. They enhance security through local processing.

This can also reduce reliance on cloud services with the ability run “some” AI workloads locally depending on what has been coded of course by the software vendor. Examples of this might be background blur which as trivial as it may sound it network and compute intensive and can be performed on an NPU far better and with far less compute power.. This combination of powerful hardware and specialized software makes Copilot+ PCs a significant change in both personal and professional settings.

Copilot+ PCs, on the other hand, take this AI integration a step further. Some examples are the recently released Surface Laptop 7 and Surface Pro 11 devices from Microsoft. There are also devices from all other major manufacturers. These devices feature powerful and dedicated NPUs. They also come with Windows 11 – Copilot “exclusive” software and services enabled. These devices need Copilot+PCs to use them.

Interactions like “click-to-do” and Microsoft’s Recall leverage the advanced NPU’s capabilities. They provide enhanced AI features directly on the device. These interactions reduce CPU and GPU workloads. They allow local AI compute, which will in the long term support local language models.

These devices are powered by Qualcomm’s Snapdragon X series chips, which offer at least 45 TOPS of AI performance. This provides advanced functionalities such as real-time language translation and intelligent task management. It also enables more efficient multitasking. All of these features are included in the Windows 11 24H2 update.

Despite the differences, both AI-PCs and Copilot+ PCs bring enhanced performance for handling AI workloads. These devices provide a more integrated and advanced AI experience, thanks to the combination of powerful hardware and specialised software. At the time of writing the Copilot+ PC range deliver more AI-grunt than AI-PCs. However, the Intel-based AI-PCs will likely be more adopted by large enterprise organisations. These organisations still need to run older legacy applications. These applications have not yet been compiled to run on Windows on Arm (WoA). WoA is needed for Copilot+ PCs which are built on ARM chipsets and not Intel.

Spotting the Difference

The subtle differences between AI PCs and Copilot+ PCs. As endpoint technology continues to evolve, the gaps will most likely close. The 2025 edition of these technologies will continue to evolve. There is also new AI “optimised” PCs from AMD but I have not reviewed these here.

The main way to spot a Copilot+ PC or AI-PC vs an older generation device is the presence of a dedicated “Copilot key”.

The list below highlights the key things found on Copilot + PCs

  • AI Integration: Copilot+ PCs (currently) offer a more integrated AI experience. They include specialised software and features designed to enhance productivity. On the other hand, AI-PCs provide general AI capabilities without the specialized software. Copilot+ PCs are needed to run new Windows features like recall and Click-To-Do.
  • Dedicated AI Key: Copilot+ PCs include a dedicated Copilot key for quick access to AI-powered assistance. This key is not available in “some” AI-PCs. Older generation PCs also lack this feature.
  • Connectivity: Some Copilot+ PCs feature advanced connectivity options. These options include 5G, which is not typically found in AI-PCs or older generation devices.
  • Exclusive Software Features: Copilot+ PCs come with enhanced productivity tools like Recall and Click-To-Do. They also include other third-party features from Adobe, for example.

Conclusion

These new generation of AI-PCs and Copilot+ PCs bring more than just an annual chip set refresh. They are the ennoblement for the current and next wave of creativity. They drive productivity and innovation with the increasing number of AI-powered or AI-enhanced applications.

As always, Surface sets the standard – with their innovative anti reflective and HDR display technology, elegant and sleek design, sustainable and repairable design and unique features like the versatile kickstand along with fluidity of the Slim Pen 2 on Surface Pro, they empower users to achieve more and create without limits.

Posted on

Windows 365 could be your saviour in the move from Windows 10 to Windows 11

Using Cloud PCs, like Windows 365, could be a strategic move as you plan and migrate from Windows 10 to Windows 11 (which you need to do by October 14th, 2025, if you want to avoid paying for Extended Support Updates (ESU).

Here I discuss a use of Windows 365 as a way to delay the migration to Windows 11, whilst also. Enhancing the migration readienaa, testing and user experience in the Shift to Windows 11 as well as, of course the other benefits that Cloud technology can bring to businesses of all sizes, geographies and sectors.

Why Windows 365?

Windows 365 is a cloud-based service that brings the power and security of a Windows operating system to any device including mobile devices and some modern smart TVs.

Windows 365 streams a full (dedicated) Windows desktop from the cloud, providing highest levels of security, application compatibility and bandwidth optimisation.

It allows users to access their desktop and personalised settings, apps, and data from anywhere with an internet connection and without the need for VPN (though access over VPN or secure remote access is supported).

Image (c) Microsoft

This flexibility makes it an alternative choice for using legacy or older hardware. It is also ideal for bring your own device scenarios and contractors.

Additionally, it supports testing and dual running different operating systems. Benefits around flexibility and accessibility are huge for both users and IT.

Flexibility and Accessibility

  1. Device Independence: Windows 365 lets users access your Windows environment from any device. This includes a PC, tablet, smartphone, and even some smart TVs. This means helps support you can continue using older hardware while still benefiting from the latest Windows 11 features. BYOPC (Bring Your Own PC) is also a key use case.
  2. Secure Remote Work Enablement: Windows 365, helps support hybrid and remote work models. Employees can access their Cloud PCs from anywhere, ensuring productivity and continuity and secure remote access which levergage key Microsoft zero trust security principles include password less, MFA and risk based conditional access.

Management is also super simple with Cloud PC with everything managed from Intune. This includes.

Simplified Management and deployment.

  1. Centralised Management: Windows 365 integrates with Microsoft’s Endpoint Management service (Intune). IT administrators can manage all devices and Cloud PCs from a single console. This simplifies updates, security policies, and compliance management. Cloud PCs can also leverage update technologies such as Windows AutoPatch. For more complex deployments or mixed AVD, Citrix and Windows365 you can also use third party tools such as Nerdio.
  2. Fast Onboarding: Employees (new and existing) can be onboarded quickly by provisioning Cloud PCs within minutes. This reduces the time and effort needed to set up new devices. They can also be accessed across multiple devices for maximum flexibility and agility…
  3. Seamless OS Switching – Windows 365 includes Windows 365 Switch. This feature allows users to easily switch between a local PC and a Cloud PC. Users can be assigned multiple Cloud PCs, for example Windows 10 and Windows 11. This setup is great for testing and learning a new OS like Windows 11.

As you’d imagine, Security is paramount and there’s no shortage of enhanced security for Cloud PCs.

Enhanced Security

  1. Built-in Security Features: Windows 365 includes advanced security features like multi-factor authentication, conditional access, password-less authentication and advanced data encryption. These features help protect sensitive information and reduce the risk of security breaches.
  2. Always Up to Date: Cloud PCs are automatically updated with the latest security patches and updates. This ensures that your systems are always protected against the latest threats. Cloud PCs also support full cloud management technologies include Auto Pilot and Windows Auto Patch.

What about pricing… after all, Cloud PCs require a license subscription to use with pricing for Windows 365 varying based on the specification of the Cloud PC needed.

Costs efficiencies and advoidance

  1. Reduced Hardware Costs: Leverage Windows 365 can help can extend the life of existing hardware (for example hardware that cannot run Windows 11) and reduce the need for frequent hardware upgrades since they can be upgraded with just a change of license key!
  2. Frontline worker efficiencies. Windows 365 Frontline provides the same feature stack and benefits of Windows 365 with the added flexibility to provide Cloud PCs for up to three users with the purchase of a single Windows 365 license, making it ideal for frontline and shift workers as well as seasonal staff.
  3. Scalable and Upgradable: Windows 365 offers flexible subscription plans. These plans can be scaled up or down based on your organization’s needs. This enables businesses to manage costs more effectively. You can choose the right sized Cloud PC for the right task and the right user.
  4. Device Management: Since there is no physical device to manage, management of devices is available remotely around the globe with employee devices being able to be provisioned, updated and recovered 100% remotely.
  5. Support for Windows 10 Extended Security updates are also included with the Windows 365 license which not only helps extend the life of older (but perfectly working devices) and is also great to sustainability!

Seamless Transition and Extensibility

  1. Extended Security Updates (ESU): For organisations that need more time to transition to Windows 11, Windows 365 subscriptions include Extended Security Updates (ESU) for Windows 10 at no additional cost. This provides critical security updates while you plan your migration.
  2. Smooth Migration: Migrating to Windows 365 can be straightforward. Tools and support are available. They help transfer user profiles, documents, and settings seamlessly.

Conclusion

Windows 365 can not only be a physical device alternative for any organisation, but also be used to help ensure a smooth transition from Windows 10 to Windows 11. Windows 365 can help organisations maintain productivity. It enhances security and breathes more life into legacy or older hardware.

It also supports Windows 10 Operating Systems, with Windows 10 Extended Security Updates included at no additional cost helping to extend the life of older devices that can’t run Windows 11 for up to another three years!

Posted on

Why Windows 11 24H2 could have been called Windows 12

Most of the time, security and annual and semi annual feature updates in Windows are built on the same core OS platform. This means that the changes and new features in these updates are / updated on top of that particular OS build. 

This is not the case with the latest Windows 11 24H2 Update which is starting to roll out now.

Why is the Windows 11 24H2 update different?

Unlike previous updates to Windows 11, Windows 11 24H2 is delivered as an update to existing devices with Windows 11 installed. This update is essentially a whole new version of Windows and yes, some have dubbed it Windows 12 – because it is, in all purposes a new OS version that is installed over (OS Swap) on the top of the existing OS – making it a new version.

This approach is the same as when Windows 11 was released back in 2021 and was (of course) an OS upgrade on-top of Windows 10. Many saw Windows 11 as “just a UI refresh.” But it was actually a totally new build of Windows. It had major architectural and security changes throughout the OS. Updates like Windows 11 version 22H2 and version 23H2 introduced many new features, but these updates were fundamentally built on the same underlying Windows 11 OS platform.

Windows 24H2 is a new OS

Windows 11 24H2 update is built on a totally new platform (codenamed Germanium) which brings fundamental under-the-hood changes to the core of the Windows 11 Operating System. Many of these updates and changes will not be obvious or event visible to a typical user, but many of them are fundamental changes. For example, one significant improvement with this release is much better optimisation for ARM based devices such as the new Snapdragon Powered Copilot+ PC devices like the Surface Laptop 7.

This is also why this update launched preinstalled on Snapdragon X series PCs. The feature set wasn’t completely finished when they launched, but the code base was needed to take advantage of the new features which are now rolling out.

The question asked by many is – “Is Windows 11 24H2 really Windows 12 then“?

So why isn’t it called Windows 12?

Good question. Well, whilst this is a major update under the hood the UI does look the same as before, and in terms of new features for existing PCs, many of the new things are subtle and reflective of the ongoing tweaks and changes such as finally moving those legacy “Control Panel” updates to Settings. As such there is nothing in 24H2 that really says “hey – this is a brand-new operating system” – and that’s a good thing I think (right now anyway).

In the past, we typically received a “new version” of Windows release every three or so years, and as such it was possible to “upgrade” from one to the next if you were willing to buy a new Windows license (or a new device with a new license).

Of course, most people did not want to do that, which meant that most of us (consumers anyway), only got a new OS update when they bought a new PC/Laptop – which included the latest license you needed. for the “current OS”. That’s how Windows upgrades worked for most people anyway!

Windows 11 version 24H2, it is basically the same thing. Whilst this update is available for existing PCs (it’s also free) there’s very little that is new and shiny for existing devices.

All the big news and new features are part of the new generation of devices – the Copilot+ PCs and AI PCs – and most of those new AI features will only work (be activated) on these new devices – since they need a PC with a chipset that includes an NPU with over 40TOPS of performance – this is basically new devices launched after June 18, 2024 (or even later, if you want to get an AI PC based on the AMD or Intel PC).

So back to the point, yes Copilot+ and AI PCs are essentially Windows 12 with all the features it introduces but still under then branding (as the UI has not changed) as Windows 11.

What does a Copilot+ PC and Windows 11 24H2 Bring then?

Right now, what Copilot+ devices do add some cool new AI features which I would say currently appeal to tech enthusiasts and those that run AI workloads (or plan too). You do get live captions with real-time translation in any app, have the ability to use new AI features in apps like Paint using a “cached” LLM on the device and new you’ll soon get features like Recall, Click-To-Do, and generative fill which are also huge new features that are all exclusive to those new Copilot+ and AI PCs devices.

Will there be a Windows 12?

We don’t know to be honest – not yet anyway. It is clear to me that Microsoft are working to ensure they don’t abandon or upset their existing users and create confusion.

With Windows 10 going end of support in October 2025 (that’s a year from now), creating a Windows 12 brand will likely up-set many businesses that are in a transition from Windows 10 to Windows 11.

This version of Windows 11, will include a whole load of features that will be exclusive to the newer AI PC hardware such as the Surface Laptop 7 and Surface Pro 11. This still creates an incentive for people to buy new PC with shiny features (that makes PC companies like Dell, HP, Lenovo, and Microsoft happy) whilst still ensuring the Windows 11 OS is modern and fresh. Existing devices can still upgrade to Windows 24H2, but they won’t get these new AI features (you need that NPU remember).

Will Microsoft ever unveil plans to release a formal Windows 12? I really don’t know at the moment. I think a new “branded” version will come at some point in the next couple of years. They may just call it Windows – something we thought Microsoft were going to do when Windows 10 was released.

What do you think – should Windows just be called Windows 25H1 for example, or do we prefer a version number. I’m a Windows / Surface MVP and I don’t know any more than you right now (of course if I did, I couldn’t tell you – but I honestly do not know!)

There are lots of rumours on social about Windows 12 – tell me your thoughts?

Posted on

Click-to-Do and new “AI Search” coming to Copilot+ PCs

Microsoft (off the back of Windows 11 24H2 release this week) have unveiled a series of updates to their AI infused Copilot+ PCs, aimed at enhancing the user experience with innovative features.

Copilot+PCs are a new category of PCs released this year by leading OEMs including and debuted by Microsoft and are equipped with NPUs. These devices come in Intel, AMD, and Qualcomm-powered Windows on Arm configurations. Microsoft introduced several new features for both types of these advanced PCs. The newly launched Windows 11 2024 Update (version 24H2) brings new functionalities for all Windows 11 users, with some exclusive enhancements specifically for Copilot+ PC owners.

These updates further demonstrates Microsoft’s commitment to baking AI assistance into more and more manual or semi manual tasks, and are designed to make everyday tasks more intuitive and efficient, leveraging the power of AI to transform how we interact with our new shiny devices.

New AI experiences in Copilot Plus PCs

These new features are summarised in an extensive Copilot / Windows Blog but the key ones I have summarised below.

Enhanced Search: Find stuff faster and easier.

One of the standout features in this update is the new Enhanced Search. Here, Microsoft has integrated AI-driven improvements deep into Windows search, making it significantly more powerful and user-friendly.

With these enhancements, users can now find files, images, and emails with ease, even if they don’t remember the exact names. Better than a simple search index (you know, that thing that used to grind your PC to a halt), this AI search understands context and can retrieve relevant results based on partial information or related keywords.

Image (c) Microsoft.

For instance, if you’re looking for a presentation you worked on last month but can’t recall the title, simply typing in related terms like “presentation” and “last month” will bring up the correct file. This feature is huge change for how we find and retrieve information and is more human connected in terms of how we think and ask. Plus, if you are anything like me, it should reduce the time spent searching for documents and allowing users to focus on their work.

“AI-powered search makes it dramatically easier to find virtually anything,” says Yusuf Mehdi, executive vice president and consumer chief marketing officer at Microsoft. “You no longer need to remember file names and document locations, nor even specific names of words. Windows will better understand your intent and match the right document, image, file, or email”.

Yusuf Mehdi |Executive VP and CMO | Microsoft.

For images this will work extremely well as you won’t need to know the file name and can search for pictures using words, even if the search word isn’t part of the file name!

The improved Windows search will first show up in File Explorer on Copilot Plus PCs from November.

This improved search will also be available “in the coming months” in the main Windows search interface and through the search box that appears in the Settings interface. You can type things like “duplicate my screen” into the Settings search box and it will help you find the right settings.

Click to Do: Interacting directly with your screen.

This feature really caught my attention and is definitely one I think I will use.

Click to Do will allows users to interact directly with images and text on their screen to perform quick actions. As an example you might be viewing a webpage or a pdf and see a phone number. You’ll be able to click on it to initiate a call, or clicking on an address to open it in your maps application. This feature streamlines workflows by reducing the number of steps needed to complete tasks.

Image (c) Microsoft

Click to Do works by understanding everything you’ve seen on your screen and enabling useful shortcuts to actions to help you more quickly search, learn, edit, shop, or act on those items… It works on any windows, document, image, or even video”

Yusuf Mehdi |Executive VP and CMO | Microsoft.

As an example, you could use Click to Do to perform a visual search on an item that appears in a YouTube video you’re watching or a page you are viewing in a browser. Click to Do is also context-aware, assisting with text-related actions like rewriting, summarising documents, explaining text, and sending emails.

Microsoft have said Click to Do will begin testing with Windows Insiders on Copilot Plus PCs in October, with a gradual rollout planned for November.

The previously announced Recall feature will also be available to Windows Insiders in October on Qualcomm-powered devices, before being rolled out to Windows Insiders on Intel- or AMD-powered Copilot Plus PCs in November.

I think this could be a real time saver for me and for anyone who does a lot of research, works with high volumes of information and has lots of open windows on their screen(s). By enabling direct interaction with on-screen content, it should help minimise interruptions and keeps the focus on what your are doing without having to open other tools.

Generative AI in Paint: Bringing modern tech to a staple app.

Microsoft Paint is also getting another significant upgrade (which has been in testing with Windows Insiders for a few months) with the introduction of new generative AI tools. These new tools ncluding generative fill, image generation (using Designer) and generative erase, that bring capabilities similar to those found in advanced photo editing software like Photoshop. Layers was also introduced to Paint earlier this year.

Copilot UI : The human touch.

Finally, Microsoft are revamping the general Copilot experience. This is not just about adding new features (though there are some) but are more about a total overhaul and part of their vision to make AI a more human-centric experience.

Their goal is to differentiate Copilot from other AI tools like ChatGPT and Gemin, by focusing on usability and user satisfaction. This approach ensures that the technology adapts to the user’s needs, rather than the other way around.

I covered this in more detail in another blog post below.

Posted on

Windows Recall: Enhanced Security& Privacy ahead of October Launch

As Windows 11 24H2 gets ready to release, Microsoft has announced major security and privacy upgrades to its (yet to be released) Windows Recall feature which was the flagship new AI powered feature announced on the back of the Copilot Plus PC announcements back in May.

Recall, which was initially met with scepticism and concerns around security and privacy, has now be significantly updated with stronger and more granular protections for privacy, encryption and identity access to make it ready for its “delayed” release next month.

What is Recall?

Recall takes screenshots of active windows on your PC every few seconds, analyses them on-device using a Neural Processing Unit (NPU) and an AI model, and adds the information to an SQLite database. You can later search for this data using natural language to prompt Windows Recall to retrieve relevant screenshots.

I covered Recall in more detail in an earlier blog

Responding to Customer Feedback


Microsoft’s decision to enhance Windows Recall comes after considerable feedback from customers and privacy advocates. The company initially delayed the public release of Recall, opting to make it available for preview with Windows Insiders. This cautious approach allowed Microsoft to refine the feature based on real-world usage and analysis of how it was used whilst they review ways to address the concerns and enhance security and privacy controls.

Putting Users in control of Recall

One of the most significant changes is that Windows Recall is now strictly opt-in. Users must proactively activate the feature, ensuring that no screenshots are taken or saved without explicit consent. This addresses a major concern about privacy and data security. Additionally, users can remove Recall entirely through the optional features settings in Windows, providing total control over its usage.

Advanced Security and Privacy Measures

Windows Recall now includes several advanced security measures designed to protect sensitive information after feedback, development and testing since it was announced in May this year.

Firstly – Recall is an optional feature and can also be removed entirely from the Windows Installation. If a user doesn’t proactively choose to turn it on, recall is off by default, meaning snapshots will not be taken or saved.

If Recall is enabled, all snapshots and associated data are encrypted, with encryption keys protected by the device’s Trusted Platform Module (TPM). This module is tied to the user’s Windows Hello login information and biometric identity, ensuring that no data leaves the computer without the user’s explicit request. Recall snapshots are also only accessible after users authenticate using Windows Hello credentials. This enhanced sign-in security ensures privacy and actively authenticates users before allowing access to their data

Recall also comes with a sensitive information filter designed to protect confidential data, like passwords, credit card numbers, and personal identification details, by automatically applying filters over this content. This uses AI and pattern matching to look for such information adding another level of privacy protection.

Additionally, Recall includes malware protection features like rate-limiting and anti-hammering measures, which prevent unauthorized access attempts.

Recall: Four Principles of Operation

Microsoft has redesigned Recall to function on four core principles:

  1. User control
  2. Encryption of sensitive data
  3. Isolation of services, and
  4. Intentional use.

Recall is always opt-in. Snapshots are not saved unless you choose to use Recall, and everything is stored locally……Recall does not share snapshots or data with Microsoft or third parties, nor between different Windows users on the same device. Windows will ask for permission before saving any snapshots.

David Weston – VP Enterprise and OS Security, Microsoft.

These principles will ensure that users can keep complete control over their data, with the ability to remove snapshots, pause them, or turn them off at any time. Any future choice to share data will need fully informed and explicit action by the user.

    Image (c) Microsoft.

    Conclusion

    In short, the enhanced Windows Recall feature represents a significant step forward in balancing functionality with security and privacy which show Microsoft are licensing to their users and take privacy and security seriously. By addressing key concerns and implementing robust protections, I believe Microsoft has demonstrated its commitment to user trust and data security. As Recall rolls out to Insiders with Copilot+ PCs in October, it will be interesting to see how these enhancements are received and what further innovations Microsoft will bring to the table. What do you think? Will you be trying this out or uninstalling it?

    When will Windows Recall be released?

    Microsoft announced last month that Recall will start rolling out to Insiders with Copilot+ PCs in October as part of the 24H2 release of Windows 11.

    Posted on

    Microsoft looking to remove security vendor access to it’s Windows Kernel following CrowdStrike incident.

    Microsoft is building new Windows security features to prevent another CrowdStrike incident and are in talks to enable them to do to more to allow them to better protect the core of their OS to prevent outages and widespread impact like the CrowdStrike incident which impacted more then 8.5 million devices and is estimated to have caused more than $10b financial impact.

    Fighting against the anti monopolies commissions.

    In an ideal world, Microsoft would have right to protect their core kernel code and prevent any third parties interfering or accessing it.

    Today, however, law is preventing them from doing this to ensure they adhere to the anti monopolies and anti compete laws in many parts of globe. Instead Microsoft are doing all they can to further harden security around the kernel and Windows security in general.

    Their goal is of course to find a comprised way to protect Windows from software issues caused by security vendors to ensure OS integrity without killing third party security vendors but to avoid them needed kernel level access in the first place…

    Enhancing Security without Kernel Access

    Since July, Microsoft has been in talks with leading security vendors, including CrowdStrike, Broadcom and Sophos, to develop a new security  platform in Windows that still allows security vendors to do their thing, but without Microsoft having to expose full kernel access.

    Then last week ( September 10th, 2024), Microsoft, CrowdStrike, and many other security  partners who provide endpoint security technologies got together to discuss ways to boost resiliency and protect our mutual customers’ critical infrastructure.  Aidan Marcuss, Corporate VP of Microsoft Windows and Devices said  “Our objective is to discuss concrete steps we will all take to improve security and resiliency for our joint customers.”

    The goal is to  prevent incidents similar to the CrowdStrike outage and enhance the overall security framework of Windows without monopolosing the endpoint and XDR markets.

    Benefits to Consumers

    For everyday users, this would promises a more secure and stable computing experience in a world where attacks on identity and data theft are increasing at pace. By further reducing the risk of security breaches and system outages, whilst reducing the risk of third party apps and services causing system failures, Microsoft is ensuring that consumers continue to trust them to protect their personal data and maintain smooth operation. Enhanced security measures mean fewer disruptions and a safer online environment, which is crucial in an era where cyber threats are increasingly sophisticated.

    Benefits to Business Users

    For commerciall/business users, they of course would gain significantly from these new security measures. With sensitive corporate data and identity consistency at risk from attack or breach, Microsoft’s enhanced security framework will provide businesses with greater peace of mind and further increase the trust they already have with Microsoft to protect their data, applications and emails.

    Of course, reduced risk of breaches and downtime caused by third party apps and services also translates to increased choice (without fear), and lower costs associated with security incidents and system outages incidents.

    Whilst this should enable businesses to  focus more on their core operations, knowing that their IT infrastructure is robust and secure, it doesn’t remove the need for full business continuity planning….

    Microsoft’s Perspective and Benefit

    For Microsoft, this move is a strategic step to reinforce its commitment to security and reliability. Arguably, Microsoft is the biggest security company in the world and with over a billion devices running the Windows operating system, they have a duty to continue to protect their products from outages caused by, well things out of their control, such as the CrowdStrike update fail!

    By working closely with security vendors and regulatory bodies, Microsoft is not only positioning itself as a leader in the cybersecurity space, but also as a partner that works with its software houses (ISVs) and customers to ensure they still have choice over the aspects of Windows they use (or subscribe too) and the third party vendors they choose to work with.

    So what about the third party security vendors then?

    Security vendors like CrowdStrike, Broadcom, Sophos, Cisco, and Trend Micro also benefit from this collaboration by being part of a more secure and standardised platform. This partnership allows them to continue to innovate and develop advanced security solutions without the complexities and risks associated with kernel access..it also. Means they will continue to get support and help from Microsoft (as a Isv partner) in developing and supporting their products. 

    Potential Concerns and Regulatory Involvement

    Naturally, there are concerns about potential monopolistic practices. Vendors (and those less. Involved in their initiative) may fear that Microsoft might restrict kernel access for third-party products while retaining it for its own, which could limit their ability to compete effectively, pushing customers to jump. Ship and just adopt Microsoft security products and services.

    To address such concerns and ensure transparency, Microsoft has involved US and European government officials in discussions. This move is aimed at addressing regulatory concerns and demonstrating Microsoft’s commitment to a fair and secure computing environment. While the initiative is largely seen as positive, it is crucial for Microsoft to maintain an open and competitive landscape for all security vendors.

    Conclusion

    Microsoft’s new security measures would represent a significant step towards a safer Windows environment. By working closely with security vendors and involving regulatory bodies, Microsoft is striving to create a secure and fair platform for all users making kernel acess more controlled than it is today. This promises numerous benefits for consumers, business users, and security vendors alike, while also addressing potential concerns about competition and transparency.

    Read more. The Register has also covered this story in depth of you want to read more here.

    Posted on

    Microsoft fixes hardware glitches across Surface Pro 8, Pro X, and Laptop 6.

    Microsoft has released a bunch of firmware updates which should fix some annoying issues.

    One of the great things about Microsoft owning the hardware and software eco system (in the realm of Surface and Windows), is the telemetry data they have across the board and the ownership they take across hardware and software.

    According to Microsoft there’s been some issues affecting Surface Pro 8, Pro X and Laptop 6 which have (hopefully) been fixes with this latest update.  Let’s dive into the specifics of what these updates address for each device.

    Surface Pro 8 (Intel)

    Some or the reported issues with Surface Pro 8 include issues with Surface Slim Pen, flickering screen issues when using the Surface Dock 2, and even issues with the built in USB-C ports.  This update should fix all those ensuring a smoother and more reliable experience.

    Surface Pro X (Qualcomm / ARM)

    One of my favourite devices (big fan of Windows on ARM), but many users have reported camera issues with the camera app hanging or the camera locking and showing as not working until a reboot. There has also been issues regarding the keyboard when using in Windows Recovery Environment (WinRE) or Windows Preinstallation Environment (WinPE). This firmware update addresses these issues.

    Surface Laptop 6 (Intel)

    A stable for many businesses, the Surface Laptop 6 has seen a number of odd issues particular with the fan and cooling system with reports of the laptop’s fans running excessively (and not turning off), even when the device isn’t under heavy load. This not only affects battery life but can also be quite distracting. This latest update should fix this issue by optimising the fan behavior and improving the system’s response to internal temperature changes, especially when connected to an external monitor and peripherals.

    How to get the firmware updates

    If you’ve been experiencing any of these issues with your Surface device, then updating your device is simple. In most cases these updates will be deployed as part of the regular patch schedule across your business, but if you need to check and deploy manually, then simply head over to Windows Update and download and install any pending updates for your device.

    Windows OS and Surface firmware updates  are essential for maintaining the performance and reliability of your Surface devices even if you are not experiencing any of the issues above.

    Posted on

    Copilot+ PCs: A Game Changer for Businesses?

    Back in May, Microsoft unveiled the next generation of PCs with the Copilot + PC which was released for consumers. Today (4th September 2024), Microsoft has once again set a new benchmark with the introduction of Copilot+ PCs for Business users.

    Like their consumer counter parts, these next generation “AI devices”, which include the Surface Pro 11th Edition and Surface Laptop 7th Edition, are designed to revolutionise productivity and creativity in the business world. Copilot+ PCs are also shipping from other OEMs such as Dell, Lenovo, Acer, HP etc.

    Copilot+ PCs are equipped with the most powerful Neural Processing Units (NPUs) available for Windows PCs, delivering blazing-fast processing power. This allows businesses users to handle the toughest tasks with ease, up to 90% faster than previous models. The integration of advanced AI features, such as live captions and real-time translations, ensures that your team can work smarter and more efficiently.

    This blog, re-dives into the main differences between Copilot+ PCs and “non-Copilot PCs”, the improvements over previous models, and why these advancements are crucial for businesses and aims to answer the “why now” questions.

    Copilot+ PCs vs. Non-Copilot PCs

    1. AI Integration:
      • Copilot+ PCs: These devices are equipped with advanced AI capabilities, thanks to the Neural Processing Unit (NPU) that can handle up to 45 trillion operations per second (TOPS). This allows for efficient AI processing directly on the device, reducing latency and improving performance. These enable new AI workloads and functions within many applications to be enabled and powered by these new NPUs.
      • Non-Copilot PCs: Traditional PCs rely more on cloud-based AI processing (since they did not have NPUs), or required the CPU to do the grunt work, which can slow down performance and is dependent on internet connectivity.
    2. Performance:
    3. Connectivity:

    Power, Performance, Productivity

    This is the “why now” for Copilot+ PCs. More than just a device refresh, this new class of devices brings exceptional performance, never seen before battery life and the fastest application performance on Windows to date.

    1. Enhanced Performance: The new Copilot+ PCs feature significant performance upgrades with the Snapdragon® X Elite and X Plus processors. These processors not only boost productivity but also enhance AI processing capabilities, making them ideal for modern business applications.
    2. Incredible Battery Life: Surface Laptop 7th Edition offers up to 22 hours of battery life, a substantial improvement over previous models. This extended battery life ensures that professionals can work longer without needing to recharge, enhancing productivity on the go. Surface Pro 10 offers more than 18 hours in tests.
    3. Blazing App Performance: Microsoft has dedicated significant resources to the developer ecosystem, ensuring seamless performance for both native and emulated apps on Windows on Arm (WoA). The new Prism emulation engine further enhances performance and reduces CPU usage for emulated apps, surpassing even native apps on earlier models.
    4. Built around the user – Surface Copilot+ PCs provide a seamless and intuitive experience. These devices come with features like adaptive colour, optional OLED and HDR displays, and a flexible kickstand (Surface Pro) making them adaptable to any work environment. The all-day battery life (up to 22 hrs) ensures that your people stay productive without frequent interruptions.

    Copilot+ PCs – Why Now?

    1. Productivity and Efficiency: The AI capabilities of Copilot+ PCs enable businesses to automate routine tasks, analyse data more efficiently, and make informed decisions faster. This leads to increased productivity and operational efficiency.
    2. Security: Copilot+ PCs come with advanced security features, including the Microsoft Pluton security processor and Windows Hello biometric authentication. Together these provide robust protection against both physical and digital threats and work seemlessly with your device management tools such as Intune. This comprehensive security framework ensures that your data remains safe and easily managed across the organisation. These enhanced security measures in Copilot+ PCs provide a higher level of protection, making them a more secure choice for businesses handling sensitive data.
    3. Flexibility and Mobility: With optional 5G connectivity and extended battery life, Copilot+ PCs allow professionals to work from anywhere without compromising on performance or security. This flexibility is crucial in today’s hybrid work environment.
    4. Developer Support: The Windows Copilot Runtime and the availability of on-device AI models make it easier for developers to integrate AI into their applications. This fosters innovation and allows businesses to leverage AI-driven solutions tailored to their specific needs. Aspects such as Windows Studio Effects that bring Background Blur, Automatic Framing and Voice Focus, Portrait Light, Creative Filters and Eye Contact Teleprompter, can be invoked by developers directly in their applications without having to create models or develop the code.
    5. Future Proofed Investment : As businesses increasingly turn to AI to innovate, having the right hardware is crucial. Surface Copilot+ PCs are built to scale and adapt as AI capabilities evolve, ensuring that your investment remains relevant and valuable. These devices support local development and execution of AI models, providing the agility needed to stay competitive.

    What SKUs are available?

    As discussed, there are two standout devices – Laptop 7, Pro 11 and the Surface Pro 5G. Here are the key specs and features from a hardware perspective to note:

    Surface Laptop 7

    • Launch Date: 12th September 2024
    • Size Options: 13.5″ and 15″
    • Processors: Snapdragon® X Plus / Snapdragon® X Elite
    • NPU: Qualcomm® Hexagon™ (45 TOPs)
    • Graphics: Qualcomm® Adreno™ GPU
    • Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
    • NFC – Allows use of the built-in NFC reader to sign in with an NFC security key.
    • Copilot Key: Yes – for quick access to Copilot in Windows 11

    Surface Pro 11

    • Launch Date: 12th September 2024
    • Processors: Snapdragon® X Plus / Snapdragon® X Elite
    • NPU: Qualcomm® Hexagon™ (45 TOPs)
    • Graphics: Qualcomm® Adreno™ GPU
    • Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
    • NFC – Allows use of the built-in NFC reader to sign in with an NFC security key.
    • Copilot Key: Yes – for quick access to Copilot in Windows 11
    • Options: New flex Premium keyboard designed to be used either attached to your Pro for the ultimate laptop set-up or detached as a standalone keyboard for a new level of flexibility.

    New Surface Pro 5G

    • Launch Date: October 2024
    • CPU Options: Available with Intel I5/I7 and Snapdragon X Plus / Snapdragon® X Elite
    • NPU: Qualcomm® Hexagon™ (45 TOPs)/ Intel AI boost
    • Graphics: Qualcomm® Adreno™ GPU / Intel graphics
    • Copilot key: Key – for quick access to Copilot in Windows 11
    • Cameras: AI enhanced 1440p Quad HD front-facing Surface Studio camera with ultrawide field of view
    • NFC– Allows use the built-in NFC reader to sign in with an NFC security key.

    Conclusion

    Surface Copilot+ PCs stand out due to their advanced AI integration and superior performance. Unlike non-Copilot+ PCs, which may lack dedicated NPUs, Copilot+ PCs offer specialised hardware designed to handle AI tasks efficiently. This results in faster processing times and more accurate AI-driven features.

    Video (c) Microsoft

    Surface Copilot+ PCs are not just another piece of hardware; they are a strategic investment in your business’s future. By equipping your team with these advanced devices, you can unlock new levels of productivity, security, and innovation, positioning your business for success in an AI-driven world.

    You can read more, from Microsoft in the latest community blog update which you can access below: https://techcommunity.microsoft.com/t5/surface-it-pro-blog/accelerate-ai-transformation-with-surface-pro-and-surface-laptop/ba-p/4227521?wt.mc_id=MVP_309187

    Posted on

    Windows 11 August (optional) Update: What is new….


    As we wait for the big 24H2 update due this autumn, Microsoft has quietly rolled out an optional update (going by the name KB5041587) for Windows 11, bringing a host of improvements and new features.

    While this update is not mandatory, it does offer several enhancements that make it worth installing (especially if you have a PC powered by an AMD CPU).

    Overall, the KB5041587 update for Windows 11 brings a range of valuable enhancements for users who frequently share files with Android devices, includes improvements to Narrator, voice typing, and File Explorer.

    Here’s a breakdown of what this update entails and why you might want to install it.

    Performance Boosts for AMD CPUs

    One of the most notable improvements in the KB5041587 update is the performance boost for AMD’s latest CPUs. Users with Ryzen 5000, 7000, and 9000 series processors with up to a 13 percent increase in performance.

    This enhancement addresses the previously disappointing performance of these CPUs, making it a significant update for AMD users.

    Enhanced File Sharing with Android Devices

    This update introduces a new feature that allows users to send files directly to an Android phone via Windows Share.

    Unlike Nearby Sharing, the Android device does not need to be in close proximity to the PC. Instead, it just needs to be paired via Phone Link.

    This feature simplifies the process of transferring photos and documents, making it more convenient and efficient.

    Improvements to Narrator and Voice Typing

    Windows 11’s Narrator feature, which reads out loud the contents of documents and websites, has received improvements in speed and accuracy.

    These enhancements are particularly noticeable when using the Edge browser and reading large documents.

    Additionally, voice typing has been optimized to allow for faster spelling of characters and more commands for text manipulation.

    Bug Fixes in File Explorer

    Several bugs in File Explorer have been addressed in this update. Issues such as the Ctrl + F keyboard shortcut not starting a search and the Shift + Tab shortcut losing keyboard focus have been fixed.

    These fixes contribute to a smoother and more reliable user experience when navigating and managing files.

    Installing the update

    Unlike the regular security and fix updates, the KB5041587 update must be manually installed.

    If you wish to install this one, you will need to navigate to Settings > Windows Update and select the update for installation. This manual process ensures that users have control over whether they want to incorporate these new features and fixes.

    Posted on

    Windows 11 24H2 Update will bring Quality, Performance, and AI updates

    Image showing words Windows 11 24H2 Update

    As we head into September, Microsoft is preparing to start the rollout of their annual Windows 11 feature update, this time focusing on the underlying platform and surface-level quality-of-life improvements and updates as well as some major updates to Windows on Arm (WoA). Windows 11 24H2 (also known as the 2024 Update) is a huge update in fact, including everything from performance increases across the board, UX changes and new AI (of course) features.

    The Windows 11 2024 Update is packed with OS improvements and new features across the board, with special attention given to those running an ARM-based device this time around.

    This update is a much bigger release than last years’ 2023 H2 update, due mainly to a vast number of underlying platform enhancements. There are improvements to Windows Update process, an updated and faster x86 emulation layer for Arm PCs (such as Copilot Plus PCs), and new AI features that will take advantage of newer devices which have a dedicated NPU (neural processing unit.).

    On Copilot+ PCs, this Windows 11 release is also the first include features exclusive to this new category of Windows devices. This means if you don’t yet have a Copilot+ PC, then you miss out on certain features when upgrading to version 24H2, such as the controversial “Windows Recall” AI feature.

    Windows 11 24H2 also promised to be much better for gamers, since it includes many new capabilities that utilise the high-performance hardware of Copilot+ PCs and new software optimisations. An example of innovation is the new emulation engine, Prism. It operates seamlessly, converting x86 or x64 code to Arm64 instructions when you launch an x86 or x64 application on an Arm-based Windows 11 device, all without requiring extra effort from developers.

    Why is this important? Well, given that many of today’s games are written for x86 or x64, Prism unlocks a large back log of games that work great on Arm under emulation. While Windows on Arm has had emulation in the past, the performance improvements of Prism, along with automatic super resolution and the new Snapdragon® X Series processors together emerge as a game-changer.

    So here is a summary of the key changes and updates you can expect in the Windows 24H2 update. Features in Bold are just for Copilot+ PCs.

    Desktop and start menu

    • Phone Link is now integrated with the Start menu
    • Taskbar system tray layout has been further simplified
    • Quick Settings has been rebuilt to be faster and more customisable
    • Windows Spotlight image is now the default wallpaper setting
    • The Taskbar app preview thumbnails now have an animation
    • It’s now possible to set to HDR images as a desktop wallpaper

    File menu

    • The File Explorer home tab now includes updated layout with shared documents.
    • Just like in Edge, you can now duplicate tabs by right clicking the tab.
    • The context menu layout has been updated with better labelling making it easier to use.
    • Added ability to create .7z and .TAR archive formats as well as ZIP files without the need for third party apps.
    • If you use Phone Link, you can view your Android phone’s file system directly in File Explorer

    Native Apps

    • The new Outlook app for email, calendar, and contact is now included in the update (this will replace the mail and calendar app).
    • Photos now includes AI-enhanced generative erase and background editing.
    • The Copilot applet is now a standalone web app – meaning it can be resized and moved around like any other app.
    • Photos can now generate AI images based on user criteria (Copilot+ PC)
    • A new Recall app uses AI to capture everything you do and makes finding things easier (Copilot+ PC).
    • Paint now has built-in generative AI capabilities based on user drawn sketch (Copilot+ PC)

    Settings and other stuff

    • Windows Update now supports checkpoints and hot patching for faster and less obtrusive updates.
    • New PRISM emulation layer makes x86 emulated apps run up to 2x faster and smoother on Arm meaning Arm-based devices.
    • New Voice Clarity feature uses AI to remove background noise picked up by your microphone in supported apps such as Teams.
    • Power settings for plugged/unplugged state can now be configured simultaneously just they could previously in “control panel”
    • Energy Saver mode replaces “battery saver” and now applies to laptops and desktop devices.
    • Devices with the new “Wi-Fi 7” hardware is now supported.
    • AutoSR uses AI to enhances the framerate and quality of games (Copilot+ PC)
    • Live Captions translate languages into English in real-time locally (Copilot+ PC).
    • Advanced Windows Studio Effects enhance your webcam with filters (Copilot+ PC) and some older ARM based PCs such as Surface Pro 9 5G.

    Consumer and Gaming

    • Updates to x86/x64 emulation on Copilot+PCs and other ARM based devices brings significant (up to 2x) performance updates for games running under emulation – needed for games and apps that are not yet “native” ARM.

    Availability and Rollout

    The Windows 11 2024 Update process is rather unique in its rollout and availability this time round. Unlike previous versions of Windows 11, this release is rolling out in two distinct waves. Wave one is has essentially already shipped, but only on new Copilot+ PCs that launched on June 18. If you recently purchased a new Copilot+ PC running the Snapdragon X chipsets then you are already running Windows 11 version 24H2.

    For the rest of the world, Windows 11 24H2 for “non-Copilot+ PCs” is expected to begin rolling out gradually from late September, which is when Windows 11 feature updates normally begin rolling out to users.

    Windows Insiders get it earlier…

    If you want to try out the Windows 11 2024 Update ahead of general availability on non-Copilot+ PCs, you can do so today by joining the Windows Insider Programme.

    Posted on

    Snapdragon X: The power behind Copilot Plus AI PCs

    Picture of a Surface Keyboard with Snapdragon X sticker

    Qualcomm’s Snapdragon X series processors are specifically crafted for PCs, particularly Windows on Arm and Copilot Plus PCs available from HP, Dell, Lenovo, Acer and of course Microsoft Surface. The processors inside these latest generation of devices, integrate the renowned Snapdragon technology from premium smartphones with the demanding performance needs of the PC domain. The goal is to deliver a processor that competes with Intel and Apple in terms of performance, while also offering the energy efficiency typical of smartphones and providing cutting edge NPU performance to power existing and upcoming AI powered applications.

    Arm vs Intel: The Copilot Plus PC Revolution

    Copilot Plus PCs, like the Surface Laptop 7 are powered by these Snapdragon X Arm chips. The fundamental components shared by all Snapdragon X series chips include Qualcomm’s custom Arm-based Oryon CPU, rather than Intel’s x86, an enhanced version of their Adreno GPU (derived from their mobile devices), the Hexagon NPU for on-chip AI capabilities, and cutting-edge networking technology supporting the latest Wi-Fi 6 & 7 and 5G standards.

    On the software front, Microsoft offers an emulation layer within Windows on Arm (WoA) to facilitate the running of x64 applications not yet native to Arm processors. Notably, there is an extensive collection of native Arm applications from Microsoft, Adobe, and other prominent developers.

    About the Snapdragon X chipset options

    Snapdragon X comes in two major flavours. The X Elite, which powers the first wave of top-tier Copilot Plus PCs, and the X Plus, destined for the more affordable range of Copilot Plus PCs (You’ll see most vendors providing options for both).

    Today, Qualcomm has a total of four different Snapdragon X SKUs – three under the X Elite branding and one more affordable X Plus unit. You can see the subtle differences below, with the main differentiator being CPU cores and performance.

    All current Snapdragon X models boast a remarkable 45TOPS Neural Processing Unit (NPU), which means they are all equipped to handle the same AI features. An NPU enhances the traditional CPU by adding machine learning (AI) specific computational abilities. An NPU is not only faster but also more energy efficient. This offloads work from the CPU, allowing the NPU to manage AI tasks, similar to how a GPU handles graphics-intensive tasks.

    • Snapdragon X Elite
      • 12 Oryon CPU cores
      • Clock speeds up to 4.2Ghz
      • 4.6 TFLOPS GPU (Graphic Processing Unit)
      • 45 TOPS NPU (Neural Processing Unit)
    • Snapdragon X Plus
      • 10 Oryon CPU cores.
      • Clock speeds up to 3.4Ghz
      • 3.6 TFLOPS GPU
      • 45TOPS NPU

    What about the new Surface Line up?

    Snapdragon X offers competitive performance against not just Intel’s latest chips, but also against the Apple M3 and M4. The real star though (not a fan of just CPU benchmarks personally), is that battery life is simply incredible compared to previous generations of devices with initial testing and reports (from others such as here and here) showing these devices comfortably exceeding the demands of a busy workday, positioning these laptops as genuine contenders to the MacBook (which has always somehow always won for battery life). Running emulated x86 apps under emulation will (and does) run the CPU harder which will in turn impact battery life.

    This next generation of AI powered PCs sch as Surface Laptop 7 and Surface Pro 10 are two such devices offering superior power, power efficiency and extreeeeeeemley long batter life.

    Battery Life Wins

    That said, tests by PC Magazine, revealed a result of almost 25 hours usage – making “Surface Laptop one of the longest-latest laptops we’ve ever tested on battery“. In comparison a 13-inch MacBook Air lasted “just” 21 hours and 38 minutes in their testing.

    Surface Pro 10 and Surface Laptop 7 are the the first Copilot+ PC which feature these new Snapdragon X Elite and Snapdragon X Pro processors.

    PC Magazine said in their comprehensive hands-on review of Surface Laptop 7 that

    “…this is easily the best Arm chip we’ve tested yet in a PC. The CPU and GPU performance are there and deliver at least competitive benchmark numbers relative to current-gen Intel and AMD offerings in the early going. Qualcomm is to be commended for that.” | PC Magazine

    What is your view on these Copilot Plus PCs? Have you got one yet – what are your first impressions?

    Posted on

    Microsoft wants to lock down the kernel after CrowdStrike hiccup knocks out millions of Windows devices.

    Windows Kernel Security - Image by Designer (AI)

    Microsoft is reviewing their options and looking to push for significant changes to their Windows security architecture in the after math of the major outage caused by a “faulty” CrowdStrike update last a couple of week back. The impact of the faulty update, is thought to have afftected around 8.5 million Windows devices and services when the faulty update caused Windows devices to reboot and enter their protected recovery mode.

    Microsoft acknowledges the inherent ‘tradeoff’ kernel-level cybersecurity solutions pose and confirms the root cause of the global outage.

    This has prompted Microsoft to reassess the level of control that third party security vendors have over the deepest parts of their operating system and they are considering limiting kernel- level access for these vendors.

    This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience“. | John Cable | Microsoft see blog post,

    Time to bring control back?

    John Cable, Microsoft’s VP of program management for Windows servicing and delivery, discussed passionately their viewpoint in a blog post named “Windows resiliency: Best practices and the path forward.” In this post, he emphasised the need for “end-to-end resilience” and discussed potential changes Microsoft are reviewing that could mean restricting kernel access for third party security vendors such as CrowdStrike.

    Snipit from John Cable’s blog post | July 2024


    The CrowdStrike update bug, which resulted in widespread system crashes, has clearly highlighted the risks associated with allowing third-party security apps and services to operate at the kernel level – a new approach is needed.

    Privileged access, though advantageous for detecting threats, can result in disastrous failures if mishandled. Microsoft is investigating alternatives that circumvent future kernel access issues, including VBS enclaves and the Azure Attestation service. Employing Zero Trust methodologies, these solutions aim to bolster security without incurring the dangers inherent in kernel-level operations.

    Why do Microsoft let third parties access the kernel?

    In short, they dont have much choice (see below).

    While Microsoft may be looking to further restrict access to its Windows kernel going forward, they have used this event to  explain why third-parties antivirus and security vendors to access the “core of Windows” the first place.

    The Windows kernel is a deep layer of its operating system. Kernel-level cybersecurity lets developers do more to protect machines, can perform better, and can be harder for threat actors to alter or disable.

    When a kernel-level cybersecurity solution loads at the earliest possible time, it gives users (and companies) the most data and context possible when threats arise and also ensures protection can kick in at the earliest stage of the Operating Systems boot up stage rather than waiting for the OS to load and then running as a normal system process.

    The EU may prevent changes over anti-trust claims

    Whilst this makes common sense to most, after all why shouldn’t Microsoft be able to restrict access to ensure stability of an operating system used by more than a billion users, their push for change is likley to face resistance from both cybersecurity vendors and regulators.

    Back in 2006, Microsoft tried to restrict kernel access around the release of Windows Vista, but was met with opposition and a ruling that preventing them doing this, citing anti compete. In contrast, however, Apple successfully managed to lock down their kernel level
    access in macOS in 2020. The market for Windows software is of course far larger than Apple’s MacOS and Microsoft is an open platform for developers to build upon so any changes will need to be done in a way that make this possible without preventing developers software doing what they are supposed to do!

    Microsoft has attributed part of the CrowdStrike outage to the 2009 European Union antitrust agreement, which mandates that Microsoft must provide kernel-level access to third-party software vendors. Conversely, Apple started to phase out kernel extensions in macOS in 2020, encouraging software vendors to adopt the “system extension framework” due to its reliability and security advantages.

    It is not the first and wont be the last time either that the EU have played the anti-trust card. Microsoft has recently had to decouple Teams from Microsoft 365 as a response to competitors such as Zoom citing Mcirosoft have an unfair advantage. They have had recent claims against them with Internet Explorer and Edge.

    Zero Trust Kernel Protection mayt be the way forward

    The blog post indicates that Microsoft is not proposing a complete shutdown of access to the Windows kernel. Rather, it highlights alternatives like the newly introduced VBS enclaves, which offer an isolated computing environment that doesn’t necessitate kernel mode drivers for tamper resistance.

    “These examples use modern Zero Trust approaches and show what can be done to encourage development practices that do not rely on kernel access…We will continue to develop these capabilities, harden our platform, and do even more to improve the resiliency of the Windows ecosystem, working openly and collaboratively with the broad security community vendors”.
    John Cable | Microsoft Windows VP

    Trade off between “anti-compete” and stability.

    Microsoft acknowledges that the tradeoff of kernel-level cybersecurity products is that if it glitches out, it can’t be easily fixed, saying in their blog that. “all code operating at kernel level requires extensive validation because it cannot fail and restart like a normal user application.”

    As such companies have to demonstrate strict quality and testing controls over their software. The CrowdStrike issue occurred since this wasn’t a new product but” simply” and software patch by CrowdStrike that… well, went wrong.

    Microsoft can’t vet every patch and every update released by their “trusted” ISVs/third parties, especially when it comes to security updates which these security vendors need to roll out requently.

    “There is a tradeoff that security vendors must rationalise when it comes to kernel drivers. Since kernel drivers run at the most trusted level of Windows, where containment and recovery capabilities are by nature constrained, security vendors must carefully balance needs like visibility and tamper resistance with the risk of operating within kernel mode.” | Microsoft

    What ever happens – businesses still need to have backup and remediation processed in place.

    In response to the CrowdStrike incident, Microsoft deployed over 5,000 support engineers to aid affected organizations and provided continuous updates via the Windows release health dashboard. They rapidly developed recovery tools to assist companies in their recovery efforts, while emphasising the significance of business continuity planning, secure data backups, and the adoption of cloud-native strategies for managing Windows devices to bolster resilience against future incidents.

    Further whitepapers and guidance will be released in the coming months and I expect this will lead to Microsoft, and their third party vendors releasing more recovery tools and guidance.

    Summary

    Microsoft “confirmed that CrowdStrike’s analysis that this was a read-out-of-bounds memory safety error in the CrowdStrike developed CSagent.sys driver,” Microsoft explained in their technical analysis of the crash and why the impact was so huge in a technical paper published last week.

    Reviewing the security architecture and access to the kernel is definately needed, but their approach and desire to prevent future issues with third party glitches will likley be at the brunt of complaints from third party security vendors and the EU anti-compete regulators.

    Apple “seem” to have a much easier ride when it comes to doing what they want – they say “jump” and developers say “how high”. Microsoft repeatedly have to “please” regulators far more – this recent huge global impact, may work in Microsoft’s favour however, to bring some control and governance in the name of system and business stability which I am sure will get the backing of everyone and every organisation impacted.

    One thing is for certain -Microsoft wont take this sitting down. They will work hard to continue to protect their OS which is run on billions of devices and used by almost all coporations, education and crititical infrastrucutre. Change will happen!

    Posted on

    Copilot+ PCs are now available – What you need to know.

    Last month, Microsoft announced the next generation of AI powered PCs from Microsoft and many other OEMs including Acer and Lenovo which leverage the latest Snapdragon ARM chipsets from Qualcomm. I covered this on a previous post here....

    Yesterday (June 18th 2024), Microsoft’s own devices (the Surface Laptop 7 and Surface Pro 11) were officially available today to buy and any pre-orders were shipped to customers worldwide 🙂

    Microsoft describes Copilot+ PCs as the “most intelligent” Windows PCs ever created. These new processors are capable of performing over 40 trillion operations per second. These PCs also offer long long long battery life and give access to advanced AI tools.

    These latest Copilot+ PCs from Microsoft are sleek, lightweight, and elegantly designed to enhance productivity They ship with dedicated NPUs (for processing AI workloads on-chip) and have the longest battery life of any Surface ever.

    Microsoft say that the new Surface Laptop and Surface Pro are Copilot+ PCs, are the fastest, most intelligent Windows PCs on the market. They are available in four colour options and start at $999 Estimated Retail Price (ERP) USD on Microsoft.com or at a Microsoft Experience Center (aka store).

    What is a Copilot+PCs?

    Copilot+ PCs represent a new category of Windows 11 PCs, equipped with a dedicated neural processing unit (NPU), which is a specialised type of processor designed for AI-intensive tasks such as real-time translations and image generation, capable of executing over 40 trillion operations per second (TOPS).

    Are Copilot+PC only available from Microsoft?

    No. Copilot+PCs are a new generation of PC devices which combined Windows on ARM (WoA) technology, Snagdragon powered chipsets and new updates and features built into Windows.

    Other manufacturers are also making Copilot+PCs include (but not limited to).

    Are Copilot+PCs for Consumers or for Business?

    Copilot+PCs are designed for personal, small business and commercial/enterprise. Devices for Business such as the Surface for Business Range will start shipping in September 2024. More details can be found here.

    What can Copilot+PCs do that others cannot?

    Microsoft refers to new Copilot+ PC experiences which will be baked in to the next versions of Windows 11 and are advanced AI features unique to Copilot+ PCs that accelerate your productivity and creativity. This will include new AI features such as Recall, Cocreator in Paint, Windows Studio Effects, automatic super resolution and Live Captions.There are many more coming and expect to see new AI powered experiences such as offline Copilot coming to Copilot+PC devices in the future. These features require powerful neural processing units (NPUs) –so will be exclusive to the Copilot+ PC class of devices.

    One super cool feature to call out for gamers is the new Auto Super Resolution (Auto SR) feature which integrates smoothly with Windows, automatically boosting the frame rates of existing games in real time and delivering detailed visuals. This feature is said to surpasses the capabilities of standalone PC hardware. Initially, Auto SR will be exclusive to Copilot+ PCs that have a Qualcomm Snapdragon® X Series processor and will support a select list of games available at a third-party open-source site, which Microsoft has provided compatibility data for.

    Do I need a special version of Windows 11?

    No – all new Copilot+ PCs running a Snapdragon® X Series processor will have Copilot+ PC experiences pre-installed. Microsoft will be continuing to update and enhance the Copilot+ PC experiences, so there will be new Windows Updates coming which will enable new features delivered as part of the usual Windows Update process. Only Copilot+PCs will get the new AI features.

    What about devices with the latest AI chips from Intel and AMD ?

    Microsoft are partnering with Intel and AMD as well to bring Copilot+ PC experiences to PCs with their processors in the future.

    Microsoft also have a real good FAQ section on their website about Copilot+PCs.

    Posted on

    “Windows Recall” feature postponed days ahead of launch

    Windows Recall is (was) a new AI powered feature, exclusive for Copilot+PCs that can capture snapshots of your screen every few seconds allowing the user to essentially rewind back to a point in time to back track on work, application state and documents being worked on,

    Recall overview (Microsoft)

    Announced as the headline feature for the new generation of Copilot+PCs, this new flagship Windows Recall will now arrive at a later date, with a wider public  preview coming soon for Windows Insiders.

    There has been many questions, concerns and clarity demanded from the public and tech pros about this new feature since it was announced in May, with concerns over whether Microsoft had “gone too far” in finding a use for AI and the new NPU powered Copilot+PCs. The fact this has not been through the usual process of testing my Microsoft’s loyal Windows Insider testing community was also surprising for such a huge new feature.

    The first of the new Copilot+PCs are launching next week (June 18th), and in an expected update have said that their headlining “Windows Recall” feature will not be shipped at launch and  now arrive a few weeks later in an update.

    Is Windows Recall too much?

    Recall was heavily criticised after sourced said that recall stored it’s Recall  data in an unencrypted state, raising huge concerns among IT experts, users and anti-Windows fans!

    Last week, Microsoft released a blog and announcement to try to alleviate these concerns by reassuring people that Windows Recall would encrypt data and require the user to be physically present at the device (via multi factor authentication) to access recall. They were clear however, that not only was Recall safe but they it would ship next week with the arrival of the Copilot+PCs.

    The Cisilion Fireside Chat suspected so much.

    Just this week, I hosted a fireside chat, and we discussed the view of Recall from a security and privacy violation.

    There’s a link to the episode here if you’d like to hear the views of a number of IT leaders…but the view of my customer panel ahead of (the now postponed) launch include:

    We’ve gone to extraordinary lengths to protect our data and here we are Tada you can now just have a look at what Kim was sharing three minutes ago.” [link]

    “It undermines years and years and years of work and unless they can work out a way there’s no way I’m letting this anywhere near my en.” [00:08:25][Link]

    “You are the attack surface… we have to remind the the owners of the business that ultimately it’s their heads on the Block if things go wrong.” [00:45:32]

    In short, our panel, beleived that Recall might face significant challenges before its implementation, possibly leading to its postponement or modification, especially in enterprise environments. They highlight the need for clear communication, education, and possibly policy changes to address the concerns raised – looks like this is exactly what happened.

    Microsoft committed to trust and privacy but is it enough?

    Just earlier this week, Microsoft had said that all images are encrypted, stored and analyzed locally, using on-device AI capabilities to understand their context. When logged into your Copilot+ PC, you can easily retrace your steps visually using Recall to find things from apps, websites, images, and documents that you’ve seen, operating like your own virtual and completely private “photographic memory.” You are always in control of what’s saved. You can disable saving snapshots, pause temporarily, filter applications and delete your snapshots at any time.

    The question still on people minds is is this enough, how does this work if viewing content other people are sharing on screen when Recall is being used and what happens if a device is compromised or user subject to ransomware or phishing attack and get access to this device…

    Postponed not cancelled?

    Perhaps to ensure the backlash over recall doesn’t impact Copilot+PC sales, these new devices will not ship with Recall initially. Microsoft have said that Windows Recall will be added in a future Windows update, but has not given a timeframe for when this will be. This will give their huge Windows Insider Community time to test this with Microsoft and provide the much needed feedback, tuning controls and more.

    The updated Microsoft blog post states the following:

    Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program (WIP) in the coming weeks. Following receiving feedback on Recall from our Windows Insider Community, as we typically do, we plan to make Recall (preview) available for all Copilot+ PCs coming soon

    Copilot+PCs still get loads of new AI Goodness.

    Of course, Recall wasn’t the only AI infused feature that Copilot+PCs will include, and the other rest of the AI features that Microsoft showcased will still be available to use. These include live captions and translations across all apps, new Windows Studio Effects for meetings and video, new. Image creation and generation tools across the stock Windows Apps including paint and photos.

    Time will tell

    Time and testing wil tell whether this feature gets simply delayed, hugely altered or scrapped all together. What do you think?

    Microsoft June 13 2024 Blog Post: https://blogs.windows.com/windowsexperience/2024/06/07/update-on-the-recall-preview-feature-for-copilot-pcs/

    Posted on

    Balancing Act: Microsoft’s “Recall” Feature

    The day before Microsoft Build 2024, Microsoft unveiled the future of Windows and the PC with what they dubbed “Copilot+ PC”. The build conference (as expected) has unveiled a plethora of innovations aimed at developers and of course AI has at heart of everything.

    One of the key pieces of innovation announced at Build and at the Copilot+PC launch was the new AI-powered ‘Recall’ feature which will be coming soon to Windows 11 and will be enabled on devices with the new Copilot+PC powered by the new SnapDragon Elite processors.

    This new AI powered feature promises to revolutionise how we interact with our digital histories, but it also raises important questions about privacy.

    What is Microsoft Recall?

    Recall is designed to transform searchability and predictive search within Windows 11 by recording / snapshotting user activities on their device. It captures snapshots of your screen every five seconds, allowing you to search and retrieve past activities, including app usage, communications in live meetings, and websites visited – giving you (and it) the ability to rewind time to any point (subject to configuration) to help you find what you need or pick up from where you left off. Your snapshots are then locally stored and locally analysed on your PC.

    Microsoft Recall – Image (c) Microsoft

    Recall’s analysis allows you to search for content, including both images and text, using natural language. Nothing is shared with other users or used to train their AI models. Privacy, Microsoft say is key!

    The Promise of Recall

    The benefits of Recall are immense. Imagine being able to revisit any moment of your digital life (work or personal), retrieve information from a past meeting, or recall a website or document you reviewed yesterday, last week or last month. This could significantly boost productivity and ensure no detail is ever lost in the digital ether. To “recall” this information, you simple “describe how you remember” using natural language, and Recall will retrieve the moment you saw it. In Microsoft’s blog post around this, they use this example:

    Trying to remember the name of the Korean restaurant your friend Alice mentioned? Just ask Recall and it retrieves both text and visual matches for your search, automatically sorted by how closely the results match your search. Recall can even take you back to the exact location of the item you saw.”

    Do we need Recall – what is wrong with search and history?

    Recall does sound awesome and very clever – but are Microsoft is creating a solution for a problem that isn’t really there?

    Microsoft said in the announcement “We set out to solve one of the most frustrating problems we encounter daily – finding something we know we have seen before on our PC. Today, we must remember what file folder it was stored in, what website it was on, or scroll through hundreds of emails trying to find it.”

    Personally, I think search works pretty well on Windows 11 anyway and Edge has a great history, favourites and collections feature to help me find stuff I was browsing (they even work across devices). So why do we need recall?

    Well…Recall will definately build on this make it much mich easier to find things and “go back in time”, essentially giving Windows 11 a “photographic memory,” as Microsoft explains it. The reason I think this will be a really awesome feature is less because I can never find something, but is more about the experience I want and am starting to expect from AI.

    A webpage, image or document we are looking at doesnt paint the whole picture and with search these things are isolated. Recall brings this all together. Maybe I was researching a trip or a topic – with recall it can colate the whole story, bringing together context, images, notes, documents, searches, websites together.

    Privacy Concerns

    Recall’s powerful capability to record and store every action poses significant privacy concerns and social media has been rife with this (no such thing as bad press right). The thought of someone else accessing this data is unsettling, yet Microsoft assures us that the data remains fully encrypted, local, and linked to that user’s profile. It is not shared with anyone, accessible by anyone or used to train their Large Language Models or dor advertising purposes.

    Of course, despite this, the potential for misuse cannot be ignored, especially if sensitive information like passwords or financial details appear on-screen so people I guess are rightfully concerned and since this is not actually “available” yet many of the concerns, assurances etc., are not yet “proven” either way.

    Microsoft has a FAQ section that explains how Recall works. This is something everyone panicking about Recall should read.

    Microsoft’s Safeguards

    The integration of Recall into Windows 11 by Microsoft is designed to keep user data secure and private. Personally and knowing how Microsoft always put the user in control of what is and is not enabled in Windows 11, I am personally not concerned, but understand why some might be initially.

    Secondly, Recall works on-device and not across the cloud. This means, no data leaves the PC to Microsoft’s servers. Microsoft will not improve its large language models using this particularly sensitive data. Microsoft say that they will also not use the data for targeting advrtisments. Recall data isn’t available to other applications.

    To mitigate these concerns, Microsoft has implemented several safeguards:

    • Recall will not capture InPrivate browsing or DRM-protected content.
    • Users can pause, stop, or delete captured content at any time
    • Users can exclude specific apps or websites from being recorded
    • Users can disable recall and not use it at all.

    I also wanted to share directly from Microsoft’s post around this – their approach around privavcy and responsible AI

    Microsoft has been working to advance AI responsibly since 2017, when we first defined our AI principles and later operationalized our approach through our Responsible AI Standard. Privacy and security are principles as we develop and deploy AI systems. We work to help our customers use our AI products responsibly, sharing our learnings, and building trust-based partnerships. For more about our responsible AI efforts, the principles that guide us, and the tooling and capabilities we’ve created to assure that we develop AI technology responsibly, see Responsible AI.

    Recall uses optical character recognition (OCR), local to the PC, to analyse snapshots and facilitate search. For more information about OCR, see Transparency note and use cases for OCR. For more information about privacy and security, see Privacy and security for Recall & screenray“.

    The Future of Recall

    As we move forward, the Recall feature will likely evolve, based on feedback from the Window Insider Community and MVPs. Microsoft will need to continually balance AI innovation with user trust, ensuring that privacy is not sacrificed for convenience and that users are given choice with regards features that record and track usage and interactions. The conversation around Recall is just beginning, and it will be fascinating to see how it shapes the future of digital interaction and privacy.

    In conclusion, Microsoft’s Recall stands at the crossroads of technological advancement and privacy. It’s a powerful tool that promises huge benefits but also requires careful consideration and management of privacy concerns. As with any new technology, it will be up to both Microsoft and its users to navigate these waters responsibly.

    Would love to hear your views on this? What do you think, excited for this new feature (on the new Copilot+PC hardware) or will you be turning it off or jumping OS!! 🙂 

    For more detailed information on the feature and its capabilities, please refer to the official announcements and resources provided by Microsoft.

    Posted on

    New Surface Pro 11 and Surface Laptop 7 | Copilot+PCs

    Surface Pro 11 and Surface Laptop 7

    After unveiling the next generation of Windows and Windows hardware (the PC), Microsoft also launched (available to order today), the first of their flagship Copilot+ PCs – the new Surface Pro 11 and Surface Laptop 7 – both powered by the latest Qualcomm Snapdragon Elite and Snapdragon X Plus Chipsets.

    Surface Pro and Surface Laptop start from £1049 and are available on pre-order today!

    Key themes are improved environmental statistics (with more than 72% recycled components), repairability, ARM (Qualcomm Snapdragon powered), upgraded screens and cameras.

    New Surface Laptop

    The latest Surface Laptop offers a modern design with ultra-thin bezels, a vibrant touchscreen, an AI-powered camera, superior audio quality, and a new haptic touchpad. This comes in both 13.8” or 15” screen options and are available in four different colours – Platinum, Black, Dune and Sapphire .

    Surface Laptop 15″ version provides up to 22 hours of video playback, while the 13.8” version offers around 20 hours – a staggering increase over previous iterations of the device making them perfect for hybrid, remote work and education. These both deliver exceptional performance and cutting-edge AI features.

    Microsoft say it is 86% faster than Surface Laptop 5 and can power up to three external 4K monitors. As a Copilot+PC it’s new NPU delivers a staggering 45 TOPS bringing new AI experiences and delivers industry-leading performance for seamless productivity. It includes a large variety of ports and features WiFi 7 technology.

    This has been redesigned from the inside out and is sleeker than ever before. It also has a brand new PixelSense touchscreen display with razor-thin bezels and 120Hz refresh rate, HDR technology, Dolby Vision IQ™vii and Adaptive colour technology which adapts perfectly to light for indoor or outdoor use. This generation, while including super responsive multi-touch, does not support use of Surface Pen and neither will Surface Laptop moving forward.

    New Surface Pro 11

    The newest Surface Pro builds on what has always been great with Surface, providing a versatile 2-in-1 laptop device redesigned for increased speed and longer battery life and to enable groundbreaking AI capabilities.

    Powered by Snapdragon® X Elite and Snapdragon X Plus processors, Microsoft say these deliver performance that is 90% faster than Surface Pro 9. They support up to three external 4K displays, with two USB 4 ports, and a new 13” display (with optional OLED with HDR technology). Surface Pro comes with WiFi 7 and optional 5G to keep you connected where ever you are.

    Camera’s get an upgrade too, with ultra-wide, quad-HD front-facing camera – the best Surface camera ever. This makes the new Windows 11 AI-powered Windows Studio Effects like Automatic Framing, keep you in focus, even as you move around your space. The upgraded 10MP Ultra HD rear-facing autofocus camera also supports 4K video.

    The new innovative Surface Pro Flex Keyboard, usable both attached and detached, offers improved stability, integrated storage and charging for the Surface Slim Pen. It also has a quiet haptic touch pad. Microsoft say that Surface Slim Pen also gets better – ink  flows which feels more natural with Zero Force inking, ultra-precise shading, 4,096 points of pressure sensitivity and a built-in haptic engine for a more natural writing experience… These are also backward compatible with previous Surface Pro models!

    The Surface Pro incorporates a higher percentage of recycled materials compared to the Surface Pro 9, featuring 72% recycled content within its enclosure. It is also designed to be serviceable, with an increased number of replaceable components, such as the motherboard, battery, and cameras, among others..

    It’s great to see Microsoft offering their customers more choice in this new realm of AI PCs with both Intel and Qualcomm options.

    What do you think about new line up?

    Proudly powered by WordPress