Introduction
Copilot was very much front and center at Microsoft Ignite last month. However, the Windows ecosystem also had lots of coverage. This includes Windows 11, new devices, Windows 365, and Windows 365 Link. Along with this, Microsoft talked in depth about the importance of the new Windows Security Initiative.
This forms part of the Secure Futures Initiative , a wider efforts to ensure everything access the Microsoft eco-system is secure by design and secure by default.
The Windows Security Intuitive is a comprehensive effort to ensure that Windows remains the most reliable and secure platform on earth. This blog summarise the key Windows and Devices announcements from Ignite 2024.
The Windows Keynote session at Ignite was delivered Pavan Davuluri, Aidan Marcuss, Navjot Virk and David Weston and can be viewed here on demand from Microsoft.
Windows 11 – The Most Secure Windows Ever
Windows 10 is end of life in October 2025, but Windows 11 has been mainstream now since 2021. Windows has always been the platform for innovation, meeting the needs of over a billion customers across enterprise, public sector, education, creators, developers and engineers. With this comes Microsoft’s responsibility to deliver the most reliable and secure platform.
The “CrowdStrike incident” back in July 2024, which impacted 8.5 million devices, was a stark reminder of the need for vigilance and innovation and the need to have better controls in place to protect the core of the Windows OS. “EU policy prevents Microsoft restricting access to its kernel”, but Microsoft have, following the global incident, announced the Windows Resiliency Initiative. This initiative aims at making Windows more reliable and secure for all customers, including those with mission-critical workloads but introducing changes to how both Microsoft and third-parties manage critical workloads and updates within Windows 11.
Changes After the Crowdstrike Incident
In the key note, David Weston shared insights from conversations with hundreds of customers, including CISOs, CIOs, and incident responders. The feedback highlighted the need for easier recovery, stronger resilience of critical security tools, and overall platform security. Microsoft is addressing these needs through the Windows Resilient Security Platform, which allows security product developers to build products outside of kernel mode, reducing complexity and improving recovery.
Changes in Windows coming…
- Improving Windows Reliability – with new capabilities to enable security product developers to build their products outside of kernel mode. This is known as the Windows Resilient Security Platform, which provides a flexible security API set and data collection points that can be used to build endpoint security products like detection and response or antivirus outside of the kernel. This change will help end-user protection and antivirus products provide a high level of security and easier recovery, with less impact on Windows in the event of a crash or mistake
- Quick Machine Recovery – This solution can execute targeted fixes from Windows Update on machines, even when Windows is unable to boot. This will allow for quick deployment of fixes that address files, drivers, or any other operation needed to recover a non-bootable machine.
- Strengthening Security Tools and Drivers – Microsoft are working with industry-leading security partners and the US Cybersecurity and Infrastructure Security Agency (CISA) to define new ways to increase resilience across the ecosystem. This includes adopting safe deployment practices, conducting additional security and compatibility testing for components like security kernel drivers, and developing strengthened incident response processes for streamlined coordination.
- Enhancing Identity Protection – To combat the increasing risk and success in cases of sophisticated phishing attacks, Microsoft has hardened Windows Hello, the built-in industry leading multi-factor authentication (MFA) solution. Windows Hello now supports passkeys, which means much of the web can be protected with MFA seamlessly. This enhancement ensures that users no longer need to choose between a simple sign-in and a safe one. This is one step further to help customers remove passwords from their environment.
- Local Administrator Protection – Microsoft is introducing administrator protection to address the challenge of over-privileged users and applications. With admin protection, everyone (even admins) will have standard user permissions by default and can make Windows system changes, including app installation, only when necessary and after authorising the change using Windows Hello. This reduces the risk of attacks by ensuring that employees, not malware, remain in control of Windows.
- Deep Collaboration with CISA – Microsoft and the CISA are providing a framework for the IT industry as a whole to ensure that all partners, customers, and organisations can stay ahead of evolving security threats. This collaboration aims to deliver software that is safe, secure, and resilient through secure by design, secure by default, and secure through delivery practices.
These changes and improvements are part of Microsoft’s commitment to making Windows reliable and secure for all customers, including mission-critical workloads. The Windows Resiliency Initiative represents a significant step forward in ensuring that Windows remains the most secure and reliable platform on earth.
Windows 11 – Ease of Migration, Management and Updates
Windows 11 builds on Windows 10 technologies and further simplifies the management and migration process to Windows 11. Windows 11 can be managed with the same tools and processes used for Windows 10, ensuring minimal disruption to the workforce. The compatibility with App Assure guarantees that all apps will work seamlessly on Windows 11.
In contrast, Windows 11 updates are 40% smaller in size, making it easier to stay up to date and reducing impact on users/employees as well as on network bandwidth, disk-space and time.
Windows 10 to Windows 11 – Compatibility with App Assure
App Assure is a key component of the Windows 11 upgrade experience as it was in the Windows 7 to Windows 10 experience. App Assure ensures that all apps are compatible with the new operating system through millions of real life feedback, crash reports and user feedback. This application compatibility is backed by Microsoft’s promise to address any app issues that may arise, providing peace of mind for businesses transitioning to Windows 11. The App Assure portal provides guidance, assurance and clarity of application and application version compatibility.
Updates, Hotfixes, and Autopatch
Windows 11 is introducing several new features to streamline updates and hotfixes.
- Quick Machine Recovery allows targeted fixes from Windows Update on machines that are unable to boot, ensuring quick recovery during incidents.
- Windows Hotpatch, available through Autopatch settings in Intune, delivers Patch Tuesday security updates directly to employees seamlessly in the background without requiring a restart, reducing interruptions and speeding up the deployment of security updates.
Windows Hotpatch is one that is super important. By using Windows Hotpatch through Autopatch settings in Intune, Microsoft say that 65% of Patch Tuesday security updates are delivered directly without requiring a restart. This significantly reduces restarts and interruptions, allowing security updates to be deployed 60% faster.
According to Forrester research, moving to Windows 11 delivers an impressive 250% return on investment over three years compared to Windows 10.
Windows Backup for Entra ID
Another exciting new feature announced at Microsoft Ignite is Windows Backup for Entra ID. This feature, available in public preview in early 2025, will help organisations ensure a seamless transition of use settings and preferences when setting up a new PC or performing a traditional reinstall which is typical with OS upgrades in larger enterprises.
With Windows Backup, employees can easily transfer their desktop background, icon size, and other preferences to a new device, ensuring a consistent and familiar experience. This reduces the time spent on setup, allowing employees to be productive faster and significantly reducing IT overhead and help desk calls.
Windows 11 – New devices and un-paralleled performance
Speed and Performance
Windows 11 is designed to deliver superior speed and performance. Bear in mind WIndows 10 is 10 years old and was designed for a pre-pandemic world and a world where AI didn’t touch the end-point.
Newer Windows 11 devices offer double the battery life and more than three times the performance of older Windows 10 devices.
Microsoft’s introduction of Copilot+ PCs and AI-PCs, built for AI workloads, is setting a new new standard for productivity, combining advanced AI inferencing capabilities with top-notch security and performance. Satya said in his key note that all applications will be rebuilt as AI apps and Windows is no different. Microsoft are re-writing their apps and OS for the AI era and simple examples include simple in-box tools like Notepad and Paint that have advanced AI capability.
Leading vendors like Adobe are adding new capabilities in their applications that leverage local NPUs found in new Windows 11 Copillot+ and AI PCs
The New Generation of Devices in Copilot+ PCs
The new generation of devices in Copilot+ PCs is designed to harness the full potential of AI. These devices (again bvery centre stateg at Ignite) come equipped with advanced AI inferencing capabilities, enabling them to handle complex workloads with ease. Their Neural Processors (NPUs) can operate at more than 45 Trillion Operations a Second (TOPS) providing the fastes edge AI processing in the world. The integration of AI into these devices not only enhances productivity but also ensures that security measures are robust and effective.
With features like real-time threat detection and automated responses, Copilot+ PCs provide a secure and efficient environment for businesses and consumers.
The day after Ignite, Microsoft also released Recall and Click-To-Do into public preview for users enrolled on the Windows Insider Programme.
Windows 11 – Sustainability and Windows 365
Modernising isn’t just about cost savings; it’s about the collective responsibility and impact on the global economy, our business and the environment. Microsoft has committed to advancing sustainability, and adopting Windows 11 helps in achieving your company’s sustainability goals.
Microsoft boldly shared that Windows 11 reduces energy use as the “world’s first carbon-aware OS” and offers Energy Saver, increasing energy efficiency by up to 22%.
Microsoft talked about their own devices, Surface which are manufactured using recycled materials and more renewable energy. As an example, Surface enclosures use 100% recycled aluminum alloy and 100% recycled rare earth materials. They also used this time to share existing and new programs to help organisations reduce e-waste with the recycling and refurbishment opportunities available across our ecosystem partners such as Cisilion. There’s a dedicated sustainability site for Surface -> here <-
Microsoft also shared several examples of how organisations can extend the life of (and even breath new life into) older hardware with Windows 365 without sacrificing security protection or experience.
Windows 365 and Windows 365 Link
Microsoft shared how Windows 365 plays can not only play a crucial role in this sustainability effort but also used the opportunity to announce their new dedicated “thin client” device called Windows 365 Link.
Priced at $349 and available from Spring 2025, these dedicated low power, sustainability built devices can provide local compute power but with no IT footprint to securely streams employees full personal Windows 11 desktop with all their apps, content, and settings directly from the Microsoft Cloud.
Windows 365 can run on any device include Web, dedicated devices like Windows 365 Link, and even mobile devices on iOS and Android as well of course as legacy Windows 10 devices and even Windows 11.
The flexibility of Windows 365 allows businesses in any sector and any size to reduce their IT infrastructure and management complexity while providing a consistent and secure experience for employees. Windows 365 is designed to complement your Windows 11 end user computing estate, enabling more endpoints and form factors, and unlocking more value and options for businesses.
Windows 365 is also great for contractors, testing migrations to Windows 11 and also for running secure workloads as well as for education and front line workers.
What have I missed?
There were lots of announcement around Windows and Devices at Ignite. The Windows Security Initiative clearly represents a significant step forward in ensuring that Windows remains the most secure and reliable platform.
With new enhanced security measures, simplified management and migration, seamless compatibility with App Assure, and innovative update mechanisms, Windows 11 is promising to deliver unparalleled speed, performance, security, agility and management.
Links:
- Ignite Video: https://ignite.microsoft.com/en-US/sessions/GS06
- Surface Sustainabilty: https://www.microsoft.com/en-us/download/details.aspx?id=55974
- Microsoft Sustainability: https://www.microsoft.com/en-us/sustainability/surface?wt.mc_id=MVP_309187