This month, our Windows team shared a candid update on how we're thinking about Windows quality, what's changing behind the scenes, and how your real-world feedback is shaping the platform. It's all in a post entitled Our commitment to Windows quality. Windows + Devices EVP Pavan Davuluri walks through how we identify issues, prioritize fixes, and how the Windows Insider community helps make Windows more reliable before updates reach production environments. It's a helpful read if you're interested in learning more about how we build, measure, and strengthen Windows quality.

Now on to more highlights from March in this month's edition of Windows news you can use.

New in Windows update and device management

• [AUTOPATCH] – Windows Autopatch update readiness is now generally available. It includes new capabilities to help you proactively detect and remediate device update issues. Reduce downtime, improve update success, and lower the security risk that comes from devices that aren't up to date.
• [HOTPATCH] – Windows Autopatch is enabling hotpatch updates by default starting with the May 2026 security update. This change in default behavior will come to all eligible devices in Microsoft Intune and those accessing the service via Microsoft Graph API. New controls are available for those organizations that aren't ready to have hotpatch updates enabled by default.
• [RSAT] – Remote Server Administration Tools (RSAT) are now officially supported on Arm-based Windows 11 PCs. You can now remotely manage Windows server roles and features using Windows devices built on Arm processors, just as you would with traditional x64-based PCs.
• [SECURE BOOT] – The March 2026 security update introduces two new PowerShell features to help you manage the ongoing Secure Boot certificate rollout. The Get-SecureBootUEFI cmdlet now supports the -Decoded option, which displays Secure Boot certificates in a readable format. The Get-SecureBootSVN cmdlet lets you check the Secure Boot Security Version Number (SVN) of your device's UEFI firmware and bootloader. Use it to report whether the device follows the latest Secure Boot policy.
• [PRINT] – Instead of requiring device-specific drivers, Windows is now released with a single, universal, inbox-class driver based on the industry standard IPP protocol and Mopria certification. If you're using a traditional x64 PC, including the latest Copilot+ PC running on Arm-based silicon, the print experience is the same: plug in (or connect over the network) and print.
• [W365] – Windows 365 Frontline in shared mode is now available in Brazil South, Italy North, West Europe, New Zealand North, Mexico Central, Europe, Norway East, France Central, Spain Central, Germany West Central, and Switzerland North. Windows 365 is now available for Government Community Cloud (GCC & GCC-High) organizations in the US Gov Texas region. In addition, multi-region selection is now available for Windows 365 GCC & GCC-High.
• [RDP] – Microsoft recently released a sample repository demonstrating how to build Remote Desktop Protocol (RDP) plugins using modern tools and development patterns.

New in Windows security

• [DRIVERS] – Starting with the April 2026 security update, Microsoft is removing trust for all kernel drivers signed by the deprecated cross-signed root program. This update will help ensure that by default, you can only load kernel drivers the Windows Hardware Compatibility Program (WHCP) passes and signs. This new kernel trust policy applies to devices running Windows 11 and Windows Server 2025.
• [SECURE BOOT] – Catch up on the latest FAQs by watching the March edition of Secure Boot: Ask Microsoft Anything (AMA) on demand. The next AMA will be April 23, 2026. Save the date and post your questions in advance or during the live event. New guidance and resources are now available, including:
  • Video deep dive: Secure Boot certificate updates explained
  • Guide: Secure Boot troubleshooting
  • Reference: A closer look at the high confidence database
  • Documentation and sample PowerShell scripts: Sample Secure Boot E2E automation
  • Guide: Secure Boot certificate update status in the Windows Security app[SYSMON] – System Monitor (Sysmon) functionality is now natively available in Windows. Capture system events for threat detection and use custom configuration files to filter the events you want to monitor. Windows writes captured events to Windows Event Log, which allows security tools and other applications to use them.
• [WDS] As announced in January 2026, the Unattend.xml file used in hands‑free deployment with Windows Deployment Services (WDS) poses a vulnerability when transmitted over an unauthenticated RPC channel. Beginning with the April 2026 security update, the second phase of hardening changes for CVE-2026-0386 begins. These changes will make hands‑free deployment disabled by default to enforce secure behavior. For detailed guidance, see Windows Deployment Services (WDS) Hands‑Free Deployment Hardening.

New in AI

• [W365] [AGENTS] – Curious about the difference between Windows 365 for Agents and Microsoft Agent 365? Explore the distinct role of each product and learn how to use them together to run agentic workloads securely, at scale, and under enterprise governance.

To learn about latest capabilities for Copilot+ PCs, visit the Windows Roadmap and filter Platform by "Copilot+ PC Exclusives."

New in Windows Server

For the latest features and improvements for Windows Server, see the Windows Server 2025 release notes and Windows Server, version 23H2 release notes.

• [EVENT] – Save the date for the Windows Server Summit, May 11-13. RSVP for three days of practical, engineering-led guidance on real-world operations, security, and hybrid scenarios supported by live Q&A.
• [NVMe] – A basic NVMe-over-Fabrics (NVMe-oF) initiator is available in the latest Windows Server Insiders build. This release introduces an in-box Windows initiator for NVMe/TCP and NVMe/RDMA, enabling early evaluation of networked NVMe storage using native Windows Server components.

New in productivity and collaboration

Install the March 2026 security update for Windows 11, versions 25H2 and 24H2 to get these and other capabilities, which will be rolling out gradually:

• [RECOVERY] – Quick Machine Recovery now turns on automatically for Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management. These devices receive the same recovery features available to Windows Home users. For domain‑joined or enterprise managed devices, Quick Machine Recovery stays off unless you enable it for your organization.
• [NETWORK] – A built‑in network speed test is now available from the taskbar. The speed test opens in the default browser and measures Ethernet, Wi‑Fi, and cellular connections.
• [CAMERA] – Control pan and tilt for supported cameras in the Settings app.
• [SEARCH] – Using search on the taskbar? Preview search results by hovering and quickly seeing when more results are available with group headers.

New features and improvements are coming in the April 2026 security update. You can preview them by installing the March 2026 optional non-security update for Windows 11, versions 25H2 and 24H2. This update includes the gradual rollout of:

• [SECURITY] –You can turn Smart App Control on or off without needing a clean install.
• [SETTINGS] – The Settings > About page now provides a more structured and intuitive experience. Get clearer device specifications and easier navigation to related device components, including quick access to Storage settings.

Lifecycle reminders

• Windows 10 Enterprise 2016 LTSB and Windows 10 IoT Enterprise 2016 LTSB will reach end of support on October 13, 2026. Windows Server 2016 will reach end of support on January 12, 2027. If your organization cannot migrate to newer, supported releases in time, explore the options available to help you keep your devices protected with monthly security updates. Extended Security Updates (ESU) are now available for purchase for Windows 10 Enterprise 2016 LTSB.

Check out our lifecycle documentation for the latest updates on Deprecated features in the Windows client and Features removed or no longer developed starting with Windows Server 2025.

Additional resources

Looking for the latest news and previews for Windows, Copilot, Copilot+ PCs, the Windows and Windows Server Insider Programs, and more? Check out these resources:

• Windows Roadmap for new Copilot+ PCs and Windows features – filter by platform, version, status, and channel or search by feature name
• Microsoft 365 Copilot release notes for latest features and improvements
• Windows Insider Blog for what's available in the Canary, Dev, Beta, or Release Preview Channels
• Windows Server Insider for feature preview opportunities
• Understanding update history for Windows Insider preview features, fixes, and changes to learn about the types of updates for Windows Insiders

Join the conversation

If you're an IT admin with questions about managing and updating Windows, add our monthly Windows Office Hours to your calendar. We assemble a crew of Windows, Windows 365, security, and Intune experts to help answer your questions and provide tips on tools, best practices, and troubleshooting.

Finally, we're always looking to improve this monthly summary. Drop us a note in the Comments and let us know what we can do to make this more useful for you!

---

Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.

Learn what’s new in Copilot Studio: Multi-agent systems are now generally available, plus recent updates to the Prompt Editor and governance controls.

The post New and improved: Multi-agent orchestration, connected experiences, and faster prompt iteration appeared first on Microsoft 365 Blog.

Liz Hoffman of Semafor joins us for our weekly discussion of the latest tech news. We cover: 1) Why OpenAI bought TBPN 2) The best possible explanation for why OpenAI did it 3) Does the deal really accomplish OpenAI's content marketing goals? 4) Will TBPN convince any non-believers that AI is good? 5) OpenAI's Fidji Simo takes medical leave from the company 6) SpaceX files to go public at a potential $2 trillion market cap 7) Will SpaceX and Tesla merge? 8) Some AWS servers are "hard down" in Bahrain and Dubai 9) More on the private credit worries 10) Big Technology is not for sale!

---

Enjoying Big Technology Podcast? Please rate us five stars ⭐⭐⭐⭐⭐ in your podcast app of choice.

Want a discount for Big Technology on Substack + Discord? Here’s 25% off for the first year: https://www.bigtechnology.com/subscribe?coupon=0843016b

Want to advertise in Big Technology? Write bigtechnologypodcast@gmail.com

Learn more about your ad choices. Visit megaphone.fm/adchoices

Download audio: https://pdst.fm/e/tracking.swap.fm/track/t7yC0rGPUqahTF4et8YD/pscrb.fm/rss/p/traffic.megaphone.fm/AMPP7510351765.mp3?updated=1775265828

---

---

ai.u crew continue their discussion on using new AI tools to “automate yourself,” focusing on agentic products like Claude Cowork, Microsoft Cowork, and Perplexity Computer, how to get started, and subscription costs. They note Claude’s $20/month plan is quickly token-limited and may require upgrading to a higher tier (about $125/month) for sustained use. Kevin describes Cowork controlling a browser to complete a driver safety course (with user oversight), building presentations, and scraping hundreds of sites to assemble a financial model, while cautioning that token use can make simple web tasks inefficient and that guardrails are necessary. Travis highlights common low-hanging uses like consolidating transcripts/emails into documents and raises tensions with websites that block bot behavior, the ad-driven web, and paywalls. The group debates how agents shift attention, incentives, and agency, increase output volume, distance people from work and reality, and change how they read, learn, and connect online, while noting growing experimentation across nontechnical professionals.

00:00 Welcome Back and Setup

00:37 Part Two on Automation

01:46 Getting Started With Claude

02:02 Pricing and Token Limits

03:19 Kevin Tests Cowork

03:53 Driver Safety Course Demo

05:22 Scraping and Token Tradeoffs

07:20 Travis Low Hanging Use Cases

08:05 Web Bots vs Site Defenses

09:54 Ads and the Agentic Web

17:18 Subscriptions and Paywalls

19:54 Claude Add Ins and Dispatch

22:44 Building Pitch Decks Fast

23:58 Agents Change Human Attention

25:34 Personal Assistants and Insularity

28:11 Debating an Article With AI

29:28 Simulated Debate vs Humans

30:06 AI Comment Slop on LinkedIn

30:57 Skipping the Messy Learning

32:47 Everyday People Try AI

33:58 Life With AI Assistants

34:58 Developers and Abstraction Drift

36:23 Outcomes Over Outputs

37:04 Summaries and Shrinking Attention

37:59 Agents Gatekeeping Humans

39:12 Whose Agent Is It

40:01 Trust Without Expertise

41:44 Drowning in Agent Activity

43:22 Robots and Household Tasks

45:49 High Agency vs Low Agency

47:51 Writing for Agents Now

50:15 Proximity Still Matters

51:44 Subscription Agents Everywhere

52:39 Wrapping Up the Agent Era

53:43 Agents Talking to Agents

54:26 Final Sign Off

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit aiunprompted.substack.com



Download audio: https://api.substack.com/feed/podcast/193077366/1056d09d1bf36bcfdad3cacc6f7028a2.mp3