Microsoft has once again “clarified” rules that change how Dynamics 365 user license compliance is measured but could also simplify how to determine what user licenses are required. Many Dynamics 365 Finance + Operations customers should spend time now cleaning up security roles assigned to their users, before Microsoft potentially claims they are out of compliance. (Note: this change does not impact Dynamics 365 CRM customers.) 

What Happened?

On May 3^rd, 2025, I was going through the latest Dynamics 365 Licensing Guide to look for changes, when I noticed the addition of a sentence in Appendix E on page 56:

“Licensing requirements for these applications are determined by the role-based security assigned to each user.” 

“These applications” refers to the Dynamics 365 Finance and Operations applications: Finance, Supply Chain Management, Commerce, Project Operations, and Human Resources. 

The significance of the sentence is that the user licensing requirements for Dynamics 365 Finance and Operations applications have shifted from “what a user actually did” to “what a user could potentially do.” 

Previously, organizations were on the hook for a Dynamics 365 license based on the application users accessed, the routines they ran, and the type of data they updated. Microsoft provided some reports that gave guidance on what license users “might” require, but the ultimate test of license compliance was based on activities users performed. This could only be determined by viewing audit logs, which had their own limitations, or by evaluating the custom screens or custom applications users accessed, because these custom screens and applications programmatically limited what users could do. (In Nov. 2024, I wrote extensively about how to tackle user license compliance for our members in “Dynamics 365 User License Compliance: A Struggle that Benefits Microsoft.”) 

However—and this is a big however—going forward, the new sentence “clarifies” that what a user actually does is no longer relevant, because organizations are now on the hook for a Dynamics 365 license or licenses that cover security roles assigned to users. 

Why is this a Concern?

I’m concerned for companies who have enjoyed Microsoft’s relaxed approach to user license compliance and have routinely handed out higher security roles than needed, which now exposes the organization to new (sorry, “clarified”) license requirements. 

The licensing change won’t severely impact everyone, especially not those customers who were diligent with assigning security roles, but I do think it will be a problem in the following scenarios: 

Security roles applied for convenience. Many admins took the easy approach and assigned users with as many security roles as needed to get the user working and meeting any potential request, reducing the need for the user to come back and ask for more rights later. Is this a best practice? No. But we all know that it happens. 

Customizations using default security roles. This is the biggest issue. Most customers customize Dynamics 365 Finance + Operations in some way. They modify Dynamics 365 screens to remove certain fields or add access to other data, and some customers build or purchase custom applications that augment the Dynamics 365 service and access data directly. In these situations, an admin must still assign users with a security role, and those security roles (especially the default ones) often contain rights beyond what a user needs for the custom scenario. This is generally acceptable, because the custom screen or application limits what a user can do, so giving them excessive rights is a low risk. 

However, with the new sentence in the Licensing Guide, all users are required to have a license based on the security roles they are assigned, whether or not they actually perform activities allowed by those security roles. 

What Should Customers Do? 

Don’t panic. Although the change is in place as of May 2025, there is no automatic compliance check that will lock users out if they don’t have the right licensed assigned. What you should do is start planning for your next audit or renewal, so I recommend the following steps. 

1. Talk with your Dynamics 365 security admins and find out how big of an issue this is. They will have the best sense of the magnitude and risk for your organization. 

2. Adopt a “least access” approach to security roles. In other words, do the right thing and only assign users the security roles and features they need, rather than being overly generous. In many cases, this will involve building custom security roles that only grant rights to the features and data users actually need. Custom security roles are a common approach and nothing to be feared. 

3. Clean up existing security role assignments. Microsoft is previewing new license compliance reports that compare the security roles a user has (and therefore the license required) with the licenses users are assigned. The reports can highlight when users are under licensed, but I suggest using it as a starting point to determine if users have excessive security roles or could benefit from a custom security role that has a lower licensing requirement. 

4. Talk with developers who customize the Dynamics 365 service and determine if they used default security roles or custom security roles to provide access to their custom solution. Typically, custom solutions benefit from custom security roles that grants the least number of rights and therefore the lowest possible license requirement. 

Do you really read the Licensing Guide each Month? 

It’s been asked this many times and yes, I read through the new Licensing Guide every month, looking for changes that impact customers.  

I also keep a copy of most of them, in case I need to look back through time. I’m not sure anyone needs a “Dynamics 365 (On-premises) Enterprise Edition – Dec. 2016” licensing guide, but I have one. 

In a similar situation, last April, I wrote about how Microsoft “clarified” licensing rules about Dynamics 365 and Power Apps last April as well in “Dynamics 365 rights in Power Apps Subscriptions: Changes on the horizon.” 

Related Resources

Directions kit “Dynamics 365.” (Directions members only)

Licensing Reference Set for Dynamics 365 (Directions members only)

Microsoft has announced the planned retirement of SharePoint Alerts for SharePoint Online by July 2026.  SharePoint Alerts have been around since the dawn of time so if you have used SharePoint for a while in your organization, there’s a good chance you and your users will be affected as early as September 2025.  

If your organization is new to SharePoint, don’t get started now with Alerts. Evaluate using SharePoint Rules or Power Automate which are now the preferred methods of sending alerts (aka notifications). 

SharePoint Alerts are email or text notifications users can set up to track activity in the SharePoint sites they use.  Alerts apply to lists and document libraries and can be an extremely helpful tool when used wisely.  When users configure an alert, they can select the type of change that will trigger them, such as when anything changes, when someone else changes an item, or when someone else changes an item created or modified by the user.  To manage notification overload, users can also specify how often to receive alerts: immediately, daily or monthly.  Since this is a user-managed tool, you can imagine how many of these alerts may exist in your environment. 

SharePoint will turn 25 years old next year.  There’s a lot of legacy technology in the platform and the alert mechanism is among them.  It’s being replaced by a choice between SharePoint Rules and Power Automate, both using more modern technologies.  That doesn’t mean there won’t be pain.  Users are accustomed to the current alerts and must be prepared for the switch.  It’ll be a new experience which means organizations will have to educate and train them on which approach will be used (or both) and how to adjust their ways of working. 

What’s Microsoft’s Plan (and Yours)?

While Microsoft announced the end of SharePoint Alerts will be July 2026, it will begin turning off new alert creation as early as July 2025 for customers new to SharePoint.  Existing customers may start seeing new alert creation turned off starting in September of 2025.   

Start planning for the transition and exploring the modern approaches of SharePoint Rules and Power Automate.  To help with planning, you can use the Microsoft 365 Assessment tool to identify Alert usage and begin to understand the size of the task at hand. Users will begin seeing warning banners on various configuration pages in SharePoint so it’s important that you have a plan to communicate it out to your organization before panic ensues. 

Evaluate your options between SharePoint Rules and Power Automate.  You will have to determine when to use what and educate your users on the approach(es).  SharePoint Rules are native to SharePoint, but Power Automate is licensed and may incur additional costs.    

Communicate your plan to your users. And communicate it again. 

The Wrap Up

At this time, there is no indication from Microsoft of a migration approach from alerts to either SharePoint Rules or Power Automate.  This also only appears to apply to SharePoint Online for now.  However, since Microsoft removes other legacy technology from SharePoint Server, it may be coming to you in the future.   

Is this important to you?  Let me know what else you want to hear about by emailing me at dberry@directionsonmicrosoft.com.  

Microsoft’s annual Build developer conference is happening this week in Seattle. No big surprise: All things AI and, specifically, agents, are at the top of the announcement list. Surprise: There was quite a bit of news for those still developing on Windows, too. 

In no particular order, here are my top 10 takeaways from Day One of Build: 

1. Multi-agent is the new hot.  Organizations will soon be able to build multi-agent systems in Copilot Studio, where agents delegate tasks to one another. The agents can be built with the Microsoft 365 Agent Builder, Azure AI Agents Service, and Azure Fabric. The Copilot Studio capability to build multi-agent systems is now in preview. 

2. NLWeb is a way to turn websites into agentic apps. Natural Language Web (NLWeb) is a Microsoft-developed project for simplifying the natural language interface for websites. (It’s not clear what, if any, connection that OpenAI has with NLWeb. Other current sponsors of NLWeb include O’Reilly Media, Snowflake, Shopify, Chicago Public Library.) Microsoft says NLWeb was conceived and developed by R.V. Guha, former Google Tech Fellow who recently became a Microsoft CVP and Tech Fellow. Guha is the creator of RSS, RDF and Schema.org. 

3. GitHub Copilot is moving from pair programmer to peer programmer. GitHub Coding Agent (“Project Padawan”) is now generally available to all Copilot Enterprise and Copilot Pro+ customers. The agent is best suited to low-to-medium complexity tasks in well-tested codebases and can handle things like adding features and fixing bugs to extending tests, refactoring code, and improving documentation, Microsoft says.  

4. Copilot Studio is getting more and more “pro” dev features. As was evident at Ignite last fall, Microsoft increasingly is positioning Copilot Studio, its low-code/no-code development platform, as a tool for professional developers who need more powerful tools to build more complex agents. Microsoft is working on exposing a set of M365 Copilot APIs for developers. (So far, only the retrieval API is available in preview.) Microsoft is working to close the gap between Foundry and Copilot Studio by enabling a Bring Your Own Models from Azure Foundry capability, which is currently in preview. 

5. The MCP protocol is becoming increasingly key to building agents. Microsoft has joined the Model Context Protocol (MCP) Steering Committee is integrating MCP support across GitHub, Copilot Studio, Dynamics 365, Azure, Azure AI Foundry, Semantic Kernel, Foundry Agents and Windows 11. “Think of MCP as a universal USB-C connector for AI,” linking apps, agents and tooling in a standardized way. 

Windows: The Best AI Dev Platform?

6. The Windows 11 Copilot Runtime has been renamed “Windows AI Foundry.” AI Foundry is now Microsoft’s brand for the local-platform versions of Azure AI Foundry and are built for model selection, optimizing, fine-tuning and deployment across client and cloud. Microsoft officials say that Windows ML is the built-in inferencing runtime on Windows. Microsoft also announced a local version of AI Foundry for the Mac. Both of these local Foundry offerings are generally available. 

7. Microsoft is open sourcing the Windows Subsystem for Linux (WSL). They’ve already open sourced the “Mariner” Linux underpinning and the WSL-g UI layer. Now it also is open-sourcing most of WSL itself for “reasons.” Maybe the community will do something with direct access to WSL APIs? Microsoft also announced plans to open source the GitHub Copilot Chat Extension for VSCode “in the coming weeks.” 

8. Microsoft is expanding Entra, Defender for Cloud and Purview by embedding them directly into Azure AI Foundry and Copilot Studio to help organizations secure AI apps and agents across the entire development lifecycle. Entra Agent ID, a capability meant to manage built using Microsoft tools, as well as across select third parties like ServiceNow and Workday, is now in preview. 

9. SQL Server 2025 is now in public preview. The coming release of SQL Server is now available to testers. Microsoft is touting the integration of AI directly into the database engine “enabling more intelligent search.” It also has built-in vector search capabilities. 

10. OpenAI CEO Sam Altman and Special Government Employee and xAI Founder Elon Musk both appeared in Nadella’s keynote — via video. Musk talked up Microsoft hosting Grok 3 and Grok 3 Mini in Azure Foundry (like it already does with thousands of third-party models, including DeepSeek). Altman talked about OpenAI’s announcement of its Codex programming assistant (while making sure to show continued excitement about the great Microsoft partnership OpenAI enjoys).

To read about all of the Microsoft Build 2025 announcements, check out the Book of News. Fun Fact: There are more than 300 mentions of “agent” in Microsoft’s Build news. And around 30 mentions of “Copilot.” It’s hard to keep up, especially when it comes to AI branding at Microsoft….

Microsoft has announced it will provide security updates for Microsoft 365 apps running on Windows 10 until Oct. 2028, rather than until Oct. 2025, as planned. 

The company published an article on Microsoft Learn announcing the change on May 8, 2025. (Thanks to Neowin for the original link.)

Microsoft 365 apps would have continued to work on Windows 10 after Microsoft support ends for the operating system on Oct. 14, 2025, the company acknowledged, but they would have run unsupported. To try to deter customers from running these apps on Windows 10 after support ends, Microsoft officials have said running these apps on an unsupported OS could potentially cause “performance and reliability issues.” 

Microsoft is now planning to provide security updates to the Microsoft 365 Apps on Windows 10 until Oct. 10, 2028 “to help maintain security while you transition to Windows 11,” the Learn article notes. The new security update also applies to the subscription versions of the Project and Visio desktop apps, official said. 

The new security update extension does little, if anything, regarding Microsoft-provided support for M365 apps running Windows 10 after Oct. 14, 2025, the Microsoft Learn article says.  

If a customer with a valid Microsoft 365 subscription has issues with their apps, they will continue to be able to open support cases, but Microsoft support will provide only troubleshooting assistance. “Technical workarounds might be limited or unavailable,” the article says. Whether or not customers on Windows 10 have ESUs, they do not have the option to log a Microsoft 365 apps bug or request other product updates. 

Will Windows 10 Get a Security Reprieve, Too? 

Directions on Microsoft has asked Microsoft if there will be a similar three-year pushback on the date when security updates will no longer be provided for Windows 10. No word back so far. 

Update (May 13): A Microsoft spokesperson declined to answer the question we posed and instead provided a link to an April 2024 Microsoft blog post on when to use Windows 10 ESUs.

We’d point out that Microsoft provided an additional three years of security updates for Microsoft 365 apps on Windows 7 when Windows 7 was approaching its end-of-support date.

Given that Microsoft has announced it will be selling Windows 10 Extended Security Updates (ESUs) for three years and to consumers for one year, we’re thinking a delay on the end of support for Windows 10 seems unlikely. Microsoft is charging commercial customers USD $61 per device for Windows 10 ESUs for the first year, with the price doubling Years 2 and 3.  

However, if there are a substantial number of Windows 10 business and personal PCs still running after Oct. 10 this year, the security risk caused by these systems will be substantial. Various market watchers have estimated that fewer than 50 percent of Windows PCs are running Windows 11. Microsoft is continuing to advise customers to move off Windows 10, either by upgrading to Windows 11 on eligible PCs, licensing Windows 365, or by buying new PCs that support Windows 11. 

Related Resources

Windows 10 end of support and Microsoft 365 Apps 

Meteor 2025: The Next Wave of Windows and Office Migrations (Directions members only) 

Directions Licensing Reference: Extended Security Updates for Windows 10 (Directions members only) 

Exchange Online will block Basic Authentication for SMTP client submission beginning in Sept. 2025, cutting off some devices and applications unless customers take action. At potential risk are devices such as mail-enabled document scanners and multifunction printers offering “scan to mail.” Applications that send e-mail alerts to groups of individuals, such as CRM applications notifying salespeople of a particular change, also could be impacted. 

But never fear: Microsoft is here to save you from your security insecurities – for extra fees, of course. 

Microsoft announced the Sept. 2025 Basic Authentication shutdown date last April, citing security risks as the cause. Microsoft gradually has been removing support for Basic Authentication and warning developers against it for years, saying the protocol is too vulnerable to brute force attacks.  

Time to Go ‘Modern’? 

Customers have several options to prevent mail cutoffs caused by the end of Basic Authentication. Generally, all users should be working to update e-mail senders to use “Modern Authentication,” while building interim solutions to deal with Basic Authentication senders still in use.  

Modern Authentication is Microsoft’s name for a set of more secure authentication protocols based on the OAuth 2.0 protocol. With an upgrade to Modern Authentication, a device or app can send mail through Exchange Online to internal and external recipients with minimal other changes.  

Many older devices and applications don’t work with Modern Authentication and cannot be upgraded. Conveniently, Microsoft does offer two e-mail services that accept SMTP client submission with Basic. However, both cost extra. (Got to keep those $20 billion USD-plus of Microsoft Security revenues coming in from somewhere) 

Other Options (for a Fee) 

The two ways Microsoft is offering to upsell you: 

High Volume Email for Microsoft 365 (HVE). This paid add-on to Exchange Online, in preview, accepts SMTP client submissions with Basic Authentication. But HVE, which Microsoft has said will be generally available in Sept. 2025, can only deliver to internal recipients in Exchange Online. As announced earlier this month, Microsoft plans to permit Basic Authentication with HVE until Sept. 2028. Customers get three more years of using a less-secure authentication mechanism, as long as they are willing to pay. Win-win?  

Azure Communication Services. This option offers video and voice calling over IP, SMS text, chat, and e-mail services that developers can build into applications. The e-mail services can accept SMTP client submission with Basic Authentication. Unlike HVE, Azure Communication Services can deliver to recipients inside and outside the customer organization, and the service already is generally available. But it doesn’t offer the same exact security, availability and privacy guarantees as Exchange Online. 

 Well-established third-party solutions such as Intuit Mailchimp and Twilio SendGrid are available, too, but they’ll also cost you extra.   

“Microsoft deserves credit for campaigning against Basic Authentication all those years,” says Rob Helm, a Directions analyst. “I hate to see it slowing down just short of the goal to sell tickets.” 

Related Resources

Microsoft to Block Basic Senders in Exchange Online in Sept. 2025 (Directions members only) 

Microsoft Introduces Control for Direct Send in Exchange Online 

While writing a report on Windows 365 Link earlier this year I realized my career has gone full circle. This realization struck me as a sign it was time to call it a day.

Everything Old is New Again

How is it my career has gone full circle? Well, it started when I graduated from university fifty years ago this year with an undergraduate degree in Biology. I couldn’t find work in biology. My first paying job out of college was working as a contractor in a community outside Edmonton, Alberta installing up-to four new RJ-11 jacks per house. Prior to that, most phones in residences were hardwired. I was paid by the jack, so I ensured each house got their four jacks, even if the fourth one was in the basement and totally unusable because it was in the first-floor joists next to the lightening arrestor where the phone line entered the house. From there I moved on to working for a company that took off-air signals from the CBS, NBC, and PBS stations in Spokane Washington from an antenna site on Mt. Kelly in British Columbia (Google Maps) and microwaved them across the Rockies so subscribers in Calgary and Edmonton could view them. For a fee. This was when CATV stood for Community Antenna, and it is also where my curiosity for networking began. Eventually I became responsible for making the billing system for the cable company work on a minicomputer running software from a company called CableData. Although I played around with early PCs including a Timex PC that hooked up to channel 3 on a TV working on the Control Data hardware and CableData software combined my curiosity about networking with a new curiosity about computers and software.

From there I moved onto working for Alberta Government Public Works, Supply and Services in the Terrace Data Center in Edmonton. There my job was to help keep IBM 327x terminals (Fig 1.), control units, and 370X front-end processors connected.

Fundamentally, these devices created a network where dumb terminals, which did minimal local processing, relied on the compute power in IBM mainframe computers. So, how did I get from here, working on mainframe networks to working on PC networking?

Well, it was about this time that IBM and IBM compatible computers started to enter businesses, mostly for spreadsheets. As was common on these early PCs, companies made add-in cards that could be inserted into the PC to provide specialized services, such as advanced memory management, local area network connections, and one in particular—called an IRMA card—that I was curious about because it claimed to allow the PC to emulate a 327X terminal by connecting to a controller (Fig 2). Actually, it was more than a claim, it really worked very well. We could now use PCs with IRMA cards in place of 327X terminals and the user could use PC apps and access the mainframe.

Although it runs a version of the Windows client OS, Windows 365 Link (Microsoft) completed the circle as it is dumbed down by software controls to be no smarter than a dumb 327X terminal.

It relies on the power of computers in a data center to do any heavy lifting compute wise. The circle is complete. My journey went from networking mainframes, mini-computers, and PCs and for all intents and purposes back to the mainframe again.

Be Curious

This struck me hard. It made me realize that I’d lost my curiosity for technology. And to be a good analyst you need to be curious. They say do something you like, something you’re passionate about. I think you’re better off doing something you’re curious about. And now I’m curious about the irises and wisterias in my garden. I’m curious about wood working. So that’s what I’m going to do now.

As I retire, I know I need to thank a lot of people for their support. This is a problem, because I know I will forget someone who was instrumental. If this is the case, I mean no slight, it is merely that I have always been bad with names.

Thanks Directions Subscribers

First, I want to thank Directions’ subscribers. I hope my analysis provided insights that saved you time and money. It was fascinating to learn about your businesses, and your technology requirements. And especially to learn how you exploit the potential of Microsoft’s products and services.

Thanks Directions’ Great People

I need to thank Paula and Marie, for editing my thoughts and ideas and making them understandable and readable. I’m sorry I never learned the rules for using em and en dashes and commas. I need to thank King Brian for taking my stick figures drawn in Visio and PowerPoint and converting them to charts and illustrations, so my reports were not just a wall of words.

Thanks Bev, Erika, Dean, Kim, Lauren, Marian, Mariia, Matt, Mona, Niki, Stephanie, and Will. You made sure I had everything I needed to do my job. But especially you ensured people could access my work and hopefully find some insights that were valuable.

Of course, I need to thank all the analysts at Directions—past and present—including Andrew, Anne Marie, Barry, Chris, Don, Greg, Jim, Josh, Mary Jo, Matt, Paul, Peter, Rob, Rob, Rob, Scott, Wes, et. al. I was humbled to work with such smart peers. And to Jeff and Rob for creating a company with few rules, a ton of intellectual freedom, time to research ideas, and where people could agree, discuss, debate, and even disagree (politely) about technology, strategy, and how to communicate meaningful information to people looking for real insights.

Just a Few More People That Really Helped

I know, they are starting to play the music to get me off stage, but there are just a few other people who work in the technology press, Microsoft, or other vendors who helped including Adrienne, Janell, Laura, Matt, Noury, Paul, Todd, and Woody. And to the managers at all the companies I worked at for realizing I had a modicum of talent and took a risk on me. I appreciate your confidence, and I thank you. I learned something I needed for the next stage of my career at each of the jobs along the way.

Figure 1 Attribution: Retro-Computing Society of Rhode Island, CC BY-SA 3.0, via Wikimedia Commons
Figure 2 Attribution: Konstantin Lanzet, GFDL, via Wikimedia Commons

Microsoft reported its Q3 FY25 earnings this week. Coming in at $70.1 billion USD in revenue for the quarter and earnings of $3.46 USD/share, the results exceeded expectations. Unsurprisingly, Microsoft execs gave most of the credit to the Microsoft Cloud and Azure, in particular. 

Microsoft Cloud – the Microsoft-defined bucket of commercial cloud properties including Azure, M365 commercial, Dynamics 365, etc. — delivered $42.4 billion USD in revenue, up 20% from the year-ago quarter. Azure and other cloud services revenue were up 33%, with 16 points of that coming from AI, they said. (Microsoft still doesn’t disclose Azure revenues in dollars.) And for Q4 FY25, Microsoft is projecting Azure and other services growth will be between 34% and 35%. 

Microsoft is still on track to spend $80 billion USD on building the datacenter/AI infrastructure during its fiscal 2025, which ends June 30. Microsoft opened datacenters in 10 countries across 4 continents this quarter alone. Last quarter, Microsoft officials had said they expected to be able to ease back on this spending starting in July, but because datacenter capacity demand is growing faster than it expected, “we now expect to have some AI capacity constraints beyond June,” CEO Satya Nadella said.  

Microsoft 365 Commercial Now at 430 Million Paid Seats 

In Jan. 2024, during its Q2 FY24 earnings call, Microsoft officials said the company had 400 million paid Microsoft 365/Office 365 seats. That figure is now 430 million paid commercial seats, up 7% year over year, as of this quarter, officials said. The growth is largely due to small/mid-size businesses and frontline workers. M365 consumer subscriptions are now at 87.7 million, in spite of Microsoft’s recent price increase. 

Microsoft still is not providing publicly a Microsoft 365 Copilot adoption number. Officials said Microsoft 365 Copilot is being used by “hundreds of thousands of customers” and is up three times year-over-year. (It’s not clear whether this count includes the “free” Microsoft 365 Copilot Chat, but as officials didn’t mention these are “paid” seats, I’m guessing Microsoft 365 Copilot Chat is part of these totals.) 

• A few other enterprise-focused datapoints Microsoft officials shared in the earnings call: 

• There are 21,000-plus paid Fabric customers now, up 80% year over year. Real-time intelligence is the fastest growing workload in Fabric. 

• The Microsoft Phi small language model has been downloaded 38 million times. 

• There are now more than 15 million GitHub Copilot users, up more than four times year-over-year. 

• There are now 56 million monthly active Power Platform users, up 27% year over year. 

• Windows 11 commercial deployments are up 11% year over year. (Note: Most PC-tracking firms say Windows 11 is still on fewer than 50% of work and personal-use PCs.) 

• Windows OEM and Devices revenue was up 3% year over year, which is ahead of expectations as tariffs imposed by the U.S. government led to uncertainty through the quarter. 

Datacenter Slow-Down: Nothing to See Here, Microsoft Says 

As expected, almost all of the Wall Street analyst questions at the end of the April 30 earnings call were focused on reports that Microsoft recently has been pulling back on planned AI/datacenter spending. Chief Financial Officer Amy Hood and Nadella claimed these reports are the result of analysts paying more attention than before to Microsoft’s CapEx spending patterns. (Hmm…) They maintained that Microsoft is making normal adjustments to datacenter build-out plans that were originally created years ago, based on current demand signals.  

Hood emphasized that Microsoft’s CapEx plans are not entirely about AI. She told analysts that non-AI spending was higher than expected in Q3. 

 “The real outperformance in Azure this quarter was in our non-AI business. The only real upside we saw on the AI side of the business was that we were able to deliver supply early to a number of customers,” Hood said. 

Watch for Microsoft’s Coming Sales Reorg 

Separate from earnings, Microsoft announced internally a sweeping sales reorg late last week that will take effect July 1. The company looks to be trying to flatten the sales org and is moving a lot of the vertical businesses around into new operating units.   

Microsoft’s current sales org is designed around six solutions areas: Modern work, Business Applications, Digital & App Innovation, Data & AI, Azure Infrastructure, and Security. The plan is to combine these into three areas: AI Business Solutions, Cloud & AI Platforms, and Security. 

Microsoft is making a big push to build up technical expertise in the field and is requiring sales to meet certain AI skilling criteria over the next couple of months as part of its effort to “accelerate AI transformation.” 

Microsoft Q3 FY25 Earnings Slides, Transcript 

Microsoft explains new datacenter ‘pause’

Calls for European countries and customers to reduce their reliance on the biggest U.S. cloud providers seem to have hit a nerve in Redmond. On April 30, Microsoft announced five new digital commitments meant to reassure European customers that Microsoft has their back, in spite of the chaos caused by the current U.S. government regime with tariffs, regulation, threats over data access and more. 

As enterprises know, it’s not a trivial matter to switch clouds or try to repatriate workloads and apps from the cloud back to on-premises. It’s one thing to talk about reducing dependencies on U.S. tech providers and build alternative European-owned/run “Eurostacks.” But it’s another to put these kinds of plans into action. Microsoft officials know how difficult and expensive it is for customers to untangle themselves from Microsoft’s cloud once they’ve bought in. 

Whether Microsoft’s new commitments are more theatre or reality, these promises come with a number of questions.  

Build out or scale back? Which is it? 

On April 30, Microsoft pledged to increase its European datacenter capacity by 40% over the next two years and promised to expand datacenter operations in 16 European countries. This means Microsoft will “more than double our European datacenter capacity between 2023 and 2027,” and enable Microsoft to offer cloud services in more than 200 datacenters in Europe, according to Microsoft president Brad Smith. 

Smith and other Microsoft officials didn’t provide a list of the countries or share details on the costs of the planned expansion. They also didn’t explain how this expansion will jibe with the company’s recent moves to slow its previously announced AI and datacenter buildouts worldwide. In spite of its pull backs, Microsoft has continued to promise it will spend $80 billion on its datacenter infrastructure in fiscal 2025 (which ends June 30, 2025) and somewhat less in fiscal 2026. 

Smith also touted its partnership with smaller European cloud providers, via which Microsoft is enabling smaller hosting providers to deliver Microsoft apps and services on their local infrastructure under “more favorable terms than we make available to Amazon and Google.” Smith did not mention that Microsoft’s planned build out of its own datacenters might negatively affect the businesses of its smaller local provider partners. 

Smith did note that Microsoft is working on building more sovereign cloud datacenters and partnerships, which enable foreign governments and customers to run Azure in Microsoft’s public cloud datacenters with extra levels of encryption, administration and residency provisions. He cited the Bleu joint venture involving Microsoft, Capgemini and Orange, which enables Bleu customers to operate under French control, as well as another sovereign partnership in Germany involving Microsoft, SAP subsidiary Delos Cloud GmBH, and Bertelsmann IT subsidiary Arvato Systems, as examples of what Microsoft envisions in this space. 

He added that Microsoft will store back-up copies of our code in a secure repository in Switzerland and provide its European partners with the legal rights needed to access and use this code if needed.  

Microsoft: ‘We’re prepared to go to court’ 

Smith also said if any government ordered the company to suspend or cease offering cloud services in Europe, Microsoft would “promptly and vigorously contest such a measure using all legal avenues available, including by pursuing litigation in court.” Smith cited Microsoft’s “strong legal track record” in upholding the rights of its customers. 

But this promise only holds so far as the U.S. judicial system continues to operate lawfully. There have been signs that the Trump administration believes it is not beholden to follow rulings of various courts on a variety of topics. Smith did not address what would happen if the Trump administration simply ignores court-ordered actions around datacenter operations in Europe. 

“This is a good statement for customers,” said Directions on Microsoft analyst Wes Miller, “but we’ll have to see what the company actually delivers before customers can truly know how strongly Microsoft stands behind their words.” 

Related Resources

Microsoft announces new European digital commitments 

Microsoft president says company respects European laws amid US criticism 

Cloud Repatriation: A Directions on Microsoft podcast 

Microsoft Licensing for non-Microsoft clouds: A Directions on Microsoft podcast

Microsoft is continuing to rebrand and redefine its AI strategy and products, with “agents” as the newest centerpiece. Going forward, even the Microsoft 365 Copilot app, in spite of its name, is going to be all about agents. 

In September 2024, Microsoft made a number of announcements around Microsoft 365, agents and Copilot Pages, describing the collection of features as “Copilot Wave 2.” On April 23, Microsoft announced a further set of coming Copilot and agent deliverables as “Copilot Wave 2 Spring” release. 

Microsoft’s biggest Spring Wave announcement is its plan to revamp the Microsoft 365 Copilot app sometime in May 2025. The Microsoft 365 Copilot app is what used to be known as the Microsoft 365 app or Office app. It is available on the web, on desktop (Windows and Mac), and on mobile (Android and iOS), and is the hub for commercial customers who want to interact with their Office apps and documents. Confusingly, the Microsoft 365 Copilot app does not require a Microsoft 365 Copilot subscription; it also is available to work and school customers with Entra accounts and consumers with personal accounts.

Microsoft 365 Copilot App To Become An Agent Showcase 

The updated Microsoft 365 Copilot app will bear a strong resemblance to Microsoft Teams. The centerpiece is the Chat module (previously known as the BizChat and, on mobile, the Copilot module), which will give users access to chat history, Copilot Pages, and agents through the left navigation pane on the desktop and web versions. (Currently in the Microsoft 365 Copilot app, the Microsoft Search box is the centerpiece of the site.)  

The updated Microsoft 365 Copilot app left navigation bar (or bottom bar on mobile) also will feature the “Create” button, as it does now, but with the revamp, Create will point to a new image generator based on OpenAI’s GPT-4o.  

The revamped Microsoft 365 Copilot app will add some features already included in – or at least in the works for – the consumer version, such as the aforementioned image generation, personalization/memory and Copilot Search integration. 

Copilot Search is based on Bing search but includes generative and large language model integration. Microsoft is touting that Microsoft 365 Copilot Search will work across both first- and third-party apps (like Google Drive, Slack, ServiceNow, Confluence, Jira, etc.). Microsoft Search already can do this via Microsoft Graph connectors. Update (April 29): According to the Microsoft 365 Roadmap, the Microsoft 365 Copilot search preview will begin in June, with general availability kicking off in August 2025.

The revamped Microsoft 365 Copilot app will include an Agent Store. This store will include agents from Microsoft and third-party developers. We have asked Microsoft whether the Agent Store is a rebrand of the App Store, but no word back so far.  

Update (April 29): Microsoft officials said the Agent Store is completely separate from the App Store. The Agent Store will be generally available in May within Microsoft 365 Copilot, Microsoft 365 Copilot Chat and M365Copilot.com, Microsoft officials said.

Microsoft’s previously announced Researcher and Analyst reasoning agents will be in this Store and marked as “Frontier,” which is the new way Microsoft will refer to agents in early-access/preview that are available to those with a Microsoft 365 Copilot license while still in development.  

Update (April 29): Many of the new features announced as part of the Wave 2 Spring release are not going to be available to Microsoft 365 Copilot Chat customers, Microsoft acknowledged. “Features like Copilot Notebooks, Create, and Skills agent are limited to customers with a M365 Copilot license,” a spokesperson said when we asked.

Copilot = The Browser for the AI World (?) 

With agents becoming the newest AI darlings, Microsoft has been experimenting with various ways to talk about the relationship between agents and Copilots. One Microsoft exec said this week that Copilot acts “as the browser for the AI world.” Another Microsoft official said “Copilot is now your window into the world of agents.” 

Jon Friedman, corporate vice president of design and research at Microsoft, made it clear Microsoft is still trying to position Copilot as a single entity, even though there are tens of different Microsoft Copilots which work and act very differently and draw from different data sources.  

In explaining how and why Microsoft is revamping the Microsoft 365 Copilot app, Friedman told The Verge: “In my mind Copilot can be one branded experience, and it goes from warm and personal to performant and professional, and that’s what we’ve been working on together.” 

I doubt I’m the only one who thinks this sounds a lot like the strategy Microsoft is continuing to try to land – not so successfully – with Free (consumer) Teams and commercial Teams. 

Microsoft’s Copilot Wave 2 Spring Announcements

Microsoft’s Copilot Wave 2 Fall Announcements

Microsoft Plans for Improving the Management of Agents

Microsoft announced Unified Support, the replacement for its long-standing Premier Support program, in 2017.  As of July 2022, Microsoft no longer offered Premier Support agreements for renewing commercial customers and as of July 2024, no longer for renewing public sector customers. (Some of these public sector customers still could be covered under Premier contracts through at least 2027, technically.) 

Microsoft moved to its new Unified Enterprise Support plan in 2020. Unified Enterprise plans allow customers to choose from a menu of options around assessments, 24X7 technical support, case-management, and mission-critical services.  But pricing for this menu of offerings isn’t per hour; instead, it is priced on a percentage-based model tied to customers’ overall Microsoft spending. The minimum contract price is $50,000 and rates start at 8% to 10% of customers’ annual Microsoft IT spend. 

Many customers have complained about the high cost of Microsoft’s Unified Support. They’ve also publicly questioned Microsoft’s support quality, timeliness and more since Unified Support’s introduction. 

What Can a Customer Do?

Many customers are confused about when and if they should seek out alternatives to Microsoft Unified Support. To that end, we’ve worked with one of the largest third-party Microsoft support vendors, US Cloud, * to assemble a list of some of the biggest myths around Microsoft support that we hear and see from enterprises. 

Myth No. 1: Microsoft is your only option. 

A surprising number of enterprises default to Microsoft when it comes to support – either because they don’t realize there are some excellent alternative qualified support vendors or because they are still in the “Nobody Gets Fired for Buying Microsoft” mode. Customers do have support options, and your support bill will likely be a lot less (as will your resolution times).  

Myth No. 2: Microsoft Unified support is the safest support option. 

Enterprises who are licensed for many Microsoft products often assume the most reliable and least risky option for support for those products would be Microsoft. But that assumption isn’t true. Good third-party support vendors employ Microsoft-certified product specialists and have channels for escalating issues directly to Microsoft if and when needed. The situation is not so different from how consumers often choose to buy extended support contracts from their preferred appliance store providers rather than the appliance manufacturers. Doing so can lead to faster, better, more customized support.  

Myth No. 3: Microsoft does all its own support, making Unified Support the superior choice. 

Unsurprisingly, Microsoft doesn’t go out of its way to acknowledge that it outsources a considerable share of Microsoft Unified Support to external vendors and contractors. As a result, there’s often little or no continuity for customers when it comes to working with the same support engineers across multiple engagements. Sometimes Microsoft’s contracted support people are located in different countries and time zones, which can make coordination and data residency requirements challenging. Don’t assume because it’s called “Microsoft Unified Support” that your support is coming directly from Microsoft or that it will be delivered in a unified way. 

Myth No. 4: Enterprise customers are best served by renewing their Enterprise Agreements (EAs) and support contracts together. 

Microsoft often encourages enterprises to renew their Enterprise Agreements and Unified Support contracts at the same time. Via this “coterminous contract” approach, Microsoft advocates for customers to bundle both agreements into their next renewal or risk losing a deal next time around. However, this practice of aligning termination dates actually results in customers having one less opportunity to negotiate terms in their favor.  What looks like a customer convenience actually is more like a way for Microsoft to lock you into a deal that favors Microsoft. 

*Directions on Microsoft has a business relationship with US Cloud via which we recommend our customers interested in third-party support engage with US Cloud during their Unified Support agreement negotiations. 

Related Resources

Podcast: Microsoft Support: You’ve Got More Options Than You Think

From 2022: Premier Support Completes Transition to Unified Support (Directions members only) 

As largely expected, Microsoft will be increasing prices of its on-premises servers by 10% beginning July 1 (the start of its fiscal 2026). Prices for on-premises SharePoint Server, Exchange Server, Skype for Business Server all will get the 10% hike. And prices for the Core Client Access License (CAL) Suite and Enterprise CAL Suite will go up 15 and 20 percent, respectively, as of July 1. Note: If you are a Microsoft Enterprise Agreement (EA) customer with exclusively E3/E5 users, you will not be affected by these changes, as all your use rights for the products in question already are included in your suites. 

July is also when the new Exchange Server Subscription Edition (SE) and Skype for Business Server SE will be generally available, Microsoft confirmed in an April 3 blog post. (Microsoft officials previously had said to expect the new Exchange and Skype for Business Servers to arrive in early Q3 2025.) In order to deploy these new releases, customers must have either active Software Assurance (SA) or cloud subscription licenses for all users and devices that access them. 

Microsoft Exchange team officials said last year that Microsoft was planning to release the first Cumulative Update (CU) for Exchange Server SE in October 2025. That date now looks more like early 2026 at the earliest, based on information shared with Directions on Microsoft by Microsoft.  

CU1 is significant for a couple of reasons. Once customers deploy Exchange Server SE CU1, they no longer will be able to mix and match older and new Exchange Servers in the same installation. This means that companies moving to Exchange Server SE will have to get 100% of their servers there before they have to apply CU1, yet another turn of the Exchange Server SE squeezer. 

CU1 also is expected to be the vehicle for Microsoft to add support for Exchange Server SE for the new Outlook client for Windows. Currently, Microsoft doesn’t claim that the new Outlook works with on-premises Exchange (even though some customers seem to have found a way with a workaround and IMAP). 

“The licenses price hikes, the cutoff of old versions, the weak link with new Outlook, they all point to a single message: If you care about Exchange e-mail, get off Exchange Server,” said Directions analyst Rob Helm. 

A Separate Teams SKU Reprieve 

In other licensing-related news, Microsoft is backtracking on a previous policy that required customers moving from EAs to Cloud Solution Provider licenses from having to purchase Teams SKUs for a few dollars more per user separately from their Microsoft 365 subscriptions. 

“(P)artners who have customers with expiring Enterprise Agreements (EA) with Microsoft 365 E3 and E5 with Teams and Office 365 E1, E3, and E5 with Teams, which are end of sale (EOS), can renew into CSP and keep their Teams entitlement,” Microsoft said in an April 1, 2025, update to the Partner Center announcement site. Prior to this announcement, the standard policy for EA customers moving to CSP was that they were “net new” (to CSP) and thus could not purchase Microsoft 365 suites that contained Teams. 

To qualify, customers must have EA agreement subscriptions expiring in the coming six months or EA agreements in the “grace period” (having expired in the past 90 days). Directions has asked Microsoft if there will be any way for other customers who previously were considered net-new because of the change in license/channel to be grandfathered into the “With Teams” bundle under the new rule. No word back so far. 

Related Resources

Licensing and pricing updates for on-premises server products coming July 2025

Microsoft to add new monthly billing option, but at a 5% premium

Here’s another way to keep using classic Outlook (until at least 2029)

Exchange Server: Migrate Off Legacy Versions by Oct. 2025 (Directions members only)

What to know before you go Teams-less

The new ‘Net New’ rules for Teams

CALs Included with Online Services Suites (Directions members only)

Fifty years ago today, April 4, Microsoft got its start. A lot has transpired in that time. Microsoft has launched all kinds of products and services – from Azure to Zune. During that time, its three CEOs have weathered legal battles, executed many good (and not so good) acquisitions, and managed to change with the times better than just about any tech company still in existence. 

Directions on Microsoft has been covering Microsoft through all its phases for more than 30 of those years. Some of our analysts previously worked at Microsoft; others worked for Microsoft partners and Microsoft enterprise customers. So who better to take stock of Microsoft on this momentous occasion than the Directions analysts.  

Donning my journalist hat, I asked our analysts three questions: 

• What product, strategy, or event from Microsoft’s first 50 years do you still consider impressive (for its time or even to this day)
• What’s one (and only one!) product or strategy that you consider/considered ill-advise
• What’s one tip you’d give enterprise customers who will be sticking with Microsoft for at least part of its next 50 years

Their answers may (or may not) surprise you. 

David Berry 

The good: SharePoint, the product that has endured.  In 25 years, it’s grown, morphed and transformed from server product to cloud behemoth, birthed a global community of evangelists and events, and spawned an eco-system of vendors and products.  With the introduction of M365 Copilot, it transformed once again as a gold mine of organizational data for a new generation of productivity apps.    

The not-so-good: Windows Phone – When Microsoft introduced the Windows Mobile phone in about 2004, it failed to innovate and may have lacked vision as it rapidly lost share to Apple’s iPhone when launched in 2006 and later, Android.  Buying Nokia in 2011 was arguably Microsoft’s last significant effort to retake market share but it may not have been the best option.  While not a cure-all, RIM’s Blackberry may have been a better acquisition at the time with its secure email server, corporate clients and younger global consumer base for its Blackberry Messenger (BBM) service.  

Your tip: Stay flexible, my friends.  Technology is changing faster than ever, and quantum computing is on the horizon.  Maintain a flexible IT structure and organization for the adoption of new technologies Microsoft will introduce.  Invest in training to keep your workforce engaged and its skills current. 

Barry Briggs 

The good: Microsoft has an extraordinary, maybe even unique ability to cross chasms. The technology industry – indeed, all industries – are littered with the dead, decaying corpses of once-high-flying companies that couldn’t adapt: Digital Equipment, Wang, Lotus, Compaq, (maybe even) Intel. Microsoft, unlike any other company I can name, has demonstrated an unparalleled and frankly historic ability to confront, surmount, and thrive through paradigm shifts: GUIs, client-server, internet, cloud, AI. It’s really quite extraordinary. 

The not-so-good: Fighting the United States government. Microsoft’s long war with the Department of Justice over anti-trust consumed it for years, depressed the stock price, and hurt its reputation – when resources would have been better devoted to innovation. The good news is that they appear to have learned from it with a proactive CELA team working with, instead of at odds with, governments both in the US and globally. 

Your tip: Do what’s right for you. Microsoft positions itself, to the extent it can, as one-stop shopping. Know your requirements, do your homework, comparison-shop, negotiate, and bargain. Microsoft may well have the right products and services for you, but being an informed customer is better for you, your organization, and ultimately for Microsoft. 

Michael Cherry 

The good: Microsoft retaining the rights to sell DOS to other companies, besides IBM. Because the original IBM PC (code-named Acorn) was made mostly from off-the-shelf components, everything except the ROM-BIOS was available to and from other manufacturers. By reverse engineering the BIOS, IBM PC clones came to the market from a variety of vendors such as Compaq. This established the PC as a highly-configurable device that could run a wide variety of applications—creating the foundation for Microsoft to truly be a software company. 

The not-so-good: Not realizing that the antitrust case would be tried in a court of law, rather than the court of public opinion. In the former realm, Microsoft did not have the smartest people in the room, merely the most arrogant. 

Your tip: In the words of Ronald Reagan, trust but verify. Almost anything anyone at Microsoft tells you is accompanied by a significant amount of sales puffery. It is not that the product or service won’t work, but it won’t always work as advertised. The weird thing is, they believe what they are saying, and eventually it may all come to pass. 

Greg DeMichillie 

The good: Microsoft’s move to the enterprise datacenter.  If you told me, back in the days of Windows 3.x running on top of DOS, that nearly every Fortune 1000 company would have Microsoft software (let alone Windows!) in their data centers and powering their business, I’d have said you were nuts. But it happened.  A lot of the credit goes to Dave Cutler and the early Windows NT team – they built the foundation of the modern Microsoft. 

The not-so-good: Its obsession with consumer business. I don’t know why, but even as they make literal billions of dollars selling to businesses, the company has an inferiority complex around consumer business. So they keep trying to do things like Zune, or Xbox, or Bing. The only thing those efforts do is set money on fire and serve as internal distractions. 

Your tip: Keep Microsoft honest. The best way to control Microsoft costs has always been to have a credible alternative. Nothing makes the sales team sharpen their pencils more than a plausible plan to move to Linux. So keep them honest, invest in the due diligence needed to have an exit plan, even if you hope not to use it. 

Jim Gaynor 

The good: In terms of strategy, I’d say that the bundling of the Office suite back in the 1990s remains a masterstroke. Back then, all the business apps were standalone. Companies used WordPerfect, and Lotus 1-2-3, and dBase. What we take for granted as an office suite today was all individual programs. Microsoft’s products weren’t the strongest in their respective categories, but they were good enough in comparison and less expensive as a bundle than buying the individual best of breed programs. In the corporate world, where purchase decisions are usually made by finance rather than the actual users, that made buying Office the go-to choice (it’s good enough and saves us money!) and helped make it the corporate standard it has become. 

The not-so-good: Can I call out an entire category? Microsoft as a “consumer technology” company ended in the mid-late 1990s. With the exception of Xbox, Microsoft has had few wins of any measure there – and Xbox might have arguably flopped at launch if they hadn’t bought Bungie (the makers of Halo). So many of their attempts in that area have been utter misses either because they think of the technology first and the customer second, or because they’re more concerned about partners than the actual customers (such as the awful licensing terms for music purchased on Zune). 

Your tip: Microsoft’s an amazing technology company, but a lot of their financial success comes from bundling, licensing, and carefully choosing their direct customers – who are often OEMs, resellers, or even corporate procurement officers rather than the actual end-users of their products and services. It’s a strategy that’s worked well for decades and they’re very good at it. Keep that in mind as you continue to use their products in your enterprise; understand who their real customers are, and you’ll have a better handle on how to work with them in the future. 

Rob Helm 

The good: “Island driving”: As a business, Microsoft’s primary strategy over 50 years has been to expand from one monopoly (PC operating systems originally) into a new one with a few basic tactics such as bundling and volume discounting. The monopoly business always gave Microsoft something solid to go back to, lick its wounds, and try again — it never really had to “bet the company”.  

The not-so-good: Consumer brand envy. Competitors have been a great source of inspiration for its engineers, but the long rivalries with consumer brands like Apple, Google, Sony, and so on took billions out of investor’s pockets. Pursuing consumer Internet business did teach Microsoft how to run large data centers, however, which positioned it to enter cloud application and infrastructure services. And crashing in mobile and (initially) cloud infrastructure also cleared the way for Satya Nadella to become CEO. 

Your tip: Diversify. For every category where Microsoft is a big component of your IT spending, make sure there’s a credible competitor with at least a small foothold in your business. And as Microsoft continues to expand in the cloud, you can be one of those competitors, by retaining staff and vendors who can run at least part of your data center infrastructure. 

Wes Miller 

The good: Windows 95. An amazing product at the right time from an incredibly small team (by comparison to today) that changed the world. Outside of Xbox, the last time anyone stayed up until midnight to buy consumer computing technology from Microsoft at a store. 

The not-so-good: Windows Home Server. Sure, it had a small hobbyist market that it could appeal to – but the market for such a product was always extremely small. It was in many ways a product of Microsoft employees for Microsoft employees (or nerds of a feather.) 

Your tip: Be prepared to pay more than you want – prices rise and strategies change… you will need to iterate more rapidly on product versions than you ever had to in the past. 

Rob Sanfilippo 

The good: I keep coming back to Visual Basic on this one. It opened up GUI programming to a wide audience and influenced the way desktop apps would be designed for decades. It led to VBA, which still lives. And its tools performed surprisingly well on the hardware back in the day thanks to portions of it that were implemented in assembly. 

The not-so-good: Someone’s gotta say Microsoft Bob here, so Bob. Although, if generative AI were available back then… 

Your tip: There will always be a lot of noise coming out of Microsoft, but within that there is always a strong signal. Enjoy the noise, but stay alert, and keep fiddling with the tuning knob (using Directions, for example) to clear away the fuzz. 

Andrew Snodgrass 

The good: It’s got to be SQL Server. A beautiful product from the beginning to now. Met the needs for easy query and robust performance and security that others are still trying to emulate. 

The not-so-good: Windows ME. Two concerns: 1. Never let the interns influence product design. 2. You don’t always need to rewrite things. 

Your tip: Watch the pendulum swing. There’s a resurgence of moving back on-prem for a reason. Many are finding it too expensive to be in the cloud. But realize (tip 2) that on-prem will come with subscriptions now. You’re on the annuity train. 

Having covered Microsoft for more than 40 years myself, I can’t resist weighing in, too: 

Mary Jo Foley 

The good: I COULD say Notepad here and call it a day. But I’d also be remiss not to mention Microsoft’s development and launch of Azure. This was an impressive feat for a company with very little cloud experience to come together and pull this off fairly quickly and, largely, in secret. 

The not-so-good: Microsoft’s decision to go ahead and launch Windows 8 after all the negative feedback from enterprises who knew a touch-first experience would not work for businesses. I’m still befuddled that this happened, but glad Windows 8.1 and then, 10 didn’t take all that long to come to the rescue. 

Your tip: Remember that Microsoft’s ultimate goal is to make you dependent on its cloud and to upsell you to its priciest subscriptions (no matter what they say publicly about customer choice). Plan and negotiate with that in mind. 

A new Windows Roadmap from Microsoft documents some major and minor improvements that may become generally available in the near term, and provides information about some changes already in preview or generally available. However, it appears incomplete and downplays the reality that many Windows 11 users cannot access last year’s Windows 11 Annual Feature Update (24H2), which is still being throttled while Microsoft attempts to fix problems.

Filtering Required

One nice feature of the new roadmap is the ability to filter the entries based on a variety of criteria. For example, information can be filtered by Platform (Windows 11 PC versus Windows Copilot+ PC), Version (23H2 versus 24H2), Status (Preview versus Generally Available), and Channel (Retail versus Insider). For example, selecting “Windows 11 PC,” “23H2,” “Gradually Rolling Out,” and “All” shows five entries that started rolling out in Mar. 2025:

In addition to the information used to filter the entries, each entry also provides data such as the Rollout start, Expected availability, More (release) information, and Notes, with entries such as where customers can get the update.

Many Features Not Enterprise Focused

Many of the features in the roadmap are not likely to interest enterprises. For example, “Support gamepad navigation of software keyboard,” is more relevant to consumers, whereas “Improved CPU calculation” may interest consumers and Enterprises. But perhaps a bigger issue with the roadmap is that it has significant gaps. For example, searching for “Quick Machine Recovery” does not find a roadmap entry for work Microsoft is doing to automatically detect, diagnose, and resolve critical issues, which is now available in the Windows Insider Preview Beta Channel for Windows 11, version 24H2. This feature helps when a device gets stuck in the Windows Recovery Environment (Windows RE), which can require considerable time and expertise to resolve.

Getting a Complete Picture

If I were designing this kind of roadmap, I would merge what they’ve built with the known issues with Windows 24H2, so that customers might now when they would be able to get the latest Annual Update. After all, with Windows 11 24H2, it has been six months since general availability, and many users still are not able to get the update, while others are suffering from widespread problems and a general lack of stability after updating. These people will not get the value of the full term of the 24H2 support window through no fault of their own.

For Microsoft, 2024 was a big year for filling out its Copilot line-up. So far, 2025 looks to be the year of the agents.

Microsoft is planning to add several security-specific agents to its Security Copilot later this year. They will be available in preview in April, according to the company.

Microsoft made its Security Copilot available for Microsoft 365 commercial customers in April 2024. Security Copilot is a set of capabilities that integrate data from numerous Microsoft 365 services and Microsoft Sentinel and is available in its own console, as well as the Microsoft Defender XDR portal. Security Copilot is billed using a complex and confusing “Security Compute Unit” (SCU) meter of US$4/hour for the time the service is provisioned and used each month.

As opposed to assistants like Security Copilot, which are focused on UI/user interaction, agents are meant to autonomously handle specialized, multi-step tasks, alone or in concert with one another.

Agents: ‘The natural evolution of Security Copilot’

Microsoft officials say these coming agents “represent the natural evolution of Security Copilot” by managing high-volume security and IT tasks. They will provide automation across areas like threat protection, identity management, data security and more, officials said.

Microsoft’s newly announced Security Copilot agents include:  

• Phishing Triage Agent in Microsoft Defender for handling phishing reports
• Alert Triage Agents in Microsoft Purview for data loss prevention and insider risk alerts
• Conditional Access Optimization Agent in Microsoft Entra monitors for new users or apps not covered by existing policies
• Vulnerability Remediation Agent in Microsoft Intune monitors vulnerabilities and remediation tasks
• Threat Intelligence Briefing Agent in Security Copilot for curating threat intelligence.

Microsoft also is working on a Purview-specific solution, Purview Data Security Investigations, which will help teams analyze data-exposure risks using AI. Beginning April 9, DSI will be available in preview for admins and will require Purview pay-as-you-go and Security Copilot Security Compute Units.

In its blog post announcing the new Security Copilot agents, Microsoft also touted additional new agents for Security Copilot from various partners, including:

• Privacy Breach Response Agent from OneTrust
• Network Supervisor Agent from Aviatrix
• SecOps Tooling Agent from BlueVoyant
• Alert Triage Agent from Tanium
• Task Optimizer Agent from Fletch.

In related news, Microsoft is extending its ability to use Microsoft Defender to manage the AI security posture of models beyond Azure and Amazon Web Services (AWS) to include Google VertexAI, plus all models in the Azure AI Foundry model catalog. This capability will be in preview starting in May 2025 and will include Gemini, Gemma, Meta Llama, Mistral and custom models.

Microsoft is hosting a free, one-hour AI security virtual event, Microsoft Secure, on April 9, where company officials will provide more information and demos about Security Copilot, these new agents and other related tools. It plans to expand on these topics at the upcoming RSA Conference 2025 from April 27 to May 1 in San Francisco. For Microsoft, 2024 was a big year for filling out its Copilot line-up. So far, 2025 looks to be the year of the agents.

Related Resources

Microsoft announces new Security Copilot agents

Security Copilot generally available; value limited (Directions members only)

Data Security Investigations with AI

Microsoft is advising customers to replace its Skype consumer communications service with the consumer-focused Teams Free. But some customers may prefer to go elsewhere for their Skype replacement.

Microsoft will finally discontinue its Skype consumer calling service in favor of Teams on May 5, 2025, after years of expectations that the company would do so.

Microsoft’s Feb. 28 acknowledgement that Skype’s days are finished comes 14 years after Microsoft bought Skype for $8.5 billion, its largest acquisition to date at the time.

Microsoft is advising customers who still are using the Skype consumer service to move to the consumer-focused Free version of Teams. Microsoft says existing Skype users will be able to log into the Teams app and have their contacts, message history and more available automatically or opt to export their data from Skype to Teams. According to the announcement, if customers take no action by May 5, it will retain the user data until the end of 2025, when it will be deleted.

As part of the Skype phase-out, Microsoft is dropping support for calling domestic or international numbers through Skype. Those with Skype credits and subscriptions can continue to use them inside Teams until the end of their next renewals only, and current Skype Number users will need to move to a different provider.

There is no equivalent ability to buy calling only in consumer Teams, and calling in commercial Teams requires Teams Phone — an additional cost that requires more administration and management.

“In short, not only is Microsoft ending Skype, they’re ending consumer-facing calling service,” said Directions on Microsoft analyst Jim Gaynor.

However, with the growth in use of Skype alternatives such as WhatsApp, Zoom, and Telegram, Teams Free isn’t the only, or even most obvious, Skype alternative.

Skype for Business Server Marches On

Microsoft introduced Teams in 2017 and the consumer version of Teams in 2020 —which was built on a rearchitected back-end shared with Skype. When asked about Skype’s future after Teams’ introduction, Microsoft execs repeatedly said they believed there was a distinct need and place for Skype alongside Teams. But now they are saying they feel like they are in a good place with Free Teams.

Before Teams evolved into an enterprise-ready platform, Skype was a reasonable choice for businesses that wanted voice service for branch offices in other countries, and to talk to consumers for customer service or the like.

Microsoft’s announcement of the planned death of Skype has no bearing on the future of Skype for Business Server. In spite of claiming feature parity between Skype for Business Online and Teams in 2018, Microsoft continued to support Skype for Business due to customer demand.

Microsoft is planning to roll out Skype for Business Server Subscription Edition (SE) this year, just ahead of the end-of-support for Skype for Business 2015 and 2019 in Oct. 2025. (Microsoft discontinued its Skype for Business Online service in 2021.)

Related Resources

The Next Chapter for Skype

On the Path to Skype for Business Server SE (Directions members only)

From 2017: Skype as a Commercial Service (Directions members only)

Teams Phone Services Detailed (Directions members only)

Just a few days after the newest AI industry darling DeepSeek unleashed its latest model and app for free, Microsoft made DeepSeek’s R1 available in its own model catalogs.

Microsoft officials said that R1 is available via its own GitHub and Azure platforms. DeepSeek R1 on Azure AI Foundry platform is supported with “automated red teaming, content safety integration, and security scanning,” Microsoft officials said. Microsoft already offers more than 1,800 models, including industry-specific, frontier, and task-based models, via its catalogs.

DeepSeek is a Chinese startup founded by the Chinese stock trading firm High-Flyer. It is building products that will compete head-to-head with OpenAI’s ChatGPT and Google’s Gemini.

On Jan. 29, Microsoft also committed to making “distilled flavors” of R1 able to run locally on Copilot+ PCs “soon.” Microsoft plans to make NPU-optimized versions of R1 available for devices starting with those based on Qualcomm Snapdragon X, and later also on Intel Core Ultra 200V. (Some people already have downloaded R1 to their Windows PCs running various processors and are running it locally.)

Over the past few years, DeepSeek released various large language models and in Jan., it delivered its first chatbot app called DeepSeek-V3. Last week, DeepSeek released R1, along with a white paper claiming it could train its systems far more cheaply than the current group of AI leaders. DeepSeek’s code is largely (though not completely) open source.

The same day that Microsoft made R1 available on its own platforms, Microsoft and its partner OpenAI claimed DeepSeek may have copied output from ChatGPT beginning last fall. (As many industry watchers have pointed out, OpenAI is under scrutiny — and some lawsuits — for allegedly copying content from various companies to train ChatGPT.)

DeepSeek Doesn’t Spell the End of Microsoft’s Cloud, AI Spending Spree

Microsoft committed earlier this year to spending US$80 billion during fiscal 2025 (July 1, 2024 to June 30, 2025) on building out datacenters and supporting infrastructure, much of which will be dedicated to supporting AI.

Microsoft CEO Satya Nadella continues to maintain that Microsoft has been expecting AI costs to fall as large language models become increasingly commoditized, which will lead to more demand for those technologies. During the company’s FY25 Q2 earnings call on Jan. 29, Microsoft officials gave no indication that the company plans to reduce this spending, even if these costs fall, because running commercial-cloud apps and services will continue to require more compute, storage, and other building block pieces.

During Microsoft’s second quarter of its fiscal 2025, the company spent $22.6 billion, largely for building out its cloud and AI offerings, and is anticipating spending similarly in the next two quarters. In FY ‘26, however, Microsoft is expecting capex spending rate to slow a bit, officials said, with spending shifting back to assets that will directly impact revenue growth.

Microsoft also said during the Q2 earnings call that Azure and “other cloud services” grew 31 percent in Q2 year-over-year, which was down a couple of percentage points from the rate in previous quarters. Supply constraints were in part to blame for the slower growth rate, officials said. Thirteen points of Azure’s contribution in Q2 came from AI services growth, according to Microsoft.

Commercial bookings were up 67 percent year-over-year during the quarter — more than double the percentage of most recent quarters. Microsoft execs attributed that large number to a new large unspecified commitment from OpenAI, along with new commitments from new and existing customers; add-ons and upsells; E5 subscription growth; and demand for various Copilots.

Microsoft cloud revenues for the quarter were $40.9 billion. Total AI revenues are on track to surpass $13 billion annually, officials projected.

Related Resources

Microsoft releases DeepSeek R1 on Azure Foundry, GitHub

Microsoft says ‘distilled flavors’ of R1 coming to Copilot+ PCs ‘soon’

OpenAI, Microsoft call foul on DeepSeek’s training methods

Microsoft FY25 Q2 by the Numbers

Microsoft has been planning to quick-march customers of its Exchange Server enterprise e-mail software to subscription licensing with the coming Exchange Server SE release. But a key piece in its plan is late, which means customers will have to march even quicker.

Central to Microsoft’s plan is Exchange Server SE (subscription edition), which Microsoft has said will be available early in the third quarter of this year. Exchange Server SE will be the first new on-premises release of Exchange since Exchange Server 2019. Like SharePoint Server SE and Skype for Business SE, the coming Exchange release will require a subscription (or Microsoft’s subscription-like Software Assurance) in order to receive updates and security fixes.

Very shortly after Microsoft releases Exchange Server SE, both Exchange Server 2016 and 2019 will no longer be supported by Microsoft. On Oct. 14, 2025, customers of Exchange Server 2016 and 2019 will have to either leave Exchange Server for a cloud replacement (such as Microsoft’s Exchange Online) or move to Exchange Server SE.

To help customers comply with its tight roadmap, Microsoft planned to release an update to Exchange Server 2019, Cumulative Update 15 (CU15), which officials said would transform that Exchange Server 2019 into a product virtually identical to Exchange Server SE.

Update (February 10): Microsoft announced that it is making CU15, also known as the H1 2025 Cumulative Update for Exchange Server 2019, generally available as of today, February 10, 2025. Back to the rest of our original blog post:

CU15: Still a No-Show

However, CU15 has gone missing. In May last year, Microsoft said to expect CU15 sometime in the second half of 2024. In Sept., Microsoft quietly updated its blog post about its Exchange Server rollout roadmap by changing the CU15 due date to “H1 2025.” But then in Dec. 2024, officials said CU15 was on track to release in early Jan. 2025.

Directions on Microsoft asked Microsoft last week for an update on CU15’s release. After telling us the company had no comment, Microsoft released on Jan. 31 a blog post with answers to the questions we asked.

In the post entitled “When is Exchange 2019 CU15 coming (and more news),” company officials said they are still not ready to publicly release CU15 due to some unspecified “late issues” discovered by customers in its Technology Adoption Program.

But “We are almost ready for the release,” officials stated. (We analysts are not holding our breath at this point.)

Officials reiterated that Microsoft is not going to push back the timing of the RTM version of Exchange Server SE, which is still due in early in the second half of calendar 2025. In spite of the ongoing CU15 delays, Microsoft also is not postponing the end of support for Exchange Server 2016 or 2019; both still will get no more updates or security patches after Oct. 14, 2025.

A New Wrinkle: CU14 Supports Windows Server 2025

The blog post also said that Microsoft has updated Exchange Server 2019 CU14 so that it can run on Windows Server 2025 “so customers can build new servers on new hardware and OS.” Support for Windows Server 2025 was one of the features Microsoft had promised for CU15.

Customers posted a number of questions about this new revelation in the comments section of the blog post. They asked whether they would be able to upgrade Exchange 2019 CU14 directly to Exchange SE. They wondered whether CU14 supported the Windows Server 2025 Domain/Forest Function Level. They asked if the prerequisites would remain the same for CU15/SE. Microsoft had not responded to any of these questions as of Feb. 3.

One Silver Lining

There is one silver lining to this delay: It suggests that Microsoft is treating CU15 like a full-blown product release and taking the time to test it thoroughly, said Directions on Microsoft analyst Rob Helm.

In the end, customers determined to keep their e-mail systems on-premises or in hosting at a third party have to upgrade to Exchange Server 2019 (if they are still running the 2016 version). They can then use the time waiting for CU15 to do data archiving or other clean-up projects that could make the upgrade to SE go more quickly. They can also line up the people, labs, and other resources to deploy CU15 as soon as possible after it arrives.

A reminder: Exchange Server SE CU1, due in late 2025, will kill support for coexistence with Exchange Server 2016 and 2019 servers, eliminate the 2010-era Outlook Anywhere protocol, and deliver other possibly disruptive changes. Directions asked Microsoft if there would be any exceptions for customers who might need to run older versions while migrating from 2016 or 2019 to SE. Microsoft officials did not provide an answer to that particular question in its blog post.

Related Resources

Exchange Server SE: Coming to You in Q3 2025

When Is Exchange Server 2019 CU15 Coming?

Exchange Server 2016 and 2019: T-9 Months and Counting

Given Microsoft’s constant drumbeat around AI and Copilots in 2024, it’s not too surprising that the Directions on Microsoft members flocked to our coverage of those topics on our site. But the new Outlook, Microsoft Fabric, Extended Security Updates and non-subscription Exchange and Windows Server releases all were top of mind, too, as evidenced by page views on our web site. We believe what mattered in 2024 is a good indicator of what Microsoft customers will likely care about in the coming year.

Some of our Directions on Microsoft coverage is exclusively for our members and behind our paywall. When looking at traffic for those stories in 2024, our analyst reports on Copilots — everything from how to secure them, to how to evaluate them — dominated. We got a lot of reader questions about how to prepare their data for Copilots and how to calculate ROI to justify their use.

We created a regularly updated Copilot Comparison chart to help customers try to keep up with the naming, positioning, pricing and licensing changes of Microsoft’s main enterprise Copilots (and are making it available to non-members too, if they fill out this form). Given Microsoft’s emphasis in its own content on Copilot security and ROI last year, it seems like our members were not alone with these questions.

What Else Was on Enterprise Customers’ Radar?

But our most-trafficked Microsoft enterprise topics on our public blog (https://www.directionsonmicrosoft.com/blog/) tell a more expansive story, in terms of what Microsoft customers cared about in 2024. Here are our 10 blog posts in 2024 which received the most page views, ranked from highest on down:

1. Microsoft to support Classic Outlook for Windows for Some Until at Least 2029: Fear and loathing of Microsoft’s new Outlook continued in 2024, with many customers desperately seeking ways to continue to use Classic Outlook for as long as they can while Microsoft tries to add many of the key classic Outlook features to its new Outlook client. (We’ve been keeping close tabs on Microsoft’s feature list and hints about end-of-support dates and will continue to provide the latest details on this in 2025 and beyond.)

2. Ten Things You Need to Know Before Buying Microsoft 365 Copilot: This Nov. 2023 blog post, which we posted on Nov. 1 — the day Microsoft deemed M365 Copilot as “generally available” — included a number of hard-to-discover tidbits that many Copilot-curious customers still may not know. Even though it was posted in late 2023, it continued on to get lots of visits in 2024.

3. Exchange Server Subscription Edition: It’s Happening in Q3 2025: In May, Microsoft broke its two-year silence about what was next for Exchange Server. Customers are going to have to act quickly this year to stay supported (and the same applies for customers still using Skype for Business Server!)

4. Microsoft Fabric Takes Control of Power BI Licensing: Microsoft announced plans to retire several Power BI licensing and purchasing options, requiring customers to purchase new Fabric licensing and migrate existing workspaces. That’s one (not-so-great) way to get users to migrate to a new service.

5. Microsoft Adds Another Way to Get Windows Server 2012 and 2012 R2 Extended Security Updates: ESUs are an expensive way to continue to get security updates for Microsoft products that the company is no longer supporting. But there are other alternatives, including Azure Arc server enrollment (with some caveats).

Power BI, Paid Add-Ons and More

6. Microsoft’s Office LTSC 2024 Begins Rolling Out: Microsoft is all about subscription-based products, but not all customers are. The latest (but not final) non-subscription-based, perpetual version of Office launched in 2024 for commercial and volume-licensed government customers.

7. Microsoft VLSC Features Moving: Back in 2023, Microsoft began moving some of its Volume Licensing Service Center (VLSC) features to the Microsoft 365 Admin Center (MAC). In 2024, customers continued to be curious about where their cheese was moved.

8. Power BI Customers Beware: The Fabric Takeover Continues: Microsoft continued its push to get more customers to adopt its Fabric data analytics platform with strong-arm tactics, including retiring high-end Power BI features with Fabric as the only replacement option.

9. Paid Add-Ons to Microsoft 365 Are Multiplying: What’s a Customer To Do: Extra-cost features, apps and licenses that go beyond what’s included in the base Microsoft 365 E3 and E5 subscriptions grew more than four times over the past four years. Expect this trend to continue in 2025 and beyond.

10. Microsoft’s Remote Desktop Services days are numbered: Here’s Why: We warned customers in 2023 that even though Microsoft has not announced an official end-of-support date for its Remote Desktop Services (RDS) role for Windows Server, its demise looks increasingly likely. Support for RDS is expected until at least 2026, but it’s high time for users to be considering other options.

Thanks for reading! If you have any topics or questions you’d like the Directions analysts to tackle in 2025, reach out and let us know.

Related Resources

Directions’ Copilot Comparison Chart: Download the Latest Version

Directions’ Microsoft Copilots Kit (Directions members only)

Microsoft Copilots Timelines (Directions members only)

Microsoft Copilot Fundamentals (Directions members only)

How to Make Copilots Compliant (Directions members only)

The concept of a “polymath” became popular during the renaissance, when intellectual figures such as Galileo and da Vinci were expected to be well versed in the cutting edge of mathematics, physics, art, medicine, philosophy, and more. But somewhere along the past 400 years, knowledge has become too specialized for any one person to really master. I love Neil deGrasse Tyson and if I’m interested in what happened during the first few milliseconds after the Big Bang, Neil is my man. But as smart as he is, if I think I’ve ruptured my appendix, I’m going to look elsewhere.

Since its introduction in 1989, SQL Server has aimed to be a polymath of databases, incorporating more and more distinct use cases offered by other databases under one umbrella. OLTP? Check. Analytics and Warehousing? Check and check. And with the latest release, SQL Server 2025 — currently in private preview — Microsoft aims to run that play that once again. My Directions colleague Rob Sanfilippo outlines the new features in an upcoming report, but the one that leapt out to me was the inclusion of vector database capabilities.

SQL Server’s Next Trick: It’s All About AI

Vector databases are increasingly important for retrieval-augmented generation (RAG) AI applications because they encode and search as vectors the kinds of multi-dimensional data often used within AI models. Not surprisingly, that has led to a slew of new databases, both open source and commercial, aiming to capitalize on the demand for database engines specifically designed for vector data. But for the SQL Server team, the first commandment is “I am thy database SQL Server. Thou shalt have no other databases before me.” Because of this, the idea of a database use case where the answer can’t be “use SQL Server” is untenable.

Enter SQL Server 2025. To be honest, I have no idea exactly how the new releases’ vector features really compare to products like Pinecone or Milvus. SQL Server 2025 is only now entering the private preview stage and the entire field of RAG applications is still developing rapidly. But I do know that the ability to store, index, and search highly multi-dimensional, unstructured data requires very different architectural choices than traditional tabular data. And I know that combining SQL Server (literally, a child of the 1990s) with vector databases — which didn’t appear as a purpose-built product until the launch of Milvus in 2019 — inevitably implies that some gotchas are there, waiting to be discovered.

What’s an Enterprise Customer to Do?

What does this mean to enterprise customers? It all comes down to what you are optimizing for and who is making the platform decision. Operations teams will bias towards fewer systems to manage and the procurement team will love the idea that they don’t have to navigate license agreements with a new vendor. Microsoft has made a handsome living appealing to both of those constituencies.

But the point is, none of that matters unless you know for certain that you’ve given your app dev teams the freedom to evaluate all the possibilities with in-depth proof-of-concept development and found out where the limits are for your unique combination of use case, data types, and workload. Vector databases and RAG are so new that nobody can make sweeping declarations about what will or won’t work.

Who knows, maybe the idea of a polymath database has a bit more life in it yet and Microsoft can extend SQL Server one more time into a totally new realm. They have done it before with the addition of column storage, in-memory indexing, and even graph data that works surprisingly well. Maybe they have a trick up their sleeve that can take SQL Server into the AI era.

For me, it’s time for my annual physical and as much as I respect him, I think I’ll let Dr, Tyson take the day off and go see a medical specialist instead.

Related Resources

Microsoft: Apply for the SQL Server 2025 Preview

Understanding Embeddings, Vectors, and Vector Databases (Directions members only)

Get a Free Sample of the SQL Server section of our Database, Analytics and AI Roadmap

Microsoft 365 enterprise customers have a slightly firmer date when the “classic” Outlook for Windows app will be ejected from their Office suites and replaced with “new Outlook.” On Dec. 6, Microsoft announced it will start the Opt-Out phase of new Outlook’s rollout in Apr. 2026. By then, customers who buy Office through Microsoft 365 (formally known as Microsoft 365 Apps for enterprise) should be ready to either accept new Outlook and the possible breakage it brings, or block it in favor of classic Outlook, until the mandatory Cutover to new Outlook.

Directions on Microsoft’s diagram, embedded in this blog post, shows one way things could play out. If Microsoft runs Opt-Out for 18 months starting in Apr. 2026, the “Cutover” phase starts in early 2028. In this scenario, Microsoft will remove classic Outlook from Microsoft 365 Apps for enterprise by the second quarter of 2028, but it still will be available as a separate download for Microsoft 365 Apps for enterprise customers until 2029.

Directions on Microsoft members can find our advice and more details in our (frequently updated) full report M365 Customers Can Keep Classic Outlook Until at Least 2029. If you have Microsoft 365 Message Center read privileges, you can find Microsoft’s announcement of the Opt-Out phase in MC949965, Toggle to new Outlook.

Related Resources

M365 Customers Can Keep Classic Outlook Until at Least 2029 (Directions members only)

New Outlook for Windows: A Guide to Product Availability

Here’s another way to keep using classic Outlook (until at least 2029)

I’ve always been fascinated by hardware – and today innovation is happening faster than ever. Whether it’s tuning existing server chips for the specifics of the public cloud, building new chips optimized for specific workloads, or offloading some of the overhead of public could infrastructure to increase performance, custom silicon processors are becoming increasingly popular with public cloud providers. Over the past few years Microsoft has begun to develop its own custom silicon processors for Azure. Arguably, they remain behind their chief cloud competitors — AWS and Google Cloud — but the company clearly sees that specialized, proprietary hardware could be a competitive advantage. But is Microsoft doing enough and how do its chips stack up?

Cobalt: ARM-Based CPU

Following the lead of AWS and others, Microsoft released its Arm-based CPU into general availability in October 2024, for use in Azure VMs (the Dpsv6 and Epsv6 series, not available in all regions). Cobalt is not Microsoft’s first Arm-based processor; VMs with Ampere’s Altra processor were introduced in 2022.

Cobalt, a 64-bit processor, is built by the Taiwanese chip foundry TSMC using a 5nm process and can support 96 vCPUs and up to 192GB RAM. Windows and Linux VMs are supported. 14 Azure regions (out of 64 total) are supported with more planned.

By contrast, the fourth generation of AWS’ Graviton CPU, also based on an Arm design, was released in July 2024. AWS claims that it has built more than 2 million Gravitons, and they are available in 33 geographical regions in 150 instance types; however, it’s too early to tell if Microsoft is playing catchup with AWS or has leapfrogged them.

Maia: Custom AI Processor

In August 2024, Microsoft released additional technical details about its custom AI processor, Maia. It’s impressive: also fabricated by TSMC using a 5nm processor, on paper it competes well with others in the space, supporting 64GB of High Bandwidth Memory (HBM, a hardware technology that vertically “stacks” memory for higher density and bandwidth than traditional GDDR GPU memory – and is thus particularly well suited for AI which needs the bandwidth for high-dimension vector calculations).
But Maia has some powerful competition, including Google, whose Trillium (the sixth generation of its Tensor Processing Unit) supports the next generation of HBM. (Google recently announced that 100,000 Trillium chips power the training of its Gemini 2.0 LLM.)

AWS offers two separate processors: Inferentia for AI inferencing (now on its second generation) and Trainium, as the name implies, for AI training. And of course, the overwhelming market leader is NVIDIA, whose A100 GPUs support up to 80GB of HBM.

While Maia has some promising features, the acceptance of such silicon depends less upon the hardware features and more upon the software stack and its compatibility with existing workloads – and here NVIDIA’s market-leading CUDA API gives it the advantage.

Maia has yet to be released into production and it’s likely that it will be primarily used for internal Microsoft AI workloads, at least initially.

Boost: Offloading the CPU

The first generation of Azure Boost, generally available in November 2023, is an intelligent PCIe card incorporating custom silicon programmed to accelerate network and storage functions. For example, by parsing network packet headers or managing low-level storage protocols such as NVMe in hardware, these functions can be offloaded from the hypervisor or the customer’s host OS, thus improving performance, particularly for workloads involving massive amounts of data, such as machine learning or data analytics.

At Ignite 2024, Microsoft announced a Data Processing Unit (DPU) version of the core Boost processor. Industry insiders may recall Microsoft’s acquisition of Fungible some years ago; the Boost DPU as it is called appears to be its fruit. The Boost DPU is intended to offload such low-level functions as data compression and encryption from the CPU – thus accelerating application performance.

Again, however, Microsoft faces competition. AWS’s Nitro, first introduced in 2017 and now on its third major revision, provides hardware based network and storage acceleration. NVIDIA’s Bluefield DPU “platform” is also in its third generation and is offered by Azure.

Azure Integrated HSM: Root of Trust

Finally, at Ignite 2024 Azure CTO Mark Russinovich announced a custom security processor, an onboard Hardware Security Module (HSM) for Azure servers. HSMs securely store cryptographic keys and perform cryptographic operations such as encryption and digital signing.

Azure offers network-connected third-party HSM appliances which require roundtripping to perform operations; the new device appears to be a PCIe card which Russinovich claims Microsoft will install in every Azure server in 2025, thus eliminating network latency. The new HSM complies with FIPS 140-3 Level 3 (a set of US standards for cryptographic modules); Level 3 includes requirements for tamper resistance and other strict security features.

In the blog post, Russinovich also refers to Microsoft’s work in quantum-resistant encryption – this is exciting stuff which we’ll cover in a future post.

So Where is Microsoft in Hardware?

While Microsoft has been pouring investment into AI – and the stock price reflects it – it seems clear that it is behind its competitors in custom silicon.

Is that important? Does anyone care?

Well, yes, even if not so much in the short term. AI workloads, and cloud computing generally, are expensive and use prodigious amounts of electricity. If Microsoft (or anyone) can dramatically reduce the power requirements of AI, they will gain a clear advantage.

Even if customers aren’t interested in AI workloads, custom silicon can help lower costs for customers. Custom silicon is often more power efficient, enabling more computing power to be hosted in a given rack, which translates to lower operating costs and generally lower prices for customers.

On the other hand, they face headwinds. Others are ahead. Their preferred manufacturer, TSMC, is also the preferred vendor for nearly everyone, most notably Apple who contracts with TSMC to produce the custom processors in the more than 200 million iPhones it sells every year. How much capacity does TSMC have after taking care of Apple, NVIDIA, AWS, and the rest? Can Microsoft get their place in line? And can Microsoft reduce industry dependence on NVIDIA’s CUDA? We’ll have to see.

It’s clear that the days when we could assume that every server was an x86 are over, and it’s a welcome change. We’re in the “let a thousand flowers bloom” period and it’s going to be fun to watch.

Think I need an implanted AI chip? Have other questions or comments? Let me know at bbriggs@directionsonmicrosoft.com.

If you thought Microsoft’s Copilot branding already was hard to decipher, get ready for more confusing changes. As of mid-Jan. 2025, Microsoft will be shifting its Copilot branding and delivery in ways that also will affect Windows and the Microsoft 365 app.

A quick recap: Microsoft already had muddied the branding waters by referring to both the former Bing Chat and Bing Chat Enterprise experiences as “Microsoft Copilot.” The main difference between the two was that Bing Chat Enterprise required users to sign in with their Entra IDs to get more functionality and a level of data protection for end users.

Bing Chat Enterprise = Microsoft 365 Copilot Chat

As of Jan. 2025, Microsoft will rebrand the Bing Chat Enterprise version of Microsoft Copilot as “Microsoft 365 Copilot Chat.” Just to be (un)clear, Microsoft 365 Copilot Chat is different from Microsoft 365 Copilot Business Chat — the Microsoft 365 Copilot UI feature formerly known as Microsoft 365 Chat.

Microsoft 365 Copilot Chat, just like its Bing Chat Enterprise predecessor, will be available to those who sign in with their Entra ID accounts. As of Fall 2024, Bing Chat Enterprise included “Enterprise Data Protection” (EDP) instead of Commercial Data Protection. EDP adds prompt and response retention and guarantees that prompts and responses will stay in the Microsoft 365 service boundary.

In addition to providing EDP, the Microsoft 365 Copilot Chat “will allow end users to discover, create, and use agents,” according to Microsoft. Agents, such as those that access shared work data, will be billed based on metered consumption for users without a Microsoft 365 Copilot license, which is not a significant change from the current model. Agents grounded only on web data will be available to use at no additional cost, Microsoft says. (We’ve asked about agent creation and how that will work for those without a Microsoft 365 Copilot license; no word back yet from Microsoft.)

Update – Dec. 20: “Agent use will be billed based on metered consumption through Copilot Studio” starting in Jan. 2025, a spokesperson verified.

In spite of all of these changes, Microsoft 365 Copilot Chat will remain free, rather than sell for $30 per user per month like Microsoft 365 Copilot does. So it’s Microsoft 365 in name (not licensing or pricing) only.

Update (Jan. 15, 2025): Microsoft re-announced Microsoft 365 Copilot Chat, emphasizing its ability to consume and create agents. M365 Copilot Chat seemingly is the “freemium” tier of Microsoft 365 Copilot; it’s free for those signing in with Entra IDs, but will require users to set up Pay-As-You-Go (PAYG) licensing and use Copilot Studio metering to consume and create agents that access work data.

Microsoft 365 app = Microsoft 365 Copilot app

Microsoft also is going to rebrand the Microsoft 365 app (the Windows and web apps that allow users to access OneDrive and Office apps) as the “Microsoft 365 Copilot app” even though only some of its users will have paid for Microsoft 365 Copilot. The changes to the Microsoft 365 app are slated to happen starting in mid-January and to roll out gradually to all users. (Microsoft earlier this year announced it will replace the Copilot mobile apps with the Microsoft 365 Copilot app.)

As part of this change, Microsoft will be dropping the existing Microsoft 365 app icon and replacing it with a new “Microsoft 365 Copilot” app icon, which features the Microsoft 365 Copilot logo. (See screen shot embedded in this post which compares the current icon and the new icon.) Microsoft also will be moving existing elements, like the header, in the current app and eliminating some components (such as “My Day”) as part of the move to put AI features front and center.

The changes to the Microsoft 365 app are slated to happen starting in mid-January and to roll out gradually to all users.

As part of this wave of rebranding moves, Microsoft is planning to introduce a new URL “to make it easier to discover Microsoft 365 Copilot on the web”: M365Copilot.com. And those who go to office.com and microsoft365.com will automatically redirect to m365.cloud.microsoft. (These new URLs are not yet live, as of mid-Dec. 2024.)

Yet More Copilot Changes for Windows

Earlier this year, Microsoft abandoned its 2023 plans to integrate Copilot with Windows so that it could help users perform certain Windows tasks (such as turning on dark mode) and ultimately with other non-Windows-specific tasks in Office and other apps. Microsoft unbundled Copilot from Windows and instead, made it available as a Progressive Web App (PWA) that was little more than the Copilot (Bing) website in Edge.

In another shift announced in early Dec. 2024, Microsoft is making the Microsoft Copilot app for Windows only available to consumer users authenticating with a Microsoft account; it no longer works for business users authenticating with a Microsoft Entra account. This means admins are going to need to take extra steps if they want employees authenticating with Entra to access Copilot via the Copilot key that Microsoft and PC makers are including in keyboards for new devices.

Microsoft currently is testing the latest iteration of its Copilot app for Windows with Windows Insider testers. The current “native” Copilot app still just provides a view of the Copilot web site, however.

These rebrandings and repositionings cap off a year of flux for Microsoft’s various Copilots. Microsoft’s lack of a cohesive, consistent strategy around this set of technologies should inspire caution among commercial customers. Even though Microsoft is betting its business on Copilots and related AI technologies, customers who opt to do so at this early stage should be prepared for lots of changes and uncertainty.

Related Resources

Microsoft 365 Admin Center MC958903: Important updates to Microsoft Copilot and the Microsoft 365 app

Microsoft’s Copilot with Data Protection to get prompt retention and more

M365 Copilot Business Chat: The rebranding continues

Evolving the Copilot key experience for commercial organizations

The new ‘native’ Copilot app for Windows goes to testers

Microsoft has quietly changed direction with Fabric and Power BI licensing and is now only deprecating Power BI Premium P subscriptions at the end of 2025. Customers using the Power BI embedded SKUs (known as A and Premium EM) can breathe a sigh of relief, as the specter of significant cost increases next year has been vanquished.

What Is Power BI Embedded?

For several years, the Power BI service has provided two licensing options for customers who want to use the service to deliver reports to their own applications, like warehouse displays that show performance metrics or an internal Web application that shows daily sales levels. These options, known as Azure Power BI Embedded A SKUs and Power BI Premium EM SKUs, provide back-end hosting and delivery only, which is ideal for delivering reports to custom applications. However, the services do not include front-end user access through the Power BI portal or mobile applications, which means they are not a replacement for the other services like Premium P and Power BI Pro.

The real advantage of the embedded options is for the right scenario, they are lower-cost. The services have a lower price point and only require Power BI user licensing for report creators, not for consumers.

The Problem Was the Cost of User Licensing

In Mar. 2024, I wrote about how Power BI customers are being forced into Fabric licensing, when Microsoft announced the retirement of several Power BI licensing options by the end of 2024, including Premium P and Power BI embedded, which included Premium EM and A. (The announcement is still available although all references to the retirement of Power BI embedded have been removed, along with all comments.)

As part of that announcement, the company said that because Fabric is compatible with Power BI embedded (which it is) it would be the new licensing option for Power BI embedded workloads. The new F SKUs match up well with the existing EM and A SKUs both in performance and price when using capacity reservations, which you can find in Microsoft’s comparison table:

• F8 = EM1 and A1
• F16 = EM2 and A2
• F32 = EM3 and A3
• F64 = A4.

The cost problem arose because F SKUs below F64, which include F8, F16, and F32, require Power BI user licensing for report consumers. Under the original EM and A SKUs there is no Power BI user licensing required for those report consumers.

So, imagine a company currently using Premium EM as a solution to show performance metrics on displays in a warehouse with 200 workers. Using an EM1 SKU, the company pays US$625 per month.

Under a comparable F8 SKUs the same solution would cost US$625 per month for the F8 subscription and an additional US$2,000 per month for 200 Power BI Pro subscriptions to cover the workers who would see the displays. An increase of 420%.

A Change of Heart

It looks to me like sometime during the summer of 2024, perhaps while on vacation, some reasonable Microsoft officials read all the comments and listened to customer feedback and decided this wasn’t a good idea.

There were no big announcements highlighting the change of direction in Power BI embedded licensing or the change of heart over Power BI Report Server rights that I wrote about here. However, when Microsoft revamped the original blog post and we were able to verify the situation through other internal Microsoft sources, I was able to do something that rarely happens: I gave customers good news about Microsoft licensing.

Related Resources

Power BI Report Server licensing is discussed in the Licensing Reference Set (Directions members only)

Fabric is discussed in the Database, Analytics, and AI Roadmap (Directions members only)

Power BI is discussed in the Database, Analytics, and AI Roadmap (Directions members only)

Window 10 leaves support on Oct. 25, 2025. That’s less than one year. After this date it will be necessary to obtain Extended Security Updates (ESUs) to continue to receive critical and important security updates. All of which sounds good until you do some analysis.

One year ahead of the end of support for Windows 10, Global Stats StatCounter estimates that Windows 10 comprises approximately 61% of all Windows client versions. Estimates are that Windows 10 and 11 are running on 1.4 billion devices. It is not clear what percentage of these devices are running in enterprises and what percentage are being used by consumers, but it appears that both categories mostly use Windows 10.

Assume that enterprises — the largest businesses — plan to get to Windows 11 before the end of support for Windows 10.

That still leaves a significant number of small and medium businesses, government entities and NGOs, and an immense number of consumers still running Windows 10. Many of them have no intention of migrating to 11 unless their existing Windows 10 PC breaks (any replacement will have Windows 11 preinstalled). But devices are more reliable than the operating systems that run on them so Windows 10, like Windows 7, and Windows XP before it, will be around for a long time.

However, for the first time ever, Microsoft is making ESUs available to consumers. Only available for one year, this extends support out until 2026 – unless Microsoft decides it’s important to extend this offer for another year or two —but only for those people willing to give Microsoft USD$30.

Will Consumers Bite?

It appears Microsoft believes people who have resisted all the previous enticements to move to Windows 11 will decide to send Microsoft money for the additional updates. These people have already shown they are unwilling to purchase Windows 11 compatible hardware or are unhappy with the changes to Windows 11 that seem just arbitrary and capricious. There is already resistance to installing updates given the view many Windows users have that Microsoft’s updates, including security updates, often have problems that range from annoyances to blue screens of death.

All of this means that adoption of ESUs by consumers will be very low. And this means that the Windows ecosystem, as Microsoft likes to call it, will be filled with devices just waiting to be turned into bots capable of wreaking havoc on those of us who keep their devices up-to-date and hopefully adequately protected against vulnerabilities in the OS.

This isn’t a hypothetical scenario; there is precedent for this concern. Ars Technica recently reported that thousands of hacked TP-Link routers were used in years-long account takeover attacks. Microsoft acknowledges it has “observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks.” Small Office Home Office (SOHO) “routers manufactured by TP-Link make up most of this network”. The vast numbers of vulnerable devices mean the bad actor can continually move between compromised devices to avoid detection.

Now Microsoft is poised to add millions of unpatched Windows 10 devices to the mix — devices that will be capable of being compromised and turned against all the users of the Internet, not just the Windows ecosystem.

But What About Those Tempting ESU Revenues?

The money Microsoft will make on ESUs from consumers will likely be a rounding error on its annual report. But by not providing a compelling reason to upgrade to Windows 11 and charging for ESUs for Windows 10, it is leaving the potential for bad actors to create attacking botnets. Botnets attacking Microsoft’s enterprise customers and others.

Enterprises are another story. Microsoft could make some real money by charging businesses for Windows 10 ESUs. In year one, Microsoft is charging commercial customers USD $61 per device for Windows 10 ESUs for the first year, with the price doubling Years 2 and 3. Microsoft is charging educational institutions USD$1 per device for Windows 10 ESUs for Year 1, with the price doubling Years 2 and 3.

Microsoft asserts its Secure Future Initiative is about doing the right thing for security. But I fail to see how charging consumers who won’t pay additional monies to support an OS they feel they have the right to use in perpetuity helps create a secure future at all. The best thing for everyone’s security and peace of mind is to just make the updates available for free, via Windows Update.

Related Resources

Microsoft confirms Windows 10 Extended Security Updates are coming in 2025

Consumers Get $30 Windows 10 ESU Offer (But Only for a Year)

High time for another sweeping Microsoft security initiative?

Just days ahead of its Ignite 2024 conference for IT pros and partners, Microsoft announced some major changes to its price list and its Enterprise Agreement volume licensing framework that will take effect starting in late 2024 and into 2025.

On December 1, 2024, Microsoft will add a new monthly billing option for Microsoft 365 Copilot, Copilot for Sales and Copilot for Service. Touted by Microsoft as helping customers with “cash flow flexibility,” the new billing option will allow customers to commit to an annual subscription and pay monthly rather than entirely up-front. But if customers opt for this monthly plan, they will pay 5% more for these products than if they paid once for the full year.

It’s important to note that Microsoft is not offering customers the option of paying monthly but licensing these Copilots for less than a full year — which is actually what many customers would prefer. Microsoft will continue to require customers to license its business Copilots for a full year minimum, whether they pay monthly or annually.

It’s not just Copilots which will be getting this new, pricier financing option. Starting April 1, 2025, Microsoft will be increasing prices for other products licensed via per-user monthly billing plans for annual term subscriptions across CSP, MCA-E and “Buy Online.” All new and renewing monthly billing plans for these annual subscriptions will be priced 5% higher than if paid for annually under annual subscription plans.

Product categories which will be covered by the 5% higher monthly billing option include Microsoft 365, Office 365, Enterprise Mobility + Security, Windows 365, Dynamics 365, Power Platform and other online services. (Products not affected by the price increase for monthly billing include on-premises software, plus Azure Reserved Instance/Savings Plan, Marketplace, GitHub and AirGap, according to Microsoft’s Frequently Asked Questions document on the changes.)

Customers with renewals before April 1, 2025, will be able to lock their price without paying a 5% uplift until their anniversary date. Any customers who want to change to an annual billing plan, which is priced 5% lower than the updated monthly billing option, for their annual subscription can do so at their next renewal date after April 1, 2025, the FAQ says.

Price increases coming for Teams Phone, Power BI

Starting April 1, 2025, Microsoft also is increasing prices for a handful of products purchased as annual term subscriptions paid once annually. Teams Phone Standard, Power BI Pro and Power BI Premium Per User all are getting price hikes of 15% to 40% for both new and existing customers upon renewal.

Microsoft officials said they believed the price increases were warranted due to the extra value Microsoft has added to these products since their introduction a few years ago.

The new prices for those paying annually for a one-year subscription — plus a few existing prices for comparison:

• Teams Phone Standard: USD$10 per user, per month (was $8)

• Teams Phone Standard for Frontline Workers: USD$5 per user, per month (was $4)

• Teams Phone with pay-as-you-go calling (for users in UK/CAN): USD$12 per user, per month

• Teams Phone with pay-as-you-go calling (for users in US & all other service markets): USD$13 per user, per month

• Teams Phone with Calling Plan (for customers in US/UK/CAN): USD$17 per user, per month (was $15)

• Teams Phone with Calling Plan (for customers outside US/UK/CAN): USD$22 per user, per month

• Teams Phone with domestic and international calling: USD$34 per user, per month

• Power BI Pro licenses: USD$14 per user, per month (was $10)

• Power BI Premium Per User licenses: USD$24 per user, per month (was $20)

Customers will be billed another 5% more for these products if purchased on a monthly billing plan per annual subscription.

Microsoft notes in its FAQ that “currently” there are no pricing changes for customers who purchase Power BI Pro or Teams Phone through Microsoft 365 E5 or Office 365 E5 annual term subscriptions with annual billing.

Speaking of E5, starting Jan. 1, it is offering partners a promotion of 15% off the net price of Microsoft 365 E5 for an annual commitment for new customers buying 1-2,400 licenses through June 30, 2025.

The push to move smaller/mid-size orgs off EAs begins

In addition to these price changes, Microsoft also is going to start moving some organizations off Enterprise Agreements and over to Microsoft Customer Agreements for Enterprise (MCA-E) or Cloud Solution Provider (CSP) agreements. Microsoft officials said this will affect “a small percentage of cloud Enterprise Agreements in direct markets,” which will no longer be eligible for renewal under their existing EAs, and that it would begin notifying affected customers of the coming change during January 2025.

Directions on Microsoft shared an early warning about this coming change in June in a blog post entitled “Mid-size orgs: Your Enterprise Agreement days are numbered.” As we noted at that time, Microsoft has been working to move smaller organizations off EAs for years. But Directions heard that Microsoft was planning to try to eliminate the EA option for companies with fewer than 2,400 users/devices (known as Level A) by moving them to MCA-based licensing.

(It’s not clear from Microsoft’s November blog post about the licensing changes exactly which categories of customers will be forced to move off of EAs in 2025, but the wording indicates it’s likely smaller/mid-size customers.)

While Microsoft unsurprisingly characterizes the EA-to-MCA-E/CSP change as positive, customers will lose some of the benefits they have under EAs when they move to the new agreements. In some cases, customers will need to string together multiple license types to try to approximate the pricing and benefits they get with EAs.

“Customers now forced to move from EA to MCA are going to have a bunch of unwelcome surprises,” said Directions on Microsoft analyst Rob Horwitz.

Additionally, customers who are required to go from an EA to an MCA-based license may be considered a “net-new” customer by Microsoft. That means, under MCA, they could be required to buy Microsoft 365 E3/E5 without Teams and buy Teams separately, which will add a few dollars per user per month. CSPs may be able to help some orgs renew existing subscriptions with Teams but won’t be able to help customers moving from EA to CSP to buy brand-new subscriptions with Teams.

Update (Nov. 15): We asked Microsoft for more clarity on the changes around Teams. A spokesperson gave us the following updated information.

Microsoft is providing CSP customers whose renewal dates are after April 2025 two options for keeping their Microsoft 365 suites with Teams.

• Renew their annual subscription with monthly billing and pay the 5% uplift.
• Renew their annual subscription with annual billing without any price increase.

Customers will lose Teams in their bundles if they change their annual billing from an annual subscription to monthly billing or monthly billing from an annual subscription to monthly billing for a monthly subscription.

Related Resources

Microsoft blog post on pricing, partner changes (Nov. 2024)

Pricing, partner changes: Microsoft’s FAQ (download link)

Pricing updates for Power BI, Teams Phone

Directions Blog: Mid-size Orgs – Your EA Days Are Numbered

Directions Blog: MCA Could Become Your Only Option for an Azure Consumption Agreement

Microsoft’s biggest conference of the year, Ignite, traditionally includes announcements for IT professionals and enterprise developers. This year, the show, happening the week of November 18 in Chicago, also is serving as Microsoft’s partner conference. (Microsoft already dropped a few partner-related bombshells ahead of the show around Enterprise Agreement licensing changes and coming price hikes.)

Unsurprisingly, Microsoft is touting AI, Copilots, and agents as the biggest news at Ignite. But there are a number of other Ignite announcements which could figure in enterprise customers’ and partners’ plans for 2025.

Copilots, Agents, and Actions

At Ignite, Microsoft isn’t expected to talk up its OpenAI partnership as much as it has in recent events. Instead, the emphasis will be on what Microsoft is doing for developers and customers in the AI realm.

Microsoft is making more incremental additions to the existing Microsoft Copilot 365 assistants —in Teams, Excel, PowerPoint, OneNote, and Outlook. Officials also seem to be trying to bring some clarity to Microsoft’s various AI- assistant categories which include Copilots, agents, autonomous agents, and Copilot Actions.

Microsoft announced the concept of autonomous agents in October 2024. Autonomous agents can do things like detect an email arriving, respond and then use AI to trigger a set of associated business processes like looking up the sender’s details, see priori communications, check inventory, etc.

Now, Microsoft is starting to roll out agents in Microsoft 365, which will complement the autonomous agents already announced for sales, service and supply chain. At Ignite, it is highlighting some of the Microsoft-built agents, such as SharePoint agents (already available); Interpreter in Teams for real-time speech-to-speech translation (public preview coming in early 2025); and employee self-service, starting with HR and IT (in private preview). Customers can build agents inside Copilot Studio (the product formerly known as Power Virtual Agents).

Not to be confused with agents, Copilot Actions in Microsoft 365 Copilot, currently in private preview, are meant to automate everyday tasks with simple, fill-in-the-blank prompts. They can do things like automatically generate a summary of action items at the end of a day; set a reminder to ask team members for input; or summarize the last few interactions you’ve had with someone before you meet with them.

As it seems to be doing constantly, Microsoft also is doing more AI rebranding. The Azure AI Studio platform is now part of a more comprehensive platform known as Azure AI Foundry. AI Foundry includes the existing Azure AI Studio portal, a software development kit (now in preview) and an AI Agent Service (due to hit preview in December). Microsoft is positioning AI Foundry as being a central place for building, deploying and managing AI apps and agents. At the same time, Microsoft is more tightly integrating Copilot Studio and AI Foundry to enable “more complex, custom scenarios” in Copilot Studio.

Directions‘ Top Picks

In no particular order, here are Directions on Microsoft’s additional top picks for what’s important for enterprises at Ignite this year:

Power Platform gets more pro-dev power. Microsoft is taking steps to make its low-code Power Platform tools more appealing to pro developers (as opposed to citizen devs/”makers”) by building more complicated tasks and apps. (Maybe as a way to answer the question “Why do I need a no-code/low-code platform when I now have GitHub Copilot and other AI assistants?”) At Ignite, Microsoft is talking up how to build complex solutions by using the Copilot feature in Power Apps. It also is emphasizing new AI and governance features in Power Automate Copilot.

Purview becomes even more of a must-have. Microsoft increasingly is touting its Purview governance/compliance family as being irreplaceable when it comes to securing data and preventing data oversharing with Copilot for Microsoft 365, as well as other products like Fabric, Power Automate and Security Copilot. Purview is going to get built-in integration with Copilot Studio (a capability now in preview) to provide data security and compliance features to low-code developers building custom AI apps — a move which fits in with Microsoft’s evolving positioning of Power Platform as more than just a way to build simple apps.

Data Loss Prevention (DLP) for Microsoft 365 Copilot, which is in preview, is meant to help ensure that the content within sensitive documents is not summarized by Microsoft 365 Copilot or processed by Microsoft 365 Copilot for grounding data.

More Windows Security, Safeguards

Coming new Windows security features. In response to the CrowdStrike meltdown this year, which resulted in many Windows PCs being unusable due to a faulty update from security vendor CrowdStrike, Microsoft is planning to add new features to Windows in 2025. “New Windows capabilities” are coming in private preview for its security partners in July 2025 which will allow them to build their products outside of kernel mode and run in user mode like apps do, the company says, without providing specifics.

A new feature called administrator protection, currently in preview, will give users standard user permissions by default but still allow for system changes, like app installation, on their PCs when needed. The feature will allow Windows to create a temporary isolated admin token which will be destroyed immediately once a task is complete. Another coming Windows feature, known as Quick Machine Recovery, will be available to Windows Insider testers in early 2025. This feature will enable IT Administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC.

Hotpatching for Windows client. Hotpatch in Windows, currently in preview, will be added to Windows 11 Enterprise 24H2 and Windows 365. Similar to Hotpatching for Windows Server, this feature will reduce the number of reboots users have to do each year from 12 to 4 when applying patches.

Unstacking Azure Stack

Azure Local replaces Azure Stack. Azure Local is the new brand name for everything formerly known as Azure Stack (software and appliances for edge, datacenter and more under the Azure Stack Edge, Hub, and HCI monikers.) Microsoft calls Local a “hybrid infrastructure platform enabled by Azure Arc.” Microsoft plans to continue making components of the Local platform available through select partners like Dell, HP and Lenovo across industrial PCs and servers.

The Azure Stack HCI (Hyperconverged Infrastructure) offering is being folded into Local. Microsoft says: “At launch, existing Azure Stack HCI customers will automatically upgrade to Azure Local, which offers much broader capabilities than what they currently use today. Key features include customizable cloud-based operations and security, supporting both cloud-native and traditional apps with Azure Virtual Desktop integration.” Microsoft has been noticeably mum about the next version of Azure Stack HCI; this Local news is evidently why.

The next version of SQL Server. SQL Server 2025, now in private preview, is an enterprise-ready vector database, Microsoft says, and will support AI apps from on-premises to cloud. It will allow customers to run generative AI models using their own data and provide model management via Azure Arc.

Fabric Databases. Microsoft is adding a new workload to its Fabric analytics platform. Fabric Databases, now in preview, brings transactional databases natively to Fabric for app developers. SQL database, the first available in Fabric, is built on the SQL Server engine. Also on the roadmap: Azure Cosmos DB and Azure Database for PostgreSQL.

Windows 365 Thin Client: Coming in April

Link thin-client device for Windows 365. Microsoft is previewing a new thin client called Windows 365 Link, which is designed to connect securely to Windows 365 in seconds. The Link device, which will be available for purchase in select markets starting in April 2025 for $349, is aimed at frontline workers and bring-your-own-device employees. There’s no information so far on which OEM(s) is/are building Link or whether it will be branded as Surface when it goes on sale. (Fun fact: Microsoft has been working on some kind of Windows 365 device-based solution since at least 2022.)

Related Resources

Microsoft to Add New Monthly Billing Option, But at a 5% Premium

Microsoft’s Copilot Wave 2: Your Cheat Sheet (October 2024)

Four Lessons Microsoft Customers Can Learn From the CrowdStrike Meltdown

From 2022: New Subscription-Powered Windows 365 Devices in the Works

Microsoft announced plans in March for Office Long Term Servicing Channel (LTSC) 2024. On September 16, a bit earlier than many expected, Microsoft began making Office LTSC 2024 available for purchase by existing commercial and government volume-licensed customers. Microsoft will make Office LTSC available for purchase by all customers, including consumers, beginning October 1.

Office LTSC 2024, because it is an on-premises product, does not include cloud functionality around collaboration, automation, cloud-backed security and compliance, and Copilot capabilities.

It is an updated bundle of Word, Excel, PowerPoint, Outlook, OneDrive, OneNote and Access (which is available on Windows only). Microsoft also is making new on-premises version of Project and Visio available starting today. Office LTSC 2024 will not ship with Microsoft Publisher, which is being retired, or with the Microsoft Teams app, which is available to download separately. The Office LTSC 2024 apps can be installed on one PC (running Windows 10, Windows 10 LTSC or Windows 11) or Mac, and support for Web apps is not included.

Five years of mainstream support only

As an LTSC product, Office LTSC 2024 gets security updates only, not new features as they become available. The product is covered under device-based licensing only. Microsoft will provide support for Office LTSC 2024 for five years only (with no Extended support available) and can be used alongside Microsoft 365 Apps for Enterprise in hybrid environments.

Previously, Microsoft execs said the 16- and 32-bit Office LTSC 2024 versions — Office LTSC Professional Plus, Office LTSC Standard, as well as the individual apps in the suite — will be up to 10 percent more expensive than the 2021 version. Microsoft is not planning to increase the price for the consumer Office 2024 release, officials said.

Microsoft officials have said there will be at least one more perpetual/non-subscription release of Office after Office LTSC 2024. If the company sticks to its current cadence, that release could be available around 2027.

Related Resources

Office LTSC 2024 is now available

Microsoft’s subscription-free, ‘perpetual’ Office LTSC 2024 to ship this year

What’s new in Office 2024 and Office LTSC 2024

In recent weeks, Microsoft has started making clearer its intentions around what ultimately will be major changes to its client-management portfolio. Some of these are imminent; others are still likely years away. In any case, it’s not too soon to start making a plan for Microsoft’s inevitable move to cloud-based management.

Earlier this month, Microsoft announced (in a typical bad-news drop on a Friday) that it is deprecating its Windows Server Update Services (WSUS) updating mechanism. “Deprecated,” as Microsoft uses the term, “refers to the stage in the product lifecycle when a feature or functionality is no longer in active development and may be removed in future releases.”

This new phase for WSUS shouldn’t be surprising to anyone who follows Microsoft, as WSUS hasn’t received noticeable new features in years. However, WSUS is still part of how a number of Microsoft business customers use Configuration Manager to update Windows clients.

In its September 20 blog post, Microsoft notes the WSUS deprecation does not (yet) impact support for Configuration Manager, and that the WSUS role will remain in Windows Server 2025, which is slated to ship later in 2024. However, Microsoft’s guidance to customers who are willing to stick with Microsoft’s products and services is to begin transitioning to Windows Autopatch and Intune for client update management and Azure Update Manager for server update management.

None of Microsoft’s suggested replacements is entirely free (but neither is WSUS, if you take Client Access Licenses and other prerequisites into consideration). Intune, Windows Autopatch and Azure Update Manager all require subscriptions and Internet connections — something that a number of commentators on Microsoft’s blog post pointed out angrily and repeatedly.

Microsoft isn’t yet providing guidance on precisely when it will discontinue WSUS. However, given it will be part of Windows Server 2025, it seems fairly safe to assume that Microsoft will continue to support it for years, since Windows Server 2025 gets five years of mainstream and five years of extended support.

Speaking of Windows Autopatch…

Microsoft also is making changes to its Windows Autopatch service — specifically, merging the Windows Update for Business (WuFB) deployment service into it. This change is slated to roll out between mid-September and mid-October 2024.

Windows Autopatch is one of a number of ways for customers to manage updates for Windows, Microsoft 365 Apps for Enterprise, Microsoft Edge and Teams. Microsoft officials say by merging Autopatch with the WuFB deployment service, it is creating “a more cohesive and streamlined update experience” for enterprises. Customers can access the new unified Autopatch via the Intune admin center to update policies, groups, status and reports.

However, existing WuFB customers have a lot of questions about exactly what this merger means. Based on responses to Microsoft’s September blog post about the change, it sounds as though existing Windows Update for Business enterprise customers will start configuring their mobile-device management under the Autopatch brand, but they won’t automatically get all the current Autopatch capabilities without having Windows 10/11 Enterprise E3, E5, or F3 included as part of their Microsoft 365 E3, E5, or F3 licenses.

When ‘Customer Feedback’ Wins

While negative customer feedback didn’t shift Microsoft’s plans around WSUS and the Windows Update for Business deployment service, it did impact another client-management change Microsoft announced recently with not much heads-up.

Microsoft’s Intune team blogged on September 16 that Microsoft had decided to change the Windows mobile-device-management (MDM) “enrollment experience” so that security fixes, plus updates to existing features would be automatically downloaded and installed on Windows 11 devices running 22H2 and higher that were connected to an MDM service like Intune.

Microsoft officials said at that time that this would start happening with “the coming October Windows update” whether devices were pre-registered with Windows Autopilot or not. They also said there would be no option to control or disable the updates applied during the set-up experience, and that the new process would lead to longer initial set up times as various updates were applied.

But on September 20, Microsoft updated the original announcement blog post to note that, based on customer feedback, this change will not happen until the team finds a way to make sure IT admins would be in control of the new experience.

“Customers need to stay mindful of Microsoft announcements — particularly heading into weekend news dump time — as Microsoft is clearly trying to begin clearing the decks of some legacy technology in favor of cloud-based services that have been gradually replacing them,” advised Directions on Microsoft analyst Wes Miller.

Related Resources

WSUS Deprecation Announced

Microsoft Deprecated WSUS: Should You Care?

Windows Update for Business is merging with Windows Autopatch

Windows Autopatch Prerequisites and Licensing

Important changes to the Windows enrollment experience coming ‘soon’

Microsoft has quietly relented and added Power BI Report Server dual-use rights for high-end Fabric deployments, restoring a right that was initially removed when the company announced the retirement of Power BI Premium licensing. The reversal will help customers using the dual-use rights avoid a significant budget increase when the migrate to Fabric.

What Is Power BI Report Server?

Before we start, let’s talk about Power BI Report Server. This is a special edition of SQL Server Reporting Services that can host Power BI report alongside the usual Reporting Services reports. Yes, it’s the same Reporting Services product orgs have used for years and could help a company that wants to use Power BI technology but needs to keep some reports close to home for regulatory or performance reasons. Power BI Report Server can even replace an existing SQL Server Reporting Services deployment as long as the customer is willing to accept Power BI Report Server’s quarterly updates.

How It All Started

In Mar. 2024, I wrote about how Power BI customers are being forced into Fabric licensing. At the time Microsoft had just announced the retirement of several Power BI licensing and purchasing options by the end of the year, retirements that will require customers to purchase new Fabric licensing and migrate existing workspaces. (The announcement is here https://powerbi.microsoft.com/blog/important-update-coming-to-power-bi-premium-licensing/; however, Microsoft has changed the wording and removed various sections, along with all comments.)

As part of that announcement, the company said it planned to drop a dual-use right that allowed customers to use a Premium P subscription for both a cloud deployment and to cover the licensing of an on-premises Power BI Report Server. Dropping dual-use rights had a big impact on customers already using the benefit. It meant that when Premium P customers migrated to Fabric, they would have to purchase expensive SQL Server Enterprise edition core licenses with Software Assurance to license their existing Power BI Report Server deployments back. 

For a Power BI Report Server licensed for eight vCores that would be an upfront cost of US$60,492 for SQL Server Enterprise and an annual SA subscription of US$15,123. Considering the licenses were already included in a Premium P1 subscription that cost customers US$60,000 per year, this would result in costs more than doubling for the first year and a 25% increase for subsequent years. Not a minor change.

A Bogus Claim

In the original announcement, Microsoft justified the removal of dual-use rights by saying “Fabric capacity is not compatible with Power BI Report Server.” The incompatibility claim was always suspicious because licensing Power BI Report Server with the dual-use right was just a matter of paperwork, not technology. The server never required a connection to the Power BI service, exchanged data, or had any other technical dependency or limitation.

Perhaps Microsoft was trying to claim that Fabric Capacity Units (CUs) were not compatible with Power BI Report Server core counts, but that does not make sense either. Microsoft officials went out of their way to show how Fabric CUs map to Power BI Premium vCores so that customers could understand which Fabric SKU to purchase. https://learn.microsoft.com/en-us/fabric/enterprise/licenses#capacity

Regardless of the original justification, it appears enough customers called foul that Microsoft quietly changed its position. 

Going Forward

The way Power BI Report Server dual-use rights are implemented for Fabric appears to be the same as for Power BI Premium P with some nuances added to address the way Fabric is purchased. I say appears, because some of the licensing details are still incomplete.

What we do know is that high-end Fabric capacities (F64 and higher) that are purchased using capacity reservations have dual-use rights, and customers can use the equivalent vCore counts to cover Power BI Report Server deployments. The number of vCores provided with each Fabric SKU are not specified in the licensing details; however, it seems logical that the number of vCores will be based on the Fabric CU to Power BI vCore table I mentioned above, which coincides to how Premium P provided dual-use rights:

• F64 = 8 vCores
• F128 = 16 vCores
• F256 = 32 vCores
• F512 = 64 vCores
• F1024 = 128 vCores
• F2048 = 256 vCores.

Customers currently using the dual-use rights contact their Microsoft representative before migrating to Fabric and get the specific vCore count details in writing to ensure they are covered for the duration of their volume licensing agreement.

Related Resources

Power BI Report Server licensing in Licensing Reference Set (Directions members only)

Fabric in the Database, Analytics, and AI/ML Roadmap (Directions members only)

Power BI in the Database, Analytics, and AI/ML Roadmap (Directions members only)

On October 14, 2025, Microsoft will no longer support Windows 10. Despite the rapidly approaching deadline, far fewer than half of all Windows users are running Windows 11, according to various metrics.

Microsoft is counting on new, primarily consumer-focused Copilot features to attract customers to Windows 11 24H2 —which begins rolling out today, October 1. Along with its PC maker partners, Microsoft is trying to convince organizations that Copilot+ PCs, which are PCs with dedicated neural processing units (NPUs) designed to help with AI tasks, are a good reason to make the move to the latest Windows release.

But for commercial customers, there are a few other capabilities under the hood that might get them more interested.

For example, the promised Windows 11 Enterprise Long Term Servicing Channel (LTSC) 24H2 edition is available as of today. The LTSC release is meant for special-purpose, locked-down systems but some customers still do prefer it to the constantly updated Windows releases – a position that neither Microsoft nor Directions on Microsoft endorses. (Windows 11 IoT Enterprise LTSC 2024 is available starting today, as well.)

When running on Qualcomm Snapdragon X and certain qualifying Intel and AMD processors, Windows 11 24H2 also has substantially better battery life in real-life scenarios (not just watching videos), according to early adopters and testers. And the 24H2 release includes some potentially useful security enhancements, such as SHA-3 cryptographic support; a protected Windows print mode; Local Administrator Password Solution (LAPS) policy improvements; and Server Message Block (SMB) changes.

For those developers interested in using Windows to create AI-infused Windows apps, the Windows Copilot runtime layer is also available. The runtime integrates 40 different AI models and the Windows Copilot Library of programming interfaces that can be integrated into apps.

However, Microsoft is downplaying these features and instead is focusing on its revamped Copilot (the Copilot formerly known as Bing Chat, for those confused by the myriad things labeled “Copilot”) as well as Copilot “experiences” (meaning apps) like its Recall application that Microsoft recently revised so that it provides a level of security and privacy guardrails missing when it was first announced earlier this year.

Talk to the Copilot

Starting this month, Windows Insider testers who have Arm-based Copilot+ PCs will be able to start testing a preview of Recall. Those who have Intel Core Ultra 200V Series and AMD Ryzen AI 300 Series systems will need to download and install free updates available for these Copilot+ PCs to be able to start testing the Recall preview via the Insider program in November. Microsoft has not yet shared a date when it will make Recall generally available to Copilot+ PC customers.

Recall, for those needing a refresher, is an app designed to help customers find information stored on their PCs during previous work by taking constant snapshots of the user’s desktop. Microsoft has said Recall will be off by default and able to be uninstalled permanently. Microsoft updated Recall so it leverages Windows Hello Enhanced Sign-in Security to authorize Recall-related operations. Within Recall, the services that operate on screenshots and associated data or perform decryption operations reside within a secure VBS Enclave, officials said.

There are other apps and features Microsoft is adding for Windows 11 24H2 customers with Copilot+ PCs. The previously announced Windows Studio Effects and Voice Clarity features remain Copilot+ PC-exclusive. Microsoft also announced today some potentially useful updates to Windows Search, which will enable natural-language searches across File Explorer, Settings and other Windows components. Microsoft officials said these Windows Search improvements will be limited to Copilot+ PCs because the new search models will be downloaded to Copilot+ PCs and will leverage the NPU.

Microsoft has made some big changes to Copilot in Windows since it was originally announced earlier this year. Copilot in Windows is now an installable app, not an integrated part of the operating system. Copilot in Windows no longer will take action on behalf of users by performing tasks such as turning on Dark Mode when requested. Instead, Copilot in Windows now just provides customers with suggestions and steps and does little, if anything, more than the base Copilot. In a nod to the diminished feature set of Copilot in Windows, Microsoft is enabling customers to configure the Copilot key so that it automatically opens any Store app packaged as an MSIX package.

The updated Copilot also is starting to make use of voice as an input and output (similar to what OpenAI’s ChatGPT does). Even though very few Windows users seem to be interested in talking to their PCs, the Copilot iOS and Android apps and the copilot.microsoft.com web site also now can use voice input/output, which might be of more interest to those accustomed to asking questions on their phones via voice.

The Copilot voice feature can’t help with tasks like reading Outlook email messages back to users (something that Microsoft’s discontinued Outlook mobile “Play My Emails” feature used to offer via Cortana) and there’s no indication if or when it will. Instead it is designed to be more like a chatty companion. (Microsoft says the new Voice preview in Copilot will provide “not only information but encouragement, feedback, and advice as you navigate life’s everyday challenges – no matter how big or small.”)

Microsoft also is adding a “Vision” feature to Copilot, which allows customers to chat with it using voice about content on users’ screens. Microsoft officials say they are starting slow and limiting this preview feature to work only with a subset of popular websites (and not sensitive or paywalled content). This also feels more gimmicky than useful to me, but your mileage may vary….

The Windows 11 24H2 Fine Print

The Enterprise and Education editions of Windows 11 24H2 get 36 months of support, starting today. (Home, Pro, and other editions get 24 months.) Windows 11 24H2 is available through Windows Server Update Services (including Configuration Manager), Windows Update for Business, and the Microsoft 365 Admin Center. Microsoft recommends commercial organizations do targeted, controlled deployments at this time to make sure apps and devices work with the new release.

Windows 11 24H2 is not an enablement-package release, which means it does require a full OS swap and not a smaller update. Devices must be running Windows 11 23H2 or 22H2 with the May 2024 non-security preview update installed in order to update to version 24H2. Customers also can upgrade directly from Windows 10 to Windows 11 24H2 by using the target-version capability in the Windows Update for Business Deployment service and feature update deployments in Windows Autopatch.

Windows 11 Enterprise LTSC 2024, which is supported for five years, is available as a per user or per device license model depending on the Volume Licensing program through which it is acquired. Windows 11 IoT Enterprise LTSC 2024, supported for 10 years, is available through OEMs and directly from Microsoft through Volume Licensing.

Related Resources

What’s New for IT Pros in Windows 11 24H2

What’s New in Windows 11 Enterprise LTSC 2024

Microsoft Recall, Take 2

New experiences coming to Copilot+ PCs and Windows 11

It’s no secret that Microsoft developed its own Linux distribution, originally named “CBL-Mariner,” which it made generally available in 2023 as “Azure Linux.” Microsoft has touted Azure Linux as a lightweight distro, tuned for performance and security, which is meant for Microsoft internal use in its own first-party services and edge-computing appliances.

But I’m increasingly wondering whether that positioning is about to change. Right now, commercial customers can get access to Azure Linux as part of the Azure Kubernetes Service (AKS), where it functions as a container host OS, supporting both x86 and Arm. The code for Azure Linux is also publicly available under an MIT license on GitHub.

But what if Microsoft made Azure Linux available to customers for use directly in their own VMs and/or on bare-metal servers — basically making it an alternative to commercial Linux distros like Red Hat, Ubuntu and SUSE?

Until recently, I didn’t think this would happen because, as I and others have mused: “Does the world really need yet another Linux distro?” (And especially one from Microsoft?)

Consider the clues

Here are a few of the growing number of clues that lead me to think this actually might happen:

More than 60 percent of Microsoft customer cores run Linux workloads in VMs and containers on Azure (as of May 2024, according to Microsoft). In other words, more customer compute in Azure is running Linux on Azure than Windows Server on Azure. Distributions supported by Microsoft include Ubuntu, Debian, Kinvolk/Flatcar, Oracle Linux, Red Hat and SUSE. Microsoft also offers hundreds of preconfigured images and Linux workloads in Azure Marketplace.

Microsoft currently has no direct competitor to Amazon Linux. Amazon Linux 2023 (AL2023) enables customers to “develop and run cloud and enterprise applications in a secure, stable, and high-performance runtime environment. Also, you get an application environment that offers long-term support with access to the latest innovations in Linux,” according to the AWS site. AL2023 is provided at no additional charge. In addition to running directly on Amazon EC2, Amazon Linux can also be run as a virtualized guest in KVM, VMware and Hyper-V.

Microsoft has no immediate plans to release a version of Windows Server on Arm. Internally, Microsoft does run Windows Server on Arm, officials have said. But recently, a company representative went public saying the Windows Server 2025 release will not include a version for Arm, though the company continues to evaluate future directions. Having an Azure Linux release available on Arm would give Microsoft a way to keep its finger in the commercial Arm server pie.

LinkedIn recently deployed Azure Linux internally as a replacement for Red Hat’s CentOS7, which is no longer supported as of June 2024. As of April 2024, Azure Linux is running “nearly all of LinkedIn’s servers, virtual machines, and containers,” according to a recent LinkedIn blog post. Yes, LinkedIn is technically part of Microsoft. But both Microsoft and LinkedIn continue to act as if LinkedIn is a separate company (except when it comes to earnings time). And the LinkedIn Azure Linux effort, on which teams from other parts of Microsoft and LinkedIn have collaborated for the past year, includes Azure Linux deployed on bare-metal servers.

Microsoft isn’t denying this could happen. After reading the LinkedIn post on the move to Azure Linux, I asked Microsoft about my theory. The response from a company spokesperson: “Azure Linux for VM or bare metal use is not available as a commercially supported offering today. Support is limited to AKS as the host OS.” Note the key word: “Today.”

If and when Microsoft does remove the current constraints on running Azure Linux commercially, it won’t be doing so to try to make money from Linux. Instead, it will try to skate to the puck. Microsoft wants to attract more customers to Azure and needs to offer what those customers want to use. Azure Linux could attract more of those customers who want to see more explicit support and commitment from Microsoft for those uses.

But the question remains: Will a vendor — that a long time ago (in a Steve Ballmer galaxy far, far away) tried to kill Linux — be considered a good steward for a Linux distribution? Given how much has changed in recent years at Microsoft, my vote is yes. But I’m curious what customers think….

Related Resources

Adopting Azure Linux as LinkedIn’s operating system

What is the Azure Linux Container Host for AKS?

What is Amazon Linux 2023?

Windows Server 2025 coming to Arm? Nope

In a podcast with my good friend Mary Jo Foley a few weeks ago, I made the perhaps outrageous claim that Microsoft’s increased support of computing at the edge may turn out to be more strategic than its embrace of AI. 

Really.

Don’t believe me? Read on.

Why “Edge Computing” Anyway?

Five years ago, the enterprise computing zeitgeist was “migrate all your IT systems to the cloud,” and in that time, well, most did. 

But there were some nagging problems. One size, as we came to learn, did not fit all.

Cloud Computing Implies Unpredictable Latency

Those factory IoT devices, for example, require what we call deterministic latency, which very simply means that you have run that drill press that punches out quarter panels every three seconds precisely, or maybe you’ll turn a worker’s arm into a car part. That precision means that it’s not such a good idea to control the press from a cloud application thousands of miles away sending commands over the open internet — where messages may take a different route, with varying numbers of hops –  every time.

Not All Systems Are Always Connected

Last year my wife and I enjoyed a Mediterranean cruise aboard the ultra-modern Celebrity Beyond, and, being a geeky kind of guy, I signed up for the “behind the scenes” tour. Entering the engine control room, I expected to see a grimy, noisy compartment with grease-covered sailors manning the controls – something out of the movie Titanic, I suppose. Instead I saw rows and rows of keyboards and screens – and just one crewman running the whole thing. (I snapped the photo to the right.) 

Everything on the ship was connected: arranging tours and excursions, dinner reservations, shows and events. Because of course the ship spent most of its time at sea, all this processing had to be performed on board. 

And this “occasionally connected” scenario is quite common. In a remote location like a mine, for example, or an oil platform, connectivity may be unreliable. But the apps must still run.

Regulatory Compliance

Many countries require that data about their citizens be stored locally, and not in a public cloud elsewhere. That translates to the technical requirement that data be processed at its source; and that it must be anonymized or minimized before it or any part of it is sent to the cloud – and all that means organizations must have secure and sophisticated systems in those localities. 

Thus, as David Linthicum very correctly points out, more and more governments are considering so-called “sovereign” clouds, that is, “semipublic” data centers hosting cloud services just for those countries. (Of course, Azure’s GCC offerings provides a sovereign cloud for the US.) 

Putting All the Pieces Together

These scenarios – and there are countless more like them (retail stores, oil platforms and refineries, wind farms, hospitals, and so on) – add up to a common definition of the edge: computing systems that run in any location, that have predictable latency, and can support complex and varied application scenarios.

Nearly all edge systems will be connected, if occasionally or even rarely, to the cloud, so we’d like a common programming architecture and a common, centralized management model.

Microsoft at the Edge

Over the past few years Microsoft has rolled out a series of products and services which, in my opinion, position them ahead – way ahead – of their competitors when it comes to edge computing. 

Of these, several are especially significant:

Arc, which my colleague Jim Gaynor covers in depth in a forthcoming report (entitled “Azure Arc Has Tangible Benefits But Tethers Customers to Microsoft”), lets administrators deploy and manage Azure-connected edge resources from a single pane of glass. Arc can manage remote Linux, Windows, Kubernetes, SQL Server, Logic Apps, Container Apps, Functions, VMware vSphere – and many (many) others running at the edge, with more coming (for example, public preview for Azure Container Storage enabled by Arc Edge Volumes was announced just last week, enabling fault-tolerance, failover, and storage observability). 

Container Apps lets developers write containerized applications and run them in a serverless environment on the edge. And recently Microsoft announced that Logic Apps will be supported at the edge as containers running on Container Apps, so we can expect enterprise-class workflows like EDI/X.12 at the edge: perhaps useful for warehouse applications. Indeed: as more and more Azure services are containerized, we can expect to see them appear on the edge.

That’s a big deal.

Azure IoT Operations targets large-scale IoT applications. IoT Ops comes with OPC UA and MQTT interfaces (and supports others via Kubernetes Akri) and provides a data pipeline that lets developers process and filter IoT messages at the edge. Using Azure IoT Ops means your apps no longer have to send every message to Event Hubs in the Azure cloud – and thus you can get that deterministic latency we talked about earlier. (But a caveat: it’s been in preview now for almost a year, so perhaps approach with caution.) 

And by the way, all of these run on Linux as well as Windows. 

Let’s summarize.  At the edge (anywhere in the world, almost literally), using the aforementioned Microsoft products and technologies,  you can:

• Deploy, run, and manage cloud-native applications
• Process data wherever is appropriate
• Build modern IoT applications with deterministic latency
• Leverage all the security features of a modern software stack
• Use all the cloud architectural paradigms and tools you’ve learned over the past few years
• Manage them all from one place using Arc.

That’s pretty cool.

The Strategic Importance of the Edge

So why do I think edge computing is more strategic than AI for Microsoft? Because, as we look around, the enterprise computing market is saturated with AI, from not just every cloud vendor but from hundreds of smaller companies and startups as well. Switching costs are minimal: if you don’t like the answer from one of the copilots, go to any of the other LLMs. 

But edge systems are entrenched. Once a system is deployed, say, in a factory, it’s very difficult – and disruptive to operations — to rip it out and replace it, which is why there are still OLE for Process Control (OPC) Classic-based industrial automation systems (based on Windows DCOM!) still out there in the world. 

As customers seek to modernize their remote systems, they’ll find Microsoft’s edge story pretty compelling; and as they build applications that are connected and managed from Azure, that deeply embed Microsoft technologies like Azure IoT Ops and Arc, not to mention both local data analytics and filtering backed by Azure AI, they’ll ever more deeply establish the Microsoft edge in their environments. 

That’s pretty darned strategic and differentiating.

Disagree? Think I should be relegated to the edge? Drop me a line at bbriggs@directionsonmicrosoft.com.

On September 16, Microsoft provided an update on its Microsoft 365 Copilot deliverables via its “Microsoft Copilot Wave 2” virtual event. Some of the announcements it made today were rebrandings. Others were reminders about various Copilot features announced last year and earlier this year.

A primary focus of Wave 2 is on making Microsoft’s Copilots more collaborative, which, in Microsoft land, means Teams, SharePoint, and Loop are all involved. “Agents” — the favorite new buzzword of all tech companies looking for a piece of the AI pie — also are part of this next Microsoft Copilot wave.

Cutting Through Copilot Complexity

Because cutting through Copilot complexity is a team sport here at Directions on Microsoft, we created a cheat sheet for deciphering Microsoft’s Copilot Wave 2.

Our top callouts:

Microsoft 365 Copilot: In a rare moment of naming clarity, Microsoft officially is rebranding the product known as “Microsoft Copilot for Microsoft 365” to Microsoft 365 Copilot. This is not trivial. Up to this point, Microsoft officials have tried to make the case that there is a single Microsoft Copilot that lights up via different experiences across its personal and commercial products — which is a stretch. Microsoft is finally acknowledging that the Microsoft 365 Copilot family is not the same as GitHub Copilot, Dynamics 365 Copilot or any of the other Copilots.

Copilot in Excel: Copilot in Excel is, finally, officially GA (generally available) as of today. Microsoft officials said last year that Microsoft 365 Copilot was generally available as of November 1. They didn’t make it clear (though we at Directions did) that the Excel Copilot was not ready. Microsoft re-announced today that Copilot in Excel is going to be integrated with Python for advanced analysis (original announcement was September 2023) and a public preview of this is available now.

BizChat: The technology Microsoft is now calling “BizChat” in Microsoft 365 Copilot is not new. This capability, which allows the various Microsoft 365 Copilots to work together, along with customers’ data and web search results, was first announced over a year ago as “Business Chat.” Microsoft later changed its name to “Microsoft 365 Chat.” Now it is “Microsoft 365 Copilot BizChat” (not to be confused with Microsoft’s BizTalk Server integration solution.)

Copilot Pages: Copilot Pages — which Microsoft describes as a dynamic, persistent canvas in BizChat designed for multiplayer AI collaboration — actually is all about Microsoft’s Loop collaboration application. Copilot Pages are .loop files and share the same capabilities as Loop pages. When someone shares a page link to others from Copilot chat, recipients of the page link will open the Copilot page in the Loop app. Copilot Pages stay in sync, just like Loop pages, and up-to-date across the locations where they are shared, Microsoft says.

Copilot in SharePoint: Copilot in SharePoint, which is considered by Microsoft as part of Microsoft 365 Copilot, is now rolling out to customers. Microsoft is touting Copilot in SharePoint as being able to use natural language to edit and create sites and pages. It’s still missing a number of promised features, but Microsoft officials said many of these will come “later this year.” Microsoft originally announced Copilot in SharePoint back in May 2023.

Copilot in OneDrive: Copilot in OneDrive, plans for which Microsoft announced in October 2023, is also just now deemed as generally available and rolling out to customers. Copilot in OneDrive will allow customers to summarize files faster, generate FAQs from a document, and compare documents more easily, according to Microsoft.

Copilot Agents: Copilot Agents, which are assistants for automating and executing business processes, also is not brand-new. Microsoft officials talked up plans for agents at the company’s Build 2024 conference in May, and said there would be an early access program for customers interested in building their own autonomous agents in Copilot Studio. Agents built in Copilot Studio (the low-code product formerly known as Power Virtual Agents), can be published directly into Microsoft 365 Copilot. Microsoft says Copilot Studio developers will be able to create agents from within BizChat and SharePoint in the coming weeks. Today, Microsoft is re-introducing what it previously called “custom copilots in SharePoint” as Copilot agents. Copilot agents in SharePoint will be available in public preview in early October, officials said.

More AI goodies for the M365 Apps

Microsoft also used today’s Wave 2 event to provide an update on some of the Copilot-related capabilities coming to the apps in the Microsoft 365 suite. Copilot in Teams later this month will be able to reason over both the meeting transcript and the meeting chat. Copilot in Outlook is getting a “Prioritize My Inbox” feature (which sounds to me a lot like Focused Inbox); a preview is coming later this year.

Microsoft hasn’t released any real numbers on how many paying Microsoft 365 Copilot customers it has won to date. But company officials have been sharing lots of tips designed to improve adoption and use. Will adding collaboration to the Microsoft 365 Copilot equation help with uptake? We’ll see….

Related Resources

Microsoft Copilot Wave 2: Pages, Agents and More

Unveiling Copilot agents built with Microsoft Copilot Studio

10 Things You Need To Know Before Buying M365 Copilot

CIO Talk: ‘Agentic’ AI: More than just smarter workflows?

May 2023: Introducing Copilot in SharePoint

October 2023: Microsoft says Copilot in OneDrive coming in December

Directions on Microsoft’s Copilot tracker (downloadable reference sheet)

These days a lot of AI hype is centered around what is being called “agentic” AI, which is the first time I’ve encountered the adjective form of the word “agent.” The idea seems to involve using LLM-powered “agents” to autonomously perform tasks, typically as part of some larger business process (a workflow).

As an example, Microsoft Research’s Project Autogen suggests that workflows can consist of “multiple agents [that] can converse with one another,” that is, LLM-powered agents negotiate, connect to software tools, write code, and so on, to accomplish business goals.

Is this abstraction useful? Maybe…

What’s really new here?

Now for anyone who’s been in the enterprise software business for a while, like me, there’s a lot to be skeptical about. And I’ll admit that my eyebrows furrowed a bit when I heard the term “agentic,” because:

Agents have been around forever. In the early ’90s (for example) we created a whole platform for server-based agents in Lotus Notes that could do things like automagically categorize email, and things like that. Lots of other systems have deployed agents in similar ways for similar tasks.

Workflows have been around also forever. In fact, as I have argued, businesses are nothing more than collections of business processes, i.e., workflows. So what’s a workflow? As I wrote some years ago in an article entitled “The Laws of Business Process,” it’s just a stepwise set of activities that accomplish a business goal, starting with an event of some sort (“order received”), followed by some number of tasks (“check inventory,” “send email to customer,” etc.) and often including some sort of decision logic (“if out-of-stock, then…else…”). You can assign attributes to these – cost, human or automated task, and so on, to do prediction and analysis. But I digress.

And while Microsoft was slow to the workflow game in the 2000s, with Power Automate and Logic Apps they now have compelling offerings (arguably one too many, but that’s for a different post).

But let’s think for a second about the canonical business process:

On order received for product
Check inventory on product
If product in stock
Ship product
Decrement inventory

So why do you need AI for a process like this?

Maybe you don’t. Here we have a process which is very deterministic, does not have any particular dependence on natural language processing, and is highly automated, that is, requires almost no human interaction. A lot of processes are like that; in fact, for financial workflows, like SWIFT, which moves literally trillions of dollars every day, you absolutely want the determinism good old-fashioned code gives you — and not the probabilistic behavior of an LLM.

So … What, exactly, is ‘Agentic’ AI?

Other types of processes, however, have uses for natural language. So perhaps we should think of LLMs not as replacing current notions of business process, but as enhancing them.

For example, one use case in which an LLM-powered “agent” would be extremely useful is in customer service, in which a customer calls or writes with a question. As implemented in Dynamics 365 Customer Service, an LLM can help reps distill incoming questions to their essential elements to quickly find an answer. And of course, an LLM could power an Interactive Voice Response (IVR) system with much more satisfying and pleasing results than today’s typical “press 1 to repeat these options” systems (in theory, as I have yet to experience this).

Not only that: LLMs, as a friend at Microsoft told me, are also exceedingly — maybe even surprisingly — good at decoding error messages, say, from software or data center hardware or IoT devices. And they can often determine remediation faster, my friend claimed, than a human Site Reliability Engineer (SRE).

The point of all this is that there may well be a place for LLM-powered agents. Are they a panacea? Do they replace everything we’ve ever done with agents and workflow? Certainly not. But we can get some improved functionality, which is all we can ask of our software. We’ve all seen this phenomenon before: A new technology is accompanied by massive hype, then after the dust settles, it finds its rightful place in the technology ecosystem.

What do you think? Is there more than hype when it comes to Agentic AI? Drop me a line at bbriggs@directionsonmicrosoft.com.

Related Resources

Microsoft Project Autogen: Multi-Agent Conversation Framework

Dynamics 365 Contact Center Leverages Copilot, Consolidates Offerings (Directions members only)

Directions on Microsoft Deep Dive: What Is The Power Platform?

Microsoft is making changes to how customers of its Copilot with Data Protection (the Copilot formerly known as Bing Chat Enterprise) will use and access its AI service starting in mid-September. The most notable change will happen around prompt retention and discoverability. Until now, Microsoft officials touted that Microsoft didn’t retain chat prompts and responses with this Copilot. But beginning in September, Microsoft will start to do so, in the name of compliance, auditing, and discovery.

The Bing Chat Enterprise version of Copilot — which is accessible to those who sign in with their Entra ID accounts — has included Commercial Data Protection since November 2023. Microsoft officials said in an August 15, 2024, blog post that this Copilot version will now include “Enterprise Data Protection” starting this September.

Directions on Microsoft asked Microsoft if there’s a difference between Commercial and Enterprise Data Protection (and if so, what it is) but have not yet received a response.

Microsoft’s Frequently Asked Questions (FAQ) page doesn’t offer any further clues about what’s changing from Commercial Data Protection beyond this:

“Enterprise data protection (EDP) refers to controls and commitments, under the Data Protection Addendum (DPA) and the Product Terms, that apply to customer data for users of Copilot for Microsoft 365 and Microsoft Copilot. The use of the term EDP is not meant to limit the benefits offered under the DPA and Product Terms.”

However, there are some answers buried in a comment on Microsoft’s August 15 blog post about the differences between Commercial Data Protection and Enterprise Data Protection, courtesy of a Microsoft representative. According to that person, Enterprise Data Protection adds the following to the list of privacy and security features already in Commercial Data Protection:

• Prompts and responses will stay within the Microsoft 365 service boundary, and all associated data handling commitments will apply — including support for GDPR, and ISO/IEC 27018 (Copilot for Microsoft 365 runs on the ISO 27018 certified Microsoft 365 platform)
• Prompts and responses can be logged and have retention policies applied to them
• Prompt and responses will be available for eDiscovery and other Purview capabilities
• Commercial use of Microsoft Copilot will be covered by the Data Protection Addendum for all prompts and responses
• Ads will not be displayed in Copilot chat web scope

Commercial Data Protection already delivers several of the benefits Microsoft is highlighting as being included in Enterprise Data Protection. For example, chat data sent to and from copilot with Commercial Data Protection is encrypted. And chat data isn’t used to train the underlying large language models with Commercial Data Protection.

As noted by the company representative and in a footnote on Microsoft’s blogpost: “Microsoft Copilot for Microsoft 365 runs on the ISO 27018 certified Microsoft 365 platform. Microsoft Copilot will start rolling out to the same platform in the second half of September 2024 for users signed in with a Microsoft Entra account.” I’d assume this means that Copilot Bing Chat Enterprise has been running on the Bing platform to date.

Microsoft To Admins: Put a Pin on It

As explained in more detail in a message in the Microsoft 365 admin center (MC862983), Microsoft also is updating the interface for this version of Microsoft Copilot for work and education customers. (Government cloud customers and students under 18 are not yet eligible to use Copilot with Data Protection.)

Beginning in mid-September, once eligible Copilot users are logged in with their Entra accounts, they will be redirected to a new, centralized Microsoft.com/copilot site if they are accessing Copilot via the Web. Windows users signed in with their Entra accounts will be redirected to the Microsoft 365 app and can access Microsoft Copilot there. Mobile users who have been using the Copilot mobile app with their Entra accounts will be redirected to the Microsoft 365 Mobile app and given the option to access Copilot there instead. The Copilot mobile apps are being discontinued and replaced by the Microsoft 365 app.

Microsoft also is using this redirection — which officials said will be complete by mid-October 2024 — to try to get administrators to pin Microsoft Copilot to users’ task bars and/or in the Microsoft 365 app. (Those who have licenses for Copilot for Microsoft 365 already see Copilot pinned in these ways.)

Microsoft is planning to make the Bing Chat Enterprise Copilot pinning option part of Outlook and Teams at some point in the future, according to the Message Center post. If admins do not make a pinning selection by mid-September, Microsoft will prompt their users to pin Copilot for themselves (though admins can disable this from happening.)

Related Resources

Updates to Microsoft Copilot to bring enterprise data protection to more organizations

FAQ: Microsoft Copilot updates and enterprise data protection

Microsoft: What is Copilot with Commercial Data Protection?

Microsoft: What is Enterprise Data Protection?

Earlier this month, Berit Anderson of the Strategic News Service wrote, persuasively, that “we have already reached maximum LLM utility.” She rests her argument on the increasingly clear and evident fragility and error-prone nature of LLMs. As often as not they get things wrong: they “hallucinate” to use the term currently in vogue. Given that Microsoft has made enormous bets on AI — not only is it the foundation of their technology strategy but it’s at the core of everything marketing (which worries me, because I think they may be ignoring other products)…is the AI (and Microsoft’s) bubble about to burst?

As Elon Might Say, “Concerning…”

I recently downloaded Meta’s much hyped Llama 3.1. Running it on my desktop using Ollama (if you haven’t tried this, you really must), I conducted a test in which I asked it a single question then shut it down, restarted the app, then asked it again. I did this three separate times.

The question: “Who is Barry Briggs who used to work at Microsoft?”

In July, Microsoft announced via a message on the Microsoft 365 Admin Message Center, that it planned to change its archival policies around unlicensed OneDrive for Business accounts. Coincidentally (or maybe not), it has an app to help with that: Microsoft 365 Archive, where unlicensed account data will go if admins don’t act.

Unlicensed accounts are not associated with a Microsoft 365 or Office 365 user subscription license. These accounts can become unlicensed when licensing isn’t activated or is expired, Microsoft says.

Microsoft charges for unlicensed One Drive for Business cloud accounts now. The storage comes out of the tenant’s SharePoint Online quota. When customers hit the limits on that quota, they need to buy more. What’s changing, come next year, is that Microsoft is going to take the data from unlicensed accounts offline by moving it into its archive service and could eventually delete it completely if customers do nothing.

According to an article on Microsoft Learn, “Beginning January 27, 2025, any OneDrive user account that has been unlicensed for longer than 90 days becomes inaccessible to admins and end users. The unlicensed account is automatically archived, viewable via admin tools, but remains inaccessible until administrators take action on them.”

“Taking action” means assigning licenses to unlicensed OneDrive accounts, deleting the accounts, or archiving them. Microsoft is charging US$0.05 per month per gigabyte for storage in Microsoft 365 Archive and US$0.60 per gigabyte per month for retrieval.

If Microsoft automatically moves an unlicensed account from SharePoint to Microsoft Archive and customers haven’t set up Archive, Microsoft will delete those unlicensed accounts after 180 days. (Note: None of these changes in how OneDrive for Business accounts will be handled apply to education, Government Community Cloud or Department of Defense customers, Microsoft says.)

The risks of doing nothing

“If you do nothing, a former employee’s data will go offline and then disappear completely when you take back their license, not just when you take them out of the directory” says Rob Helm, Managing Vice President of Research at Directions on Microsoft. “That could make it tough to hand over the role to someone else, and in the worst case could create trouble from courts and regulators.”

As of late August 2024, SharePoint admins were set to access reports identifying their unlicensed OneDrive for Business accounts via the SharePoint Admin Center. The reports show how many unlicensed OneDrive for Business accounts exist in an org and the reasons they are unlicensed.

Microsoft officials point out that even if an account is archived, its content is still discoverable with Microsoft Purview eDiscovery and Content Search.

“Archived OneDrive accounts fully honor retention policies, settings, and litigation holds,” the Microsoft Learn article says. And if an account is retained because of a retention policy, setting or hold, customers will still be required to pay the monthly archive storage costs.

“We recommend reviewing your retention procedures for former employee data. They might work fine despite the change. But it’s better to know now than to find out suddenly next January,” says Helm.

Related Resources

Microsoft 365 Admin Center: Microsoft OneDrive: Update for unlicensed accounts

Microsoft Learn: Manage unlicensed OneDrive user accounts

Report Detailing Unlicensed OneDrive for Business Accounts Available

Microsoft 365 Archive Stores Retired SharePoint Sites (Directions members only)

It wasn’t a massive global cyberattack, but it definitely felt like one. Late last week, a faulty update from security vendor CrowdStrike hit an estimated 8.5 million Windows devices worldwide, according to Microsoft estimates. Airlines, hospitals, banks, trains, broadcast stations, retail shops, and more got stuck in a blue-screen reboot loop, the results of which likely won’t be fully cleaned up for weeks or even months.

Whether or not you’re part of the clean-up crew, there are some important lessons to be learned from the CrowdStrike meltdown.

“Customers should take steps to minimize risk of endpoint failure due to potential bad updates or other incidents,” said Directions on Microsoft analyst Jim Gaynor. “However, failure is inevitable, so customers should also optimize their endpoint recovery processes to minimize impact of failure. And the resources spent on each should be based on rigorous risk assessment, and not reactionary decisions made out of fear.”

Four ways enterprise customers can take action

The Directions on Microsoft analyst team put our heads together to come up with some actionable items based on the CrowdStrike incident. Here are our top four:

1. Stage updates. Microsoft isn’t the only company that pushes out bad patches and updates; its partners do, too. That’s why it’s key to use deployment rings, applying updates to a select few devices first, to check whether it’s all systems go before rolling them out everywhere.

If you do stage updates, “don’t set auto-update and forget,” cautioned Directions analyst Michael Cherry. “I was a CrowdStrike customer and the last time I worked with their product they used to release their updates to Falcon in a preview mode, but I never bothered to look at them, like most people, because CrowdStrike had never had a problem. Until they do. You also need to know how to pause updates when you see things going bad.”

2. Make sure your systems hygiene processes are in order, so when (not if) another similar outage happens, you’ll be ready to take action.

“Ensure you have easy access to BitLocker keys. Confirm recovery partitions. Establish backups and, in the case of VMs, have snapshots for fallback. Test your imaging/deployment processes and ensure they’re current, documented, and streamlined. For distributed companies, have dedicated regional points of contact. The list goes on,” said Directions’ Gaynor.

BitLocker is especially key here. “Companies need to treat their BitLocker recovery keys like a part of their recovery plan, and if they can’t roll out or repair systems en masse, using BitLocker recovery properly, you’re in for a painful, one-by-one repair process,” Directions analyst Wes Miller noted.

3. Don’t overuse Windows in embedded or Long Term Service Channel (LTSC) and infrastructure scenarios. Does your check-in kiosk really need to be running Windows inside? Does your ad billboard? (Looking at you, Times Square!) When an embedded version of Windows goes south, IT likely will be required to fix devices manually. And while restore points exist for many cloud services and virtual machines, they aren’t always or even often there for servers and embedded devices.

4. Remember: You’re at the mercy of your most rapid-fire vendor. You may have sound testing policies and procedures, but do all of your vendors — or all of Microsoft’s ISV partners? You may not be able to influence much or at all with which vendors Microsoft partners, but at least you’ll be more alert for potential issues.

Counting on the CloudStrike incident to cause Microsoft to change its policy which allows certain software vendors access to the Windows kernel is not a good bet. Microsoft execs have said they legally cannot close off Windows the way that Apple does due to a 2009 agreement with the European Commission which requires Microsoft to provide security software companies with the same access to Windows that Microsoft itself gets.

Update (July 26): A July 25 Microsoft blog post entitled “Windows resiliency: Best practices and the path forward,” raises the possibility that Microsoft may, at some point, stop allowing third parties to have Windows kernel access. From that post:

“This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience. These improvements must go hand in hand with ongoing improvements in security and be in close cooperation with our many partners, who also care deeply about the security of the Windows ecosystem.

“Examples of innovation include the recently announced VBS enclaves, which provide an isolated compute environment that does not require kernel mode drivers to be tamper resistant, and the Microsoft Azure Attestation service, which can help determine boot path security posture. These examples use modern Zero Trust approaches and show what can be done to encourage development practices that do not rely on kernel access. We will continue to develop these capabilities, harden our platform, and do even more to improve the resiliency of the Windows ecosystem, working openly and collaboratively with the broad security community.”

Related Resources

Microsoft: What we’re doing about CrowdStrike

CrowdStrike’s Remediation and Guidance Hub

Microsoft Recovery Tool for Helping Remediate CrowdStrike Issue

Microsoft: Recovery options for Azure VMs affected by CrowdStrike’s Falcon agent

Microsoft’s Customers Must Monitor Its Security Shortcomings (Directions members only)

One of the most common customer questions we get at Directions on Microsoft is when we expect Microsoft to introduce a new high-end tier of Microsoft 365 enterprise suites (likely an “E7”). As was true last year, there’s still no tangible evidence Microsoft is ready to introduce such a suite any time soon. Microsoft officials continue to emphasize that Microsoft 365 E5 adoption is key to Office’s continued enterprise growth and leave it at that.

There is, however, a noteworthy change in how Microsoft is rolling out key new services to its enterprise subscription customers. In the not-so-distant past, Microsoft would have been expected to deliver these new services as additions to existing Microsoft E3 and/or E5 plans for no additional cost. But instead, Microsoft increasingly is introducing these kinds of services in the form of pricey add-ons, and sometimes add-ons in the form of their own “mini suite” bundles.

The Entra Suite, the Intune Suite, Defender Vulnerability Management tier of service, and Teams Premium are all examples of add-ons which previously would have been likely to be folded into E3 and/or E5.

“These add-ons each share three characteristics. They each require a service included in one of the Microsoft 365 enterprise suites (E3 or E5); each has reasonably broad appeal to knowledge workers; and each would likely have been added for no additional cost to existing Microsoft enterprise suites, based on past trends,” said Directions on Microsoft analyst Wes Miller.

The recently added Entra Suite, for example, includes (with each piece also available separately) Entra ID Governance, Entra Internet Access, Entra Private Access, as well as premium face check capabilities, on top of the otherwise free Entra Verified ID service. Entra ID Governance is US$4 per user when added to Entra ID Plan 2, US$7 per user when added to Entra ID Plan 1. The Entra Suite is US$9 per user when added to Entra ID P2, US$12 per user when added to Entra ID P1.

A new top shelf?

The release of so many new core services as add-ons could be interpreted as a sign that Microsoft is gearing up to release an E7 subscription. Such a move wouldn’t be too surprising, as Microsoft execs have said that the best way for the company to grow Office average revenue per user (ARPU) is to migrate customers to more expensive Microsoft 365 suites.

“Microsoft is always ready to displace the current top-shelf tequila with a new top-shelf,” said Directions’ Miller. Bundling together some of the more compelling new services into a comprehensive E7, priced somewhere under $100 per user per month, would give Microsoft a new, very premium subscription offering.

But there’s an alternative possibility. Perhaps Microsoft has done the math and calculated that add-ons will generate more money than suites. Although Microsoft didn’t provide any dollar figures for Microsoft 365 Copilot sales during its Q4 FY’24 earnings call on July 30, officials did say the number of customers for this $30 per user per month add-on grew 60% from FY’24 Q3 to Q4.

Two years ago, Microsoft disclosed that only 12 percent of its Office 365/Microsoft 365 installed base were E5 subscribers. (As of Microsoft’s Q2 FY2024, there were more than 400 million paid Office 365/Microsoft 365 subscribers, according to Microsoft.) The company has not provided an updated figure since then, but officials have said that the E5 base is growing at a good clip — which isn’t too surprising, given various incentives Microsoft has provided to help move more customers to E5, such as holding its price constant at $57 per user per month while increasing the prices of Microsoft 365 E3 and all other Office 365 suites.

Microsoft 365 E7: What might be inside

If Microsoft ever does decide to create an E7, what’s likely to be included that’s not in E5?

Any or all of the four previously mentioned mini-suite add-ons would be good candidates, meaning Entra Suite/Entra ID Governance; Intune Suite and/or Intune Plan 2; Microsoft Defender Vulnerability Management, and Teams Premium.

Other strong possibilities include:

• Copilot for Microsoft 365
• Viva Suite
• Other goodies: If orgs meet some E7 purchase coverage threshold, Microsoft might throw in extra capacities, not having to augment shared mailboxes with security / compliance SKUs, etc.

Regardless of which path Microsoft takes, customers should be prepared to negotiate at their next Enterprise Agreement (EA) renewal to consider the price increases they’ll incur and to avoid overspending on immature and still evolving features.

Related Resources

From 2023: Is Microsoft 365 E7 waiting in the wings?

Paid add-ons to Microsoft 365 are multiplying rapidly. What’s a customer to do?

Services Increasingly Expanding Beyond Microsoft 365 Suites (Directions members only)

Microsoft FY24 Fourth Quarter Earnings Conference Call Transcript

As announced last month, August 1 was the day Microsoft deemed the new Outlook for Windows as generally available (GA) for commercial customers. In its blog post touting the GA milestone, Microsoft officials reiterated there are no configuration changes being forced on organizations at this time; instead, the GA marker signifies that Microsoft now offers support via all of its support channels for the new Outlook as a way to help customers start planning migrations.

Microsoft’s blog post also mentions again that “existing installations of classic Outlook through perpetual licensing will continue to be supported until at least 2029.” (“Classic Outlook” is the new way Microsoft is referring to the existing Win32 Outlook app for Windows.)

The next perpetual release of Office is Office 2024, due to ship this fall and which will be supported until some point in 2029. Microsoft plans to make classic Outlook part of Office 2024 Professional Plus and Standard. The company has not said whether it also will include classic Outlook in the promised perpetual Office release that will follow Office 2024, but our bet at Directions on Microsoft is by the time Office 2027 (or whatever the next perpetual release is called) ships, it will include new Outlook, not Classic.

It’s beginning to look a lot like … OneNote

There is yet another way for those who really do not want to or cannot move to the new Outlook on Microsoft’s schedule to keep using the existing classic Outlook for Windows client. Microsoft is not publicly touting this option, and we at Directions on Microsoft didn’t know about it, either, until we asked.

Directions asked Microsoft recently whether enterprise customers with Microsoft 365 subscriptions which include downloadable apps will be able to continue to get Outlook Classic and for how long. A spokesperson told us:

“For customers with Microsoft 365 subscription that includes desktop apps, new Outlook will be available to download for free and classic Outlook is available for download and will need to be downloaded separately. Customers will need a Microsoft 365 subscription (or license) that includes desktop apps.”

We verified with Microsoft that there will not be any extra licensing or fees required by qualifying enterprises to download classic Outlook until at least 2029.

As long as customers have Microsoft 365 suites which include rights to the downloadable Office apps, they will be able to get classic Outlook until at least 2029. However, they will have to get classic Outlook by downloading it separately, since Microsoft will replace classic Outlook with the new Outlook in Microsoft 365 E3/E5, Office 365 E3/E5, Business Standard, Business Premium (plus other consumer, education and government subscriptions) in the coming months.

“This takes time pressure off Microsoft 365 Apps for enterprise customers,” said Rob Helm, who tracks Outlook and Exchange for Directions. “If they can continue to redistribute classic Outlook to their Microsoft 365 Apps users, they get more time to get rid of plug-ins that don’t work with new Outlook, and more time to find workarounds for classic features that new Outlook doesn’t have.”

“Microsoft 365 Apps customers still will want to assess their risk for the day that classic Outlook is no longer available to them. But that day is some years further away than we thought,” Helm added.

If this situation reminds you of what happened with OneNote, you are not alone. After releasing a Universal Windows Platform (UWP) version of OneNote as the planned replacement for the existing OneNote for Windows app, Microsoft met with so much resistance that it ended up continuing to make classic OneNote (originally called “OneNote 2016” and later “OneNote for Windows 10”) available as a separate downloadable app — which is still supported through October 2025 — alongside its “OneNote for Windows” app.

The New Outlook Roadmap Revisited

Back to Outlook.

For now, the new Outlook is considered at the opt-in stage. Sometime in the future — Microsoft won’t say when but did say it won’t happen without at least 12 months of notice beforehand — Microsoft will move to the opt-out stage. And some time after that (again, not without at least 12 months’ heads-up), Microsoft will move to the “cutover stage,”

At the cutover stage, users will no longer be able to switch back to classic Outlook. New deployments of Outlook with Microsoft 365 subscriptions will come with new Outlook for Windows, not classic Outlook. But as we mentioned above, those with Microsoft 365 subscriptions with licenses for downloadable Office apps still will be able to get classic Outlook as long as they download it separately through at least 2029.

As to what happens with classic Outlook after 2029, right now, there’s no word. If Microsoft adds back some of the key missing features to the new Outlook for Windows app, maybe customer outcry will subside, and Microsoft will discontinue making classic Outlook available. For now, however, there is still a substantial gap between what’s in classic Outlook and what’s still not available in the new Outlook. Some features like COM/VSTO/VBA add-in support will not be added. And support for on-premises Exchange Server with the new Outlook is still just a maybe.

Related Resources

Microsoft says the new Outlook for Windows is ready for GA. Is it?

Microsoft Aug. 1 blog post: The new Outlook for Windows is ready when you are

Microsoft’s subscription-free, ‘perpetual’ Office LTSC 2024 to ship this year

Microsoft chart: New and classic Outlook for Windows feature comparison