Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

It’s been a while since Microsoft announced a company-wide security initiative. Remember Security Development Lifecycle back in 2004, post-Blaster? Or Trustworthy Computing in 2002?

Microsoft’s newest imperative, unveiled both internally and publicly on November 2, is called the Secure Future Initiative (SFI). It’s focused on revamping how Microsoft designs, builds, tests, and maintains its services and software.

It’s probably no coincidence Microsoft is unveiling SFI after widespread outcry — and calls for government regulation — following the Storm-0558 China hack. Via that breach, bad actors infiltrated a number of business and government Outlook email accounts, all stemming from access to a Microsoft Account consumer key.

Storm-0558 is hardly the only big cybersecurity incident that’s hit Microsoft and its customers in recent months. Phishing, ransomware, malware as a service and other security issues are cropping up non-stop. And as more companies bring generative AI technology in-house, even more sophisticated security problems will, no doubt, be added to the mix. At the same time, big tech companies increasingly are finding themselves on the “failure to inform” end of a sharp legal stick, giving Microsoft even more incentive to be proactive in cleaning up its security act.

Unsurprisingly, AI plays heavily into Microsoft’s proposed security solution (as it does with every Microsoft announcement these days). Microsoft is working on an AI assistant tool called Security Copilot that is meant to help IT pros more quickly and easily see what’s happening from a security standpoint in their organizations. Microsoft recently broadened its private, paid testing program for Security Copilot ahead of its expected 2024 general availability.

As part of the SFI initiative announced today, Microsoft said it will improve its own software development and vulnerability remediation activities. Specifically, Microsoft execs said they will:

“The Trustworthy Computing push happened because (Microsoft founder Bill) Gates recognized that security problems were slowing PC sales, which hurt Microsoft sales. It could be that it is seeing similar limiting effects in the cloud business, with customers so under siege that they can’t adopt new technologies,” said Directions on Microsoft analyst Rob Helm.

“And in that business, Microsoft can’t ignore the problems that a customer is having with security, because Microsoft is effectively a big part of the customer’s IT department,” Helm added.

Whatever happened to Trustworthy Computing?

Speaking of Trustworthy Computing, Microsoft’s last major cross-divisional security initiative, Directions on Microsoft analyst, Michael Cherry, wondered whatever became of it.

“The questions that should be asked of Microsoft is, ‘if you were doing Trustworthy Computing correctly, and this assumes you are still doing it, then what about your secure by design, secure by deployment, and secure by default isn’t working?’” Cherry said. After all, with Cloud based services Microsoft has responsibility for aspects of all three Trustworthy Computing pillars.

“If Microsoft was doing Trustworthy Computing — and there is no good reason that it would have ever stopped doing it — then one would think they should be on top of and adapting to new threats and threat actors. Is the reality that Microsoft, as an organization, doesn’t have the discipline to really address security and identity because the race to get products to market and meet the continual fast-pace of updates required to drive the Microsoft ‘As- a-Service’ subscription engine? If so, that means product teams have all abandoned secure by design, secure by deployment, and secure by default.”

“Maybe instead of a new initiative, Microsoft should just quietly get back to first principles of Trustworthy Computing and wait until it has the fundamentals down pat before adding AI,” Cherry said.

Related Resources

Announcing Microsoft Secure Future Initiative

Microsoft to broaden access to cloud security logs following China e-mail hack

Understanding Security Copilot (Directions members only)

Trustworthy Computing Report (Directions members only)

Microsoft has spent much of calendar 2023 announcing new Copilot AI assistants across its product line. At its Ignite 2023 conference, Microsoft continued this trend by announcing plans for several more Copilots, some of which are now in preview, and others still just promises.

Microsoft also used Day 1 of its annual conference for IT pros and business decision makers to try to solidify its Copilot branding. As the company indicated in September, officials are trying to promote the idea of a single “Microsoft Copilot” experience that works across its software and services. However, the reality of what Microsoft’s Copilots are and how they work is more complex.

At Ignite, Microsoft officials stated again that “Microsoft Copilot” is the brand it will use across the various AI assistants on the consumer side of the house. Bing Chat’s new official name is “Copilot.” Bing Chat Enterprise’s new official name also is “Copilot.” (Yeah, this makes no sense to us, either, as the two are different things.) Bing Chat Enterprise is not free and includes data protection that Bing Chat does not. Bing Chat Enterprise is available to those with a Microsoft 365 F3, E3, E5, A3/A5 (faculty only), Business Standard and Business Premium users for no additional cost and is US$5 per user per month for those without those licenses.

Microsoft officials also want to change the way people refer to its commercial Copilots such as Microsoft 365 Copilot and Dynamics 365 Copilot, too. The new branding: “Microsoft Copilot for Microsoft 365” and “Microsoft Copilot for Dynamics 365.”

Trying to simplify the complex can be good, but here’s the problem: There are multiple different Microsoft Copilots. And GitHub Copilot and the Copilots used in Windows or Microsoft 365 apps have very little in common.

“Each Copilot is trained on different data to perform different functions and has different security permissions. And the big one: Each has different licensing requirements,” said Directions on Microsoft analyst Andrew Snodgrass.

Bring on more Microsoft Copilots

Here’s a list of the new Copilots and Copilot-related services Microsoft is announcing at Ignite. (I’ve included any availability, pricing and licensing information I could find.):

Copilot for Fabric: Announced in May, includes several AI assistants, each using the Fabric analytics platform but designed for a different Fabric “experience” is now in preview.

Copilot for Azure: Now in preview, this AI assistant is meant to help Azure customers with designing, operating, optimizing and troubleshooting Azure apps and infrastructure.

Copilot for Cosmos DB: Focused on helping developers write NoSQL queries, this is embedded in the Cosmos DB Data Explorer. It’s free for developers.

Copilot for Service: Public preview coming in December 2023 and general availability in Q1 of calendar 2024. This new Copilot connect Office applications with third-party CRM and contact-center solutions. Pricing will be US$50 per user per month (including a built-in Copilot for Microsoft 365 license).

Copilot in Dynamics 365 Guides: This Copilot connects users wearing a HoloLens 2 AR headset with Dynamics 365 data to help field workers complete tasks.

Microsoft Copilot Studio: This low-code tool is meant to help customers build their own copilots and plug-ins to Microsoft’s Copilots by integrating business data in copilots for internal or external use. It works with connectors, plug-ins and OpenAI’s newly announced GPTs. It also includes Power Virtual Agents for developers connecting to Dataverse-based applications. Copilot Studio is included in Microsoft Copilot for Microsoft 365 licenses.

Microsoft Copilot Dashboard: Now in public preview, this dashboard is meant to help IT pros with Copilot in Microsoft 365 usage across apps, impact on productivity and the like. In early 2024, customers with Viva Insights licenses will get more advanced dashboard capabilities.

Copilot for Viva: Microsoft announced plans to provide copilots across its Viva employee experience suite back in April. These are finally starting to arrive for testing:

Microsoft is using Ignite to continue to try to whet customers’ appetites for its various Copilots by talking up a bunch of features that are coming soon. For example, in early 2024, Copilot in Teams will add the ability to give “Copilot a seat at the meeting table” in Teams meetings by taking notes or capturing specific content. And in December this year, intelligent recap will be added to Copilot in Teams, as well.

Just a reminder: Copilot for Microsoft 365 may be designated by Microsoft as “generally available,” but it’s actually only purchasable right now by a fairly small set of users. To get it, customers must have a Microsoft 365 E3 or E5 license, buy it through their Microsoft account rep (since it’s still not on the price list), purchase a minimum of 300 seats, and pay $30 per user per month for it on top of their M365 license fees.

Related Resources

Introducing Microsoft Copilot Studio

Ten Things You Need to Know Before Buying Microsoft 365 Copilot

September 2023: Microsoft takes a first stab at ‘Microsoft Copilot’ rebrand

Copilot Brand Expands, Not a Cohesive Toolset (Directions members only)

Copilot Plugins Bring Customer-Specific AI

This is a guest post from Directions on Microsoft analyst Michael Cherry, who covers Windows Client OS, corporate governance and more.

When some anniversaries come along, my immediate thought is there’s no way that event happened that long ago. Other anniversaries that I learn happened a long time in the past seem in my mind as if they occurred yesterday. That is how I feel about Oct. 14. While today I take Patch Tuesday for granted, I would not have guessed that I’ve been participating in Patch Tuesday for 20 years.

Initially, Microsoft attempted to honor its commitment to customers to only include patches that fixed issues, including security issues. But soon, just as it had with its commitment to only include fixes in service packs, features began to find their way into the patches delivered on Patch Tuesdays. It became necessary to at least examine a patch to see what impact it might have on problems that you knew or didn’t know about, and how the patch might change Windows in some way you didn’t necessarily want or need.

Looking back, those early Patch Tuesdays were simpler times.

Although there were threats, such threats were not on the order of the malicious software that has evolved to mostly be some form of ransomware. There did not seem to be any need to rush to apply the patches delivered on Patch Tuesday. Directions on Microsoft used to advise enterprises to let the patches age for at least a couple of days to ensure the patch fixed existing issues without creating new problems. This was because patches — even patches that were not mixed with features — are subject to the law of unintended consequences. This meant it was prudent to allow someone else to be the lab rat. If after a day or two I hadn’t heard or read of problems with the patches, I’d feel safe to go ahead and begin to roll them out to my devices and the devices I managed for Directions.

Today’s Patch Tuesdays aren’t like yesterday’s

But no more. Today, zero-day vulnerabilities and exploits that come under immediate attack mean that on the 20th anniversary of Patch Tuesday, the prudent approach is to patch quickly and live with the risk of problems, including whatever a “blue screen” is called today.

This change, more than any other, should be seen by Microsoft as reason enough for the company to slow the cadence of feature changes to Windows and stop co-mingling security fixes with new features on Patch Tuesday. People need to have a good known state with the Windows OS to assist in monitoring for malware that has made it past their defenses.

Although the technology to deliver, stage, and deploy patches has improved greatly from Microsoft’s investment in a software update and servicing infrastructure, at the end of the day, disciplining its release management system and its rules about what goes into the patch package remains the single most important element of building a safe and secure Windows environment — or as Microsoft once dubbed it — Trustworthy Computing. If only Microsoft were willing to put the trust back in “Trustworthy” by making the next 20 years of Patch Tuesdays exclusively about security fixes….

Michael analyzes and writes about Windows client OS, Office communication services, corporate governance. Before joining Directions on Microsoft in 2000, Michael worked at Microsoft for more than 10 years where he held a variety of technical and marketing positions, including program manager for Windows Embedded and Windows 2000 IntelliMirror.

Related Resources

Microsoft Security Update Guide FAQs

From 2003: Microsoft releases its first monthly security fixes

Marking ten years of Patch Tuesday

Windows Client OS Timeline (members only)

Many Wall Street analysts are tripping over themselves to find evidence in Microsoft’s quarterly earnings reports that Microsoft AI tools and services already are taking off. However, one of the company’s potentially biggest (and best demo’ing) AI assistant, Microsoft 365 Copilot, still is available to a very small set of paying preview customers and is a week away from general availability.

On November 1, Microsoft will make the first iteration of Microsoft 365 Copilot available for purchase by business customers for $30 per user per month. On that date, Microsoft 365 Copilot will be available for purchase only for those willing to commit to 300 seats minimum. There will be no free trial for Microsoft 365 Copilot. And from what I’m hearing, on November 1, Microsoft 365 Copilot will only be available to those with Microsoft 365 E3 and E5 subscriptions — not Business Standard and Business Premium ones (which Microsoft originally claimed it would).

Some components of Microsoft 365 Copilot and some of the related server copilots still will carry the “preview” tag on November 1. As detailed in the Microsoft 365 Roadmap, SharePoint Copilot will be in preview in November and not be designated as “generally available” until March. Microsoft 365 Copilot in Excel will still be in preview as of November and not declared “generally available” until February 2024.

The Viva Goals and Viva Engage copilots won’t start rolling out until December. It turns out that there will be copilot support not just for the new Outlook for Windows, but also the “classic” Windows version — at least with a “summarize by Copilot” capability — but it won’t be available in preview until January 2024 and generally available in March 2024, the Microsoft 365 Roadmap says.

A few of Microsoft’s already announced copilots are commercially available, including GitHub Copilot, Bing Chat and Bing Chat Enterprise (both recently renamed Microsoft Copilot), an early version of Copilot for Windows, and some of the Power Platform and Dynamics 365 copilots. Microsoft’s Security Copilot just entered a broader, paid Early Access Program (EAP) pilot last week.

This staggered rollout didn’t stop Microsoft CEO Satya Nadella from trumpeting the potential of the company’s copilots during the Q1 FY’24 earnings call on October 24. Nadella said a substantial number of workload starts on Azure were AI-related during the quarter.

“With copilots, we are making the age of AI real for people and businesses everywhere,” said Nadella. “We are rapidly infusing AI across every layer of the tech stack and for every role and business process to drive productivity gains for our customers.”

Azure AI growth as a leading indicator

During Microsoft’s Q4 FY’23 earnings call in July, Chief Financial Officer Amy Hood predicted that roughly two points of Azure growth would come from AI in the Q1 quarter. In fact, this ended up being three points, “primarily driven by increased GPU (graphic processing units) capacity and better than expected GPU utilization of our AI services, Hood said.

Azure revenues (which Microsoft still does not disclose publicly) were up 29 percent for Q1, which was better than company watchers were expecting. Nadella said 18,000 organizations are now using Azure OpenAI, Microsoft’s implementation of OpenAI, up from 11,000 announced in July.

Microsoft execs also have been encouraging customers to use Microsoft services such as Syntex, Fabric, Purview and Defender to get their data-storage and -access strategies in order before turning on its various copilots in order to try to reduce inadvertent data leaks.

The company’s overall “Microsoft Cloud” revenues (a category which includes Microsoft 365, Azure, Dynamics 365, GitHub, some LinkedIn revenues and other cloud-centric products) hit $31.8 billion, up 24 percent over the previous year’s quarter. Microsoft revenues for the quarter were $56.5 billion, and earnings hit $2.99 per share.

While AI exuberance is in the air among Microsoft management and many on Wall Street, it’s still worth asking whether Microsoft might be overinvesting in AI, either by spreading itself too thin or by completely ignoring necessary non-AI features in its products,” noted Directions on Microsoft analyst Barry Briggs.

“To put a finer point on it, could Microsoft actually fall behind competitively by directing too many resources at AI?” Briggs added.

Related Resources

Microsoft’s Q1 FY’24 earnings

Microsoft 365 Copilot: Coming to Office apps near you for $30 per user per month

M365 Roadmap for copilots

Q1 FY’24 earnings call transcript

Today’s the day. After publicly showing the first public demos of Microsoft 365 Copilot in March, Microsoft is making it generally available for a subset of its commercial customers.

M365 Copilot is one of Microsoft’s AI assistant tools that coordinates large-language models, customer content in the Microsoft Graph and Microsoft 365 apps in a way meant to increase users’ productivity.

Here are a few of the key points you should consider when evaluating whether to wade into the M365 Copilot waters:

1. M365 Copilot — generally available as of November 1 for those in the Microsoft 365 Current Channel — requires a minimum purchase of 300 seats. (Those in the M365 Monthly Enterprise Channel will be able to take advantage of the M365 Copilot features starting in December 2023.) Microsoft is telling enterprise customers interested in buying M365 Copilot that they need to “call their Microsoft account rep” in order to purchase.

2. M365 Copilot costs $30 per user per month for an annual commitment. There’s no free trial and no volume discount at this point (as far as we know). Enterprise customers who buy M365 Copilot now are committed up until their next Enterprise Agreement contract anniversary, after which point, they can drop or renew M365 Copilot for 12 months.

3. Only M365 E3 and E5 commercial subscribers are eligible to purchase M365 Copilot right now. If you’re running Office 365 E3 or E5, you need to upgrade to Microsoft 365 E3 or E5 before buying M365 Copilot. Also: Even though Microsoft officials said earlier this year that M365 Business Standard and Business Premium subscribers also would be eligible to purchase M365 Copilot when it became generally available, this does not seem to be the case. Microsoft officials say they plan to make M365 Copilot available to Business Standard and Premium users but are not saying when.

Microsoft also plans to make M365 Copilot available for Government and Education customers but has not provided a date as to when. Some invited consumer and small-business M365 subscribers are testing M365 Copilot now in a private preview.

4. There are many different Microsoft copilots, not just one. Even though the growing family of Microsoft copilots use the same underlying architecture, they are built using different reasoning and data and are designed for different purposes. Some cost money and some are available for no additional cost for certain customer groups.

GitHub Copilot, which has been commercially available for more than a year, is up to 1 million paying subscribers, Microsoft says. Windows Copilot, which, at this point, is not much more than Bing Chat with a few custom capabilities, is in preview and just starting to roll out to Windows 11 customers now. The various Dynamics 365 and Power Platform copilots are coming online; some customers get these for no additional charge.

Microsoft 365 Copilot: Not the ‘E5 of Copilots’

5. M365 Copilot is not the “E5 of Copilots.” A M365 Copilot subscription does not include Microsoft’s other paid Copilot-branded and AI-related services. For example, Teams Premium remains an add-on license for Teams with its own $10/user/month subscription. Despite Microsoft’s proclamations of how well M365 Copilot and Team Premium work together, Teams Premium isn’t included in M365 Copilot nor is there any discount for buying both together.

6. Not all pieces of M365 Copilot are actually generally available as of November 1. Copilot for Excel is still in preview. Copilot for OneNote is only available right now on Win32 desktops; Microsoft is targeting sometime during its fiscal 2025 (!) for Web, Mac and mobile OneNote Copilot variants. The Copilot for SharePoint preview kicks off in November and Copilot for OneDrive in December.

7. M365 Copilot has been in very limited and tightly controlled testing up to this point. It has been tested inside Microsoft by some employees. It was available earlier this spring to a very small group of companies (around 50) as part of Microsoft’s “AIX00” program. It also has been in a paid, private, invitation-only Early Access Preview since July with hundreds of customers (800 at its high point). There has been and will be no public beta program.

8. Microsoft focused on certain key scenarios for this first iteration of M365 Copilot. These include content generation; “commanding” (how to use Microsoft’s own products like Excel and PowerPoint); comprehension (summarize, ask questions); collaboration (combining Copilot actions using M365 Chat); and proactive suggestions/notifications. In short, M365 Copilot enables Microsoft to expose capabilities that have existed in its products and expose them to people via natural language.

9. Microsoft is strongly advising customers to make sure their data storage and access strategies are in order before deploying M365 Copilot in order to lower the risk of data leaks. Microsoft has suggested customers use the company’s services and tools such as Intune, Defender, Syntex and Purview ahead of their M365 Copilot rollouts. Microsoft also is suggesting, but not requiring, customers to have Microsoft Unified Support in place before using M365 Copilot.

Admins will be able to assign licenses and onboard employees to M365 Copilot in the M365 Admin Center (under Billing > Licenses). Once a user is assigned a M365 Copilot license, s/he gets to use copilot across all the M365 apps; admins cannot assign users M365 Copilot for only certain Office apps.

10. There’s some new language in Microsoft’s November Product Licensing Terms (published Nov. 1) for M365 Copilot specifically around location of data processing:

Location of Data Processing

Notwithstanding the Location of Data Processing provision in the Universal Terms applicable to Microsoft Generative AI Services, when the Customer uses the Microsoft 365 Copilot, the Customer Data storage commitments applicable to Office 365 Services in the section of the Product Terms Privacy & Security Terms entitled Location of Customer Data at Rest for Core Online Services remain in effect.

This seemingly is in line with what Microsoft has stated previously: “Microsoft 365 Copilot doesn’t change existing data processing and residency commitments that are applicable to Microsoft 365 tenants. Microsoft 365 Copilot calls to the LLM (large language model) are routed to the closest data centers in the region, but also can call into other regions where capacity is available during high utilization periods. For European Union (EU) users, we have additional safeguards to comply with the EU Data Boundary. EU traffic stays within the EU Data Boundary while worldwide traffic can be sent to the EU and other countries or regions for LLM processing.”

This policy is different from the one associated with Bing Enterprise Chat, which uses global data center for processing and, according to Microsoft, “may process data in the United States. Optional, Bing-backed connected experiences don’t fall under Microsoft’s EU Data Boundary (EUDB) commitment.”

Microsoft plans to provide more information about M365 Copilot, including how enterprises should prepare for adoption; ways to customize it with line-of-business plug-ins and more, during its Ignite conference in mid-November.

Related Resources

Microsoft guidance on how to prepare for M365 Copilot

General M365 Copilot information on Microsoft Learn

Microsoft Copilot Adoption Center

Microsoft 365 Copilot architecture

November 2023 Product Terms: M365 Copilot added

M365 Copilot and the EU Data Boundary

Microsoft is updating its OneDrive for Business service with user-interface tweaks, support for a Copilot AI assistant, and IT pro admin tools. Microsoft’s goal with this update is to make it easier for customers to access the files they’ve created, as well as files shared with them, Microsoft officials said.

Microsoft announced most of the next-generation OneDrive UI updates back in early May, but business customers are just starting to see them now (at least in OneDrive for Business) in early October. Copilot support for OneDrive is slated for December, and other new features for file access and creation are “coming soon,” officials said on October 3.

A new OneDrive home experience for OneDrive for Web; Meeting View; People View; Shared View and simplified sharing are available to commercial customers now. The ability to open any file in the appropriate Office desktop app; an updated OneDrive Files app in Teams; and a OneDrive app for Outlook for Windows and Outlook for the Web are all slated for December 2023.

Support for offline file access and sync via Files On-Demand for Web and offline mode are both early 2024 deliverables, according to the company.

Copilots scheduled to land later this year

Officials said this week that those with a Microsoft 365 Copilot license (which costs $30 per user per month on top of certain Microsoft 365 business plans) will be able to use Copilot to manage files in OneDrive and SharePoint. Support for Copilot in OneDrive is slated for December 2023. According to the Microsoft 365 Roadmap, the Copilot for SharePoint rollout will begin in November 2023. (Microsoft 365 Copilot is going to be generally available for purchase on November 1, 2023, Microsoft officials said.)

Initially, Copilot functionality in OneDrive will be limited. But Microsoft officials said in the future, Copilot in OneDrive could handle tasks, like showing users all relevant files, suggesting that they get added to a new folder, recommending possibly related files, generating summaries to include with shared links, etc.

“Copilot for OneDrive appears to be a natural language version of existing search capabilities. Customers will have to decide whether it’s worth licensing their entire estate for Microsoft 365 Copilot to get these capabilities,” said Directions on Microsoft analyst Joshua Trupin.

Microsoft officials highlighted OneDrive management tools that are part of the SharePoint Advanced Management (SAM) add-on for security and governance. These tools will be able to fine-tune conditional access policies; blocking people from accessing shared files by limiting group access; moving OneDrive accounts across tenants and more.

SAM is a part of Microsoft SharePoint Syntex content processing and management product. To use SAM, customers must have a license for each user in their organization. (It’s not required for guests.) Users must also be licensed for SharePoint K, P1, or P2 via standalone or a Microsoft 365 suite.

“Microsoft’s planned set of administrative features could help secure content, but will involve several controls and a learning curve,” Trupin noted.

Related Resources

October 2023: Unveiling the Next Generation of OneDrive

May 2023: Microsoft announces plans for the ‘New OneDrive’

Microsoft outlines plans to refresh SharePoint’s UX and add Copilot AI capabilities

We’re kicking off a new feature on our blog that we’re calling “Answer This.” We’ll be posting some of the many customer questions about Microsoft enterprise technology and licensing that we receive here at Directions on Microsoft, along with our analysts’ answers. If you want a chance to have one of your enterprise questions answered, fill out this form and we might tackle your query next.

Our first installment is timely, as it focuses on the Extended Security Updates (ESUs) that Microsoft is making available to Windows Server 2012 and 2012 R2 customers that will provide them with important security updates even after the October 10, 2023, end-of-support date for those products.

Customer Question

Can legacy virtual machines (VMs) running in on-premises Windows Server version 2012/R2 — regardless of the underlying Windows Server licensing — be licensed individually with extended security updates (ESUs)?

Back Story

Windows Server 2012/R2 leaves extended support on October 10. For on-premises scenarios, customers must purchase security patches in the form of ESU core licenses. The open question is “how many ESU core licenses do I need?” The answer: It depends… based on which Microsoft source you consult and how you interpret it.

In October 2022, Microsoft changed Windows Server licensing rules. Prior to that date customers needed to cover all the physical cores in a server (typically via Windows Server Datacenter core licenses). Starting October 2022, customers could instead use an alternative “license-by-VM” option (typically using Standard edition core licenses). That means customers have two options for allocating Windows Server core licenses.

Up until October 2022, Microsoft’s official ESU licensing rule was that if a customer ran ESU-patched workloads on a server, they had to purchase the same number (and edition) of ESU core licenses as they did for Windows Server core licenses for that physical server. At that time, Microsoft didn’t bother to amend its policy to clarify whether changes to the underlying Windows Server licensing had any effect on ESU licensing (since the then-active ESUs for Windows Server 2008/2008 R2 were on their way out and were already prepaid by customers).

It wasn’t until recently that ESU licensing rules resurfaced as an issue. On Oct. 10, 2023, Windows Server 2012 and 2012 R2 are exiting support and ESUs become available for purchase. Many organizations are curious if — since they can choose between two Windows Server core license allocation options — can they also choose between parallel ESU options? Or is it the case that they must only use the option chosen for Windows Server as the one they use for ESUs?

Why is this question material? In certain cases, an inability to mix options makes a monumental difference in ESU licensing costs. Customer datacenters commonly comprise Windows Servers clustered together allowing the VMs to move across servers for load balancing. Each physical core in the cluster is licensed with Windows Server Datacenter. Having to purchase an ESU Datacenter license for each physical core in the cluster can be 50 or more times as expensive as licensing the small set of Windows Server 2012/2012 R2-based VMs requiring ESUs using the license-by-VM option.

There’s another problem: Microsoft’s own documentation around this is ambiguous. In some places, the company indicates that customers can mix and match when licensing ESUs (although possibly only when registering their servers with Azure Arc and paying a monthly fee, rather than the traditional ESU annual fee).

From a September 2023 Microsoft blog post marking general availability of the Windows Server 2012/R2 ESUs: “Customers can mix and match Standard and Datacenter licensing, and virtual core and physical core models, eliminating the need to match SKUs with their underlying host.”

Don’t Forget

Whether mixing options or not, ESUs are extremely expensive — basically the equivalent of buying the full Windows Server license all over again for each of the three years of ESU coverage. Further, ESUs are cumulative, meaning you must buy all preceding years (if you buy in year 2 you must also buy year 1, if you buy in year 3, you must buy years 1 and 2).

Customers could try to reconfigure their IT setups on-premises and reallocate licenses to try to save money when matching their physical licensing with ESUs. But that process is going to take significant IT resources, exactly what customers running legacy workloads want to avoid.

Customers who agree to migrate their VMs to Azure can get ESUs at no cost. However, moving from on-prem to Azure also soaks up IT resources and may be impractical for various reasons. And with the end-of-support timebomb looming, the Azure option may not be feasible in a timely manner.

Customers who connect their VMs to Azure Arc and subscribe to monthly ESUs do have flexibility. When purchasing and provisioning a set of ESU core licenses, the Azure Arc interface requires the IT administrator to specify either the license-by-physical-host or license-by-VM options. However, the interface has no way to know whether the underlying Windows Server core licensing matches.

Microsoft Says

We asked Microsoft for clarification on the ambiguity of its documentation. We also asked whether there are specific cases where customers can mix their licensing options when it comes to ESUs for Windows Server 2012/2012 R2 and for SQL Server 2012. We received a response we didn’t find to be overly enlightening.

What was far more helpful is the seemingly freshly updated FAQ to which Microsoft pointed us:

Directions’ takeaways from the FAQ

Monthly (Azure Arc) and annual ESUs are available via EA and CSP

For Windows Server

For SQL Server

Our Recommendations

We still hope that Microsoft may, at some point, modify its licensing rule by allowing the individual VMs that require ESUs to be licensed regardless of how the underlying Windows Server is licensed.

If that doesn’t happen, customers will need to decide if they are willing to go the Azure Arc route for their ESUs for VMs. If they are not, organizations must evaluate whether they’ve got the funds and time to try to migrate VMs running Windows Server 2012/R2 to Azure or to reallocate their on-premises workloads to make purchasing ESUs for VMs more affordable.

The good news is that VMs eligible for disaster recovery, Visual Studio and dev/test benefits can receive ESUs at no additional cost.

Related Resources

Microsoft adds another way to get Windows Server 2012 and 2012 R2 Extended Security Updates

Microsoft’s Extended Security Updates Frequently Asked Questions

Generally Available: Windows Server 2012 and 2012 R2 Extended Security Updates enabled by Azure Arc

Extended Security Updates for Windows Server (Directions members only)

Submit your own enterprise tech/licensing question to Directions on Microsoft here

Timed with the HLTH 2023 conference this week, Microsoft is taking the wraps off some of its coming healthcare-focused AI and data offerings. The company’s Fabric unified analytics platform, announced in May, is at the heart of a number of these offerings.

Microsoft officials said they are working on industry-specific data solutions in Fabric, and the healthcare data solutions — now available in preview — are the first of these.

Microsoft says these solutions will help customers avoid having to try to integrate the currently disconnected set of health data sources, including text, images and video. Sources like electronic health records, Picture Archiving and Communications Systems (PACS), lab systems, claims systems and medical devices, which support structured, unstructured, imaging and medical device data, can all be stored using open data standards in Fabric’s OneLake. These new healthcare solutions will be part of Microsoft’s Cloud for Healthcare bundle.

“Fabric has lots of interesting analytics and productive capabilities, but customers should tread lightly, because most the features in preview and some components (especially Fabric security) is still under construction and won’t be generally available until the middle of next year,” cautioned Directions on Microsoft analyst Andrew Snodgrass.

Nonetheless, today’s announcements show that “Microsoft’s next big push, after AI and Copilot calm down, is pushing customers to Fabric,” Snodgrass noted.

New Azure AI additions

As part of its HLTH 2023 announcements today, Microsoft announced new models for its Azure Cognitive Service API called Azure AI Health Insights (formerly Project Health Insights). Three new models are now in preview, including patient timeline; clinical report simplification; and radiology insights. There’s also a new preview capability in the Azure AI Health Bot that uses answers from a healthcare organization’s own content sources plus publicly available sources to customize and connect to existing healthcare organization’s workflows.

Microsoft also is continuing to build on technologies it acquired via its Nuance Communications in 2022. In late September, Microsoft announced general availability of the Dragon Ambient eXperience (DAX) Copilot (the product formerly known as DAX Express, and not to be confused with Power BI’s DAX). One of Microsoft’s growing family of Copilot AI assistants, the DAX Copilot uses voice and generative AI to help physicians more quickly and easily create medical documentation.

Microsoft isn’t the only one of the big enterprise cloud companies to be focused on applying AI and data resources to healthcare workloads. On October 9, Google announced plans for new AI-powered search capabilities aimed at pulling clinical information from different types of medical records. The new features will be for health and life sciences organizations using Google’s vertex AI Search platform. And AWS and AWS customer Medisafe announced on October 5 plans to collaborate on AI-powered medication-management built with AWS’ Bedrock AI platform.

Related Resources

Microsoft introduces new data and AI solutions for healthcare organizations

Microsoft Fabric Components: A technical overview (Directions members only)

Microsoft Cloud for Healthcare explainer (Directions members only)

Azure AI Health Insights

DAX Copilot’s debut

Even though only a subset of the many different Microsoft Copilot AI assistants are available to its commercial customers, Microsoft is trying to get ahead of some of the potential roadblocks facing customers adopting this new AI technology. The company went public one of its strategic weapons, its new Copilot Copyright Commitment, on September 7.

The Copilot Copyright Commitment builds on Microsoft’s IP indemnification coverage, company officials said, to include copyright claims connected to the use of its Copilots, including those for GitHub, Dynamics 365, Power Platform, Windows, Microsoft 365, Power BI, and its commercial Security suite of products, plus the related Bing Chat Enterprise assistant. Microsoft officials said this commitment includes the output these Copilots generate.

“Some customers are concerned about the risk of IP infringement claims if they use the output produced by generative AI. This is understandable, given recent public inquiries by authors and artists regarding how their own work is being used in conjunction with AI models and services,” Microsoft officials acknowledged in a blog post outlining the copyright commitment.

“As customers ask whether they can use Microsoft’s Copilot services and the output they generate without worrying about copyright claims, we are providing a straightforward answer: yes, you can, and if you are challenged on copyright grounds, we will assume responsibility for the potential legal risks involved,” the blog post added.

That means if a third party sues a commercial customer for infringing their copyright by using the various Microsoft business-focused Copilots or Bing Chat Enterprise, Microsoft will pay any legal damages.

Last year, Microsoft was hit with a class-action lawsuit over GitHub Copilot’s alleged code-scraping violations. And a number of authors and entertainers have sued OpenAI, Meta and others for allegedly using copyrighted material to train their AI language models.

Not so fast…

“But are these commitments outlined in a blog post enforceable before they are incorporated into the terms of service and other contractual agreements between Microsoft and its customers?” asked Directions on Microsoftanalyst Michael Cherry.

Microsoft’s latest changes to its service agreement, published in June 2023 and effective on September 30, include a section on “AI services to set out certain restrictions, use of Your Content and requirements associated with the use of the AI services,” but these terms were published prior to the announcement of the copyright indemnification.

Cherry also noted that a clause in Microsoft’s new commitment may act like a “Get Out of Jail Free” card for Microsoft. Microsoft officials said, “customers must use the content filters and other safety systems built into the product and must not attempt to generate infringing materials, including not providing input to a Copilot service that the customer does not have appropriate rights to use.”

Cherry explained: “Many times a person will not understand they don’t have a right to use some content—particularly under exceptions to copyright which are hard to interpret such as the concept of ‘fair use,’ of a small amount of material.”

In short, “copyright is hard,” Cherry said. That said, this new commitment by Microsoft “is likely enough to assuage most customer concerns. Customers simply may assume ‘we are indemnified; we can go ahead and use Copilot as much as we want,'” he added.

So many Copilots, so few generally available

Microsoft still has not rolled out all the Copilots it has announced and demonstrated and has not provided general-availability target dates, either.

The Microsoft 365 Copilot, which is slated to add assistive natural-language capabilities to Word, Excel, PowerPoint, and other Office apps, is still only in testing with 600 companies which are paying roughly $500 per user per year to test-drive the product. (That $500 number is based on information provided by some Microsoft customers during the various Ask Me Anything M365 Copilot sessions that Microsoft has held during the summer). Microsoft officials have said Microsoft 365 Copilot will cost $360 per user per year once it is generally available.

Microsoft’s Copilots for SharePoint and OneDrive don’t yet exist, as far as we know, although maybe there will be news on this front on October 3, given Microsoft’s tease for some major OneDrive AI-related news. And the Security Copilot that Microsoft announced in March is still only in very limited testing with roughly 20 customers. That preview program should expand substantially this fall, Microsoft officials have said.

Related Resources

Microsoft announces new Copilot Copyright Commitment for customers

The latest changes to the Microsoft Services Agreement, effective Sept. 30, 2023

Podcast: Generative AI – Where Customers Need to Look Before They Leap

Microsoft 365 Copilot and Bing Chat Enterprise pricing revealed

How Dynamics 365 CRM Is Adopting Copilot (Directions members only)

Microsoft, OpenAI still fighting Github Copilot copyright lawsuit

Directions on Microsoft analysts often use the phrase “batteries not included” to refer to features and functionality that one would assume to be in an E3 or E5 subscription bundle, but which instead are sold separately. The Directions analysts have noticed that in recent months, Microsoft is making more and more services available as add-ons rather than including them in existing bundles — which means customers’ overall subscription bills are going even higher.

Directions analyst Wes Miller’s theory is we’re approaching the day when Microsoft will introduce a new, high-end bundle which will include a number of these add-in services. If Microsoft sticks with its established naming convention, such a bundle could be called E7.

E7 could roll up all the features of E5, plus at least some add-ins, such as Entra ID Governance; Intune Plan 2 and Intune Suite and/or Microsoft Defender Vulnerability Management, suggested Miller.

These add-on services are not cheap, especially when purchased by customers who need hundreds or thousands of seats. Entra ID Governance, which is an add-on to either Entra ID (the service formerly known as Azure Active Directory) P2 or Entra ID P1. It costs $4 per user per month when added to Entra ID P2 and $7 per user per month when added to Entra ID P1. Defender Vulnerability Management costs $2 per user per month on top of Microsoft Defender Endpoint P2 or $3 per user per month when licensed alone to use with a third-party endpoint detection and response product.

Teams Premium is another add-on bundle Microsoft introduced this year. Teams Premium, which costs $10 per user per month on top of an existing commercial Teams subscription, includes several features which Microsoft had announced previously as being included in the current paid Teams offering for no additional charge.

Microsoft also could opt to fold its still-in-preview Microsoft 365 Copilot AI assistant technology into some kind of new bundle. Microsoft officials have said Microsoft 365 Copilot, whenever it goes GA, will cost $30 per user per month. (It currently is available to a small group of invited preview customers for a rumored $50 per user per month.) Microsoft officials haven’t said whether they’ll make volume discounted pricing available for M365 Copilot, but they could also/instead go with a subscription bundle of services that includes M365 Copilot.

The Counter Argument to an Imminent E7

Microsoft officials have not hinted or mentioned publicly anywhere I’ve seen that a new E7 SKU is waiting in the wings. In fact, its sales emphasis seems to be on driving more customers to go with E5, which costs $57 per user per month. Microsoft used its M365/O365 price hike for E3 earlier this year as a way to try to convince more customers to go with E5 (which didn’t get a price increase above the $57 rate).

Microsoft hasn’t revealed a recent number around what percent of its customer base is on E5. But in July 2022, Microsoft officials said the E5 SKU of Microsoft 365/Office 365 accounted for 12% of the commercial installed base. In 2021, that number was 8%. I’d assume Microsoft would try to grow the E5 percentage before introducing an even pricer E7, or possibly add some of the newer, separate add-ins to the existing E5 and up the price for E5 in the process.

Directions analyst Rob Helm said he didn’t expect Microsoft to roll out a new high-end M365 bundle until one of its competitors introduced something similar which would force Microsoft’s hand.

“The key signal to bundle is hearing footsteps from a more focused competitor like Slack,” Helm said. “Bundling made Teams ‘free’ for Microsoft 365 customers to head Slack off.”

“But without that competition, it can make sense to keep a focused product separate and maximize its own revenue. Look at Visio, which never got bundled until Web-based competitors started to look troublesome.”

Whether Microsoft rolls out a new subscription bundle in the naming of helping customers “do less with more,” or sticks with its current add-in launch madness, customers said they need some relief. The additional cost of services they assumed would be included in a premium SKU like E5 is causing their budgets to grow at an alarming rate.

Related Resources

Services Increasingly Expanding Beyond Microsoft 365 Suites (Directions members only)

Podcast: Fourteen Years of Microsoft Licensing Rule Changes – Looking Back and Forward

Microsoft concedes that some existing Teams features will become part of pricier Premium edition

July 2022: Microsoft says O365/M365 E5 is just 12 percent of its commercial installed base

Microsoft officials announced at an event in New York City on September 21 that the company will make the Microsoft 365 Copilot AI assistant technology available for purchase by enterprises for $30 per user per month starting November 1. Microsoft 365 Copilot has been in a paid private test with 600 companies since June. There will be not be another beta or preview program before the product hits general availability, officials said.

Microsoft officials also announced the rebranding of some but not all of its various other Copilots that have been announced over the past year. The AI assistants in Windows, Edge and Bing will all simply be called “Microsoft Copilots,” going forward. But Microsoft 365 Copilot, the Dynamics 365 Copilots, Power BI Copilot, and GitHub Copilot will not be renamed to Microsoft Copilot. Even though all of these Copilots from Microsoft use the same underlying architecture, they are built using different reasoning and data and are designed for different purposes.

In other rebranding news, Microsoft officials also said the cross-Office-app AI assistant technology that is built into Microsoft 365 Copilot is being renamed to “Microsoft 365 Chat” instead of “Business Chat.” Microsoft 365 Chat is not a separate product. It is built into the base Microsoft 365 Copilot assistant.

Don’t forget the Microsoft 365 prerequisites

Microsoft 365 Copilot, which Microsoft announced in March 2023, is meant to work with Word, Excel, PowerPoint, Teams, the new Outlook for Windows (“Monarch”), Loop, OneNote and OneDrive. It will be available for purchase by customers running Microsoft 365 E3, E5, Business Standard and Business Premium. Microsoft 365 Copilot will not be available to customers running Office 365 E3 or E5; a move to Microsoft 365 is required as the price for entry, in addition to the $30 per user per month charge for the Copilot itself. There’s no word when or if Microsoft will provide volume discounts for Microsoft 365 Copilot.

Microsoft has cautioned customers that they need to make sure they have secured any sensitive corporate data in a way that won’t enable leaks of private company information once Microsoft 365 Copilot is implemented. This is no trivial task. Properly secured data means ensuring all users and the security groups are configured for minimal access and all data, especially sensitive data, has access controls defined. Copilots’ ability to access data stores is extensive.

I had heard from some who had seen the private preview of Microsoft 365 Copilot that neither Excel nor PowerPoint were working well (if at all). But a Microsoft official said today that the company had gotten Copilot in Excel and PowerPoint to a more stable, working place within the past two weeks. A number of testers seem to think that the Copilot capabilities in Teams, especially the ability to summarize happenings in meetings, could be the killer application of the Microsoft 365 Copilot technology.

Microsoft execs said this week that they have started privately testing Microsoft 365 Copilot with select consumers and small-business users. The consumer version of Microsoft 365 Copilot is not expected to be available until sometime in 2024. Microsoft officials have not discussed publicly how much the company will charge for Microsoft 365 Copilot for consumers and small businesses.

Copilot for Windows preview arrives soon for Windows 11 users

A preview of Microsoft Copilot for Windows will be available as of September 26 as part of a Windows 11 22H2 Update and will be part of Windows 11 23H2 when it starts rolling out in October 2023. Microsoft execs also said today that previews of Copilots for Paint (called CoCreator, for some reason), Photos, Snipping Tool, and the Shopping feature that is built into Bing and Edge also are coming soon. The Copilot for Windows feature will be on by default, but admins will be able to turn off access using Intune policies or Group Policy.

Copilot isn’t the only feature that will be part of the September 26 Update non-security feature update for Windows 11 22H2. Organizations also will get more passwordless security options. Specifically, they will be able to set a policy that enforces usage of phish-resistant credentials on Entra-joined devices. They also will get support for passkeys that are powered by Windows Hello for Business, giving them passwordless sign-in capabilities like face, fingerprint and/or PIN support on websites that support those features. And two new Windows 365 features will be part of the update, too: Windows 365 Boot and Windows 365 Switch.

Microsoft is expected to start rolling out the Windows 11 23H2 update in October, most likely on Patch Tuesday, October 10, and via the usual staggered release approach.

Related Resources

Announcing Windows 365 Copilot general availability

Microsoft: How to get ready for Microsoft 365 Copilot

Microsoft’s Copilot rebranding across its ‘most used’ consumer apps

How Microsoft is bringing Copilots to Microsoft 365 (Directions members only)

The next Windows 11 ‘moment’ update will feature Copilot (in preview) and more

On October 5, Microsoft is making a new virtual events experience known as Town Halls available in Teams for commercial customers. Teams Town Hall is replacing Teams Live Events, which will be discontinued fully by September 30, 2024.

Microsoft made the announcement about Town Hall replacing Live Events just a few days ago, on September 28, via a blog post. However, as Directions on Microsoft analyst Jim Gaynor noted in February this year, Microsoft already was moving away from hosting Live Events in Stream and Yammer in favor of Teams.

The move to Town Hall makes sense, Gaynor said. “Live Events were a Stream thing, Stream is no longer a service but a feature, and Live Events were already moving to Teams.”

Live Events are video broadcasts designed for simulcasting events like keynotes, announcements or all-hands addresses. They enable streaming of audio and video to audiences of up to 20,000 attendees (up to 100,000 when customers use Microsoft’s Live Events Assistance program).

Live Events were able to accommodate bigger audiences than Teams meetings and webinars, especially in the early days of Teams when meetings were limited to as few as 150 people, but this was accomplished by streaming the event video with interaction limited to text-based Q&A. Teams meetings are now able to accommodate up to 10,000 attendees. The Azure Media Services that support Live Events are being retired for customers in June 2024, squeezing Live Events out of the picture.

Some Town Halls features require Teams Premium

Town Halls in Teams are designed to host and deliver large-scale internal and external events. They feature advanced production capabilities and more attendee-engagement options. Town Halls in Office and Microsoft 365 will host up to 10,000 attendees (and up to 20,000 if an organization is using the $10 per user per month Teams Premium option). Events can last up to 30 hours and organizations can run up to 15 simultaneously hosted events across a tenant (and up to 50 concurrent events if using Teams Premium).

Town Halls supports RTMP-in and external encoders, enabling organizations to live-stream a custom RTMP source – similar to the current “Teams Encoder” capability in Teams Live Events. Using RTMP-out, customers can stream events out to a custom app or different endpoint outside Teams, allowing events to be viewed on LinkedIn, Twitter/X, Meta Workplace and more.

As of launch this week, Town Halls will not have full feature parity with Teams Live Events, specifically around event roles, external presenter support, DVR support and Viva Engage integration. Some of this missing functionality should be available in the coming months.

This shift from Live Events to Town Halls feels rather sudden. Just a month ago, Microsoft was extolling the capabilities of Teams Live Events in a blog post focused on using Live Events to stream virtual events, playing up its functionality vs. Teams Meetings and Webinars. However, Microsoft’s ambitions to build up a digital-events business and presence have been building since the COVID-19 pandemic began in 2020. Town Halls may be just another step in that direction.

Related Resources

Introducing Town Halls in Microsoft Teams

Live Events Leave Stream, Focus on Teams Broadcasting (Directions members only)

Microsoft blog post: 20 Tips for using Teams Live Events to deliver your virtual event

Microsoft overview of meetings, webinars, and live events (as of Oct. 3, hasn’t been updated for Town Halls)

Azure Media Services Retiring in June 2024 (Directions members only)

Windows Server 2012 and 2012 R2 will no longer be supported after October 10, 2023. This means organizations still using these server editions won’t be eligible for security updates after that date — unless they acquire Extended Security Updates (ESUs).

ESUs provide up to three years of security updates rated “critical” or “important” by Microsoft. Until recently, customers had two options to buy ESUs for Windows Server 2012 and 2012 R2: Maintain Software Assurance (SA) and pay for each year of coverage or move their Windows Server 2012/2012 R2 workloads to Azure to get ESUs for no additional cost (beyond the costs associated with Azure).

Customers who want to run Windows Server 2012/2012 R2 on premises and in hosted environments are charged 100 percent of the full license price annually for each of the three years in addition to SA, which is a change from Windows Server 2008/2008 R2 which was 75%, 100%, and 125% for years one, two and three respectively. Customers interested in the Azure option can opt to use Azure VMs, Azure Dedicated Host, Azure VMware Solution or Azure Stack HCI.

In July, Microsoft added another option to get ESUs for Windows Server 2012 and 2012 R2. By enrolling their servers in Azure Arc, organizations can buy and activate their ESUs via the Azure portal and pay monthly rather than annually, if they choose. They also can manage the enrollment of ESUs in the Azure portal and forego keys to activate them.

A couple of caveats worth noting: This new Arc option requires customers to have Enterprise Agreements and active SA and is not available via the CSP program. Customers should also make sure that the ESU core licenses required match how the underlying Windows Server is licensed (in terms of physical cores or virtual cores).

Microsoft is advising customers to onboard their Windows Servers to Arc by September 2023 to be ready for the end-of-support date.

SQL Server 2012: Arc to the ESU Rescue

It’s not just Windows Server 2012/2012 R2 customers who have the option to get ESUs by going the Azure Arc route. SQL Server 2012 exited support on July 12, 2022. In July this year, Microsoft announced it would allow users still holding onto this version to purchase ESUs for year 2 onwards. The SQL Server 2012 ESUs are only available for download through Azure Arc, but connecting the SQL Server instance to Azure is not required.

With ESUs for Windows Server and SQL Server, Microsoft continues to add more reasons to use Azure Arc, and customers could find it increasingly difficult to avoid the Azure-connected service in the years to come.

Update (September 11): It looks like Microsoft has been making some quiet changes to its policies around how organizations can get ESUs. A spokesperson sent me this statement today when I asked whether Enterprise Agreement customers can still buy ESUs without going the Azure Arc route.

“Extended Security Updates enabled by Azure Arc is a new, primary offering we recommend for most customers. While the traditional, licensing ESU is no longer listed on the EA Price List, it is still available for sale directly through Microsoft for EA customers. Additionally, the licensing ESU will be made available via CSP, starting October 1, 2023, and the ESU enabled by Azure Arc has been available via CSP since September 1, 2023. The licensing ESU is recommended only for customers with workloads that need to be completely air-gapped or cannot connect to Azure Arc.”

Related Resources

New options for Extended Security Updates enabled by Azure Arc

Microsoft: Plan your Windows Server and SQL Server end of support

Windows Server 2012 and 2012 R2 ESUs available for purchase (Directions members only)

SQL Server ESUs Require Azure Arc, Not Azure Connection (Directions members only)

Extended Security Updates Depend on Hosting Platform (Directions members only)

Starting October 1, Microsoft will make available cheaper versions of its Microsoft 365 and Office 365 suites that do not include Teams as part of the bundle to customers in the European Economic Area (EEA) and Switzerland. Microsoft is doing this in the hopes of appeasing the European Commission, which is investigating the effects of Microsoft bundling Teams with Microsoft 365 and Office 365, based on a complaint filed by Slack in 2020.

Microsoft officials said they believe these changes will address two of the European Commission’s concerns: That customers should be able to choose a business suite without Teams for less than if Teams were included; and that Microsoft needs to do more to make interoperability easier between rival communication and collaboration solutions and Microsoft 365 and Office 365 suites.

Microsoft announced its updated pricing for the Teams-free suites on August 31. These Teams-free versions are available for purchase by customers with enrollments in EEA countries and Switzerland; from the EEA/Switzerland pricelists; and/or for deployment on EEA/Switzerland tenants out of datacenters in those geographic areas.

The Teams-free versions of Microsoft 365 and Office 365 will cost two euros less per month (24 euros less per year) for its core enterprise customers. Teams still will be available for new enterprise customers to buy standalone at 5 euros per month/60 euros per year.

Existing enterprise customers who already have a suite with Teams included can opt to stay with the version with Teams included or move to a Teams-free option. New commercial customers of M365/Office 365 business suites who still want Teams will need to purchase two SKUs: A version without Teams bundled along with a separate Teams EEA SKU. New small/mid-size business (SMB) customers in the EEA and Switzerland will have the option to buy the existing M365 Business Basic, Standard and Premium suites with Teams or the new EEA versions without Teams.

An updated price list for the various versions of Office 365, Microsoft 365 and the frontline suites is here. Education and consumer customers are not affected by these new policy/pricing changes, according to Microsoft’s Frequently Asked Questions (FAQ) guide.

Will Office Customers Bite?

“This is sure to be as relevant in time as the Windows N and K editions,” said Directions on Microsoft analyst Wes Miller. “It’s a pure regulatory appeasement move, although you might save a few bucks as a customer if you somehow don’t need Teams for your European employees.”

Windows N and K(N), for those needing a Microsoft history refresher, are the versions of Windows sold to European and South Korean customers which did not include certain bundled programs, including Messenger, Windows Media Player, Video, Voice Recorder and Skype. They were created to appease European antitrust regulators in 2004, and were not popular, to put it mildly.

Microsoft also will enable Windows 11 customers in the EEA to use their default browser to open links in Outlook and Teams chats. Currently, web links in Outlook and Teams chats open by default in Edge regardless of the default browser setting in the client OS. Microsoft is making this change because of requirements in the EU enforced by the Digital Services Act and the Digital Markets Act. Customers outside of these geographies will continue to have their links in Outlook and Teams redirected by Microsoft to open in Edge.

Related Resources

Microsoft announces changes to Microsoft 365 and Office 365 to address European competition concerns

New Teams-free M365/Office 365 price list

Microsoft bends to European regulators on browser links 

As Microsoft continues to roll out more add-ons for its Microsoft 365 suites, the complexity of its product-licensing and support matrices continue to grow. The result? Microsoft needs to come up with new ways to try to guide its customers to the appropriate licensing documentation.

On the first of September, as the company does each month, Microsoft rolled out the latest set of new product licensing terms for its enterprise customers. The September terms didn’t include much new of significance. The company did, however, add a new section worth noting to its Product Terms site.

Microsoft Security Portfolio Product Terms mapping section, found under (and tacked onto) “Other Legal Terms” section of the Product Terms site. This new section groups Microsoft’s growing number of security and compliance product offerings by Microsoft’s brand families; Defender, Entra, Intune, Priva, and Purview, plus the E5, F5, and G5 Microsoft 365 suites. The applicable terms for the nearly 50 individual products listed are hot-linked within the chart.

Microsoft links quite a few of the listed security products and services into the sprawling “Azure” service terms bucket. And even in cases where products like Defender for IoT actually do have their own, distinct Product Terms entry, the chart still confusingly advises customers to look through the Azure section for the applicable terms.

At best, a ‘partial patch’

“I suspect Microsoft must have been getting beaten up regarding ‘where can I find the licensing terms for XYZ,’ especially for the ‘batteries not included’ stuff,” said Directions on Microsoft analyst Rob Horwitz. However, “the huge ‘Microsoft Azure” section has become a dumping ground, including for terms related to ‘batteries not included’ stuff for M365.”

In Directions on Microsoft parlance, “batteries not included’ refers to add-ons that one might assume would be included in a Microsoft E3, E5 or other licensing plan, but instead are available as separate paid add-ons. The not-included features are like the missing batteries in an appliance or toy; often discovered too late and resulting in some angry customers (and maybe even bawling children — or licensing managers).

The new Security Portfolio Product Terms mapping chart isn’t really a fix, Horwitz notes. “At best, it’s a partial patch.”

In other September product terms news, there are a couple of product name changes of potential interest.

Microsoft has rebranded the product formerly known as “Microsoft Viva Sales” to “Microsoft Sales Copilot.” Viva Sales/Sales Copilot provides Outlook and Teams add-in applications that help users add and update Dynamics 365 data without accessing Dynamics 365 separately or copying data manually.

Microsoft also has made changes to the Dynamics 365 services line-up by switching up what constitutes “Dynamics 365 Customer Insights.” The existing Customer Insights customer data capabilities are being relabeled “Customer Insights—Data,” while the real-time marketing capabilities (previously known as Dynamics 365 Marketing) now are called “Customer Insights—Journeys.”

Related Resources

Microsoft Product Terms main site

Microsoft Product Terms RSS feed

Microsoft Security portfolio Product Terms mapping

How Dynamics 365 CRM is Adopting Copilot (Directions members only)

Microsoft has been working on consolidating its Outlook mail and calendar client apps for Windows since at least 2021. The planned replacement, which was formerly codenamed “Project Monarch,” looks a lot like the current Outlook web client for Windows. Despite years of development, the new unified Outlook is still missing some key features, including offline support, PST support and a way of handling legacy COM add-ins.

Despite this, Microsoft is forging ahead. In September, Microsoft will begin auto-migrating those using the Mail & Calendar app that is built into Windows to the new Outlook — with an option to go back if they choose. Given the incomplete/still-in-development state of the new Outlook, admins may understandably be leery. But Microsoft officials this week published a new YouTube video that outlines the long and detailed rollout process planned for the new Outlook, possibly as a way to try to appease organizations’ fears.

Microsoft officials said that while there is no exact cutover date for dropping the current Win32/classic Outlook client, the likely date is roughly two years out and will be determined by readiness of the product, as assessed by customers and Microsoft.

Microsoft officials publicly have committed to replacing the built-in Mail & Calendar app in Windows with the new Outlook by late 2024. But that isn’t the date when the standalone Win32/classic Outlook will be phased out, Microsoft execs said in the September 5 YouTube video.

Currently, the new Outlook preview is at the “production opt-in” stage. Sometime relatively soon, Microsoft will provide customers with a formal “notification of disruptive change” via the Microsoft 365 Message Center, tenant admin dashboards and other channels. After that, Microsoft will launch an “opt-out” beta, then an opt-out preview. One or more years after the opt-out preview, Microsoft will drop the classic Win32 version of Outlook for Windows.

COM add-ins support: A no go

Despite the existence of such a detailed and lengthy rollout plan, enterprise customers still could be queasy and with good reason, says Directions on Microsoft analyst Rob Helm

“Missing features and lack of backward compatibility (especially lack of COM object model APIs) is going to break tools and processes for handling e-mail on the user’s desktop,” Helm said. “To minimize enraged support calls, you have to predict which desktops will get the New Outlook, when. That means figuring out what update channel is being used by every Outlook client device in the firm, and then work out when the New Outlook arrives in that channel for you and your users.”

In terms of COM add-in support, Microsoft has drawn a line in the sand and decided they will not be supported by the new Outlook. Officials said these add-ins are often unstable and don’t work cross-platform. To try to appease customers who are dependent on tools and line-of-business apps that require legacy COM add-ins, Microsoft officials said they are “actively expanding” the capabilities of the web add-ins platform. They also said they will work directly with customers to figure out which add-ins are not supported. Microsoft officials maintain that most of the really great add-ins are not just COM-based and exist in other formats.

Microsoft officials said they are continuing to work through customers’ top priorities for features that are still missing from the new Outlook. Third-party account support (beyond Gmail, Outlook.com); offline access; PST/OFT/MSG/ICS file support; and the ability to search folders are all “in progress,” Microsoft execs said. And the ability to open files in native apps; custom folder ordering; profiles; sharing with native apps and custom formatting are all on the “planned” list.

Related Resources

Microsoft 365 YouTube channel video on the state of the new Outlook

Microsoft’s New Outlook for Windows preview site

Microsoft 365 Roadmap entries for the new Outlook

The August 1 Microsoft product licensing terms are out. And they include a small but noteworthy concession for organizations stung by Microsoft licensing changes dating back to 2019 which made running Microsoft software on certain non-Microsoft clouds more expensive.

By design, Microsoft’s 2019 changes around its bring-your-own-license (BYOL) terms made contracts more expensive for those interested in running Microsoft software on anything but Azure. Microsoft designated AWS, Google and Alibaba as “listed providers.” And customers who ran Windows, Office, SQL Server and other Microsoft software on those listed providers’ clouds would need to pay substantially more than they would if they ran those same applications and operating systems on Azure.

A number of customers didn’t realize the extent of the impact until their contracts with Microsoft were up for renewal. Once they did, some customers and partners took to legal channels, both in the EU and the U.S., to try to force Microsoft to level the playing field.

Microsoft announced, with much fanfare, its European Cloud Principles in 2022, which Microsoft officials said would provide customers and partners who wanted to run Microsoft software on certain non-Microsoft clouds, with some concessions. But again, customers who wanted to use AWS, Google and/or Alibaba were left out.

This year, in the U.S., the Federal Trade Commission has been soliciting public comments on the business practices of cloud computing providers which could impact competition and security. Google, various trade associations, and a number of customers and partners used the commenting opportunity to complain about Microsoft’s licensing changes.

On August 1, Microsoft made public, as it does on the first day of each month, a number of licensing changes. And whether prompted by the FTC commenting process or not, Microsoft made a concession to those running Office on AWS. The change:

“Beginning August 1, 2023, users with specific licenses may run Microsoft 365 Apps for enterprise/business, Microsoft Project, and Microsoft Visio on Amazon WorkSpaces. The licenses that will be eligible under this revised policy include Microsoft 365 E3/E5/A3/A5 and Microsoft 365 Business Premium. If you currently have any of these licenses, starting from August 1, you will be able to utilize these Microsoft applications on Amazon WorkSpaces virtual desktop infrastructure.”

Directions on Microsoft analyst Wes Miller said, “this gives customers a very premium way to run ‘Office’ on WorkSpaces, partially addressing some issues with Microsoft on AWS.”

However, it’s still a pricey solution, Miller noted.

“You’ll need a Microsoft 365 E3 or E5 subscription for every user accessing Microsoft 365 Apps for enterprise (Office) on WorkSpaces,” he explained. “Not Microsoft 365 licensed separately. Not Office 365 E3. You need Microsoft 365 E3+, even if you don’t need EMS (Enterprise Mobility and Security). And you still need VDA (Virtual Desktop Access) for your WorkSpaces users.”

In short, Microsoft is still offering far better terms with Azure Virtual Desktop (AVD) or Windows 365 than they do for AWS, Google or Alibaba, Miller said.

What Options Do Customers Have?

What can and should customers affected by the 2019 licensing changes do at this point? Miller said most customers failed to act between 2019 to 2022, which was when they had any chance to contractually fight these changes during their Enterprise Agreement renewals. Currently, organizations can stay and pay more; leave and go to a hosting provider that isn’t a “listed provider” (but which still is likely more expensive than going with Microsoft); or do what Microsoft is hoping and move to Azure.

“The reality is that if an organization is staying on AWS, GCP, or Alibaba, they should have a software asset management process in place for all of their Microsoft software in those three clouds, understand what the rules are today, be prepared to pay more to stay there, and have evidence to show Microsoft that they’re staying above board,” Miller advised.

Customers running Microsoft software on Microsoft’s biggest competitors’ clouds should anticipate costs will rise significantly through 2025, Miller said. They also should expect confusion over how to do what’s right, as fewer people understand how to navigate “the old way,” and auditors don’t know how to get it right.

“After October 2025, Office, in particular, will get harder to obtain, as SPLA (Service Provider License Agreement) rules tighten again,” Miller warned.

Related Resources

Microsoft’s 2019 outsourcing rules changes explained (Directions members only)

October 2022: Microsoft makes some outsourcing and hosting concessions

FTC Seeks Comment on Business Practices of Cloud Computing Providers that Could Impact Competition and Data Security

Publicly submitted comments responding to the FTC’s request

Microsoft Product Licensing Terms Changes for August 1, 2023

Microsoft 365 Apps OK for Amazon VDI (Directions members only)

As of the week of August 17, Microsoft will be making a new Edge browser mode the default version of Edge for some of its business customers. Those who sign into Edge using Azure Active Directory (now known as Microsoft Entra ID) will be moved automatically to this new mode, known as Microsoft Edge for Business. Edge for Business will provide a separation of syncing and browser history between Edge personal and Edge work sites — something which could bring privacy and possibly security benefits to organizations that rely on the Edge browser.

The Edge for Business mode, which has been available in preview for the past couple of months, will be part of Edge Stable Version 116 browser release, which is scheduled to begin rolling out the week of August 17. Additionally, the new Edge for Business mode will be coming to macOS and Linux; I asked Microsoft when this would happen but have not heard back. Officials also said the Edge for Business mode will be available on mobile devices at some point in the future.

Update (August 14): A spokesperson said Edge for Business also would come to Mac and Linux as of Edge Stable Version 116, the week of August 17. It also will be available on mobile the week of the 17th, but the updated icon, automatic switching, and management via the Edge management service in the Microsoft 365 admin center will be available for mobile “in the future,” the spokesperson clarified.

Customers will know they’ve been automatically transitioned to the Edge for Business mode because the updated Edge icon will include a briefcase in the lower left corner. (Individuals will be able to change the briefcase to their work profile picture in Edge settings, if they’d prefer to do so.) Edge for Business also will support company branding and customization.

Customers should not experience any disruption from the addition of Edge for Business, Microsoft officials claim. Edge for Business is not a new browser; it’s just a mode in Edge. It will maintain the policies, settings and configurations previously set by an organization, Microsoft said.

How the new Edge for Business mode will work

When using Edge for Business, organizations will have the option to set separate work and personal Edge profiles between which customers will be switched depending on the type of URL they are accessing. For this to work, customers need to have at least one Azure Active Directory/Entra profile and one Microsoft Account (MSA) profile, whether existing or new. Switching from the personal browser window to the work browser window will be on by default, with users having the option to turn the feature off. Switching from the work browser window to the personal browser window will be off by default with users having the option to turn it on. “In a future release,” the switch from work to personal will be on by default, officials said.

Currently, Microsoft has enabled Edge for Business to recognize whether some sites are “personal” or “work.” For example, a log into Microsoft 365 apps and services would trigger the work profile, while an Amazon or Target log-in would trigger the personal mode. Right now, there is no group policy for organizations who want to customize the work and personal URL lists. Customers can go to Edge settings and choose preferred browser for sites to be turned off or to select a preferred profile (work or personal) for an applicable site, however.

According to Microsoft, IT will maintain control over the security and compliance of both regular Edge and Edge for Business and will be able to control which features are available to users. Edge for Business will support both managed and unmanaged bring-your-own-PC devices.

Microsoft officials maintain that Edge for Business will benefit customers in terms of privacy and security. The new mode ensures a separation of syncing and browser history between work and personal sites by maintaining separate caches ans storage locations for the two types of sites users access. In terms of security, Microsoft’s argument for Edge for Business is it could help companies from having to support multiple browsers, which increases the surface area for cyberattacks. Allowing users to switch between different profiles within a single browser lessens the risk, Microsoft officials said.

A week after disclosing that a China-based hacking group (“Storm-0558”) infiltrated some individual and government Outlook email accounts for a month, Microsoft announced it will broaden access to security logs to include Microsoft 365 customers who are not paying for pricey premium security services.

“In the coming months,” Microsoft plans to broaden access to cloud security logs for no additional cost, according to a blog post the company published on July 19. While this transition happens, Microsoft is advising customers to use Microsoft Purview Audit in order to see more types of cloud log data.

Log data doesn’t prevent customers from getting hacked, but it does give them a way to try to proactively respond to issues. Some customers and company watchers believe log data should not be considered a premium feature, as it is fundamental to security. But Microsoft is not going as far as to make logging data free for all business customers.

Microsoft officials said they decided on the newly announced strategy “in close coordination with” government and commercial customers and the Cybersecurity and Infrastructure Security Agency.

The company is going to enable Purview Audit Standard customers to see detailed logs of e-mail access, along with more than 30 other types of log data that previously were only available to Purview Audit Premium subscribers. Microsoft also will increase the default retention period for Audit Standard customers from 90 days to 180 days.

Under the revised plan, Purview Audit Premium customers with E5/G5 licenses still will maintain more audit logging access. This includes the ability to use Audit log search in the Purview compliance portal and the Office 365 Management Activity programming interface; longer default retention periods; and automation support for importing log data into other analytics tools.

Restoring trust

“In some ways Microsoft finds itself back where it has a trustworthy computing problem,” said Directions on Microsoft analyst Michael Cherry. “Its latest actions surrounding an incident by a sophisticated bad actor raises serious doubts. Can Microsoft Azure and Office 365 customers count on these services being secure by design, secure by default, and secure by deployment, as well as providing fully transparent communications about any vulnerabilities and steps companies must take to mitigate exposure? If Microsoft partitions its security services and information to entice customers to pay more for better or for full security, then is the answer no—maybe they shouldn’t be trusted? Full access to logs, and the tools to spot problems in the myriad of log entries would be a good starting point to begin restoring some trust.”

In the case of the recent China e-mail hack, logging information that would have allowed detection of the incident was only available to those Microsoft 365 customers who purchased the premium E5 plan. Those running E3 were unable to see the required logging information.

As The Wall Street Journal noted, executives with the U.S. federal government, including the State Department and Commerce Department, were victims of the attack, leading some government officials to call for Microsoft to make cloud logs more widely available.

Update (September 11) On September 6, Microsoft posted more information about how the bad actor Storm-0558 acquired a Microsoft Account (MSA) consumer key to get enterprise access to business/government accounts. But its technical investigation findings are unlikely to ease business customers’ worries.

“Microsoft is telling customers that they should examine logs between April 2021 and June 2023 to make sure they weren’t sideswiped too. But only customers with M365 E5 and Advanced Audit and who had configured logs correctly before April 2021 (or had started sending them all out to Splunk or Sentinel back in 2021) would even have all those logs to peruse,” noted Directions on Microsoft analyst Wes Miller. “E3 customers wouldn’t even be able to look back before June at this point. E5 customers would be able to look back to September 2022. “

Related Resources

Expanding cloud logging to give customers deeper security visibility

Microsoft’s latest email hack: M365 E3 subscribers beware

CISA: When Tech Vendors Make Key Logging Info Available for Free, Everyone Wins

Not a day goes by when we don’t hear about a new AI-based innovation in the Microsoft ecosystem: Copilots for everything, Azure ML, Azure OpenAI, to name a few.

But…amid all the AI hype has Microsoft deprioritized the thing many of us depend on every day?

Now before I go on: I use Microsoft software every single day. I’ve used Microsoft OS’s since DOS 1.0. I love Office. Adore Visual Studio. And I worked for Microsoft for nearly 14 years. I’m not at all a Microsoft hater.

That said…

Your C: Drive is a Mess

Recently I wrote about my year-long travails in updating my beast of a desktop to Windows 11. (TL;DR – it’s a 12-core i9-based Alienware/Dell machine with 64GB of RAM, a 256GB C: drive, and somewhere in the neighborhood of 12TB of storage on other drives.)

The crux of the problem boiled down to this simple fact: over the three years of owning this machine, so much flotsam and jetsam had accumulated on the C: drive that there was literally insufficient room to install Windows 11. And that was after doing all the obvious housekeeping tasks like clearing out temp files, and some not so obvious stuff like moving Visual Studio to another drive, and so on.

Ultimately a friend recommended this wonderful little utility called Wiztree which graphically shows what’s taking up space on your drive.

Wow.

Some amazing discoveries include:

Now, you can turn off hibernation which will return the space (after a reboot). This finally allowed me to install Windows 11. But then the new version of Windows thoughtfully turned it back on again. (Incidentally you can theoretically move the swapfile off of the C: drive – which IMHO is a very bad idea – but you cannot move the hibernation file, which doesn’t make sense.)

There are lots of utilities out there that can help you understand what’s taking up space on your C: drive, and there are apps that can help you remove stuff you don’t and won’t ever need.

My question is: how did Microsoft ever let it get this way?

Please Give Me Time Machine

I get it: backup is mundane, surprisingly hard, and yet absolutely positively essential in a world where the OS alone cannot protect against ransomware, among other scary concerns. Windows 10 had this slow, awful, and unreliable File History-based backup which no longer appears to be present in Windows 11 and good riddance to File History as far as I’m concerned.

Now, I complained on Twitter that Windows doesn’t have a good backup, and a Very Famous Evangelist informed me I was wrong.

So I was very excited to see what Windows 11 provided, and disappointed to learn that out of the box Windows 11 will back up to…OneDrive, taking up cloud storage not to mention bandwidth (I have 12TB, I’m not uploading that!).

Macs have a truly wonderful backup program called Time Machine that I use on my MacBook with an external USB drive. I want that on my PC. Why is this so hard?

Apps, Apps Everywhere

When you install an application on Windows where does it go?

Well, all over the place.

Now, I don’t think any user cares whether or not an app is 32-bit or 64-bit, but of course we still have C:Program Files and C:Program Files (x86).

But apps can also be in C:Users[your name here]AppData which has its own complex folder tree. (Visual Studio Code, for example, installs to AppDataLocal.)

Why isn’t there just a simple Applications folder?

Has Microsoft Lost Interest?

To this passionate Windows user it feels like Microsoft has lost interest in, or deprioritized, Windows — which has resulted in both a loss of control and discipline over their product. ISVs, partners, and Microsoft itself write applications that collect data forever, that install anywhere they like, and leave logs, dumps, installers, and other rarely used files all over your system. While individual capabilities in Windows are brilliantly conceived, the overall experience is unintegrated, inefficient, and wasteful.

As I said, I’m anything but a “Microsoft hater.” I mean all these criticisms constructively. But…can Microsoft fix any of these issues? Do they care? Or will we have to wait until a new version of Windows?

Barry covers Azure, Windows Server, enterprise architecture and corporate governance topics at Directions on Microsoft. Before joining Directions 2020, Barry worked at Microsoft for 12 years in a variety of roles, including as Chief Technology Officer for Microsoft’s own IT organization for 5 years. Prior to Microsoft, Barry spent several years as CTO for several successful startups, and before that, 11 years at Lotus Development, where he was the lead developer for Lotus 1-2-3, the best-selling application of its time, and a Lotus Fellow.

A lot of the interest in Microsoft’s AI copilots revolves around the still-elusive Microsoft 365 Copilot. However, Dynamics 365, not Microsoft 365, will be one of the first places that Copilot capabilities surface. And these Dynamics Copilots will be available to some Dynamics 365 customers for no additional cost and to others as a paid add-on, company officials confirmed.

On June 15, Microsoft went public with plans for new copilot capabilities in Dynamics Project Operations, Finance, and Supply Chain Management. Public preview for these Copilots begins today in English for customers in the U.S. (for Supply Chain Management) and North America (for Finance and Project Operations). A spokesperson said once they are generally available, they will be available to some licensed Dynamics 365 users at no extra cost.

“The (Dynamics 365) copilots announced today will be available for customers with licenses in premium offers such as D365 Sales Enterprise, D365 Sales Premium, and D365 Customer Service Enterprise, D365 Finance, D365 Supply Chain Management, D365 Project Operations and sell it as an add-on to other plans, most likely for Professional licenses.  We will have more details to share at GA (general availability),” the spokesperson told me.

I asked if there would be any prerequisites for these Dynamics 365 Copilots, such as Azure OpenAI, and was told that is not the case.

A quick check of the handy Dynamics 365/Power Platform Release Planner from Microsoft shows that some of the already-disclosed Dynamics 365 Copilot capabilities already are in preview and/or will be available in public preview starting June 23. These include capabilities such as the ability to summarize conversations in Customer Service using Copilot; use SharePoint as a knowledge source for Copilot, and the ability to view Copilot analytics on a company’s business.

The Query Assist feature in Dynamics 365 Marketing (also under the Copilot banner) is listed as hitting general availability this summer, as is Content Assist for assisting with Marketing emails. Several of the Dynamics 365 Copilot capabilities Microsoft announced earlier this year — such as turning a prompt automatically into a SQL query which can be run on Azure Synapse Analytics — are slated for general availability in August 2023, according to the Release Planner.

Even though Microsoft isn’t yet ready to talk pricing details for the Dynamics 365 Copilot add-ons, this is a lot more clarity than we have around any pricing/licensing/availability for Microsoft 365 Copilot. Microsoft has been very slowly seeding select customers with an early preview of Microsoft 365 Copilot. It expanded that private preview program to 600 invited, paid customers starting in June. There is no date when more customers will be able to test-drive Microsoft 365 Copilot, when it will hit GA or how it will be priced and licensed. Officials have said only that Microsoft 365 Copilot will be a paid add-on to Microsoft 365 E3/E5 and likely to be released via a model similar to GitHub Copilot.

At least part of the reason that the Dynamics copilots are ahead of some other promised enterprise ones is Microsoft slapped the Copilot label on a number of Dynamics 365 AI-based features that already were in preview and scheduled for release as part of the Dynamics 365 Wave 1 release kick-off in March, as Directions on Microsoft analyst Andrew Snodgrass has pointed out.

With each AI announcement it makes, Microsoft executives are honing how they define Copilot and the way they describe the many different copilots that the company is readying across its enterprise and consumer offerings. During the Build developer conference last month, Microsoft officials said copilots are “applications that use modern AI and large language models to assist you with a complex cognitive task.”

Key here is the word “assist.” Most Copilots are application-specific plugins that provide a chat window where users key in a request. The Copilot plugin interprets the request and then calls the appropriate application API/command to perform the task for the user. This turns it into a productivity feature that relieves the user from going through a mountain of menu items to do the same thing. For other Copilot features, the plugin calls an external process, like with Copilot in GitHub, where it calls another OpenAI model, Codex, to generate code.

Microsoft is even releasing Copilot Stack that will allow customers to build their own Copilot plugins, which some partners have already done.

Sometimes Microsoft officials talk about a unified, single Copilot system that underlies the various copilot capabilities coming to market, but more recently, it’s common to hear Microsoft execs talk about lots of different copilots for different apps, services and modules that are based on a common “platform.”

As Directions analyst Snodgrass pointed out back in April, “Microsoft’s Copilot brand does not represent a cohesive set of tools and features but rather is a label that various Microsoft product groups are using to describe advanced machine learning features, primarily based on natural language processing.”

Microsoft: AI on track to hit $10 billion annual run rate

Microsoft has plans to bring copilot capabilities to not just some, but all of its cloud services, as spelled out earlier this week by Microsoft Chief Financial Officer Amy Hood and Chief Technology Officer Kevin Scott. The pair held a virtual briefing for Wall Street investors about Microsoft’s AI strategy.

Microsoft’s public storyline around its AI push this year is that it happened really suddenly, starting in late 2022/early 2023. However, as Scott told analysts this week, “We started a transformation inside of Microsoft about a year before we even did the partnership with OpenAI” (which happened in 2019).

Microsoft doesn’t have all of its new business models for copilots figured out yet, but already is predicting its AI business “will be the fastest growing $10 billion business (meaning $10 billion in annualized revenue) in our history,” in Hood’s words. Where will the money come from? Both from tools and services that customers will use to build AI apps and services (using Azure OpenAI interfaces and running on Azure) and built “into every Microsoft Cloud solution,” Hood said “whether it’s named Copilot or not.”

Scott elaborated: There are “the people who want to come use our infrastructure, whether they’re training their own models, whether they are running an open source model they’ve got, or whether they are making API calls into one of the big frontier models that we’ve built with OpenAI. It’s like all of these products, each of which has a slightly different potential for business model. So, like the way that we are going to be able to just sort of monetize all of this.”

(A related aside: Remember the skunkworks Microsoft Singularity AI infrastructure service that leaked back in February 2022? That project is now known as “Project Forge” — something that Azure Chief Technology Officer Mark Russinovich discussed at Build last month. Project Forge helps Microsoft run its own AI workloads using transparent checkpointing, coupled with a global GPU capacity scheduler. GitHub Copilot currently uses Forge under the hood. Russinovich said “we’re working on making it directly available to customers in the near future.” Monetization, ahoy!)

Microsoft is OpenAI’s exclusive cloud provider, but ChatGPT and other OpenAI models are not exclusively for use by Microsoft. However, Hood told analysts that Microsoft has a “broad perpetual license to all the OpenAI IP developed through the term of this partnership, that means even if the partnership were to end, we would still have those license rights to all the IP, up until AGI.” AGI, or artificial general intelligence refers to the idea that AI can solve any cognitive or human task.

After disruptions to its Office, Outlook, OneDrive and Azure services from June 5 to June 9, Microsoft acknowledged via a blog post late last week that distributed denial-of-service (DDoS) attacks from threat actor “Storm-1359” were to blame. The multi-day incident no doubt will raise a lot of questions among Microsoft customers, especially enterprise customers who are increasingly reliant on Microsoft to power their business operations.

On the plus side, Microsoft officials said they had seen no evidence that customer data was accessed or compromised as part of the DDoS attacks. However, the quiet way Microsoft disclosed this information doesn’t inspire confidence.

The company opted to post about its findings late in the day on June 16, the Friday before what is a long holiday weekend for many in the U.S. (In the media, we call this a “Friday news dump.”) As security expert (and former Microsoft employee) Kevin Beaumont noted on Twitter, they also didn’t point to the blog on their usual social channels or name Azure or Microsoft 365 as being affected, while both appeared to be.

When various news outlets asked Microsoft earlier this month why services like the Azure portal were down, the “official” answer was an unusual spike in traffic. On Friday, however, a Microsoft spokesperson said in response to an AP request for comment that the group called “Anonymous Sudan” was behind the attacks.

Microsoft’s blog post about the attacks, entitled “Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks,” noted that the early June DDoS incidents were likely due to a collection of botnets and tools that allowed Storm-1359 to launch attacks from multiple cloud services and open proxy infrastructures. The types of attacks included HTTP(S) flood attacks, cache bypasses and “Slowloris,” or attacks which can cause a web server to keep a connection open longer than it should be. The intent of the attacks “appears to be focused on disruption and publicity,” officials said.

As the Azure Firewall Turns

Microsoft is recommending customers use Layer 7 protection services such as Azure Web Application Firewall, which is available with Azure Front Door and Azure Application Gateway, to protect web applications. Its blog post unsurprisingly didn’t specify what Microsoft itself did and is doing to try to stop these kinds of attacks.

Many customers assume once they commit to Azure or Microsoft 365 that Microsoft will keep them safe (or at least safer than they can keep themselves) from attacks, given the company’s sizeable investments in security. Additionally, customers may have a false expectation that cloud services like Azure, Microsoft 365, and similar offerings can continue to deliver resilient services for customers under all conditions and simply absorb large-scale attacks like this. Microsoft does continue to make adjustments to try to stay ahead of all kinds of bad actors. But these kinds of DDoS attacks highlight that even a cloud vendor with vast resources is still vulnerable, and its customers are, in turn.

“Although Microsoft has focused on Azure Active Directory (AAD) resilience a lot in the past several years, the reality is that key Azure services like AAD are at the core of all Microsoft services. And even when designed for high resilience, malicious attacks like this can take down large chunks of services for customers around the world,” said Directions on Microsoft analyst Wes Miller.

Microsoft was scheduled to hold a press event focused on its Entra security and identity products and strategy on June 20, but on Friday abruptly announced the virtual event was postponed until July 11. A coincidence? I’m doubtful. I also don’t think it’s a coincidence that my increasingly growing problem with spam flooding my Outlook and Outlook.com accounts almost entirely has tapered off since Microsoft assumedly made changes to battle these DDoS attacks…. but I digress. (Or do I?)

Microsoft publicly disclosed last week that a China-based hacking group (“Storm-0558”) infiltrated some individual and government Outlook email accounts for a month. Via several blog posts, Microsoft officials shared details about how the breach of approximately 25 organizations happened and some of the steps it has taken to remedy the issue.

But there was one key bit of information that Microsoft did not disclose about the hack of which Microsoft enterprise customers should be aware. In its write-up, The Wall Street Journal noted that customers who were using Microsoft 365 E3, rather than E5, didn’t realize they were being hacked.

From the WSJ:

“Companies detect and investigate attacks by using logging software that keeps records of activity on their servers. But in this latest Chinese espionage campaign, critical logging information required to detect the attack was only available to purchasers of Microsoft’s top-tier cloud service, said officials at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.”

E3 offers some logging information but does not keep track of specific mailbox data which would have revealed the attack. Microsoft 365 and Office 365 E3 (and other plans below) do not log read-access to individual Exchange Online mailbox items.

E5 includes advanced information protection, premium e-discovery, advanced threat protection and threat intelligence — all capabilities not included as part of E3. There are also limits on the age of Entra identity and access ID sign-in logs, which is where failed sign-ins show up. In Office 365, for instance, the limit is seven days.

“Many capabilities that Microsoft 365 Enterprise tenants need to operate safely and comply with regulations require the more expensive license suites. It’s like going to a car lot and being told you have to buy the premium option package to get the Check Engine light,” said Directions on Microsoft analyst Rob Helm.

Microsoft 365 E5 costs substantially more than E3. Before volume discounts, E3 costs $36 per user per month and E5, $57 per user per month. To date, relatively few Microsoft customers have purchased E5. Officials said during fiscal 2022 (the period between July 1, 2021, and June 30, 2022) that E5 represented about 12 percent of the total M365/O365 base. In Microsoft’s FY’23 Q’1, officials didn’t provide an update on E5 growth, other than to say more than half of the $10-million-plus Microsoft 365 bookings in the quarter came from E5.

Microsoft officials have been touting the growing size of the company’s security business — a boast which doesn’t sit well with some customers, competitors and critics, who argue that Microsoft should not be making money from insecurities in its own software and services. Recently, a leaked internal report meant for Microsoft’s board noted that Microsoft is aiming to grow its security and identity management (SCIM) business to $50 billion by FY’25 and possibly to $100 billion by FY’30. However, Microsoft officials also acknowledged in that report that deployment is lagging subscriptions.

As Directions on Microsoft analysts have noted before, customers need to use extreme care when mixing and matching Microsoft 365 E3 and E5 together. As a general rule, organizations should ensure that they do not deploy and enable Microsoft 365 E5 security and compliance services unless all knowledge workers are licensed for the entire Microsoft 365 E5 suite (or F5 equivalent). Related but different issues can occur if the organization partially licenses E5 subcomponents on an à la carte basis and not all users are licensed for all the services deployed as a part of those subcomponents.

Even though it unveiled its Microsoft 365 Copilot AI assistant technology in March, Microsoft until now has not released pricing, licensing or availability information for the AI-assistant tool, much to the annoyance of many of its customers, partners and company watchers. However, on July 18, the opening day of its annual Inspire partner show, officials finally revealed pricing plans for Microsoft 365 Copilot: It will be $30 per user per month add-on to E3, E5 and a couple of SMB-focused plans.

Microsoft looks to be attempting to offer those who consider $360 per year to be too pricey an alternative. Today, Microsoft officials also took the wraps off Bing Chat Enterprise, another generative AI service aimed at businesses, which will be available for no additional cost for some enterprise users, and for $5 per user per month for others.

Directions on Microsoft analysts were split on how they believe Microsoft 365 Copilot pricing will fly with customers (a number of whom have continued to assume wrongly that Microsoft would make M365 Copilot available for free)).

At $30 per user per month, Microsoft 365 Copilot will cost almost as much as a Microsoft 365 E3 license (at $36 per user per month) — a fee some Directions analysts considered exorbitant. But if Microsoft 365 Copilot really does perform as has been demonstrated, some customers might buy in, others said.

“The pitch of a dollar a day to significantly increase the productivity of an employee might work,” said Directions on Microsoft analyst Rob Sanfilippo.

Microsoft still is not disclosing how or when it plans to roll out Microsoft 365 Copilot beyond some fairly vague statements. Microsoft officials have said that Microsoft 365 Copilot will help customers learn how to use its apps and features — for example, to turn a report into a 10-slide PowerPoint deck. Microsoft 365 Copilot also could assist users in drafting emails and documents; creating spreadsheets based on natural-language commands, and, via a capability called “Business Chat,” combining information from Microsoft 365 apps and data to do more complex tasks, such as “Tell my team how we updated our product strategy last week.”

Currently, Microsoft 365 Copilot is in private preview with up to 600 invited, paying customers, officials have said. Officials have declined to say when and if Microsoft plans to broaden the private preview or open up a public preview ahead of releasing Microsoft 365 Copilot commercially.

In an interview published in June this year, Microsoft Corporate Vice President Jared Spataro did say “you should expect people to have them (M365 Copilots) in production easily this fall. By the end of this summer, we’ll be showing some of what customers are doing with it. The tech is there.” When I asked whether Microsoft would support customers using preview versions of Microsoft 365 Copilot in production with something like a “Go Live”-type license, a spokesperson said Microsoft had “nothing to share.”

In last week’s virtual Microsoft 365 Copilot “Ask Me Anything” (during which Microsoft officials barred questions on pricing, licensing and availability), officials reiterated that Microsoft 365 Copilot will be an add-on license requiring users to have Microsoft E3, E5, Business Standard or Business Premium. Organizations will be able to assign Copilot licenses to specific users who have a base license. Initially, Microsoft 365 Copilot will work for Microsoft Word, Excel, PowerPoint, Loop and Teams. Microsoft plans to integrate Microsoft 365 Copilot directly into the UI for these apps.

The only Microsoft “Copilot” that is currently generally available is GitHub Copilot. Microsoft sells GitHub Copilot, its developer-focused AI pair-programming technology, for US$10 per user per month (or US$100 per user per year) for individuals. GitHub Copilot for Business is US$19 per user per month. For that price, developers get everything in Copilot for Individuals, plus license management, organization-wide policy management, privacy capabilities, and VPN support.

The (Dynamics 365) copilots which Microsoft announced earlier this year are next in line to go GA. They will be available for no additional charge for customers with licenses in premium offers such as D365 Sales Enterprise, D365 Sales Premium, and D365 Customer Service Enterprise, D365 Finance, D365 Supply Chain Management, D365 Project Operations. Dynamics 365 Copilot will be sold as an add-on to other plans, most likely for Professional licenses. 

At the Inspire show today, Microsoft also announced Sales Copilot, which officials are calling “a seller companion.” (If that sounds familiar, it should, as this is how Microsoft branded its Viva Sales product announced a year ago.) Viva Sales is now considered part of Sales Copilot, the new AI-specific capabilities will be part of a standalone subscription, as well as made available in Dynamics 365 Sales Enterprise and Premium licenses for no additional cost.

Bing Chat’s enterprise play

In other related news announced on Day 1 of Inspire, Microsoft officials also said they are bringing to market a version of Bing Chat for business users. Called “Bing Chat Enterprise,” this version of Microsoft’s AI-enhanced Bing chat bot will be available in preview starting today for organizations with Microsoft 365 E3, E5, Business Premium and Business Standard. It will be available to these customers for no additional cost. Microsoft also plans to make Bing Chat Enterprise a standalone subscription at some point in the future, priced at $5 per user per month.

Meant to work similarly to the Bing Chatbot for consumers, which is powered by Microsoft’s adaptation of OpenAI’s ChatGPT large language model (LLM) technology, Bing Chat Enterprise will provide “AI-powered chat for work with commercial data protection,” according to the company. (I’m assuming this means it will rely on the security and privacy controls baked into the Microsoft 365 E3/E5/Business Premium services that are required to prevent organizations’ data from “leaking,” but Microsoft never actually spelled this out. Officials said Bing Chat Enterprise won’t save chats and Microsoft will not be privy to the results of searches done with it.) Update: I was wrong. Bing Chat Enterprise does not rely on the Microsoft 365 security and privacy services; it only offers the aforementioned “commercial data protection” guarantees. It does require Azure Active Directory (newly renamed “Entra ID”).

Bing Chat Enterprise has nothing directly to do with the aforementioned and similarly named “Business Chat” capability that Microsoft is building into Microsoft 365 Copilot. Microsoft Search in Bing, which also provides a “work” vertical in Bing search results for those who sign into Bing with their work and school accounts, will continue to be supported. Unlike Bing Chat Enterprise, Search in Bing does not have an AI chatbot front end.

“Bing Chat Enterprise lets you use the power of generative AI at work, with commercial data protection. Microsoft 365 Copilot takes this to the next level and adds a superset of features that enable people to be productive and creative at work in a whole new way by grounding answers in your business data like documents, emails, calendar, chats, meetings and more to deliver incredibly rich and actionable responses to your questions,” said a spokesperson when I asked for the differences between Bing Chat Enterprise and Microsoft 365 Copilot — besides the price.

Whether you like or loathe Microsoft’s Edge browser, it’s worth knowing about some changes Microsoft is making regarding how Edge works and is managed. Microsoft officials say they are making these adjustments in the name of giving users a smoother, more productive experience. But the way the company is going about implementing these shifts is anything but smooth.

Microsoft has begun notifying some customers that it plans to make web links in Outlook and Teams open by default in the Edge browser, regardless of the browser on which organizations have chosen to standardize. Earlier this year, this seemed to be a change that would affect only those with Microsoft 365 Personal or Family subscriptions. But now, Microsoft has made it clear that it plans to also make this change for commercial customers with Azure Active Directory and Microsoft Accounts.

In a message in the Microsoft 365 admin center, as noticed by Petri.com, Microsoft has started informing some customers that web links from emails in the Outlook for Windows app will open side-by-side with the email message in Microsoft Edge to spare customers from having to switch back and forth between apps. This will happen in Edge even if it’s not the organization’s default browser in Windows.

In Teams, web links shared in chat messages will also open in Edge, though there’s seemingly no published date as to when this is going to happen. And in Outlook for iOS and Android in the coming months, users will see a prompt asking them to choose their default browser and configure that option in their Outlook mobile settings, even if they’ve already made a choice (Edge or otherwise).

Only links set to open in a web browser will be affected; those set to open in a client app or in Outlook itself will continue to work as usual. Reports say the Message IDs detailing these changes are MC548092 and MC541626 and not every commercial M365 admin can see them yet.

Microsoft’s official justification for these changes, according to a spokesperson, is improved usability.

“This change is designed to create an easier way for Outlook and Microsoft Teams users to reduce task switching across windows and tabs to help stay focused. By opening browser links in Microsoft Edge, the original message in Outlook or Teams can also be viewed alongside web content to easily access, read and respond to the message, using the matching authenticated profile. Customers have the option to disable this feature in settings,” the spokesperson said in an emailed statement.

Microsoft is telling admins this week they have 30 days’ notice that this change will be rolling out in Outlook for Windows for all business customers. IT pros can configure policies to manage this for Microsoft 365 apps. But those with Microsoft 365 Business plans need to control this on individual client PCs can do this by going to Outlook, File > Options >Advanced > Link handling and selecting their preferred browsers from the drop-down menu, according to a report from Neowin.net.

Update: The Microsoft spokesperson added this bit about how admins can control this setting: “Organizations who do not want web links from the Outlook for Windows app or Teams to open in Microsoft Edge can manage this change using the Choose which browser opens web links policy in the Group Policy Management Console or in Cloud Policy service for Microsoft 365.”

If this weren’t enough, Microsoft also has added a new setting in the April Patch Tuesday updates for Windows 10 and 11 which results in the Default Apps Settings page popping up every time a web link opens with Google Chrome. While customers still can make Chrome their default (at least for now), Microsoft has made the process more difficult. I asked the aforementioned spokesperson why Microsoft opted to do this but did not hear back.

These kinds of strongarm tactics aren’t the only way that Microsoft is trying to convince users to adopt its Bing search engine and Edge browser. Microsoft has been touting new AI capabilities delivered via the new Bing and Bing chatbot, powered by OpenAI’s GPT and ChatGPT, as lures to win over new customers, too. On May 4, Microsoft announced more new Bing and Edge AI capabilities to sweeten the deal further.

Among today’s announcements:

There are some interesting capabilities that using the new Bing, Bing chatbot and Edge together can unlock, but Microsoft’s attempts to force customers to use Edge could end up backfiring.

While AI announcements are expected to get top billing at Microsoft’s Build developer conference next week, its data platform reveals are going to get a lot of time in the limelight, too. The new “Microsoft Fabric” platform, built to make data access and insights more easily accessible and integrated, will be the subject of more than a few Build sessions, based on what’s in the conference’s online session catalog.

On May 17, Microsoft sleuth “WalkingCat” on Twitter posted what look to be pre-recorded video excerpts from the coming Microsoft Fabric announcements. In those segments, Arun Ulag, Corporate Vice President of Azure Data, outlines the coming Fabric data platform “for the era of AI.”

In the video, Ulag says Fabric will be an end-to-end data and analytics platform, based on updated versions of existing tools, delivering a unified architecture, security and data-sharing experience in the form of Software as a Service (SaaS). The Fabric platform will be built on top of a common SaaS data lake, based on the open Delta Parquet format, accessible by all components. He calls this platform “OneLake,” which he says is “almost like OneDrive, but for your data.”

The Fabric platform will deliver data analytics directly to users in the Office apps by leveraging a new, integrated version of Power BI, Microsoft’s business intelligence offering.

Microsoft Fabric, which was codenamed “Trident,” will consist of seven core workloads or apps, each built for particular personas and tasks, according to the videos. The seven:

All of these workloads will store and access data in OneLake via workspace folders, and all the data will be in the Delta Parquet open-source data file format. (Ulag touts the decision to go with open-source formats in Fabric as a major differentiator between Microsoft and Snowflake, Google and AWS.) All data across the Fabric platform will be automatically provisioned with the tenant and be organized in a hierarchical namespace. The data will be automatically indexed for discovery, governance, compliance and more, according to the videos.

So what’s the AI piece of this? (Given Microsoft seemingly has decided no product or service can be announced without an AI component, there must be at least one.) Microsoft is expected to to add its Copilot AI assistant technology to Power BI. Sources of mine say Copilot will be coming to all the other pieces of Microsoft Fabric, too, at some point, which will enable customers to use natural language to code, create reports, glean insights and more. Additionally, in the leaked videos, Azure OpenAI is mentioned as a key binding service across the Fabric platform, although there are few details as to what that actually will bring to the Fabric data platform party.

Last year at Build, Microsoft announced the Microsoft Intelligent Data Platform, which included everything already in the Azure Data space (Azure Data Factory, Azure Data Explorer, SQL Server 2022, Azure SQL, Cosmos DB, etc.) to the Synapse Analytics products, to Power BI, to the newly rebranded Purview compliance/governance product family. Microsoft officials said the unification was meant to weave analytics more tightly into the other components of customers’ data estates.

With only these few details about the Build news available publicly at this point, it’s hard to know for sure whether Microsoft Fabric is yet another marketecture-type announcement, or a major revamp of some of the company’s most important data assets.

Information on what these changes mean to the existing platforms that make up Fabric and how that will affect existing customer deployments is unknown. Most of the Fabric components appear to be further enhancements and integrations of existing capabilities. On paper, at least, the idea of a common back-end storage platform and more open APIs sounds like a potentially big customer win. But more needs to be known about how easy it is to migrate from Microsoft’s existing tools and how much it will cost organizations to do so.

Based on what we know so far, “Fabric feels more like an important evolution of Microsoft’s cloud analytics and data lake service, rather than a wholesale change. And that bodes well for customers already using the underlying services like Power BI and Data Lake and Synapse Analytics,” said Directions on Microsoft analyst Andrew Snodgrass. “Fabric should help existing customers improve what they’re already doing and open the door to orgs that haven’t adopted the individual services because it’s hard to combine them all.”

Deprecated vs. discontinued. End of support vs. end of life. It’s a tough job trying to keep track of when Microsoft software, services and features are “retiring,” to use the company’s euphemism for being dropped.

Lately, it feels to many of us here at Directions on Microsoft that Microsoft is stepping up the pace of moving products and features out to pasture. Maybe it’s because, like many of the company’s customers, Microsoft is trying to support fewer products and features in the name of “doing more with less.” Whatever the reason, it’s a good opportunity for organizations to reflect on what these phase-outs can mean beyond the obvious and how to try to reduce their impact.

Many customers were hoping moving to Microsoft’s cloud would magically remove (or at least diminish) the impact of upgrades. But technology moves forward and just like the on-premises days of old, advancements mean major components are retired and replaced and customers must perform upgrades themselves. The big difference now is the timing. Under the Modern Lifecycle Policy, Microsoft (the vendor) dictates when upgrades happen, rather than the customer. And it’s on a schedule that benefits Microsoft, rather than the customer.

Here’s a recent example: There’s a fairly key feature in Dynamics 365 Customer Service called Intraday Insights which Microsoft is retiring very soon. On April 28, officials contacted users telling them the feature would be deprecated sometime in the future. Three days later, on May 1, the feature was deprecated. Surprise! Although customers can continue using the feature for the next year, on October 31, 2023 — six months from now — Microsoft is ending support.

Did Microsoft do anything counter to its promise of giving customers 12 months’ notice about a feature going away? No. In fact, Microsoft has a replacement product at the ready: It’s new Omnichannel Real-Time Analytics Reports product, which it just happened to release in late April (the time Microsoft originally contacted Intraday Insights users about the planned obsolescence of the product.)

Customers now have an unplanned, and unbudgeted IT project to migrate from one reporting solution to another in a service they are already using. This migration is going to take both IT and business staff away from other business-focused efforts that are probably more important to their companies for several weeks. Try explaining the value of that to executives. Welcome to the Modern Lifecycle.

Directions on Microsoft analyst Jim Gaynor notes that under Microsoft’s Modern Lifecycle Policy, Microsoft must provide a minimum of 12 months’ notification prior to ending support “if no successor product or service is offered — excluding free services or preview releases.”

The Modern Lifecycle Policy also states: “For products and services governed by the Modern Lifecycle Policy, unless otherwise noted, Microsoft’s policy is to provide a minimum 30 days’ notification when customers are required to take action in order to avoid significant degradation to the normal use of the product or service.”

In the case of Intraday Insights, Microsoft checks both boxes.

Does this mean the company’s policies in these cases are pro-customer? Definitely not.

The devil is in the details when it comes to deprecation and discontinuation announcements. “Deprecate” might not mean what a customer thinks and/or may be used inconsistently by Microsoft. Organizations need to dissect whether a service is no longer being “improved,” whether it will eventually be shut off entirely or in part; and whether there is a viable substitute (and how much effort, time and money is required to make it work).

Some companies have policies in place that specify they cannot run unsupported software. That means regardless of whether a product or feature is still present, if it’s not supported, that can mean it’s a no-go. Six months isn’t a long period to decide on a successor product, test and validate it and migrate to it. This kind of rapid change is disruptive and costly.

Organizations need to remember “it’s Microsoft’s cloud and you’re just relying on it for your entire business,” says Directions analyst Gaynor. “Live in fear and keep that wallet open.”

Customers need to be aware that at any time, you may be given a 30-day notice to take action such as changes to supporting systems, loss of compatibility with interoperating services, or refactored deployment practices or established business processes, to avoid “significant degradation” to your use of a Microsoft product/service, Gaynor noted.

And at any time, you may be given only 12 months’ notice that a Microsoft product/service you rely on will be discontinued without a replacement. While you may be able to continue using unsupported products, services are likely to be shut down and no longer available, giving you only 12 months to evaluate, select, implement, and migrate to a replacement service, he added.

Directions on Microsoft analyst Michael Cherry adds customers should keep these realities in mind when negotiating their licensing contracts with Microsoft.

“The problem is that few if any of these ‘policies’ get implemented as specific clauses or amendments to the contracts,” Cherry said. “These ‘promises’ should be incorporated into the service level agreements specifically, with both the promise and the consideration.”

Microsoft’s Build developers conference is happening this week, starting on May 23. This year’s event is “hybrid,” again, with attendees participating in person in Seattle or watching virtually. Unsurprisingly, there are lots of announcements around Microsoft’s Copilot AI assistance technology this week. But there also are other product and strategy reveals that likely will have more near-term and widespread customer impact.

Microsoft wants Build attendees to take away one big thing from the show: Copilots and plug-ins are here! (Except, in reality, they’re not — other than in Bing and GitHub.)

Microsoft has been pre-announcing a range of Copilot assistants for just about every consumer and commercial product in its line-up since the start of 2023. The business-focused Microsoft Copilots —> which Microsoft now officially defines as “applications that use modern AI and large language models to assist you with a complex cognitive task” &mash;> are in private preview for a (very) select few at this point. Microsoft still hasn’t said when they’ll be commercially available, how they’ll be licensed, or how much they’ll cost to use.

At Build, officials will continue to tout the productivity benefits of Copilots and the company’s decision to back the same plug-in standard that OpenAI is using for ChatGPT. The plug-ins we’ve seen demoed to date are almost all consumer ones, such as OpenTable and Instacart. But Microsoft is promising that corporate developers will be able to build their own custom plug-ins using Visual Studio and the Teams Toolkit for Visual Studio Code to provide users help with tasks such as processing contracts or managing corporate travel expense reports. Microsoft also is labeling Teams message extensions and Power Platform connectors as plug-ins, going forward. Officials said the 20 customers currently in the M365 Copilot Early Access program have access to more than 50 plug-ins from Microsoft, as well as Atlassian, Adobe, ServiceNow, Thomson Reuters and other vendors.

(I’m thinking that Microsoft execs are busily re-making the “Power House” Power Platform apps, which are customizable, template-like apps for specific business functions that we wrote about a few months ago, to fit into this Copilot/plug-in story. Maybe we will hear more on that this summer.)

Because no Microsoft event these days is complete these days without the announcement of EVEN MORE Copilots, Microsoft is bringing a Copilot to Windows 11(with a preview coming in June, assumedly to Windows Insiders) in the name of helping users navigate commands and work with multiple apps simultaneously. The Microsoft Edge browser is getting the Microsoft 365 Copilot. The newly announced Microsoft Fabric data platform will be getting a Fabric Copilot “soon.” Power Platform’s Power Pages Copilot is now in public preview and the Power BI Copilot for Data Analysis Expressions (DAX), announced today, is in public preview now, too.

Fabric, Azure Linux and Win32 Isolation (Oh, my!)

Enough AI smoke. Here are the other top announcements of potential interest to Microsoft business customers from Build:

Microsoft Fabric “Fabric” is the new end-to-end data and analytics platform Microsoft is unveiling at Build. It’s a combination of updated versions of existing tools, plus a few new ones, delivered in the form of Software as a Service (SaaS). The platform is built on top of a common data lake based on the open delta/parquet format, which Microsoft has dubbed “OneLake.” Microsoft’s goal with Fabric is to provide cross-suite integration. A bunch of the pieces of Fabric, including Data Factory; Synapse Data Engineering, Data Science, Data Warehousing and Real Time Analytics; as well as OneLake are in public preview now.

“Azure Linux”: Listen at Build for mentions of something called “Azure Linux” this week. We already knew that Microsoft has its own Linux distribution, called CBL-Mariner (CBL = Common Base Linux), but officials repeatedly have pointed out that Mariner is for Microsoft’s own internal use and not a commercial Linux distribution. Microsoft has disclosed previously that it used Mariner as the base for the Linux virtual machine that is in Azure Kubernetes Service (AKS) for edge devices. But until this week, officials have called this “AKS-Lite VM.”

When I asked about the name-change, I got the following statement: “Azure Linux is the commercial product for CBL-Mariner, and it is supported as a container host OS for AKS. Mariner (CBL-Mariner) as an AKS container host has been renamed to Azure Linux container host for AKS. Microsoft does not provide broad commercial support for Azure Linux as a server operating system,” said Jim Perrin, Principal Program Manager Lead, Linux Systems Group. My interpretation: Mariner has graduated beyond an internal-use-only skunkworks project to more of a commercial Linux, even if limited. I’ll be curious if Microsoft goes further in making Azure Linux a “real” Linux distribution at some point.

New Win32 app isolation technology: Microsoft previewed plans to add new Win32 app isolation technology to Windows 11 back at the BlueHat conference in April. This update will be in public preview on May 24 for both consumers and commercial customers. Microsoft is presenting this capability as a step on its journey to making Windows “adminless” in the name of security. Many Win32 “classic” apps don’t run with least privilege, and isolation could help contain security issues and reduce damage if an app is compromised. Win32 app isolation in Windows 11 will rely on the “Helium” container tech that lives on top of the existing registry and file system, which is used by the MSIX Windows app package format. Microsoft isn’t providing information on when this isolation capability will be available commercially or how it will be priced/licensed.

Even more Windows goodies: After a few years of making Windows an afterthought at Build, it seems Microsoft is making quite a few Windows-related announcements at the show this year. In addition to the Win32 app isolation announcement, Microsoft is showing off a new Dev home app (in preview) that will let developers more easily set up Windows as their dev machine with WinGet configuration, GitHub integration and more built in. Microsoft also is announcing officially “Dev Drive,” which is a new virtual hard disk (VHD) storage volume tailored for developers that is based on ReFS (Resilient File System). And Win365 Boot, the capability allowing Windows 365 users to log directly into their Win365 Cloud PCs and designate them as their primary Windows experience (with no interim steps required after the initial log in) is finally going to preview.

Microsoft Mesh and Teams avatars: Before it was all-in on AI, Microsoft was gearing up to hop on the metaverse train. The company gave its Mesh mixed-reality collaboration platform and avatars for Teams lots of promotional love in 2021 and 2022. Both technologies get a small nod at Build this year. Mesh is (finally) in private preview for those who want to build virtual experiences for town halls, employee training, onboarding, and virtual tours. And the avatars for Teams will be generally available for all Microsoft 365 Business and Enterprise customers in the Teams desktop app on Windows and Mac starting this week.

Entra External ID: Microsoft’s customer identity and access solution, Entra External ID, which Microsoft announced earlier this year, will hit preview this summer. (Entra is the brand for a set of services built on top of Azure Active Directory for identity management.) While Microsoft made Entra Verified ID generally available in 2022, allowing users to share proof of employment, education and similar personal information, the External ID component lets organizations employ an identity provider to manage their IDs and then manage access to apps with Azure AD or Azure AD B2C.

Microsoft has used the first several months of this year to blast its AI messaging on the business and consumer fronts. While its Bing chatbot and Microsoft Designer consumer Copilot AI assistants are in public preview — and even shipping commercially in the case of its developer-focused GitHub Copilot — its other business-focused Copilots are in private preview with a small set of customers. Microsoft officials have continued to decline to talk about plans for public previews, pricing, and licensing for Microsoft 365 Copilot and Dynamics 365 Copilot.

But during the company’s Q3 FY’23 analyst call on April 25, Microsoft executives dropped a few hints about the company’s thinking about pricing and licensing for its Microsoft 365, Dynamics 365, Viva and Security Copilot capabilities. And just because Directions on Microsofthas been asked this several times already: These Copilot capabilities definitely are not going to be free. They will be priced as add-ons on top of existing subscriptions like Microsoft 365 E3 and/E5.

“When we believe we’re adding a lot of value, and frankly, that’s what the Copilots are doing and some productivity improvement, you can expect that we will have a list price for those,” said Microsoft Chief Financial Officer Amy Hood in response to a Wall Street analyst’s question during yesterday’s call.

CEO Satya Nadella added that the model Microsoft is using with GitHub Copilot is a good indicator of where the company will likely go with its other business-focused Copilot capabilities. (Nadella did not say if Microsoft would match the GitHub Copilot pricing exactly, however.)

Nadella told analysts:

“The Copilot that’s priced, and it is there, is GitHub Copilot. That’s a good example of incrementally how we monetize the price lists out there, and others are to be priced, because we are in preview mode. But you can expect us to do what we’ve done with GitHub Copilot pretty much across the board.”

Microsoft sells GitHub Copilot, its developer-focused AI pair-programming technology, for US$10 per user per month (or US$100 per user per year) for individuals. GitHub Copilot plugs directly into developer’s’ editors. And GitHub Copilot for Business is US$19 per user per month. For that price, developers get everything in Copilot for Individuals, plus license management, organization-wide policy management, privacy capabilities, and VPN support.

Nadella said yesterday that Microsoft has had more than 10,000 organizations “sign up” for GitHub Copilot for Business since it became broadly available close to three months ago. Microsoft has announced it will be adding more Copilot AI assistant capabilities to GitHub Copilot via its GitHub Copilot X initiative, which is now in technical preview.

Microsoft has demonstrated publicly via various demos how Copilot could improve customers’ experiences with everything from security analysis to PowerPoint deck creation. Microsoft officials have insisted that Copilot is more than just OpenAI’s ChatGPT embedded into Microsoft 365. The official description of the Microsoft 365 Copilot “System”: “It’s a sophisticated processing and orchestration engine working behind the scenes to combine the power of large language models (LLMs), including GPT-4, with the Microsoft 365 apps and your business data in the Microsoft Graph — now accessible to everyone through natural language.”

Unsurprisingly, Microsoft focused heavily on its AI investments during its Q3 earnings announcement. Officials said the company has more than 2,500 customers for its Azure OpenAI service, which builds on top of its customer OpenAI’s GPT-3/4 technology. In March 2023, Microsoft execs said they had more than 1,000 customers using Azure OpenAI. While Azure growth continues to slow, as Microsoft had warned it would, Azure and “other” cloud services grew 27 percent compared to the year-ago quarter. (One year ago, that Azure growth number was 46 percent.)

Microsoft officials didn’t say on the call when the company will release its business-focused AI Copilots in public preview or commercially. Recently, officials said to expect the Viva Copilot capabilities to ship later this year. And a closer look at the Dynamics 365 release plan roadmap notes that several of the announced Dynamics Copilot capabilities have begun moving into public preview and are slated to ship this summer. The near-term delivery date for the Dynamics 365 Copilot features could be due to them being more of a rebranding of announced and in-preview features with the Copilot name, as Directions has noted.

Microsoft currently uses a large number of different domains for its various Microsoft 365 apps and services. On April 26, officials announced plans to reduce fragmentation by bringing its authenticated, user-facing Microsoft 365 apps and services onto a unified “cloud.microsoft” domain.

Microsoft opted for the cloud.microsoft name because it plans to bring more than just the Microsoft 365 services to the name at some point, officials noted. The company’s goal with this change is to reduce sign-in prompts, redirects and other issues when navigating across apps. For admins, the consolidation should help reduce complexity of allowed-lists.

To start, only net-new services will be deployed on the new cloud.microsoft domain.

“In most cases,” no customer action will be required to keep using Microsoft 365 apps and services, officials said. Microsoft already has added “.cloud.microsoft” to the official list of Office 365 URLs and IP address ranges.

Microsoft officials said they will notify customers at least 30 days in advance before changing the domain for any existing service which requires customer network configuration. For any domain changes requiring updates to customer apps or other more complex customer actions, officials said they will provide “targeted communications” and “ample time” for adjustments.

This sounds, at least in theory, like a change that shouldn’t have a lot of negative impact on Microsoft cloud-services customers. However, customers should stay vigilant in case there are any infrastructure, software and firewall issues which potentially could arise with the introduction of any kind of new top-level domain.

Microsoft is giving Windows users a bit more information about what’s planned for Windows 10 and Windows 11 via some updates to its lifecycle support pages this week.

Windows 10 Enterprise, Enterprise IoT and Education will remain supported by Microsoft until October 14, 2025, as we’ve known for a couple of years. What we didn’t know for sure until today, April 27, was that Windows 10 22H2, which Microsoft released last fall, will be the “final version of Windows 10.” All editions of Windows 10 will remain in support with monthly security updates through that date. But they won’t be getting any more new features, based on today’s update from Microsoft.

Existing Windows 10 Long Term Servicing Channel (LTSC) releases will continue to get updates beyond that date, based on their specific lifecycles. Depending on the edition and release, these dates range from January 2027 to January 2032.

LTSC releases of Windows are designed for special-purpose devices and environments. Their feature sets remain constant for the supported lifetime of the release, which has led some customers who don’t want the constant disruption of feature updates to adopt them, in spite of Microsoft’s cautions against using LTSC for this reason.

Microsoft also announced today that it will deliver the promised LTSC version of Windows 11 in the second half of 2024. There will be a Windows 11 Enterprise LTSC and a Windows 11 IoT Enterprise LTSC edition released at that time. Officials said they will provide more details closer to availability.

In addition to continuing to provide security updates for Windows 11, Microsoft also has moved to a pattern of “continuous innovation” for the product. This means in addition to getting a single “major” feature update each year, usually in the fall, Microsoft also is delivering other new features and updates for Windows 11 throughout the year without a set schedule.

There have been reports that Microsoft is planning to release a new Windows variant, which may (or may not be) christened Windows 12 in the latter half of 2024. It’s hard to know at this point whether this release will be more than Windows 11 with a bunch of “AI”-labeled features added and/or more virtualization capabilities delivered via Windows 365 — or something more.

Microsoft is giving its SharePoint content-management platform a number of new features, including Copilot AI capabilities, starting in the next few months and continuing through early 2024. Microsoft officials updated the SharePoint roadmap on May 2 at the Microsoft 365 Conference in Las Vegas.

Microsoft’s goal with the SharePoint refresh is four-fold, officials said: To enable simpler authoring; the creation of better-looking sites, pages and videos; new integrations into email, Teams and Viva; and the ability to tailor SharePoint sites to specific workflows and applications using templates, the SharePoint Framework and Microsoft Graph application programming interfaces (APIs). In short, the company is looking to AI and other changes to help users design and develop sites themselves, which could take some of the load off IT and ‘super-users’ in business units.”

As it has done for almost every Microsoft 365 app since earlier this year, Microsoft is planning to add Copilot AI capabilities to SharePoint. The Copilot AI functionality will help users create customizable sites and pages more simply and quickly, execs said. They said users could use a prompt such as “Create an employee onboarding site for Product Managers and use this Onboarding PowerPoint to get started,” to set up a SharePoint site, for example.

A preview of SharePoint Copilot will be available before year-end, according to Microsoft. (Microsoft still has not revealed Microsoft 365 Coplot pricing or licensing but did say recently that the model would likely be very similar to what’s in place with GitHub Copilot.)

SharePoint users also will be able to coauthor SharePoint pages with team members using the Fluid Framework technology that underlies the Microsoft Loop functionality. A new Brand Center in SharePoint will allow users to specify fonts, colors, logos and other design elements that are connected to customers’ own organizations. Updates to the Microsoft Streamvideo web part will allow users to stream all types of video inside their pages.

According to a roadmap slide, Microsoft plans to make available the new Stream web part, page sharing, news in Outlook and advanced image editing in the next few months. During the fall, the content pane for page authoring, new SharePoint Start and video pages will be coming. And by the end of the year, in addition the preview of Copilot in SharePoint, Microsoft also will make available design ideas for page sections and Brand Center. Page coauthoring preview and general availability are slated for early 2024.

In other Microsoft 365 Conference news today, Microsoft also announced plans to revamp OneDrive for work and school accounts. Of course, there’s an AI angle here: The new OneDrive Home experience includes a “For You” area with “AI-powered file recommendations” that officials said will be “coming soon.” (There seems to be a Microsoft edict that every single product and service announcement MUST mention AI somehow.)

A new OneDrive Shared experience, providing users with a way to see all files shared with them in a single place will roll out later this quarter. A People view, which organizes files by the people someone is working with is coming “later this year,” as is a view organizing all meetings, along with chats, notes, and Loops in a single experience.

On the admin front, Microsoft also made a few OneDrive and SharePoint administration and security announcements. SharePoint Data Access Governance Insight is now generally available, allowing users to see the top sites that are overshared and take actions on them. Microsoft also made restricted access control policy for SharePoint sites generally available, which allows organizations to restrict access to any SharePoint site, even if it’s connected with Teams or Microsoft 365 Groups. Microsoft also is making a preview of SharePoint cross-tenant content migration available which will enable new scenarios like mergers and acquisitions.

Microsoft is on a roll in terms of announcing new AI assistants across its product line. On March 28, officials introduced the latest addition: Microsoft Security Copilot.

Powered by Open AI’s GPT-4 generative AI technology, Security Copilot — like the several other “Copilots” Microsoft has announced this month — looks and works like a chatbot. It’s meant for security professionals who need quick security information to help them isolate and hunt threats. What makes Security Copilot different from other chat bots is its use of the trillions of signals that Microsoft collects in its own security intelligence work, officials said, as well as with information from external security agencies like the National Security Agency. Customers will be able to train Security Copilot on their own data.

Security Copilot integrates with Microsoft Sentinel, Defender and Intune. Users can use Security Copilot to ask for summaries of information about vulnerabilities; to assist with incident and code analysis; and to keep track of alerts from other tools.

Microsoft has published a demo site with suggested scenarios for Security Copilot. Among its potential theoretical uses:

Security Copilot is currently available via a private preview. Microsoft is not providing a public date as to when Security Copilot will be more broadly available or how it will be packaged, licensed or priced.

Microsoft is moving some of its Volume Licensing Service Center (VLSC) features to the Microsoft 365 Admin Center (MAC) beginning this month. The goal is to centralize where customers manage their licenses, both volume and subscription, as noted on the “Cloudy With a Chance of Licensing” blog.

“Microsoft is gradually transitioning volume licensing capabilities to M365 Admin Center to enable customers to manage on-premises software, on-line services, and subscriptions in one site accessed by a single Log in ID,” according to documentation in a Frequently Asked Questions (FAQ) article on the Microsoft Learn site.

The features with which Microsoft is starting off this migration are key ones, including the ability to download software and review the licenses customers have for it. But it’s worth noting that this move does not substantively change how customers will manage their licenses or agreements, so should not have much, if any, impact on IT procurement or asset management leaders. There could be some short-term hiccups implementing these changes, but the VLSC has been known for being rather clunky and fragile. In the longer term, moving important licensing capabilities to a more robust infrastructure that gets a lot of attention should be a net-positive.

Microsoft notes that starting in late April it will begin “retiring” the VLSC functionality that already is available in the M365 Admin Center. Customers will automatically be redirected to the M365 Admin Center with no need to sign in again. Officials said the transition will be phased, meaning not all users will be impacted at the same time. Additionally, no Government Community Cloud (GCC) or GCC High customers will be impacted by the change.

Customers will be able to see downloads and keys; license summaries (labeled “Contracts”), and relationship summaries (included in “Contracts” in the MAC billing section under “Your Products.”) Volume licensees won’t see any other data that users with Billing Admin permissions in the Admin Center can see, such as non-VL bills, payments, etc.

Other details about the move:

Microsoft’s goal is to transition all VLSC features to the M365 Admin Center “in due course,” the documentation says. In the interim, Microsoft will enable VLSC features in the M365 Admin Center and run them in parallel until they deem that the feature is accessible by the VLSC customers.

For now, User Management, Reservations Management and Online Service Activation (OSA), meaning Open License, Open Value and Open Value Subscription keys and subscriptions will remain in the VLSC.

In 2021, Microsoft announced plans to build yet another collaboration app called Loop. But it wasn’t until today, March 22, that this competitor to Notion, hit public preview.

“Loop” is the branding that Microsoft is using for many, but not all, of its Fluid Framework collaboration technologies. Fluid Framework enables fast coauthoring and compound documents that include elements that are synched in near real-time. Microsoft already has been delivering Loop components in Outlook (for both Windows and the web) and Teams.

The Loop app can be used both as a standalone app/canvas, as well as in the form of an embeddable pages that can be built into Microsoft apps like Outlook, Teams, OneNote, Word for the web and Whiteboard, officials have said. The Loop app basically functions as a kind of project manager built around a common workspace. Users can build Loop pages using templates or by dragging blocks of content into their workspaces where they can collectively chat, comment, edit and keep on top of tasks and to-dos. SharePoint provides the underlying storage and collaboration platform for the Loop app, officials said.

Unsurprisingly, Microsoft also is adding its Microsoft 365 Copilot AI assistant technology to Loop, officials disclosed today. Users will be able to use prompts such as “create,” “brainstorm,” “blueprint” and “describe” or use their own words to get specific, customized suggestions. While the Loop app itself is in public preview as of today, the Copilot in Loop capability is in private preview only.

To test-drive the Loop app public preview, users can go to the Loop home page to access it on the web. Or they can download the mobile versions of the app for Android and iOS, but currently for work accounts only. As Microsoft officials noted in a message in the Microsoft 365 admin center earlier this month, the Loop app is off by default in public preview, so it won’t be available in organizations unless IT specifically enables it. The preview does not yet meet all of Microsoft’s compliance capabilities, as eDiscovery, Sensitivity labeling and other features are not yet enabled. Microsoft officials said they will provide a list of what’s coming when in future roadmap updates.

A company spokesperson said that Microsoft has “nothing to share at this time” about when Microsoft plans to make the Loop app generally available. Officials also are not yet talking about packaging, licensing or pricing for the Loop app.

Microsoft’s next major version of its Teams collaboration platform — referred to by many as “Teams 2.0” — has been rumored for several years. On March 27, Microsoft is making the new Teams Windows app (actually known as Teams 2.1), available as a public preview after many months of it being tested by its own employees inside the company.

The new Teams app for Windows is slated to become generally available in June 2023 by which time Microsoft promises it will have feature parity with “classic” Teams. The preview for Mac users is coming later this year. Microsoft will continue to support classic Teams for a transition period even while the new Teams rolls out.

Teams users in the public preview program will be able to get the new Teams for Windows preview immediately, while commercial customers will need their admins to opt into the preview before they will see the toggle allowing them to switch back and forth between the new Teams and classic Teams.

Microsoft has rewritten the new Teams app so that it’s no longer an Electron-wrapped application; instead, it will use the Microsoft WebView 2 control to host the Teams experience. This will help make Teams perform better and feel less bloated. Microsoft officials say the new Teams will be two times faster and consume 50 percent less memory than the current Teams, allowing it to run better on low-end laptops and use less battery. Microsoft already built its consumer Teams platform on top of the WebView 2 framework and made the UI simpler and more intuitive, and the new Teams apps are expected to look and feel similar, though not identical, to the consumer Teams app.

The new Teams also will include a UI overhaul that will allow users to more easily stay on top of notifications, search for information, manage messages and organize channels. It will also (finally!) support simultaneous login to multiple tenancies, a long-requested feature, and will include a new drop-down panel that will show tenancies and accounts in use, so that users can receive notifications no matter which profile is currently active.

The already-announced Teams Premium add-on, which costs $10 per user per month, will provide several new features, including intelligent meeting recap. The Premium add-on includes some features that previously were available at no additional cost to Teams customers. Microsoft officials also have said a Copilot intelligent assistant for Teams will be available at some point as part of Microsoft 365 Copilot, separate from Teams Premium. The Copilot for Teams, in particular, will help users catch up on what happened before they joined a meeting or chat, among other capabilities. A Microsoft spokesperson said the company had nothing to share about when the Teams Copilot capability would be available to Teams customers in preview or final form.

Microsoft officials said the new Teams will include 90-plus new additional features, including enhancements to Teams Phones, various UI and multi-channel support. A new Collaborative notes capability, coming to public preview in April, will provide users in Teams meetings with Loop components for coordinated agendas, notes and tasks. The avatars for Teams feature, which Microsoft demonstrated a couple of years ago when the metaverse was all the rage, are in public preview.

A year after promising to deliver a single feature update each year for Windows 10 and 11, Microsoft officials changed their tune and decided to deliver multiple smaller feature updates on no set schedule for Windows 11. We don’t know what’s in store for Windows 10 in terms of feature updates, as officials aren’t talking plans other than to say the OS will remain supported until October 2025. But, today, February 28, Microsoft is kicking off the rollout of its second set of feature updates to Windows 11 22H2.

This set of feature updates will be available to “seekers “—those who proactively search for and apply the updates via Windows Update— today. Microsoft officials said this bundle of features will come to other Windows 11 users via Windows Update in the March 2023 monthly security update release. But there will be some level of control allowed for business users who don’t want these features to show up that soon.

Included in this Windows 11 22H2 “Moment 2” release:

Microsoft also is making a preview of its Phone Link app available for iOS today, though just for Windows Insider testers for now. Microsoft originally designated PhoneLink, when it was known as “My Phone,” as something that would allow PC users to access their Android and iPhone phone contacts, messages, photos and apps. But currently, the Phone Link app only works fully with certain Samsung Android phones and Surface Duo devices.

Microsoft also is adding tabs to Notepad and designating its standalone Windows 365 app as generally available concurrently with this latest set of feature updates.

When Microsoft introduced its “major” Windows 11 22H2 feature update in September 2022, not every promised capability made it into the release. In November, Microsoft rolled out several missing features via its first so-called “Moment” update. At that time, officials decided that admins would be unable to block this first group of features using Group Policy or other management tools but said they would enable these kinds of controls at a later date.

Microsoft disclosed earlier this month that for Windows Update “managed devices,” which includes PCs updated via Windows Update for Business or Windows Server Update Services (WSUS), at least some of the “Moment” features will be off by default. They will not be off by default for consumer/non-managed devices. Officials said feature updates which change the Windows user interface; are new inbox apps; remove existing capabilities; and/or override previously configured settings will be on the off-by-default list. Admins will be able to turn them on for their organizations, but only as a group, not feature-by-feature. Customers are asking Microsoft to provide a detailed list of which of the new features delivered via Latest Cumulative Updates (LCUs) will be off by default, but so far, there doesn’t seem to be a public page with that information.

Update (February 28): There may be additional controls for these interim feature updates for IT admins. From a Microsoft February 28 blog post confirming that these safeguards will be available in March, there’s this:

“For select features, we will also introduce new policies that enable you to configure the feature in a preferred way for your organization. For example, for search on the taskbar, you can utilize the ConfigureSearchOnTaskbarMode policy to show the search box, search icon and label, search icon only, or hide search on the taskbar altogether.”

It’s important to note that these interim feature updates can only be blocked until the next “major” feature update which will happen this Fall (Win 11 23H2). That feature update will turn on the interim Moment updates delivered over the past year.

While most of the features arriving in today’s “Moment” seem relatively minor to me, I could see some companies wanting to block the new Bing search, given that it includes the ChatGPT-based Bing Chat service which has been controversial and has provided very mixed results in terms of accuracy. But since Microsoft officials have said they believe they can grow the company’s advertising market share by pitching Windows as a great way to deliver ads to its billion-plus installed base, Microsoft’s rush to get more people hooked on the new Bing and Bing Chat is not all that surprising.

While Microsoft has not announced an end-of-support date for its Remote Desktop Services (RDS) role for Windows Server, its demise looks increasingly likely. Even though RDS will remain supported until at least 2026, Microsoft is adding more licensing restrictions and limitations to RDS — in some cases boldly, and in others, more quietly.

Customers use the RDS role to provide virtual or session desktops to remote users. Many use RDS to host virtual desktop infrastructure (VDI) in their own datacenters or through third-party hosting.

These days, Microsoft’s preferred solution for these kinds of tasks is its own hosted service, Azure Virtual Desktop (AVD). Microsoft only enables multi-session editions of Windows client on AVD, not RDS. Multi-session support allows customers to host VDI with fewer resources, and without access to multi-session editions of Windows client, Windows Server is the only multi-session option for in RDS. But Microsoft is limiting support for Microsoft 365 Apps for enterprise on Windows Server, which affects on-premises RDS customers directly.

Windows Server 2022 was not supported at all by Microsoft 365 Apps for Enterprise (the former Office 365 ProPlus suite) when it was initially released, and Windows Server 2019 and 2016 are supported only until October 2025. In October 2022, after numerous customer complaints, Microsoft relented and agreed that Microsoft 365 Apps for enterprise will be supported on Windows Server 2022 through October 2026, which is the end of Mainstream support for Windows Server 2022. It’s anyone’s guess if Microsoft will continue to support Microsoft 365 Apps for Enterprise on future versions of Windows Server, but RDS customers shouldn’t plan on it. Microsoft wants customers to use AVD for remote desktops running Microsoft 365 Apps for Enterprise.

Unlike AVD, RDS can be used in fully disconnected scenarios like remote worksites, does not require an Azure subscription, and can be deployed in third-party clouds — which likely explains, at least in part, why Microsoft is trying to move customers away from RDS.

Microsoft is planning to continue to offer support for RDS at least until 2026, but customers should avoid future and longer-term investments in RDS, as all signs indicate its days are numbered.

Microsoft is working on making feature release information for its Microsoft 365 software and services more detailed and organization-specific, thanks to some upcoming changes to its Microsoft 365 Admin Center and Microsoft 365 Roadmap.

Customers often want to know more details about which new features are coming, in what timeframe and how they’re being rolled out to tenants and applicable users. With the goal of providing more of these kinds of details, Microsoft is adding feature release status for each new and updated feature in the Message Center in the Microsoft 365 Admin Center so that users can more accurately track feature availability specific to their organizations using a “status for your org” filter.

There are also plans to provide “relevance recommendations” for Message Center posts, so users can more quickly and clearly see which changes will be of high, medium or low relevance to a particular tenant. This relevance rating is available now for “Targeted Release,” or early-stage external testers.

In the Admin Center, users will be able to track feature rollouts across three stages on each applicable message. “Scheduled” will designate a feature that is planned to release to a customer’s tenant but is not yet available to any user in the organization. “Rolling out” means a feature is starting to roll out to some applicable users in an organization. “Launched” means a feature is generally available to all applicable users in the organization.” These more granular updates will appear on the original feature status messages.

Microsoft is making feature release status available initially for a “limited number” of Microsoft Teams, Outlook on the web and Microsoft 365 Admin Center feature announcements. The release status information will be available only for new and updates features that also appear on the public Microsoft 365 Roadmap and have reached general availability/production-ready status. Officials said that “in the future,” Microsoft plans to bring this same release status tracking to “other Microsoft apps and services.”

Speaking of the roadmap, Microsoft is making some complementary moves with its Microsoft 365 Roadmap starting mid-March and completing by the end of this month, officials said. Some timing terminology will be changing as part of this. Specifically, “preview” will become “preview available” and “generally available (GA)” will become “rollout start. The help content and “Sort by General Availability” filter will be updated to use the new labels.

As rumored, Microsoft is adding new generative AI capabilities to its key Office apps, including Word, Excel, Outlook, PowerPoint, and Teams “in the months ahead.” It also is adding Copilot assistive technologies to Power Apps, Power Virtual Agents and Power Automate. And officials announced today a coming Business Chat capability that builds on next-generation large-language model technology.

Microsoft is not talking specific timing, pricing or licensing for any of these at this point. Officials did say the Copilot features are in limited testing with 20 customers. But there’s no way for customers to sign up for a waiting list for a preview. And there’s also no word yet on how admins will be able to manage and control these new features.

Microsoft execs talked up and demonstrated how the coming Microsoft 365 Copilot will work across the Office suite. They showed off how Copilot will allow users to more easily write, edit and summarize in Word; to identify trends and create data visualizations more quickly in Excel; to access real-time meeting summaries and action items in conversations in Teams and more. On March 15, the day before Microsoft’s big reveal, Google showed off its own work to make AI part of its Workspace apps, including Docs, Sheets, Gmail, Slides, Meet and Chat.

It’s not clear how the Copilot in Teams capability will build on/complement the intelligent recap feature that Microsoft already has announced and showed off for Teams. It’s also not apparent whether these new AI features will replace AI technologies that Microsoft has released for Microsoft 365 over the past few years, such as the Editor feature in Word, Designer in PowerPoint and ContextIQ predictive assistance technologies officials previously announced would be coming to Office. I’ve asked, but no word back so far.

Update: A Microsoft spokesperson sent the following response: “Microsoft 365 Copilot is intended to work hand in hand with already existing offerings. Features like Editor in Word and Designer in PowerPoint are assistants that are designed to offer valuable and relevant recommendations to help improve your writing and/or presentations. Copilot builds on this by generating content, refining existing content and offering advanced feedback.”

Another new feature coming to Microsoft 365 is Business Chat, which Microsoft describes as a vehicle to bring together data from across documents, presentations, email, calendar, notes and contacts “to help summarize chats, write emails, find key dates or even write a plan based on other project files.” I’ve asked how Business Chat relates to Search with Bing, which allows users to surface many of these same entities when signed into Bing. No word back so far.

Update: “We incorporate various models from OpenAI and Microsoft depending on the product and experience. These are powerful next-generation large language models, including GPT-4, that have been customized for our products. For example, recommending specific edits to a paragraph in Word may be best suited for one model whereas formatting updates could be powered just as well, and perhaps more quickly, with a different model. 

“If customers are logged into Bing with their work account, they will be able to see relevant results from their organization and the web. We’ll have more to share about the experience in the coming months,” the aforementioned spokesperson added.

Microsoft didn’t simply add OpenAI’s ChatGPT chatbot feature to Microsoft 365 to create this new Copilot technology, officials claim. They said Copilot for Microsoft 365 will inherit the security and management controls that exist in Microsoft 365 already. They also made a point of claiming that “Copilot’s large language models are not trained on customer content or on individual prompts,” as noted in their press release.

It’s very early days for Microsoft’s growing family of Copilot assistants. GitHub Copilot, announced last year, is still facing legal challenges. And a number of customers and company watchers are concerned about the security, privacy, compliance and accuracy of these kinds of assistants in the workplace. Microsoft’sdesire to speed up its announcement and delivery pace in the AI space in the name of looking like a first mover instead of a (not-so) fast follower also is a legitimate worry.