Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st.
In January 2024, the company released the first Windows Server 2025 build for admins enrolled in the Windows Insider program. This new version introduced hotpatching, next-gen Active Directory, and SMB over QUIC alternative ports (allows switching from the default SMB over QUIC UDP/443 port to any other port).
Windows Server is available through two primary release channels: the Long-Term Servicing Channel (LTSC) with Windows Server 2025 and the Annual Channel (AC) linked to Windows Server, version 23H2.
“Windows Server 2025 delivers major advancements across the board for Hyper-V, GPU integration, Storage Spaces Direct (software defined storage), software-defined networking, and clustering,” said Ian LeGrow, Microsoft Corporate Vice President for Azure Edge + Platform, on Monday.
“These improvements make Windows Server 2025 an excellent option for organizations looking for a virtualization solution and for organizations looking to leverage AI and machine learning while maintaining high performance and scalability.”
The latest Windows Server release comes with a long list of new capabilities, including but not limited to these key ones:
- Hotpatching enabled by Azure Arc: Customers operating entirely in the cloud have inherent modern security advantages, such as automatic software updates and backup and recovery.
- NVMe storage performance: On identical systems, Windows Server 2025 delivers up to 60% more storage IOPs performance than Windows Server 2022.
- Block cloning support: As Dev Drive uses the ReFS file system format, Block cloning support provides significant performance benefits when copying files.
- New Active Directory (AD) functionalities and capabilities, including AD object repair, optional 32k database page size, and improved security for confidential attributes and default machine account passwords.
- Credential Guard: Starting with Windows Server 2025, it’s enabled by default on devices that meet the requirements to block credential theft attacks by protecting NTLM password hashes, Kerberos Ticket Granting Tickets (TGTs), and credentials stored by apps as domain credentials.
- File services/server message block (SMB) hardening: Windows Server 2025 includes SMB over QUIC to enable secure access to file shares over the Internet. SMB security also adds hardened firewall defaults, brute force attack prevention, and protections for man-in-the-middle attacks, relay attacks, and spoofing attacks.
- Delegate Managed Service Accounts (dMSA): Unlike traditional service accounts, dMSAs don’t require manual password management since AD automatically handles it.
- Accelerated Networking (AccelNet): This feature simplifies the management of single root I/O virtualization (SR-IOV) for virtual machines (VM) hosted on Windows Server 2025 clusters. It uses the high-performance SR-IOV data path to reduce latency, jitter, and CPU utilization.
- DTrace: Windows Server 2025 comes equipped with DTrace as a native tool. DTrace is a command-line utility that enables users to monitor and troubleshoot their system’s performance in real-time.
- Virtualization-based security (VBS) enclaves designed to help applications protect their secrets by removing the need to trust admins and hardening against malicious attackers.
- Windows Local Administrator Password Solution (LAPS): It automatically generates unique passwords for each computer’s local administrator account, stores them securely in AD, and updates them regularly to improve security by reducing the risk of attackers gaining access to sensitive systems using compromised or easily guessable passwords.
When it announced its general availability on Friday, Microsoft revealed that it’s investigating several known issues causing various problems on Windows Server 2025 devices.
For instance, the company confirmed bugs causing install and Blue Screen of Death (BSOD) issues impacting Windows Server 2025 systems with more than 256 logical processors.
It also confirmed boot issues after installing Windows Server 2025 on systems in iSCSI environments, with “boot device inaccessible” errors showing up on affected systems, and it warned customers that they might see some text appear in English during installation when using certain media, such as CD or USB, to install Windows Server 2025, regardless of the selected language.
Windows Server 2025 will reach the end of support on October 10th, 2029, and the extended support end date five years later, on October 10th, 2034.
Customers who want to test Windows Server 2025 can use the free 180-day trial available through the Microsoft Evaluation Center.
Source: www.bleepingcomputer.com