Enlarge / A PC running Windows 11. (credit: Microsoft)

Microsoft is already testing Windows 11 24H2, this fall's big new Windows release. The company has already demonstrated a few new features, like 80Gbps USB4 support and Sudo for Windows, and the new version could also give a significant refresh to the Windows installer for the first time since the Windows Vista days.

But there's one big update you might not notice at all. Late last week, Microsoft released "servicing updates" with no new features to Windows Insiders in the Dev and Canary channels. The updates were "designed to test [Microsoft's] servicing pipeline for Windows 11." It's pretty common for Insiders to get these kinds of updates-that-exist-only-to-test-the-update-process, but the twist here is that PCs with Virtualization Based Security (VBS) enabled could apply the update without rebooting.

Sources speaking to Windows Central say this isn't a fluke—Microsoft reportedly intends to use a Windows Server feature called hotpatching to deliver more Windows 11 security updates without requiring a reboot, making it easier to stay up to date without disrupting whatever you're doing. You'll still need to reboot "every few months"—Microsoft's documentation says a reboot is needed roughly once every three months, though it can happen more often than that for unanticipated zero-day patches and others that can't be fixed via hotpatching. The Arm versions of Windows 11 also won't get the feature for another year or so, according to Windows Central.

Enlarge / Not now, but maybe soon? (credit: Andrew Cunningham)

Microsoft opened its arms to Linux during the Windows 10 era, inventing an entire virtualized subsystem to allow users and developers to access a real-deal Linux command line without leaving the Windows environment. Now, it looks like Microsoft may embrace yet another Linux feature: the sudo command.

Short for "superuser do" or "substitute user do" and immortalized in nerd-leaning pop culture by an early xkcd comic , sudo is most commonly used at the command line when the user needs administrator access to the system—usually to install or update software, or to make changes to system files. Users who aren't in the sudo user group on a given system can't run the command, protecting the rest of the files on the system from being accessed or changed.

In a post on X, formerly Twitter, user @thebookisclosed found settings for a Sudo command in a preview version of Windows 11 that was posted to the experimental Canary channel in late January. WindowsLatest experimented with the setting in a build of Windows Server 2025, which currently requires Developer Mode to be enabled in the Settings app. There's a toggle to turn the sudo command on and off and a separate drop-down to tweak how the command behaves when you use it, though as of this writing the command itself doesn't actually work yet.

Enlarge (credit: Microsoft)

Microsoft has published a knowledge base article acknowledging a problem with encryption acceleration in the newest versions of Windows that could result in data corruption. The company recommends installing the June 2022 security updates for Windows 11 and Windows Server 2022 "to prevent further damage," though there are no suggested solutions for anyone who has already lost data because of the bug.

The problems only affect relatively recent PCs and servers that support Vector Advanced Encryption Standard (VAES) instructions for accelerating cryptographic operations. Microsoft says affected systems use AES-XTS or AES-GCM instructions "on new hardware." Part of the AVX-512 instruction set , VAES instructions are supported by Intel's Ice Lake, Tiger Lake, Rocket Lake, and Alder Lake architectures—these power some 10th-generation Core CPUs for laptops, as well as all 11th- and 12th-gen Core CPUs. AMD's upcoming Zen 4 architecture also supports VAES, though by the time these chips are released in the fall, the patches will have had plenty of time to proliferate.

Microsoft says that the problem was caused when it added “new code paths” to support the updated encryption instructions in SymCrypt , Windows’ cryptographic function library. These code paths were added in the initial release of Windows 11 and Windows Server 2022, so the problem shouldn't affect older versions like Windows 10 or Windows Server 2019.