Tiny11 25H2 Debloated Windows 11 Builder: Smaller ISO and No Copilot

Tiny11’s refreshed builder makes a clear promise: a lean, debloated Windows 11 25H2 image that strips Microsoft’s newest inbox AI and collaboration components and removes the Microsoft Account requirement from OOBE — all while relying on Microsoft’s own servicing tools to rebuild official ISOs into much smaller, more deterministic install media.

Background / Overview​

The tiny11 project began as a community‑driven answer to two converging problems: Windows 11’s growing on‑disk footprint and Microsoft’s increasingly integrated inbox app strategy (Copilot, new Outlook, Teams and many others). For users with older or low‑spec hardware, or for administrators who want tightly controlled images, the default Windows 11 installer often contains dozens of packages that are unnecessary for their use cases. The tiny11builder approach is not a forked operating system — it’s a script‑driven image builder that takes an official Microsoft ISO, performs offline servicing, removes specified packages and components, and rebuilds a bootable ISO using Microsoft tools.
NTDEV’s September 2025 refresh repositioned tiny11builder as 25H2‑ready and introduced three headline changes: explicit removal routines for Copilot, the “new Outlook” client and Microsoft Teams; a PowerShell‑centric single‑script workflow (tiny11maker.ps1) that is architecture and language flexible; and a switch to DISM recovery (LZX/LZMS) compression to significantly reduce the final ISO size. These changes were described and corroborated in the project repository and by independent tech outlets.

---

What exactly is being removed or changed?​

The removal roster (what tiny11 targets)​

Tiny11’s standard profile removes a long list of consumer‑facing inbox packages and optional features that are commonly labeled “bloat” by enthusiasts. The standard removals typically include:

• Clipchamp, News, Weather, Xbox family apps
• GetHelp, GetStarted, Office Hub, Solitaire, People, Power Automate, To Do
• Alarms, Mail & Calendar (classic), Feedback Hub, Maps, Sound Recorder
• Phone Link (Your Phone), Media Player, Quick Assist, Tablet PC Math
• Microsoft Edge (in many configurations), OneDrive
• Copilot, the new Outlook for Windows client, Microsoft Teams (consumer)
• Various telemetry/feedback helpers and optional language payloads

The project’s repository and release notes list exact package identifiers and the script options to exclude or keep particular components. That granular control is core to the builder’s appeal: the maintainer exposes choices so the builder’s output matches the administrator’s intent.

Copilot, Outlook, Teams — why these matter​

Copilot and the “new Outlook” are central to Microsoft’s modern Windows strategy and are tightly integrated with cloud services and background frameworks. Removing them reduces the number of background services, decreases the on‑disk footprint, and eliminates in‑box prompts that steer users toward cloud flows. Teams and Outlook are often required in corporate environments, but for personal or kiosk use they are a frequent source of unwanted background activity. Tiny11’s explicit removal routines treat these features as optional rather than mandatory. This is a technical and cultural pushback against Microsoft’s default image composition.

Recovery compression: smaller ISOs, bigger build machine demands​

The builder now uses DISM’s recovery compression (LZX/LZMS) when reconstructing the WIM/ESD, which can produce final ISOs that are dramatically smaller than stock media. Reported examples show final images in the 3–4 GB range depending on configuration, compression choice, and what components are removed. That compression comes at a cost: high RAM usage and longer processing times when creating the image. The NTDEV notes and independent reporting both confirm this tradeoff.

---

How the builder works — technical walkthrough​

Tiny11’s fundamental model is straightforward: start with Microsoft’s official ISO, service the offline image with Microsoft tooling, remove packages, and rebuild a bootable ISO. The main building blocks are:

• DISM (Deployment Image Servicing and Management) for offline servicing: package removal, feature toggles, and component servicing.
• PowerShell as the controlling script language (tiny11maker.ps1 / tiny11coremaker.ps1) for cross‑locale and cross‑architecture scripting.
• Windows ADK’s oscdimg.exe for ISO creation (a Microsoft binary the script uses when creating bootable media).
• An unattended answer file optionally injected into the image to change OOBE behavior (notably to bypass Microsoft Account enforcement for offline/local accounts).
• An optional “Core” profile (tiny11coremaker) that removes WinSxS and other servicing surfaces to produce a minimal, non‑serviceable image.

Practical steps the builder automates are:

• Mount the source WIM/ESD from an official ISO.
• Enumerate packages and optional components across the chosen SKU(s).
• Remove selected package families and optional features via DISM commands.
• Apply registry tweaks and anti‑reinstall protections to reduce the chance the Microsoft Store/Update will re‑provision removed inbox apps.
• Repackage the serviced image using recovery compression and create a new ISO.

---

Tiny11 profiles: serviceable vs core (tradeoffs explained)​

Tiny11 exposes at least two profiles that represent a tradeoff between footprint and maintainability:

• tiny11maker (standard) — Keeps the image serviceable. Core OS servicing components like WinSxS are preserved so updates and language additions remain possible. This is recommended for everyday systems where regular updates and vendor support are required.
• tiny11coremaker (core) — Extremely aggressive removal. The script intentionally removes the Windows Component Store and many servicing hooks, which yields a very small image but makes the OS non‑serviceable. Systems built this way cannot reliably receive cumulative updates, add languages, or reinstall many features without a rebuild. This profile is intended only for isolated testing, VMs, or single‑purpose appliances.

Those two profiles map directly to two different maintenance philosophies: the standard profile balances control and future patchability, while Core optimizes for minimality at the expense of long‑term maintenance and security patchability.

---

Installation and deployment: a high‑level guide​

Tiny11 is intentionally a technical tool rather than a consumer installer. The high‑level workflow recommended by the project is:

• Download an official Windows 11 ISO from Microsoft (do not use untrusted third‑party ISOs).
• Download the tiny11builder repository (tiny11maker.ps1 / tiny11coremaker.ps1).
• Prepare a Windows machine with the Windows ADK (if you want oscdimg output) and run PowerShell as Administrator.
• Run the script and follow prompts to select ISO mount point, SKU, language, and build profile.
• Let the script service and rebuild the image (expect a long run if you enable recovery compression).
• Create bootable media from the output ISO (Rufus, Windows USB/DVD tool, etc.) and install to your target machine.

Two practical notes: the repository includes an unattended answer file that can be used to bypass the Microsoft Account requirement in OOBE, and the maintainer deliberately recommends building from an official ISO locally rather than downloading prebuilt, redistributed images. Both are important for legality and supply‑chain security.

---

Benefits — why users and admins are adopting tiny11​

• Smaller install and ISO footprints. The recovery compression plus component removal can reduce installer and on‑disk sizes markedly, which helps low‑capacity devices and constrained VMs.
• Lower background churn. Removing auto‑updating inbox apps and services reduces background tasks, network chatter, and update vectors for nonessential apps.
• Privacy & control. For users concerned about AI prompts, cloud nudges, or preinstalled telemetry services, tiny11 offers a way to avoid those defaults entirely.
• Works on older/unsupported hardware (when paired with compatibility helpers). While tiny11 itself focuses on image composition, it’s often used alongside tools that assist with installation on machines that fail Microsoft’s hardware checks. That combination extends the usable life of older devices.

---

Risks, legal and security considerations (be explicit)​

Tiny11 is powerful, but it introduces specific, concrete risks that any IT admin, hobbyist, or security‑minded user must weigh.

1) Serviceability and update risk​

If you use the Core profile or heavily trim servicing components, you may break Windows Update, prevent future cumulative updates from applying, and leave systems unpatched. For production or internet‑facing systems, this is a material security hazard. The project documentation repeatedly warns that Core images are not intended for long‑term daily drivers.

2) Compatibility and functionality gaps​

Removing Edge, Copilot or other components can have knock‑on effects: search results embedded in File Explorer, mailto: handling, or integrations expected by some enterprise software may behave differently. Reinstallation of removed apps is not always seamless. Test thoroughly before deploying an image to end users.

3) Supply‑chain and trust considerations​

Modifying Microsoft ISOs and distributing them widely can introduce supply‑chain risks if end users obtain prebuilt images from untrusted sources. The recommended best practice is to download the official ISO directly from Microsoft and run the builder locally so you retain control and can verify what’s changed. The maintainer and journalists emphasize building locally for this reason.

4) Legal/licensing gray areas​

Tiny11 relies on official Microsoft media and the script’s outputs must still be activated with a valid Windows license. Distributing prebuilt, modified ISOs can raise licensing or redistribution questions depending on jurisdiction and context; organizations should consult legal counsel for fleet deployments. Journalistic and project commentary stresses the importance of valid activation.

5) The cat‑and‑mouse problem​

Microsoft’s servicing/Store mechanics can reintroduce removed inbox apps over time; tiny11’s maintainers actively add registry locks and preventative tweaks but acknowledge this is an ongoing battle. Expect maintenance work to keep images aligned with changing platform behavior.

---

Cross‑verification of key claims​

• The NTDEV repository and blog explicitly document the new PowerShell pipeline, the use of DISM recovery compression, and the addition of Copilot/Outlook/Teams removal routines. That is the primary authoritative source for what the builder does.
• Independent reporting from multiple outlets confirms the same headline claims — that the September 2025 builder refresh is 25H2‑ready, removes AI and mail clients explicitly, and can produce much smaller images (with the caveat of higher resource usage during creation). Tom’s Hardware, Neowin, TechRadar and others have corroborated the essentials of the release. Those outlets also emphasize the same tradeoffs: smaller images versus maintainability risks.
• Reported final ISO sizes are situational and depend on configuration. Multiple community and tech articles show reproducible cases of ~3–4 GB ISO outputs for certain configurations, but these are not absolute guarantees — they’re examples tied to specific build choices. Treat any exact size claim as configuration‑dependent and therefore partly unverifiable until reproduced locally.

Where claims were ambiguous or likely to change over time (for example, whether Outlook reinstallation persists across subsequent cumulative updates), the project notes and journalists together advise caution and flag those items as ongoing maintenance concerns.

---

Practical recommendations for readers and administrators​

• Build locally from an official Microsoft ISO. Do not download or deploy third‑party prebuilt ISOs without validating them. The NTDEV repository explicitly recommends this as the safest practice.
• Prefer the standard tiny11maker profile for daily‑use devices that need updates and vendor support. Reserve Core for isolated VMs, testbeds, or appliances that will remain offline or be rebuilt frequently.
• Maintain a build lab and a verification checklist. Test the image on representative hardware, validate Windows Update behavior, application compatibility, and recovery functionality before rolling out to any users.
• Keep an eye on the project updates and community notes. Because Microsoft’s servicing and the Store mechanics evolve, maintainers will continue to tweak anti‑reinstall measures and package selection. Expect to refresh your build periodically.
• Use the unattended answer file judiciously. While the autounattend capability to bypass Microsoft Account enforcement is a convenience for privacy‑minded users and kiosk images, it should be used in accordance with organizational policy and licensing requirements.

---

Final analysis — strengths, weaknesses, and where tiny11 fits​

Tiny11’s September 2025 builder refresh is a well‑scoped, technically sound response to a real user need: a deterministic, smaller Windows 11 image that avoids inbox AI and collaboration bloat. Its strengths are clear:

• Transparent tooling: the project uses Microsoft’s DISM and ADK tools and publishes scripts, letting users inspect and modify behavior before running builds.
• Meaningful size and surface‑area reductions: targeted removals plus recovery compression deliver measurable savings for storage‑constrained devices.
• Configurable balance between maintainability and minimality: the two‑profile model gives administrators clear options and tradeoffs.

The weaknesses are equally real and material:

• Long‑term maintenance burden: removed components can be reintroduced by Microsoft servicing, and non‑serviceable images will drift out of compliance with updates and security posture.
• Compatibility and functional risk: removing integral inbox components can produce subtle application or UX regressions that only surface under real workloads.
• Security and legal considerations: distributing modified OS images or deploying non‑serviceable systems in production exposes organizations to potential regulatory, licensing, and supply‑chain risks.

In practice, tiny11 is best positioned as a tool for enthusiasts, power users, lab admins, and specific edge‑use cases (kiosks, VMs, constrained devices). For large fleets or mission‑critical endpoints, the conservative approach remains: validate thoroughly, favor the serviceable profile, or prefer officially supported upgrade paths where vendor support and long‑term patchability are required.

---

Tiny11’s 25H2‑ready builder is an important, pragmatic development in the Windows ecosystem: it restores user choice over what Windows 11 ships with and how large it is, while reminding us of the tradeoffs that follow. For those who prize a lightweight, privacy‑oriented desktop on older or constrained hardware, the builder is an effective and auditable solution — provided it’s used responsibly, with an eye toward future maintenance and security.

---

Source: Neowin tiny11 25H2 is out, offering debloated Windows 11 25H2 without Microsoft Account requirement