Windows 11 Insider Build 26220.7070: Faster Recovery, Widgets Redesign, SAC Toggle

Microsoft has shipped Windows 11 Insider Preview Build 26220.7070 (packaged as KB5070300) to the Dev and Beta channels, an incremental but meaningful update that tightens recovery workflows, refines the Widgets user interface, and removes a handful of practical friction points for testers and IT teams while leaving several features staged behind server-side and hardware gates.

Background​

Microsoft’s servicing strategy for recent Windows 11 releases increasingly uses small enablement packages and staged feature gates rather than monolithic OS rebuilds. That means a single binary can contain multiple potential experiences that are turned on selectively for subsets of machines. Build 26220.7070 continues that model: the package arrives as a cumulative preview that may expose different features depending on a device’s entitlement, the Insider toggles enabled in Settings, and Microsoft’s server-side rollout decisions.
This flight is notable not because it introduces a single headline consumer feature, but because it improves three practical areas that affect reliability and daily ergonomics: Quick Machine Recovery (QMR) usability in both Settings and the Windows Recovery Environment (WinRE), a modest but important redesign of the Widgets experience (default dashboard selection and numbered alert badges), and a usability change that lets administrators and testers flip Smart App Control (SAC) without reinstalling Windows. The build also contains selective File Explorer adjustments and a set of quality fixes plus outstanding known issues Insiders should weigh before installing.

---

What’s new — at a glance​

• Build: Windows 11 Insider Preview Build 26220.7070 (delivered as KB5070300).
• Channels: Rolling out to Dev and Beta Insider channels (parity window continues while Microsoft ships this 25H2-preview line).
• Widgets UI: New full-page Widgets Settings for selecting a default dashboard, and numbered badges on dashboard icons to indicate alert counts.
• Quick Machine Recovery (QMR): Streamlined behavior that runs a one-time scan by default (when relevant toggles are enabled) and surfaces alternate recovery options faster in Settings and WinRE.
• Smart App Control (SAC): New toggle allows SAC to be turned off and on without requiring a clean OS reinstall.
• File Explorer: Partial re-enabling of the “people” icons in the Activity column for some Insiders; StorageProvider API integration and certain recommended-files surfaces temporarily disabled for additional validation.
• Quality fixes: Multiple fixes for Task View glitches, taskbar auto-hide, Settings hangs, and other targeted bugs.
• Known issues: Start may not open on click for some Insiders, system tray app visibility inconsistencies, copy-progress visual glitches in dark mode, and a camera eligibility misreporting problem on some devices.

---

Widgets: a quieter, more predictable glance surface​

What changed​

The Widgets host is receiving modest UX changes designed to make glanceable information more predictable and less noisy:

• A full-page Widgets Settings experience where users can reorder dashboards and choose a preferred dashboard to be the default.
• Numbered badges on the Widgets Board navigation bar to indicate the number of alerts or unread items per dashboard.
• When live weather content is present, opening the Widget Board will now target the first dashboard in the navigation bar (the new default) rather than the most recently used dashboard, making the behavior more consistent.

These adjustments are small in isolation, but they address recurring complaints: unpredictable landing behavior when the weather tile pushes the board to a particular view, and the lack of quick indications about where new items live across multiple dashboards.

Why it matters​

Widgets were always meant to be a quick, glanceable surface. When the panel behaves unpredictably or buries alerts behind a news feed, the feature’s value diminishes. The new settings page and badges do three practical things:

• Reduce cognitive load — users can set a consistent landing dashboard rather than hunting for alerts.
• Improve discoverability — numbered badges provide an at-a-glance indication of newly arrived tokens of interest.
• Promote personalization — dashboard ordering lets users emphasize productivity widgets (calendar, tasks, alarms) over discovery feeds.

Caveats and risk​

• The Widgets ecosystem is still sparse relative to modern widget marketplaces, and many items duplicate built-in app functions. The UI changes improve surface-level ergonomics but don’t fix the deeper problem of limited third‑party developer adoption.
• The Widgets experience remains server-side gated: not every device that installs the build will see the changes immediately. For power users and admins, that means the only reliable way to confirm exposure is to check the Widgets Settings and whether the navigation bar badges appear.
• Putting widgets and live content in more places (including prior work on lock-screen widgets) raises privacy considerations — administrators should evaluate lock-screen exposure policies for shared or kiosk devices.

---

Quick Machine Recovery: faster triage, fewer loops​

The change​

Quick Machine Recovery (QMR) has been streamlined both in Settings and in the Windows Recovery Environment (WinRE). On systems where Quick Machine Recovery and Automatically check for solutions are both enabled, QMR will now run a one-time scan by default instead of executing repeated looping scans. If an immediate fix isn’t available, QMR will more quickly surface alternative recovery actions — for example, repair attempts, refresh options, or guidance to external recovery media.

Practical impact​

• Users no longer sit through repeated, potentially confusing scans that give the impression the system is “still working on it” without progress. The flow favors faster triage and clearer next steps.
• For consumer scenarios, this reduces time-to-repair and can minimize helpdesk volume by steering users toward appropriate options earlier.
• For enterprise and imaging teams, the change reduces unpredictable recovery behaviors during automated or technician-assisted repair.

Enterprise implications and recommendations​

• Organizations should review their recovery policies and test QMR behavior on representative hardware, especially pre-enrolled fleet images. QMR’s default behavior may differ between Home, Pro, and Enterprise SKUs.
• If QMR is undesirable (for privacy, compliance, or bandwidth reasons), administrators should evaluate Group Policy and MDM settings that control WinRE and cloud remediation options.
• Make sure WinRE boot media and imaging workflows remain validated: even with improved cloud-assisted recovery, offline recovery paths (bootable media, network-based system restore) are still essential for disconnected scenarios.

---

Smart App Control: practical toggle, meaningful policy impact​

What changed​

Smart App Control (SAC) now has an on/off toggle exposed in Windows Security > App & Browser Control that does not require a clean install to change. Historically, disabling SAC required a reinstall, which was a major pain for testers and for organizations that needed to validate application compatibility.

Benefits​

• Major reduction in friction for compatibility testing and app deployment pilots.
• Quicker recovery from false positives without resorting to reimaging.
• Simpler demonstration and teaching scenarios that require toggling app control behavior.

Security trade-offs​

• Because SAC state affects the OS attack surface, turning it off should be considered a security event. Endpoint protection policies and telemetry pipelines must account for SAC toggles to maintain compliance posture.
• Enterprises with strict app-whitelisting requirements should manage the SAC toggle centrally where possible and log changes.

---

File Explorer: selective re-enables and temporary rollbacks​

What’s happening​

This build selectively re-enables people icons under the Activity column in File Explorer Home for some Insiders while temporarily disabling StorageProvider API integration for third-party cloud providers and turning off some recommended-files surfaces (frequently used / recent downloads). These are pragmatic, risk-reduction moves: Microsoft appears to be pulling or staging high-risk integrations while it finishes validation.

What it means for users and developers​

• Cloud-storage vendors and enterprise sync tools that were planning to rely on the newest StorageProvider integrations should pause production rollouts until the APIs are re-enabled broadly.
• Users who depend on cloud provider thumbnails or File Explorer integrated sync may see reduced functionality temporarily.
• Developer-documentation and API stability signals will be important; vendors should track the Windows developer portal for the definitive timeline.

---

Quality fixes and outstanding issues​

Notable fixes​

The package contains a variety of targeted fixes addressing recurring user pain points:

• Task View opening unexpectedly when interacting with the desktop has been addressed for many users.
• File Explorer taskbar icon behaviors (Shift+Click, middle click patterns) have been refined.
• Taskbar auto-hide toggling off unexpectedly has been corrected in certain scenarios.
• Settings hangs on particular pages have been mitigated.

Known issues to watch​

• The Start menu may not open on click for some Insiders (keyboard invocation with the Windows key still works).
• Some apps may not appear in the system tray for affected Insiders.
• Copy progress dialogs can produce visual glitches in dark mode.
• A camera-eligibility misreporting issue affects certain Recall/Camera flows.

These issues are undergoing investigation and may be addressed in follow-up cumulative updates or through server-side toggles.

---

Deployment guidance — practical steps for Insiders and IT teams​

• Confirm prerequisites:
• Verify current OS build and update status via Settings > Windows Update.
• Ensure backups and BitLocker recovery keys are saved before applying preview packages.
• For Insiders:
• Use the “Get the latest updates as they are available” toggle to increase the chance of seeing staged features.
• File feedback via the Feedback Hub for UI regressions or missing dashboard behavior.
• For IT and test labs:
• Test QMR and WinRE flows on target hardware — confirm whether QMR’s one-time scan behavior aligns with your support scripts.
• Validate SAC toggle behavior under your EDR and endpoint management policies.
• Pause reliance on StorageProvider API features in production until the API rollout stabilizes.
• For organizations with privacy constraints:
• Reevaluate lock-screen Widgets exposure and apply Group Policy or MDM controls if lock-screen visibility of glanceable items is unacceptable on shared or public devices.

---

Strengths in this build​

• Practical reliability improvements: Streamlining QMR is a thoughtful usability win that reduces time wasted during recovery sessions and should reduce helpdesk tickets.
• Reduced friction for testing and deployment: The SAC toggle eliminates a long-standing pain point for app compatibility testing and demonstration scenarios.
• Small-but-meaningful UI polish: Widgets settings and badges solve real-world annoyances for users who rely on glanceable information and alerts.
• Measured, risk-aware approach: Selective re-enables and temporary rollbacks (File Explorer cloud integrations) show Microsoft prioritizing stability while continuing to test new experiences.

---

Risks and unresolved concerns​

• Staged rollouts create inconsistent experiences. Users on identical builds may see different capabilities depending on server flags and regional gating. That makes troubleshooting and public communication harder.
• Privacy surface area increases. More glanceable content and lock-screen widget experiments reintroduce pre-sign-in exposure concerns. Administrators must configure lock-screen widget policies where appropriate.
• Developer ecosystem remains fragile for widgets. UI improvements won’t produce more third-party widgets by themselves. Microsoft must strengthen developer tooling and incentives to expand the widget catalog.
• Feature gating complexity. Many Copilot and AI-driven experiences remain hardware- or license-gated (Copilot+ PCs or Microsoft 365 entitlements), which fragments the platform experience and complicates documentation and support.

---

Analysts’ take: what this signals about Microsoft’s priorities​

This build is emblematic of Microsoft’s posture in the current Windows lifecycle: incremental polish, larger investments in resiliency and discoverability, and careful, data-driven experimentation. The company is balancing rapid iteration (multiple Insider channels, server-side flags) with risk management (staging or pulling higher-risk APIs). The focus on recovery and predictability suggests a shift away from purely cosmetic updates toward pragmatic improvements that materially affect device reliability and manageability.
At the same time, the Widgets tweaks and Copilot-era experiments show Microsoft is still trying to find the right balance between curated discovery and utility-first designs. The Widgets feature has oscillated between news-first and utility-first for years; these changes push it modestly toward usability without fundamentally resolving the deeper ecosystem shortfall.

---

Final verdict and recommendations​

Build 26220.7070 is a sensible, low-disruption update for Insiders who value faster recovery workflows and prefer a tidier Widgets experience. For most consumers and power users the changes are incremental but welcome; for IT teams the SAC toggle and QMR adjustments remove pain points and suggest smoother testing and support cycles.
Recommendations:

• Insiders who test system reliability and recovery workflows should install and validate QMR and WinRE flows in a controlled lab before broad deployment.
• Administrators should treat SAC toggles as policy events and ensure logging, telemetry, and endpoint protection policies reflect the ability to toggle app control.
• Developers and cloud storage vendors should watch StorageProvider API re‑enables closely and avoid depending on the current transient integration state for production rollouts.
• Users who value a predictable Widgets panel should explore the new Widgets Settings and set a default dashboard once visible.

This build does more to refine the Windows 11 operating experience than to reinvent it. Its value lies in addressing friction that mattered in everyday scenarios — recovery that doesn’t loop indefinitely, a Widgets board that behaves predictably, and the option to toggle app control without reimaging. Those practical wins, combined with Microsoft’s prudent rollback of higher-risk integrations, make this a conservative but constructive step forward for the 25H2 preview line.

---

Windows 11 remains an iterative platform. Expect more targeted fixes and staged feature flips in the coming weeks; Insiders and IT administrators should continue to test cautiously, back up systems before applying preview updates, and verify feature behavior in their specific environments before relying on new integrations for production workflows.

---

Source: Neowin Microsoft improving recovery, redesigning widgets UI with new Windows 11 build 26220.7070

 

[ChatGPT]

Microsoft’s latest Insider update for Windows 11, delivered as Build 26220.7070 (KB5070300) to the Dev and Beta channels, quietly undoes one of the most frustrating constraints of Smart App Control while also polishing the system’s recovery path and a handful of desktop conveniences. The change that will get the most attention is the new flexibility around Smart App Control (SAC): a feature that previously required a clean Windows install to enable or disable can now be toggled from inside the Windows Security app. Alongside that, Microsoft has refined Quick Machine Recovery (QMR) and the Windows Recovery Environment (WinRE) flow to reduce repetitive scans and present clearer recovery options, while making smaller but useful adjustments to Widgets and File Explorer. These updates are rolling out via the Insider Program and are currently appearing behind controlled feature flags, so not every Insider will see the changes immediately.

Background / Overview​

Smart App Control debuted as a proactive safety layer that blocks untrusted or potentially malicious apps based on a combination of cloud reputation and code-signing validation. Until now, Microsoft positioned SAC as something you either get on a fresh, clean install of Windows or not at all — the feature’s initial state was baked into the image during setup. That approach ensured a known baseline for SAC’s evaluation logic but was a major pain point for users who wanted the protection on an existing device without reinstalling Windows.
At the same time, Microsoft has been iterating on the system recovery experience. Insiders have been testing features that make recovery flows less confusing and less time-consuming, and Quick Machine Recovery has been a focus: rather than repeatedly scanning and offering no clear next steps, the updated behavior aims to perform a single, targeted diagnostic scan and then immediately guide the user to the most relevant recovery option if no quick fix is found.
Build 26220.7070 (KB5070300) bundles these improvements and ships them to Insiders on Windows 11, version 25H2. Microsoft is using its usual controlled rollout model — many of the changes are “gradually rolling out” — so availability depends on the channel settings and whether the feature gate has been flipped for a given device.

---

What changed with Smart App Control​

The old limitation: why the clean-install requirement mattered​

Historically, enabling Smart App Control required a fresh Windows installation. Microsoft’s rationale was straightforward: SAC needs to form an initial trust baseline and to avoid being enabled on a system that already contains unknown or potentially untrusted binaries that could interfere with the baseline evaluation. The initial design also meant SAC could run an evaluation period to see whether enforcement would be practical for that particular device.
That approach had two consequences for end users:

• It improved the integrity of the feature’s initial decisions by starting from a known clean state.
• It prevented people with existing systems from turning SAC on or off without reinstalling Windows, which was inconvenient and sometimes untenable.

The new behavior: toggle SAC from Windows Security​

With Build 26220.7070 (KB5070300), Microsoft has changed SAC’s operational model to allow toggling from inside Settings. The new interface path is:

• Settings > Privacy & security > Windows Security > App & Browser Control > Smart App Control settings

From that screen Insiders who see the feature enabled can switch SAC On or Off without performing a clean install. When enabled, SAC will analyze unverified apps and block files that the cloud intelligence or local policy classifies as suspicious before they run.
Key practical notes about the new toggle:

• The change is being delivered via the Insider program and uses Controlled Feature Rollout — not every device with the build will see the toggle immediately.
• Existing SAC constraints (evaluation and enforcement modes, code-signing checks) still apply: SAC continues to rely on app reputation plus signature validation to make allow/block decisions.
• In some devices, SAC will still present Evaluation mode initially; the ability to flip between modes may remain conditional depending on how SAC classified the device during its evaluation phase.

Why this matters — usability and real-world impact​

Allowing a toggle inside Windows Security removes a major friction point for users who want SAC’s protection but don’t want to reinstall Windows. This is particularly important for:

• Home users who install many consumer apps and want an additional safety net.
• Security-conscious users who previously deferred SAC activation because a reinstall was not practical.
• IT testers and power users who need to switch SAC states when troubleshooting app compatibility.

However, this convenience also raises important design trade-offs. The clean-install requirement was a guardrail that prevented SAC from being enabled on systems with potentially problematic pre-existing software. Enabling SAC post-hoc increases the chance that legitimate but unusual workflows (for example, unsigned utilities used by developers or niche enterprise tools) may be impacted once enforcement is enabled. Microsoft appears to be mitigating this by preserving SAC’s evaluation mode for some scenarios and by making the toggle conditional in places.

---

How Smart App Control decides what to block — a technical snapshot​

Smart App Control blends cloud-powered reputation services and local signature checks:

• The cloud service evaluates binaries against telemetry and machine-learning-derived reputation. If the cloud is confident an app is safe, SAC allows it.
• If the cloud can’t make a confident call, SAC checks whether the app is signed with a certificate issued by a CA in the Trusted Root Program. Signed binaries that meet signature validation typically pass.
• If neither the cloud nor signatures provide a safe verdict, SAC blocks the app from running in Enforcement mode.

SAC operates in three states:

• Off — no SAC protection.
• Evaluation — SAC observes and logs decisions without blocking, allowing Microsoft’s systems to learn about the device’s app mix.
• Enforcement (On) — SAC actively blocks apps considered untrusted according to its policy.

Administrators and developers should be aware: SAC does not behave like a standard antivirus; its policy is focused on preventing unknown or untrusted code execution rather than providing signature-based malware removal. That difference affects how exceptions and troubleshooting are handled.

---

Quick Machine Recovery (QMR): what’s improved​

The recovery problem Microsoft addressed​

Recovery flows are one of the most error-prone and anxiety-inducing experiences for everyday users. Previously, some recovery helpers performed repeated scans or provided options in a way that left users waiting with little guidance if an automatic fix couldn’t be found. That led to frustration and lengthy downtime.

Changes in Build 26220.7070​

The latest update streamlines the QMR experience in both Windows Settings and WinRE:

• When both Quick machine recovery and Automatically check for solutions are enabled, QMR now performs a one-time diagnostic scan instead of repeating scans in a loop.
• If the one-time scan does not find an immediate fix, the flow now surfaces the most relevant recovery steps without needing to rerun the scan repeatedly.
• The UI and WinRE wording have been revised to present clearer options, reducing the cognitive load when choosing how to proceed.

Practical impact for users​

This is a pragmatic improvement that reduces wasted cycles and gets users faster to productive next steps. Rather than waiting on repeated background scans, a single diagnostic run yields a clear direction:

• If an automated fix is found, the user can apply it.
• If no automatic fix exists, the user is guided to targeted options such as a driver rollback, system restore, or a reset with retention of personal files.

For IT pros and support staff, the clearer QMR outcomes will result in more efficient triage and fewer basic support calls about repeated “checking for solutions” screens.

---

Widgets and File Explorer: smaller but meaningful tweaks​

Build 26220.7070 also bundles user-experience improvements in two everyday areas.

Widgets dashboard​

• The Widgets board has a new default dashboard selection workflow. When the Widgets board opens while showing live weather, it now opens the first dashboard in the navigation bar rather than the most recently used dashboard, making behavior more predictable.
• A redesigned full-page Widgets Settings lets users reorder dashboards to change which dashboard appears first.
• Dashboard icons can show numbered badges corresponding to the count of alerts on that board — a small but useful notification affordance.

File Explorer​

• Microsoft is re-enabling people icons under the “Activity” column in File Explorer Home for better visual context about shared content and collaborators.
• Support for certain cloud StorageProvider APIs and recommended files features has been temporarily turned off in this flight — a rollback to stabilize behavior while Microsoft iterates on the integration.

These changes are iterative and reflect Microsoft’s approach: test small UX adjustments with Insiders and re-enable or tweak features based on feedback.

---

Rollout mechanics: Insider channels, Controlled Feature Rollout, and KB naming​

The update is being served to Dev and Beta channel Insiders for Windows 11, version 25H2. Microsoft is distributing new experiences through two mechanisms:

• Enablement builds / enablement packages — these are packaged as build numbers like 26220.xxxx and can enable new features on top of an existing release.
• Controlled Feature Rollout (CFR) — features are gradually enabled server-side for subsets of devices even after the build arrives. You must have the “Get the latest updates as soon as they’re available” toggle on to increase the chance of receiving new features early.

The KB label in the update (for example, KB5070300) indicates the servicing release associated with the build. Insiders should expect to see the entry under Settings > Windows Update > Update history once the quality update has been applied to their device.
Practical advice:

• Keep Windows Update configured to receive Insider builds if you want early access.
• Don’t be alarmed if the toggle or new recovery flows aren’t visible immediately — CFR means rollouts are staggered.
• Always backup critical data or create a system image before flipping major security features for the first time on a production device.

---

Security analysis — benefits and potential risks​

Strengths and benefits​

• Improved accessibility to protection: Allowing SAC to be toggled makes it viable for more users to adopt a zero-trust-style control over app execution without reinstalling.
• Faster recovery guidance: QMR’s one-time scan minimizes wasted time and prevents an endless loop of scans that left users shrugging.
• Incremental innovation: Widgets and File Explorer refinements show Microsoft continuing to refine daily UX with small, pragmatic changes.

Risks and caveats​

• Compatibility friction: Enabling SAC on an established system can cause legitimate but unusual apps to be blocked. Developers and IT admins need to be ready to test and sign binaries if necessary.
• False sense of completeness: SAC complements but does not replace traditional antivirus and endpoint protection — it primarily guards execution of unknown/untrusted binaries rather than performing full malware remediation.
• Rollout visibility: Because the feature rollouts are controlled, early reports of toggle availability may not match what the broader user population experiences. That can create confusion and inconsistent guidance in forums and support channels.
• Enterprise management: Organizations that centrally manage security policies should evaluate whether toggling SAC on existing endpoints could disrupt workflows or break scripted operations before enabling it broadly.

Where claims appear less concrete: the exact enterprise controls (for example, Group Policy or MDM policies to force SAC state) and expected behavior with third-party security suites may vary. Until Microsoft publishes explicit enterprise guidance for managing SAC at scale, admins should treat toggling SAC on production endpoints as a change-control item and pilot it in a controlled test environment.

---

Recommendations for users, IT pros, and developers​

For everyday users​

• If you value a stricter app execution policy and are comfortable resolving occasional blocked-app issues, toggling SAC on is a reasonable step once it appears in your Settings.
• Keep regular backups. If SAC blocks an app you need, you can temporarily set SAC to Evaluation (if available) or Off while you resolve the issue.
• Keep traditional antivirus and system updates active — SAC is an additional layer, not a single-point solution.

For IT administrators​

• Pilot SAC on a subset of devices first: pick a representative sample of users and workflows.
• Inventory common unsigned or self-signed utilities used by the organization and test them against SAC in Evaluation mode.
• Create documentation and support scripts for users encountering blocked files. Consider training the help desk on how to triage SAC-related blocks.
• Maintain change control: treat the act of toggling SAC as a documented change impacting system security posture.

For developers and ISVs​

• Ensure your installers and binaries are code-signed with certificates from trusted CAs in the Trusted Root Program.
• Test applications against SAC’s evaluation/enforcement pipeline. Microsoft provides audit/testing guidance and registry switches for lab testing; use those for compatibility verification.
• Consider CI/CD steps that validate signing and certificate chain health to avoid delivery of unsigned or incorrectly signed builds.

---

What to watch next​

• Official enterprise guidance: look for Microsoft to publish management controls or administrative guidelines for SAC in corporate environments.
• Rollout status: because this functionality is being controlled server-side, expect a staggered and regional phased rollout. Don’t assume immediate availability just because it’s in the Insider build notes.
• Developer tooling improvements: if SAC continues to expand, expect Microsoft to update documentation and developer tools to make signing and validation workflows smoother.

---

Conclusion​

Build 26220.7070 (KB5070300) represents a practical, user-focused pivot: Microsoft is making it easier for people to take advantage of Smart App Control without the heavy hammer of a clean Windows install, while also reducing friction in recovery scenarios with a smarter Quick Machine Recovery flow. The changes balance convenience with cautious rollout — valuable for home users and potentially impactful for enterprise environments. However, the shift also introduces new operational considerations: developers need to prioritize code signing, administrators must test safeguards, and ordinary users should be prepared for occasional compatibility hiccups. Overall, this update takes a step toward making Windows 11 both safer and more forgiving — provided adopters plan their rollouts and understand the trade-offs involved.

---

Source: Windows Report KB5070300 Brings Much-needed Updates for Smart App Control & Quick Machine Recovery