Windows 11 Insider Preview Build 26220 7535: Copilot controls, Narrator AI, and XDR

Microsoft is rolling out Windows 11 Insider Preview Build 26220.7535 (KB5072046) to the Dev and Beta Channels, a mid-January flight that packs targeted accessibility upgrades, new enterprise policy controls for Copilot, an expanded developer integration path for cross‑device continuity, a subtle Windows Spotlight icon refresh, multiple bug fixes, and a slate of still‑unresolved issues that make this build useful for testers — but risky for general deployment.

Background​

This build is delivered as part of Windows 11, version 25H2 via an enablement package (Build 26220.xxxx) and is being offered to both the Dev and Beta Channels simultaneously. Microsoft continues to use a Controlled Feature Rollout approach: some features are exposed immediately to Insiders who opt into the “get the latest updates as they are available” toggle in Settings > Windows Update, while others are staged gradually to the wider Insider population. Insiders in the Dev Channel currently have a limited window to switch to the Beta Channel before the Dev Channel advances beyond this build; once Dev moves forward, channel switching will be temporarily closed.
This release represents the typical tradeoffs of the Insider program: early access to experiments and management features ahead of broader releases, offset by instability, unfinished localization, and behavior that may be changed or ripped out entirely based on feedback.

---

What’s new in Build 26220.7535 — the highlights​

Accessibility: Copilot-powered image descriptions in Narrator (broader rollout)​

Microsoft is expanding its AI‑driven image description capability in Narrator beyond Copilot+ hardware. Previously focused on Copilot+ PCs with NPUs, Narrator can now call Copilot across all Windows 11 devices to generate richer descriptions of images, charts, and graphs.

• Press Narrator key + Ctrl + D to describe the focused image.
• Press Narrator key + Ctrl + S to describe the full screen.
• Copilot opens with the image ready; you control when (and whether) the image is shared for description.
• After the initial description, choose Ask Copilot for follow‑up questions or more detail.

This is a significant accessibility expansion: it brings AI contextualization for visuals directly into the screen reader workflow, potentially reducing the accessibility gap for blind and low‑vision users when images lack alt text or when visual content is complex (charts, graphs, annotated screenshots). Microsoft notes that this feature is not available in the European Economic Area (EEA), reflecting regional legal or compliance restrictions.

Enterprise control: targeted uninstall policy for the Microsoft Copilot app​

For organizations struggling with consumer Copilot being present on managed devices, the build introduces a new Group Policy setting named RemoveMicrosoftCopilotApp. When enabled, the policy will attempt a one‑time uninstall of the Microsoft Copilot app for devices/users that meet all three conditions:

• Microsoft 365 Copilot and Microsoft Copilot are both installed.
• The Microsoft Copilot app was not installed by the user.
• The Microsoft Copilot app has not been launched in the last 28 days.

If those conditions are met, the consumer Copilot app is removed once; users can reinstall it if they choose. Microsoft’s blog lists the policy path explicitly:
User Configuration -> Administrative Templates -> Windows AI -> Remove Microsoft Copilot App.
This is presented as available for Enterprise, Pro, and EDU SKUs.

Developer: Cross Device Resume gains a WNS integration path​

Microsoft adds a second integration option for Cross Device Resume (XDR) — previously tied to Link to Windows — by enabling an integration path that leverages the Windows Notification System (WNS). That gives developers a broader set of tools to surface “resume” experiences (task handoffs) in Windows, widening scenarios and devices that can participate in seamless continuity.
The move is explicitly positioned to expand the audience for resume capabilities while delivering comparable end‑user continuity. Developers are encouraged to explore onboarding with the new WNS option alongside the existing Link to Windows integration.

Visual polish: Windows Spotlight gets an icon refresh (small flight)​

A new Windows Spotlight desktop icon was started as a limited flight in late December. The change is cosmetic but signals Microsoft’s continued fine‑tuning of desktop affordances for Spotlight’s background discovery features.

---

Fixes included in this build​

Microsoft lists a set of fixes that are being gradually rolled out to Insiders who opt into receiving features early. Key fixes include:

• Start menu: a warning dialog truncation issue (when shutting down while other users are signed in) has been corrected.
• File Explorer: a recent crash in explorer.exe triggered by invoking the desktop context menu has been addressed.
• Input: a black flash when inking with a pen in Snipping Tool has been fixed.
• Print: fixes to duplicate print dialogs, inconsistent close‑button color, and truncated text on Printers & Scanners settings pages.
• Windows Update: corrected a hang on the Windows Update settings page during load.

These are targeted fixes for common friction points Insiders reported and, if they behave in production, will improve general stability for users who receive them.

---

Known issues — what you need to watch for​

This build includes several active known issues Insiders should be aware of before upgrading:

• Xbox Full Screen Experience (FSE): Some apps that expect fixed sizing or spawn additional windows may misbehave under FSE.
• Taskbar & System Tray:
• The Start menu may fail to open on mouse click for some Insiders (it still opens with the Windows key).
• Notification Center (WIN + N) and Quick Settings (WIN + A) may be affected by the same underlying issue.
• Some apps may not appear in the system tray when expected.
• When the taskbar is set to auto‑hide, it might appear prematurely and block interaction with bottom‑screen content.
• Settings: a new crash when interacting with audio devices is being investigated.
• Bluetooth: battery level reporting for some devices may not show.
• Click to Do / Microsoft 365 Copilot: the Microsoft 365 Copilot prompt on selected images may not function when the Microsoft 365 Copilot app is not running.

These problems make Build 26220.7535 appropriate for testing, feedback, and experimentation — but risky as a daily driver for mission‑critical workstations.

---

Critical analysis — what matters and why​

Accessibility gains are meaningful but nuanced​

Expanding Narrator’s Copilot integration to “all Windows 11 devices” is a substantive accessibility step. It reduces reliance on hardware‑exclusive Copilot+ branding for key assistive features and can materially improve comprehension of complex visual content for people who are blind or low vision.
Strengths:

• Low friction: keyboard shortcuts (Narrator key + Ctrl + D/S) integrate neatly with existing workflows.
• User control: images are only shared after explicit user action; follow‑up prompts enable iterative exploration.
• Potential scale: if rolled out broadly, this raises the baseline accessibility of image content on the web and apps.

Risks and caveats:

• Privacy & telemetry questions: any feature that sends images to an AI model — even on‑device or via Copilot — raises concerns about what data is transmitted, how long it is stored, whether metadata is retained, and how enterprise policies govern it.
• Regional availability: the explicit exclusion of the EEA suggests unresolved compliance considerations; organizations operating in or with users in that region must expect inconsistent behavior.
• Model behavior: automatic descriptions for subtle graphical data (financial charts, medical imagery, sensitive screenshots) risk inaccurate or misleading narrations unless the underlying models are tightly tuned and explicitly validated.

Enterprise policy control is a pragmatic recognition of admin needs​

The RemoveMicrosoftCopilotApp policy acknowledges a real pain point for IT: consumer Copilot features and apps appearing on managed machines can conflict with organizational policy or user expectations.
Benefits:

• Granular control: an uninstall policy that checks installation origin and recent use balances admin intent with user autonomy.
• Single action removal: the “one‑time uninstall” reduces churn and avoids persistent aggressive suppression that can complicate support.

Concerns:

• Documentation, rollout, and enforcement: the policy is new and appears first in this Insider blog; organizations should not assume full MDM or SCCM parity or immediate discoverability in policy inventories.
• Reinstallation loophole: users can reinstall — which might frustrate admins trying to remove consumer apps from endpoints at scale.
• Overlap with existing tools: AppLocker, PowerShell uninstalls, and Group Policy options already exist to block or remove Copilot; admins must reconcile multiple approaches to avoid policy conflicts.

Cross Device Resume via WNS: wider developer reach — with safeguards​

Extending Cross Device Resume to WNS widens the developer ecosystem that can present resume alerts on Windows’ taskbar. This is good for usability: more apps can hand off context and let users continue tasks across devices.
Opportunity:

• Broader portability: developers who already use WNS can integrate XDR with less friction.
• Familiar UX: resume taskbar alerts match the mental model users expect for continuity.

Limitations and tradeoffs:

• Limited access / approvals: Cross Device Resume and Continuity SDK integrations are subject to a limited access approval process in many cases; not every app can simply opt in.
• Security & identity: resume actions require reliable identity and context; apps that don’t manage authentication or URIs carefully may create confusing or insecure resume experiences.
• Privacy model: resume relies on sharable contexts (URIs, web links); locally stored private files without accessible endpoints are not supported — an important limitation for document handoffs.

Stability concerns make widespread deployment premature​

Insider builds like 26220.7535 are explicitly experimental. The known issues — especially Start menu click failure, autohide taskbar misbehavior, Settings crashes, and Bluetooth reporting problems — reinforce a pattern seen across several recent update waves where UI regression risk remains nontrivial.
Operational guidance:

• Do not push to broad user populations until fixes for the Start menu and key Settings crashes land.
• IT validation: organizations should test printing, audio device interaction, and any mission‑critical peripheral workflows before approving adoption.
• Rollouts: leverage ringed rollout strategies (pilot → early adopters → broad) to catch issues in controlled cohorts.

---

Practical guidance for Insiders, developers, and IT admins​

For Windows Insiders​

• If you want to be first to see controlled rollouts (Narrator expansions, new icons), turn on the “get the latest updates as they are available” toggle in Settings > Windows Update.
• Expect staged availability: not every Insider will see every feature immediately.
• File feedback: use the Feedback Hub (WIN + F) and categorize reports under Accessibility > Narrator, Desktop Environment > Taskbar, or the relevant area.

For developers​

• Evaluate Cross Device Resume via the WNS path if your app already uses notification infrastructure; it may be a simpler onboarding route than linking to Link to Windows.
• Check the Continuity SDK and XDR documentation for access limits — some resume APIs require approval or partner onboarding.
• Validate resume flows end‑to‑end: confirming identity, URI handling, and app install fallback behavior (one‑click store install) will improve user success rates.

For IT administrators​

• Review the new RemoveMicrosoftCopilotApp policy in a lab. The Group Policy path is:
  User Configuration → Administrative Templates → Windows AI → Remove Microsoft Copilot App
• Don’t rely solely on this new policy yet; maintain existing AppLocker rules, PowerShell removal processes, and MDM controls as fallbacks during the policy’s early life.
• Pilot the build in a small managed cohort before rolling into broader test rings — particularly if your environment relies on third‑party USB audio, Bluetooth peripherals, or printing infrastructure.
• If Start menu reliability and Settings stability are critical, defer deployment until Microsoft publishes a build that resolves the known Start menu click and audio device crash issues.

---

Security, privacy, and compliance considerations​

• Image descriptions & data flow: although Microsoft emphasizes that the image is only shared after user initiation, admins and privacy teams must confirm how images are processed (on‑device vs cloud), retention policies, and whether any image metadata or intermediate model logs are transmitted to cloud services. Where data residency, enterprise data protection, or regulatory constraints apply (e.g., GDPR/EEA), expect feature exclusions or restricted availability.
• Copilot management: consumer Copilot and Microsoft 365 Copilot serve different audiences and authentication models. Enterprise administrators should verify that group‑level policies and AppLocker rules align with their Copilot management strategy and that any new Group Policy settings do not conflict with existing management stacks.
• Resume & continuity: app resume semantics depend on sharable resources (URIs, web links). Ensure that any continuations do not expose private endpoints, and require appropriate identity validation before resuming authenticated sessions.

---

How to approach this build — recommended checklist​

• Back up key systems and create restore points for any test devices.
• Deploy to a non‑production pilot ring (developers, accessibility testers, power users).
• Validate printer workflows, audio device interactions, taskbar behavior, and the Start menu on both mouse and keyboard activation methods.
• Test Narrator + Copilot image descriptions specifically for real content types your users will encounter — including charts, screenshots, and documents — and have accessibility stakeholders evaluate description quality and privacy posture.
• If you manage Copilot at scale, test the RemoveMicrosoftCopilotApp policy on a subset of devices and compare behavior with existing AppLocker or uninstall scripts.
• Provide feedback via Feedback Hub for critical failures and vote on similar reports to help engineering triage.

---

Final assessment — who should install Build 26220.7535?​

This build is tailored to Insiders, developers, and IT teams who need early access to accessibility improvements, enterprise management tooling, and cross‑device developer features. The benefits are tangible: broader Narrator capabilities, a new uninstall policy for Copilot, and expanded XDR integration paths.
However, the risks are real: UI regressions (Start menu, taskbar), Settings crashes, and intermittent peripheral issues make this build unsuitable for general production deployment. Organizations should treat it as a testing and feedback vehicle: validate the features you care about in controlled pilots, document side effects, and coordinate with privacy/compliance teams for any AI features that process user content.
Insiders who prioritize bleeding‑edge access to emerging features — and who are comfortable troubleshooting regressions and filing Feedback Hub reports — will find plenty to explore in Build 26220.7535. For everyone else, waiting for a later build that resolves the active Start menu and Settings regressions is the safer path.

---

Source: Microsoft - Windows Insiders Blog Announcing Windows 11 Insider Preview Build 26220.7535 (Dev & Beta Channels)

 

[ChatGPT]

Microsoft’s latest Insider preview, delivered as Windows 11 Insider Preview Build 26220.7535 (KB5072046), brings a pragmatic but important management control: a new policy that lets administrators uninstall the consumer Microsoft Copilot app on managed devices when specific conditions are met — a one‑time, targeted uninstall intended for enterprise, Pro, and Education SKUs.

Background​

Microsoft’s ongoing campaign to fold Copilot into Windows has been accompanied by two competing pressures: the company’s desire to deliver AI features broadly, and enterprise customers’ need to control software presence and data surface area on managed endpoints. The January Insider preview encapsulates that balancing act: it expands accessibility capabilities (Narrator can now ask Copilot to describe focused images or the full screen), adds a developer-facing Cross‑Device Resume integration path using WNS, and, crucially for IT, introduces a Group Policy called RemoveMicrosoftCopilotApp that allows admins to remove the consumer Copilot app from managed devices that meet strict criteria. This policy is surfaced in Group Policy under:

• User Configuration → Administrative Templates → Windows AI → Remove Microsoft Copilot App.

Microsoft also documents complementary management and removal techniques (AppLocker, Intune, PowerShell) for administrators who need layered enforcement and durability across updates and tenant provisioning.

---

What KB5072046 Adds — The Essentials​

The RemoveMicrosoftCopilotApp policy: exact conditions and behavior​

The new uninstall policy is deliberately conditional. The policy will trigger a one‑time uninstall only when all of the following are true:

• Microsoft 365 Copilot and the consumer Microsoft Copilot app are both installed on the device.
• The Microsoft Copilot app was not installed by the user (i.e., it was provisioned or pushed).
• The Microsoft Copilot app has not been launched in the last 28 days.

When enabled, the policy performs a single uninstall action. The action is not a permanent block: users retain the ability to reinstall Copilot later if they choose. The policy is available to Windows 11 Pro, Enterprise, and Education SKUs.

Where the policy lives and how administrators enable it​

Administrators can enable RemoveMicrosoftCopilotApp via the Local Group Policy Editor or push it with Active Directory / Intune configuration profiles. The documented Group Policy path is:
User Configuration → Administrative Templates → Windows AI → Remove Microsoft Copilot App. For environments using MDM/Intune, the registry or CSP equivalent is typically used to deliver the same policy at scale; Microsoft’s broader Copilot management guidance recommends combining this policy with AppLocker/WDAC policies for durable enforcement.

Related changes in KB5072046​

The update also includes:

• Narrator integration with Copilot for richer image descriptions and follow‑up queries (permissioned by the user; not available in the EEA at rollout).
• Cross‑Device Resume add‑on enabling developers to use the Windows Notification System (WNS) as an alternative onboarding and activation vector.

These features emphasize accessibility and developer flexibility, while the uninstall policy acknowledges enterprise governance needs.

---

Why This Matters to IT Administrators​

The RemoveMicrosoftCopilotApp policy fills a practical gap in managed environments. Until now, admins had several imperfect options:

• hide the Copilot taskbar button,
• apply the legacy TurnOffWindowsCopilot policy (which is being deprecated in favor of newer controls),
• use AppLocker to block the package family,
• or perform local or scripted uninstallations (PowerShell/Get‑AppxPackage).

This new policy allows a simpler, targeted uninstall that respects the difference between user‑installed and provisioned packages and avoids heavy-handed blocking across the whole fleet. It’s useful for scenarios such as:

• devices provisioned automatically during enrollment where tenant policies accidentally pushed the consumer Copilot app,
• classroom or kiosk devices where admins prefer not to expose Copilot,
• or situations where regulatory or internal policy requires removal of consumer AI features.

However, the policy is intentionally conservative — built as a single uninstall action rather than a persistent block — because Microsoft wants to preserve user choice and avoid breaking workflows that depend on Microsoft 365 Copilot.

---

Step‑by‑Step: How to Use the New Policy and Complementary Controls​

The following is a practical admin playbook that reconciles Microsoft’s documented guidance with operational realities.

• Pilot first
• Apply the RemoveMicrosoftCopilotApp policy to a small pilot group that mirrors your servicing channel and device types. Test provisioning, update behavior, and user escalation paths.
• Enable the Group Policy (local testing)
• Open gpedit.msc → User Configuration → Administrative Templates → Windows AI → Remove Microsoft Copilot App → Enable. Apply and test. If using AD, create and link a GPO to an OU for targeted rollout.
• For wide-scale deployment, use Intune/MDM
• Push an administrative template or required registry value via Intune configuration profiles. When a local GP isn’t available on Home SKUs, deploy registry keys that replicate the GPO.
• Add AppLocker / WDAC for durability (recommended)
• Create AppLocker rules blocking the Copilot package family (Publisher: Microsoft Corporation, Package name: MICROSOFT.COPILOT) to prevent reinstallation and execution. Microsoft explicitly recommends AppLocker over legacy TurnOffWindowsCopilot for robust control.
• Disable tenant‑level automatic installs
• If your tenant provisioning can push Copilot, disable automatic installs from the Microsoft 365 Apps admin center to avoid re‑provisioning. Combine tenant settings with device‑level AppLocker for the best result.
• PowerShell cleanup (when necessary)
• For devices that still show Copilot or where the uninstall policy isn’t applicable, use a guarded PowerShell script to remove the app (confirming package names first):
• $packageFullName = Get‑AppxPackage -Name "Microsoft.Copilot" | Select‑Object -ExpandProperty PackageFullName
• Remove‑AppxPackage -Package $packageFullName
• Warning: package names can vary by build (Microsoft.Copilot, Microsoft.Windows.Copilot). Always confirm before running destructive commands and create restore points.
• Maintain a re‑verification playbook
• After each monthly or feature update, re‑verify the fleet’s state. Microsoft has changed how Copilot is packaged across builds in the past; a single‑tool approach is brittle.

---

Strengths of Microsoft’s Approach​

• Targeted, conditional uninstall reduces collateral impact. By restricting the policy to provisioned (non‑user) installs and to apps not launched in the last 28 days, Microsoft reduces the risk of accidentally removing software that users actively rely on. That conservative behavior is especially important in enterprise environments where user productivity can be disrupted by blunt uninstalls.
• Built‑in Group Policy path simplifies management. The explicit placement of RemoveMicrosoftCopilotApp in Administrative Templates under Windows AI gives admins a clear, supported mechanism rather than relying on brittle registry hacks or ad‑hoc PowerShell.
• Complementary tools and documentation exist. Microsoft’s broader guidance (AppLocker, PowerShell removal, tenant settings) allows admins to build a layered defense plan, balancing user autonomy against organizational policy.
• Preserves user choice. Making the uninstall a one‑time action and allowing users to reinstall reduces friction and legal exposure where removing consumer features outright might be problematic.

---

Risks, Limitations, and Operational Caveats​

• Not a durable block by itself. RemoveMicrosoftCopilotApp performs a single uninstall. It does not prevent future provisioning or reinstalls. To create durable enforcement, admins must pair it with AppLocker/WDAC and tenant‑level controls. Treat the policy as part of a multi‑layer strategy, not a complete solution.
• Re‑provisioning can occur from tenant-level installs. If Microsoft 365 or Intune provisioning policies include Copilot, tenant settings can reintroduce the app. Admins must disable tenant auto‑installs to avoid reappearance.
• Package naming and packaging may change across builds. Community experience shows package names like Microsoft.Copilot, Microsoft.Windows.Copilot, and others. Scripts and AppLocker rules must use publisher and package family identifiers rather than brittle exact names where possible. Always test on the target build.
• Privacy questions remain around image processing and cloud inference. The Narrator+Copilot feature explicitly requires user consent before sharing images, but Microsoft’s rollout indicates a mixed execution model: on Copilot+ hardware some processing may occur on‑device; on other devices the analysis is likely cloud‑based. For privacy‑sensitive deployments, admin guidance and policy changes should consider the mixed processing model and the EEA availability limitations.
• Geographic/regulatory restrictions. The feature set (Narrator image descriptions) is not available in the EEA at rollout — an important detail for global enterprises that must comply with data‑residency and biometric processing rules.
• Insider builds are experimental. KB5072046 is an Insider preview delivery. Behavior in Dev and Beta channels can change before general availability. Admins should not assume permanence until these controls land in stable servicing channels. This is a core operational risk when acting on Insider releases.

---

Recommended Audit Checklist for Deployment​

Before rolling RemoveMicrosoftCopilotApp to production, ensure the following:

• Pilot on machines that match your servicing channel and Copilot hardware profile.
• Confirm whether the Copilot app present on devices was provisioned by tenant policies or installed by end users. The policy only targets non‑user installs.
• Prepare AppLocker/WDAC rules that block the Copilot package family to prevent reinstallation. Test for false positives.
• Disable tenant auto‑install behavior in Microsoft 365 Apps admin center if your tenant is configured to push Copilot.
• Document a rollback plan (restore point or re‑provisioning playbook) in case critical users lose functionality unexpectedly.
• Re‑verify after every monthly security update and feature update. Package and policy behavior can change across builds.

---

Practical Examples and Admin Commands​

• Enable the GPO locally (for testing):
• Run gpedit.msc
• Navigate: User Configuration → Administrative Templates → Windows AI → Remove Microsoft Copilot App
• Set to Enabled, Apply, OK.
• PowerShell (confirm package name before running):
• $packageFullName = Get‑AppxPackage -Name "Microsoft.Copilot" | Select‑Object -ExpandProperty PackageFullName
• Remove‑AppxPackage -Package $packageFullName
• Do not run blindly on all machines; confirm package existence with Get‑AppxPackage | Where‑Object { $_.Name -like "Copilot" } first.
• AppLocker rule example (conceptual):
• Publisher: CN=MICROSOFT CORPORATION, O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US
• Package name: MICROSOFT.COPILOT
• Version: * (and above)
• This blocks installation and execution when enforced.

---

Final Analysis and Takeaway​

KB5072046’s RemoveMicrosoftCopilotApp policy is a welcome addition for administrators who need a straightforward, supported way to remove a consumer Copilot app that was provisioned or pushed to managed hardware. It reflects a pragmatic compromise: Microsoft provides a targeted uninstall path while preserving user autonomy and avoiding heavy-handed, durable removal that could disrupt workflows.
That said, the policy is not a silver bullet. It is explicitly a single uninstall action that must be combined with AppLocker/WDAC, tenant configuration, and an operational verification cadence to achieve durable results. Admins should treat KB5072046 as another tool in a layered management toolkit — useful, safer than many community "hacks," but dependent on careful pilot testing and complementary controls.
For enterprises, the recommended approach is clear:

• pilot RemoveMicrosoftCopilotApp on representative devices,
• deploy AppLocker or WDAC to block the package family for durability,
• disable tenant auto‑installs,
• and maintain a simple verification playbook to recheck after each feature update.

Accessibility improvements (Narrator + Copilot image descriptions) expand AI utility for users with visual impairments, but they also heighten privacy considerations because of mixed on‑device/cloud processing and regional limitations. Administrators must balance these tradeoffs through careful policy and user education.
KB5072046 does not end the Copilot conversation — it shifts the balance toward better administrative control while acknowledging user choice. The immediate operational win is the clarity and supported path for removal; the longer‑term work for IT is ensuring that their removal is durable, tested, and compliant with organizational policy and applicable regulations.

---

---

Source: Windows Report https://windowsreport.com/windows-1...ins-uninstall-copilot-app-on-managed-devices/