Windows Server 2025 Insider Preview Build 26304: Enhanced Security Features

Microsoft has recently rolled out a new Insider Preview build, numbered 26304, for Windows Server 2025, now with the official branding being displayed. This latest offering is part of the Windows Server Insider Program, a community-driven initiative where participants can test and provide feedback on upcoming features and updates.

What's New: A Deeper Dive into Windows Defender Application Control​

The highlight of build 26304 is the addition of Windows Defender Application Control for Business (WDAC). This tool aims to enhance security by enforcing a strict policy regarding what software can be executed on the server, thereby significantly reducing the attack surface. Here’s how it works:

• Explicit Software Allowance: The WDAC creates and enforces a list of approved software that is permitted to run. This means that only applications explicitly authorized by administrators or predefined Microsoft policies may execute.
• Default Policies Available: Microsoft provides a ‘default policy’ that can be easily applied via PowerShell cmdlets, thanks to the underlying OSconfig security platform. These default settings align with best practices for safeguarding servers.

For those interested, further information is available in the Windows Defender Application Control for Business documentation.

Expanded Security Features: Windows Server 2025 Security Baseline Preview​

In tandem with the new application control features, Microsoft has also made progress on its Security Baseline Preview for Windows Server 2025. This includes:

• Over 350 Security Settings: The new security baseline offers more than 350 predefined settings to help configure and standardize security measures across various server roles. This covers configurations for Domain Controllers, Member Servers, and Workgroup Members.
• Practical Implementation: Server administrators can apply these settings right from the start, ensuring a robust initial security posture. However, as a caution, Microsoft advises that these security settings should be tested on non-production systems first, given that not all configurations can be reverted once implemented.

Flighting and Feedback​

For those who are part of the Server Flighting program, this release should automatically populate in your setup later today. A new Feedback Hub app is also being introduced for Server Desktop users, allowing for easier communication of issues and feedback regarding the build.

Known Issues to Consider​

As with any Insider Preview, there are known issues which users should be wary of:

• Mislabeling in Flighting: Some users may see a label for Windows 11 when downloading the update. Just remember, selecting this will still install the Windows Server update.
• PowerShell Challenges in WinPE: The installation of WinPE-Powershell components is currently buggy, failing to install PowerShell correctly.
• Upgrade Advice: Microsoft does not recommend this build for those validating upgrades from Windows Server 2019 or 2022 due to reported intermittent failures.

In addition, if Secure Launch or DRTM code paths are enabled, installing this build may not be advisable.

Conclusion: An Essential Step Forward​

With Build 26304, Microsoft is pushing the envelope on security for Windows Server 2025. By integrating the Windows Defender Application Control, the company aims to align its server platform with modern-day security practices, significantly reducing vulnerabilities and unauthorized software operations.
For users keen on experiencing the latest developments, downloading the Insider Preview can be done through Microsoft's site. However, do tread carefully, especially regarding the known issues and best practices for deployment.
As always, the Windows community is encouraged to join the discussion and share feedback on these updates, making the Windows Server platform more robust and secure for everyone.
Source: Neowin Windows Server 2025 Insider Preview build 26304 adds Windows Defender Application Control