Microsoft has announced that Windows Server Update Services (WSUS) will be deprecated with the forthcoming release of Windows Server 2025.
This move is part of Microsoft’s ongoing efforts to streamline its server offerings by phasing out outdated features in favor of more secure and efficient alternatives.
The announcement has prompted discussions among IT professionals preparing for the transition.
Key Features Removed in Windows Server 2025
Download Free Incident Response Plan Template for Your Security Team – Free Download
Microsoft’s decision to deprecate WSUS was accompanied by removing several other features in Windows Server 2025. Here is a summary of the key features being removed:
| Feature | Explanation |
| IIS 6 Management Console | Removed due to being out of development since Windows Server 2019. Users should migrate to the latest IIS. |
| WordPad | Removed; Microsoft recommends using Word for rich text documents and Notepad for plain text files. |
| SMTP Server | No replacement within the OS; consider using Exchange Server or third-party SMTP solutions. |
| Windows PowerShell 2.0 Engine | Removed; users should migrate to PowerShell 5.0+ for better functionality and security. |
These removals are part of a broader effort to modernize Windows Server, encouraging users to adopt newer technologies that offer enhanced performance and security.
Features No Longer Under Development
In addition to removing certain features, Microsoft has announced that several other functionalities will no longer be actively developed.
The Computer Browser service, a dated protocol for device location, is being deprecated due to security concerns.
Users are advised to avoid this protocol as it may be removed in future updates. Similarly, all versions of NTLM (including LANMAN, NTLMv1, and NTLMv2) are deprecated.
While NTLM will continue functioning in the next release, Microsoft recommends transitioning to the more secure Negotiate protocol, prioritizing Kerberos authentication.
Remote Mailslots and TLS versions 1.0 and 1.1 are also on the deprecation list due to their outdated security standards.
The WebDAV Redirector service and WMIC tool are being phased out in favor of more modern alternatives, such as PowerShell, for WMI queries.
The deprecation of WSUS and other features presents challenges and opportunities for IT administrators.
While some may view these changes as disruptive, they also offer a chance to adopt newer technologies that improve performance and security.
Organizations relying on WSUS for update management will need to explore alternative solutions.
Microsoft’s shift from WSUS aligns with its broader cloud-first strategy, encouraging users to consider cloud-based update management options such as Microsoft Endpoint Manager.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial