Microsoft is removing services or components from Windows Server 2025 or stopped developing them.
Table of Contents
Services Removed with Windows Server 2025
| Feature | Explanation |
|---|---|
| IIS 6 Management Console (Web-Lgcy-Mgmt-Console) | The console has been removed after being no longer developed in Windows Server 2019. You should also start migration from IIS 6.0 or earlier versions, and move to the latest version of IIS, which is always available in the most recent release of Windows Server. |
| Wordpad | WordPad has been removed from Windows Server 2025. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt. |
| SMTP Server | The SMTP Server features has been removed from Windows Server 2025. There’s no replacement within the operating systems. |
| Windows PowerShell 2.0 Engine | The Windows PowerShell 2.0 Engine has been removed, applications, and components should be migrated to PowerShell 5.0+. |
| Data Encryption Standard (DES) | DES, the symmetric-key block encryption cipher, is considered insecure against modern cryptographic attacks, and replaced by more robust encryption algorithms. DES was disabled starting with Windows Server 2008 R2 and is removed from Windows Server 2025 and later releases. |
| NTLMv1 | Replace calls to NTLM by calls to Negotiate, which tries to authenticate with Kerberos and only falls back to NTLM when necessary. For more information, see The evolution of Windows authentication. |
Services no longer developed with Windows Server 2025
| Feature | Explanation |
|---|---|
| Computer Browser | The Computer Browser driver and service are deprecated. The browser (browser protocol and service) is a dated and insecure device location protocol. This protocol, service, and driver were first disabled by default in Windows 10 with the removal of the SMB1 service. For more information on Computer Browser, see MS-BRWS Common Internet File System. |
| NTLM | All versions of NTLM, including LANMAN, NTLMv1, and NTLMv2, are no longer under active feature development and are deprecated. Use of NTLM will continue to work in the next release of Windows Server and the next annual release of Windows. Calls to NTLM should be replaced by calls to Negotiate, which will try to authenticate with Kerberos and only fall back to NTLM when necessary. For more information, see The evolution of Windows authentication. |
| Remote Mailslots | Remote Mailslots are deprecated. The Remote Mailslot protocol, which was initially introduced in MS DOS, is a dated and simple IPC method that is both unreliable and insecure. This protocol was first disabled by default in Windows 11 Insider Preview Build . For more information on Remote Mailslots, see About Mailslots and [MS-MAIL]: Remote Mailslot Protocol. |
| TLS 1.0 TLS 1.1 | TLS versions 1.0 and 1.1 have been deprecated by internet standards and regulatory bodies due to various security concerns. As of the 2024 release of Windows Server Insiders Preview, these versions are disabled by default. For more information on TLS deprecation, see TLS 1.0 and TLS 1.1 deprecation in Windows. |
| WebDAV Redirector service | The WebDAV Redirector service is deprecated. The service isn’t installed by default in Windows Server. For more information on the WebDAV Redirector service, see WebDAV – Win32 apps. |
| Windows Management Instrumentation Command line (WMIC) | WMIC is disabled by default for new installations of Windows Server. It will be removed from Windows in a future release. PowerShell for WMI replaces the WMIC tool. Use PowerShell or programmatically query WMI as a replacement for WMIC. To learn more about WMIC depreciation, see WMI command line (WMIC) utility deprecation: Next steps |
| VBScript | VBScript is deprecated. In future releases of Windows, VBScript is available as a feature on demand before its removal from the operating system. |
| Failover Clustering Cluster Sets | Failover Clustering Cluster Sets feature is no longer in active feature development and is deprecated. |
| Network Load Balancing (NLB) | NLB is no longer in active feature development and is deprecated. Consider using a Software Load Balancer (SLB) as an alterative. To learn more about SLB, see What is Software Load Balancer (SLB) for SDN? |
| Windows Internal Database (WID) | WID is used by several roles, including ADFS, ADRMS, IPAM, RD Connection Broker, and WSUS. Consider using a free or full version of SQL Server for these roles. WID will be removed from Windows in a future release. To learn more about the different types of SQL Server available, see SQL Server editions. |
| Windows PowerShell 2.0 Engine | The Windows PowerShell 2.0 Engine is deprecated and isn’t installed by default. Windows PowerShell 2.0 applications, and components should be migrated to PowerShell 5.0+. To learn more about the deprecation, see Windows PowerShell 2.0 Deprecation. |
| Windows Server Update Services (WSUS) | WSUS is no longer actively developed, all the existing capabilities and content continue to be available for your deployments. |
WSUS – Important Information
Microsoft has announced the deprecation of Windows Server Update Services (WSUS) as part of their vision for simplified Windows management from the cloud. This means that while WSUS will continue to function and receive updates, Microsoft will no longer invest in new capabilities or accept new feature requests for WSUS
Key points to note – See the official statement here. :
- Current Functionality: WSUS will still work and receive updates, but no new features will be developed.
- Support: Microsoft will continue to support existing WSUS features and address issues as they arise.
- Transition Recommendations: Microsoft recommends transitioning to cloud-based tools such as Windows Autopatch and Microsoft Intune for client update management, and Azure Update Manager for server update management.
This deprecation does not impact existing capabilities or support for Microsoft Configuration Manager
However, organizations relying on WSUS should start planning their transition to these cloud-based solutions to ensure continued efficient update management. If you want to learn about modern server management, please check the AdaptiveCloud reddit community or contact me directly.
Conclusion
Most changes shouldn’t have a significant on your environment. In environments that have been created using legacy approaches, you should play attention to the development plan around NTLM. Pay a close look to this documentation and plan your removal of NTLM with Kerberos. Still using NTLM is a technical debt, that you should start to identify, track and pay the debt for as soon as you can afford it.
If you want to setup a Windows Server 2025 journey today and learn how to combine it with Azure Arc and cloud technology, you can start your journey here.
