Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Microsoft to enable Windows settings backup by default for orgs

0
Medium
Vulnerabilitywindows
Published: 07/07/2026 (07/07/2026, 09:41:19 UTC)
Source: Bleeping Computer

Description

Microsoft will enable the Windows settings backup and restore tool by default on Microsoft Entra-joined or hybrid-joined enterprise systems upgrading to Windows 11 version 26H2. This tool backs up enterprise users' Windows settings to facilitate restoration after device reset, replacement, upgrade, or reimaging. The default-on behavior applies only to eligible devices outside regions regulated by the EU Digital Markets Act and not in sovereign or restricted cloud environments. IT administrators retain full control to explicitly enable or disable the backup policy via management tools. The restore functionality remains disabled by default and requires explicit admin configuration.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/07/2026, 10:06:39 UTC

Technical Analysis

Microsoft announced that starting with Windows 11 version 26H2, the Windows settings backup policy will be enabled by default on Microsoft Entra-joined or hybrid-joined enterprise devices that meet certain eligibility criteria. Previously an opt-in feature, this backup tool helps preserve user settings across device lifecycle events. The default enablement excludes devices in EU DMA-regulated regions and sovereign or restricted cloud environments. Administrators can override the default setting using Microsoft Intune or Group Policy. The restore feature is not enabled by default and requires explicit admin action. This change aims to improve enterprise device management and user experience during device transitions.

Potential Impact

Enabling the Windows settings backup by default improves the ability to preserve user settings during device lifecycle events, reducing configuration overhead after resets or replacements. However, it introduces a new default behavior that administrators must be aware of, especially in environments with strict data governance or regulatory requirements. Since restore is not enabled by default, no automatic restoration occurs without admin configuration. There are no known exploits or vulnerabilities associated with this change as of the publication date.

Mitigation Recommendations

No immediate action is required if the default behavior aligns with organizational policies. Administrators who prefer to disable the backup feature can do so explicitly via Microsoft Intune or Group Policy, which take precedence over the default setting. The restore functionality remains opt-in and requires explicit configuration. Organizations in EU DMA-regulated regions or sovereign/restricted cloud environments are unaffected by this default change. Monitor official Microsoft communications for any updates or changes to this policy.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Article Source
{"url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-to-enable-windows-backup-for-organizations-by-default/","fetched":true,"fetchedAt":"2026-07-07T10:06:29.272Z","wordCount":654}

Threat ID: 6a4ccfa527e9c7971960588b

Added to database: 07/07/2026, 10:06:29 UTC

Last enriched: 07/07/2026, 10:06:39 UTC

Last updated: 07/07/2026, 10:19:40 UTC

Views: 3

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses