Microsoft's week in the news
A tale of the the good, the bad, and a feud turning ugly
This past week, Microsoft was in the news, some good, some not so much. The company has long faced criticism for prioritizing user convenience over security, often applying defaults configurations that make life easy for developers but leave holes for attackers. But recent moves hint that the tech giant may finally be rethinking that trade-off.
Azure Gets a Reality Check
In a, let's face it, delayed move, Microsoft announced it will retire default outbound internet access for Azure VMs starting September 2025. That may not sound thrilling, but in security terms, it’s a big deal, and a major pivot from Microsoft’s longstanding philosophy.
For years, Azure made it absurdly easy to spin up cloud resources with outbound internet access by default. Great for developers, terrible for network security teams. Once those defaults were accepted, security teams were left blind, with outbound traffic going wherever it pleased, often from unknown IPs, with no easy way to track or control.
Source:
https://www.theregister.com/2025/06/24/outbound_access_vms_azure/?td=rt-3a
That might be ok in dev environments, but for production systems? It’s a nightmare.
This upcoming change brings Azure more in line with AWS and Google Cloud, which already require explicit configuration for internet access. It’s a welcome step forward, especially for those who've dealt with the aftermath of too open by default infrastructure.
Of course, there’s a catch. Microsoft’s “secure by default” stance also comes with a price tag. Want to control internet access now? You’ll likely need a public IP, NAT gateway, or Load Balancer, all services that cost extra and still don’t quite solve the full visibility issue. Typical Microsoft. Progress with upsell potential.
Windows 10 Extended Security Updates
In a separate move, Microsoft said it’s extending Windows 10 security updates through October 2026. Sounds generous, at first. But, as with most things Microsoft, the devil's in the details.
Users can pay $30 per PC per year, and there are even “free” options, like enrolling via Windows Backup or redeeming 1,000 Microsoft Rewards points. Sounds great, until you look closer.
Enrolling in Windows Backup uploads user data to Microsoft's cloud, nudging users toward the company’s services and ecosystem. Redeeming points requires regular engagement with Microsoft platforms, Bing searches, Microsoft Store purchases, and the like. And both options require a Microsoft Account, which Windows 11 has been as subtly as big bling golden chain, pushing for a while.
To top it up, the updates aren’t automatic. Users have to actively opt in. Raising concerns about who will get left behind, particularly the less tech-savvy who arguably need security support the most.
Source:
https://arstechnica.com/gadgets/2025/06/microsoft-extends-free-windows-10-security-updates-into-2026-with-strings-attached/
From a business angle, it’s all very clever. Microsoft gets to play the benevolent vendor while still encouraging cloud adoption, account creation, and eventually hardware refreshes. And let’s be honest: in this game, the house always wins.
Lyon Draws a Line in the Sand
This could’ve been a relatively good week for Microsoft, until France’s third-largest city decided to throw a wrench in things.
Lyon announced it will ditch Microsoft Office entirely in favour of open-source software. It’s not just about saving money. The city says the move is about reducing reliance on U.S. tech, extending hardware lifespans, and asserting digital sovereignty.
Lyon plans to switch to OnlyOffice and the “Territoire Numérique Ouvert” (Open Digital Territory) suite for collaboration and video conferencing. Backed by a €2 million national grant, the project reflects a growing trend across Europe to prioritize homegrown or open-source tech over dependence on American platforms.
This isn't just a local quirk, or a French. Denmark recently dropped Microsoft services too, and the EU is ramping up calls for sovereign digital infrastructure. Microsoft’s answer? “Sovereign cloud” regions, essentially the same services in a different wrapper, still under Microsoft’s control.
Lyon didn’t buy it. Their move is bold, strategic, and symbolic. It shows large-scale government agencies can run on open source, and might just inspire others to follow.
Changing times
Taken together, these stories paint a interesting picture of Microsoft’s evolving relationship with customers and regulators.
- Azure’s networking shift shows real (if costly) progress on cloud security.
- The Windows 10 update extension balances goodwill with calculated business incentives.
- And Lyon’s departure sends a clear message: alternatives exist, and some organizations are ready to embrace them.
The real question now is whether Microsoft can adapt to a world where users are more empowered, more informed, and not as locked in as they once were. If Lyon’s gamble pays off, this week might be remembered not just for what Microsoft did, but for what it couldn’t prevent.
Maybea new era will really come, and we will go back to on-prem/private cloud? Also thin clients and linux based OS systems by us arising with a very fast pace. Simply we do not need the Windows ecosystem for the thing, which running on linux/html5. Public cloud is very expensive and there are some uncertainties -what you wrote well, which will leverage loss of trust at the end. Big fishes dictate, but small fishes can swim away.