Introduction

Microsoft has released KB5059093, an Out-of-Box Experience (OOBE) update aimed at improving the initial setup process for Windows 11 version 24H2 and Windows Server 2025. This update ensures that devices are secure and up-to-date from the moment they are first powered on.

Understanding the OOBE Update

The OOBE is the initial setup phase encountered when a new Windows device is started or after a fresh installation. During this phase, users configure essential settings such as language preferences, account creation, and network connections. With KB5059093, Microsoft has integrated a mechanism to automatically download and install critical updates during the OOBE, provided the device has an active internet connection.

According to Microsoft's official documentation, this update specifically targets the OOBE process and is available exclusively when OOBE updates are installed. The primary objective is to ensure that devices receive essential driver updates and critical Windows zero-day patches (ZDP) immediately upon setup. These updates are mandatory and cannot be opted out of, as they are crucial for the device's proper operation. Users will be notified that the device is checking for and applying these updates during the setup process.

Implications for Users and Administrators

The integration of updates during the OOBE offers several advantages:

  • Enhanced Security: By applying critical updates during the initial setup, devices are safeguarded against known vulnerabilities from the outset.
  • Improved Stability: Ensuring that the latest drivers and patches are installed can lead to a more stable and reliable system performance.
  • Streamlined Setup Process: Automating the update process during OOBE reduces the need for manual intervention post-setup, allowing users to start using their devices sooner.

However, this approach also introduces certain considerations:

  • Extended Setup Time: The duration of the OOBE may increase, depending on the size of the updates, network conditions, and hardware capabilities. Microsoft notes that this process can take 30 minutes or more.
  • Mandatory Updates: Users cannot opt out of these critical updates during the OOBE, which may be a point of contention for those who prefer more control over the update process.

Managing OOBE Updates in Enterprise Environments

For organizations managing multiple devices, the automatic application of updates during OOBE can be both beneficial and challenging. To address this, Microsoft plans to introduce policies that allow administrators to control whether devices receive quality updates during OOBE. This policy is expected to be available in mid-2025 and will provide flexibility in managing the update process during device setup.

Administrators can utilize Group Policy or Mobile Device Management (MDM) solutions to configure this setting. By navigating to INLINECODE0 , they can enable or disable the policy related to OOBE cumulative update installation. This approach offers a centralized method to manage updates across multiple devices, ensuring consistency and compliance with organizational policies.

User Experiences and Feedback

The introduction of mandatory updates during OOBE has elicited mixed reactions from the user community. Some users appreciate the enhanced security and convenience, while others express concerns about the extended setup time and lack of control over the update process.

For instance, a user on the Windows 11 Forum noted that the automatic installation of updates during OOBE can be time-consuming and disrupt the clean install process. They preferred the previous option to deselect updates during setup, allowing for a quicker OOBE completion and the ability to install updates at a more convenient time.

Another user shared their experience of performing a clean install with the internet disconnected to avoid automatic updates during OOBE. They found that this method allowed them to complete the setup more efficiently and install updates later at their discretion.

Best Practices for Managing OOBE Updates

To navigate the changes introduced by KB5059093 effectively, consider the following best practices:

  • Plan for Extended Setup Time: Allocate additional time for device setup to accommodate the installation of updates during OOBE.
  • Ensure Stable Internet Connectivity: A reliable internet connection is essential for the successful download and installation of updates during OOBE.
  • Communicate Changes to End-Users: Inform users about the new update process during OOBE to manage expectations and reduce potential frustration.
  • Utilize Management Policies: Leverage Group Policy or MDM solutions to control the application of updates during OOBE, aligning with organizational requirements and preferences.

Conclusion

KB5059093 represents a significant step in Microsoft's efforts to enhance the security and reliability of Windows devices from the outset. By integrating critical updates into the OOBE, Microsoft aims to provide users with a more secure and stable computing experience. While this approach offers numerous benefits, it also requires users and administrators to adapt to changes in the setup process. By understanding these changes and implementing best practices, organizations and individuals can effectively manage the impact of this update.