A freshly updated PowerShell script gives Windows power users a sharper scalpel for stripping unwanted components from Windows 11. The open-source tiny11builder project now supports version 25H2 images, explicitly removes Copilot and the new Outlook for Windows client, switches to DISM’s recovery compression mode for slimmer ISOs, and adds stronger guards against the reappearance of deleted inbox apps—all while sticking to Microsoft’s own imaging tools.

The refresh arrives at a time when Windows 11’s inbox app roster has grown increasingly contentious. Copilot and the unified Outlook client are deeply embedded in the default experience, and Microsoft’s servicing stack can quietly restore them after updates. For administrators building locked-down images or enthusiasts chasing minimalist installs, the updated builder turns a manual, error-prone chore into a repeatable, scripted workflow.

A community project with a simple premise

The tiny11 ecosystem has always revolved around one core idea: use Microsoft’s official imaging utilities to carve fat out of Windows without relying on opaque third-party binaries. The builder is a transparent PowerShell script—readable, modifiable, and focused entirely on DISM, oscdimg.exe from the Windows ADK, and an autounattend answer file. No mystery executables, no bundled toolbars, just automation around the same commands a seasoned admin would run by hand.

That DNA matters because prebuilt debloated ISOs from untrusted sources are a security landmine. By requiring a genuine Microsoft ISO as input and performing all servicing offline, tiny11builder lets users verify exactly what was stripped and how. The script even includes a “Core” variant for extreme minimalism, though that path trades away serviceability for size.

What the latest refresh delivers

25H2 and flexible image support

The script’s PowerShell rewrite—an overhaul that debuted in earlier releases—now comfortably ingests Windows 11 25H2 images, regardless of language or architecture. It accepts both WIM and ESD source files, so users who pull images from the Unified Update Platform or other official channels don’t need to convert formats beforehand. For anyone who wants a debloated 25H2 ISO that still carries the platform-level changes Microsoft packaged into the 24H2/25H2 branch, the path is now straightforward.

Explicit Copilot and Outlook removal

Two of the most debated additions to Windows 11—the Copilot AI assistant and the redesigned Outlook for Windows client—get dedicated removal routines in the updated script. Choosing to excise them not only reclaims disk space but also eliminates the services and hooks that would otherwise keep them alive in the background. The trade-off is clear: if your workflow depends on Copilot integration or the new Outlook’s cloud-synced mail and calendar, you’ll lose those touchpoints. But for security-conscious environments or users wedded to alternative tools, the ability to build an image free of these components is a potent lever.

Recovery compression shrinks ISO footprints

Previous tiny11 builds used conventional DISM compression. The new script invokes the /Compress:recovery switch, which leans on a more aggressive algorithm to produce notably smaller final ISOs. The project maintainers point out that under certain configurations, a full Windows 11 installation can shrink enough to fit on a single-layer 4.7 GB DVD. The extra CPU time spent during image creation is a one-time cost that pays off every time the ISO is copied, archived, or deployed over a slow network.

Reinstallation blocking and quality-of-life fixes

Nothing frustrates a debloating effort more than watching Windows Update or the Microsoft Store silently push removed apps back onto the system. The update tackles this with more aggressive measures to suppress reinstallation attempts. The script also papers over a few known cracks: leftover Settings entries when Microsoft Edge is removed, ARM64-specific oddities with OneDriveSetup.exe, and other small glitches that have accumulated from user reports. The Core variant—stripped of WinSxS and fundamentally non-serviceable—remains available for users running ultra-tight VMs or disposable testing environments.

Under the hood: how tiny11builder works

The builder’s sequence is methodical and leans entirely on Microsoft-supplied tooling. Here’s the flow in practice:

  1. Source acquisition: Start with an official Windows 11 ISO, a UUP dump, or an ESD file. The script expects a genuine Microsoft image.
  2. Mount and extract: The target image edition—picked from the WIM or ESD—gets mounted for offline servicing.
  3. Offline servicing: DISM strips out selected packages, optional components, and features. Common casualties include Clipchamp, News, Weather, Xbox apps, OneDrive, Media Player, language packs, and telemetry-related services. Registry tweaks and feature toggles are applied at this stage.
  4. Unattend injection: An autounattend.xml file lands inside the image, configuring OOBE behavior—most notably bypassing the Microsoft Account requirement and enabling compact deployment mode.
  5. Repack and compress: The serviced image is rebuilt using DISM with /Compress:recovery, yielding a smaller final payload.
  6. ISO creation: oscdimg.exe from the Windows ADK assembles a bootable ISO ready for USB or optical media.
  7. Core path (optional): If the Core option is selected, the script surgically removes WinSxS and the servicing stack, producing an image that cannot receive cumulative updates, add languages, or install optional features.

A few operational notes worth underlining: the script must run from an elevated PowerShell session, often with execution policy set to Unrestricted. The maintainers recommend invoking it explicitly with powershell -f path\to\tiny11maker.ps1 to avoid environmental quirks. And while the ADK is only strictly needed for ISO creation, keeping it current prevents obscure oscdimg bugs.

Why IT admins and enthusiasts gravitate toward tiny11

  • Reduced bloat: A cleaner base install free of inbox apps that many users will never open.
  • Smaller distribution media: Recovery compression combined with component removal can slash ISO size, a boon for bandwidth-limited deployments and archival storage.
  • Privacy and attack surface: Telemetry-adjacent services and optional components disappear, shrinking the surface that an attacker or corporate compliance scan might scrutinize.
  • Customizable OOBE: The unattend file enables local-account-first setups and other enterprise- or privacy-oriented customizations without manual intervention during setup.
  • Auditability: Because every modification is scripted and powered by Microsoft’s own tools, the entire process is transparent. Users can read the script line-by-line—a trust advantage that no prebuilt ISO can match.
  • Flexibility: ESD input, any language, any edition, and both x64 and ARM64 architectures are now fair game.

The flip side: risks, caveats, and real-world headaches

The power to strip Windows to its ribs doesn’t come free of consequences.

Serviceability and update woes

The Core image is permanently non-serviceable. Without WinSxS, cumulative updates, optional features, and language packs are off the table. Even the standard tiny11 variant isn’t immune: major Windows updates or Store repair operations can resurrect removed apps. The script includes countermeasures, but the cat-and-mouse game with Microsoft’s servicing stack is never truly over.

Removing assumed components also jeopardizes future feature updates. The servicing engine expects certain packages to exist; if they’re gone, upgrade attempts can fail or produce bizarre side effects.

Security and stability

Aggressive component removal can accidentally gut dependencies that security features or antivirus engines rely on. There have been scattered reports of boot loops and hardware-specific regressions when combining early Windows preview builds with deeply stripped images. The Core variant is especially brittle.

Compatibility and functionality loss

Ripping out Copilot and Outlook eliminates integrated experiences that some users depend on. Other removals—Edge, OneDrive, certain UWP contracts—can leave Settings pages broken, search malfunctioning, or system dialogues erroring out. ARM64 users still hit OneDriveSetup.exe quirks that demand manual intervention.

Modified Windows images are unsupported by Microsoft. In a business environment where support contracts and compliance sign-offs are non-negotiable, a custom-built ISO can become a liability. Even for personal use, it’s wise to keep a vanilla recovery image on hand.

Unverified community claims

Anecdotes about running Windows on impossibly small RAM footprints or achieving flawless long-term stability on a particular prebuilt tiny11 ISO should be treated as interesting data points, not universal guarantees. Results hinge on hardware, the specific build, and exactly which components were removed.

A practical workflow for safe experimentation

If you’re tempted to spin up a debloated Windows 11 25H2 test machine, follow a disciplined routine:

  • Start in a VM: Validate the entire image lifecycle—install, update, application compatibility—inside a virtual machine before touching physical hardware.
  • Use an official source ISO: Never trust a pre-built ISO from a random corner of the internet. Build your own from known-good Microsoft media.
  • Keep full backups: Disk images of the machine before deploying a custom build are your safety net.
  • Simulate updates: Apply the latest cumulative updates and, if possible, test a feature update scenario. Watch for app reinstallation and breakage.
  • Document removals: Maintain a log of what was stripped so you can restore functionality or troubleshoot later.
  • Run the script correctly: Open an admin PowerShell shell, set Set-ExecutionPolicy Unrestricted, and invoke the script with the recommended syntax.
  • Keep the ADK updated: An outdated oscdimg can produce unbootable media.
  • Expect reinstallation attempts: After Patch Tuesday or a feature update, validate that removed apps haven’t crept back, and reapply mitigations if necessary.
  • Favor selective removal: If you’re unsure about a component, leave it. Incremental changes are easier to roll back than a full-blown gutting.

Where the project goes from here

tiny11builder’s trajectory mirrors the broader tension between Microsoft’s push for a feature-rich, cloud-connected OS and the community’s appetite for lean, locally controlled images. As Windows 11 evolves—with new servicing behaviors, Store mechanics, and increasingly integrated AI components—the script will need to adapt. The maintainers have shown a willingness to iterate quickly, and the open-source model means changes are public and auditable.

For environments that prize minimal clutter and are comfortable managing the ongoing maintenance burden, the updated builder is a compelling upgrade. For shops that demand vendor-supported, zero-touch deployment with guaranteed update paths, the trade-offs remain steep.

The bottom line: tiny11builder’s latest release doesn’t just keep pace with Windows 11 25H2—it sharpens the tools for those who want to decide exactly what their OS contains. Used carefully, it’s a powerful asset. Used carelessly, it’s a shortcut to a broken system. The difference lies in the diligence of the person wielding the script.