Summary: Microsoft updated the security baseline for Windows Server 2025 LTSC with new IIS hardening recommendations, TLS 1.3 enforcement, and stricter SMB signing policies.
Why It Matters for Developers
The new baselines include changes that may affect legacy applications connecting over SMB or using older TLS versions. IIS administrators should review the new SSL/TLS cipher suite recommendations and plan testing before deploying to production.
My Take
If you still have Windows Server 2016 or 2019 boxes in production, use this as a reference benchmark even if you are not migrating to 2025 yet.