General availability: Azure Sphere version 22.11 new and updated features
Published Dec 01 2022 02:34 PM 4,116 Views
Steel Contributor

The Azure Sphere 22.11 release includes the following components: 

  • Update to the image signing keys used by the Azure Sphere Security Service 
  • Updated Azure Sphere OS 
  • Updated Azure Sphere SDK for Windows and for Linux 
  • Updated Azure Sphere extensions forVisual Studio and for Visual Studio Code 


If your devices are connected to the internet, they will receive the updated OS from the cloud. To install the latest SDK, see the installation Quickstart for Windows or Linux: 


Highlights in this release include a new Malloc version, an upgraded Azure IoT C SDK, a DHCP timeout reduction, and the Public Preview of Azure Sphere support for the European Data Boundary. 


New image signing keys being used by the Azure Sphere Security Service 

The Azure Sphere Security Service now uses new image signing keys. These keys are used by our service to sign any newly uploaded application images and new capability files (for example when enabling development mode on devices). The 22.11 OS was signed using the old keys, but future OSs will be signed using the new keys. All existing keys continue to be trusted by Azure Sphere devices. 


For Azure Sphere devices to accept signatures using the new keys, a trusted keystore (TKS) update was rolled out on November 14, 2022. No user action is required for production devices. For certain manufacturing, development, or field servicing scenarios where the Azure Sphere OS is not up to date, you may need to take extra steps to ensure that newly signed images are trusted by the device – see this blog post for full details. 


New and changed features in the 22.11 OS 

The 22.11 release of the Azure Sphere OS includes the following changes:


New Malloc version 

The Azure Sphere OS continues to support the existing malloc model without any changes required to an application and is binary backward-compatible for all previously built applications. However, a new application manifest option allows developers to opt into MallocVersion=2, which introduces the MUSL v1.2.1+ malloc model, mallocng. This malloc version is more efficient and more secure and significantly improves memory freeing. Samples and tutorials have been updated to use this version by default and we recommend adding it to any new application being developed. For some application scenarios, peak memory usage would be expected to be lower when using this new malloc version. 


Upgraded Azure IoT C SDK 

We’ve updated the Azure IoT C SDK to the latest version. This SDK includes bug fixes and stability enhancements and is binary compatible with previous versions. All existing apps will benefit from behind-the-scenes improvements administered by the Azure Sphere OS. 


DHCP Timeout reduction 

The DHCP retry timeout has been reduced from 10s down to 1s. This reduction improves battery consumption when a device is waiting for a DHCP lease, which is expected to occur with some network configurations and traffic scenarios. 


New and changed features in the 22.11 SDK 

The 22.11 release of the Azure Sphere SDK includes the following changes: 


Support for other CLI command output formats 

As part of the ongoing effort to introduce JSON output to CLI commands, making it easier to script and automate against, azsphere image add and azsphere device show-os-version have been updated to support JSON output. See Supported commands for the list of commands that currently support multiple output formats. 


New and updated samples, code snippets, and Gallery projects 

The 22.11 release of the Azure Sphere samples, code snippets, and Gallery projects includes the following changes: 


Logging to Azure Sample project 

The Logging to Azure Sample project demonstrates how to use IoT Hub in tandem with Azure Data Explorer to capture application-level logs in a way that is both scalable and queryable. 


PWM Audio Gallery project 

The PWM Audio Gallery project demonstrates how to use the MT3620’s hardware PWM peripherals to generate tonal sounds for use with a buzzer or other audio-generating device, a common product use case. 


Public Preview: Azure Sphere support for European Data Boundary   

In keeping with Microsoft’s mission to process and store EU data exclusively within the EU (see EU Data Boundary for the Microsoft Cloud), the Azure Sphere Security Service now enables EU customers to process and store image files and device crash dump files within the EU as desired. The new Regional Data Boundary setting is an optional parameter that can be used with the azsphere image and azsphere device-group commands.   


For more information, see: 


We invite EU-based customers to try this new feature and provide any feedback via email to   


More information 

Version history
Last update:
‎Dec 01 2022 11:38 AM
Updated by: