The Euro-Office open source productivity app suite will be available with the first stable release of the software on June 9. 

Euro-Office was unveiled in March with the aim of providing a modern, open source alternative to Microsoft and Google software for European organizations increasingly wary of a dependence on US-based suppliers. 

Euro-Office consists of four browser-based applications: a document editor, spreadsheet program, presentation tool, and a PDF editor, with each application enabling collaborative document editing. It supports Microsoft Office file formats DOCX, PPTX and XLSX, as well as Open Document Format (ODF) files such as ODS, ODT and ODP.

The software is intended to be integrated into collaboration solutions such as file-sharing platforms, online wikis or project management tools, according to Nextcloud, one of several European organizations involved in the Euro-Office project.

Nextcloud will add Euro-Office to its Nextcloud Office next month, where it will be available as an “equal option” alongside an existing open-source productivity suite based on Collabora’s software, Nextcloud CEO Frank Karlitschek said in a briefing. Pricing will depend on factors such as use case and deployment scale, but will sit in a similar range to the Collabora version.

Nextcloud plans to add desktop and mobile apps “later this summer,” said Karlitschek; these will save documents locally and sync to cloud storage tools that customers choose.

German cloud hosting provider Ionos will also integrate Euro-Office into its Nextcloud Workspace subscription at no extra cost, and as an optional paid add-on to its HiDrive and Managed Nextcloud subscriptions. (Pricing information was not immediately available.)

Nextcloud and Ionos are currently hiring a “dedicated development team” to work on Euro-Office, Nextcloud said in a blog post Thursday. Other software vendors, including Xwiki and Office.eu, are expected to incorporate Euro-Office into their products in the coming months, too.

Euro-Office is built on the open-source code base of OnlyOffice and distributed under the GNU Affero General Public License v3 (AGPL v3). 

Following the launch announcement, OnlyOffice — which is owned by Ascensio System SIA — alleged in March that Euro-Office violated its licensing terms and infringed its copyright, due to a lack of attribution to OnlyOffice.

Karlitschek said this week that the conflict with OnlyOffice is “now resolved,” following an agreement to provide attribution to OnlyOffice in Euro-Office. “We came to an agreement that the OnlyOffice people required only attribution, that you basically mention that the code is partly based on top of OnlyOffice, and we are happy to do it.”

But an OnlyOffice spokesperson denied a specific agreement had yet been reached. “OnlyOffice has not entered into any agreement with the Euro-Office project,” said Galina Goduhina, commercial director at OnlyOffice. 

“Our licensing framework is clearly defined, and compliance with its terms is not optional,” Goduhina said. “We will continue to assess the situation based on actual use of our technology.

 “This situation goes beyond attribution— it concerns transparency of technology origin, respect for the original developer — and does not meet the standards of responsible partnership we expect,” Goduhina said. “OnlyOffice remains focused on supporting its users, customers and partners and continuing to develop reliable, enterprise-grade document solutions.”

OnlyOffice recently published a blog post outlining its license and trademark policy in more detail. 

A Nextcloud spokesperson said the blog post indicated a change in the OnlyOffice license to “bring it in line” with AGPLv3. 

“We applaud the removal of the conflicting requirements around the trademark, aligning with our opinion and that of the licensing experts in the open source community,” the spokesperson said. “We will adopt their changes as they are being made to the code, of course ensuring the license compliance is preserved. With these changes we consider the matter resolved.”

Meta has raised the possibility that it could be joining the likes of Amazon, Microsoft and Google in offering cloud services at some point in the future — although potential customers shouldn’t be adding the company to their suppliers list just yet.

When asked about plans for offering such services at the company’s annual shareholders meeting,  Meta CEO Mark Zuckerberg said there was a possibility of the company competing with the major hyperscalers. “It’s definitely on the table.”

He explained that different companies were approaching Meta asking for the company to offer an API service or to buy compute services at a premium price. “We haven’t done it yet, because we think we have a use for the compute, but when we feel we have overbuilt, then that is an option that we have.”

Meta has been active in developing its data centers over the past few years, so there will be a possibility of some excess capacity. It is also developing its own AI chips.

For the moment, though, the company may well need all the capacity it can build: Zuckerberg said that the launch of Muse Spark, a new AI model from Meta Superintelligence Lab, had resulted in large increases in Meta’s AI usage.

This article first appeared on Network World.

A research project examining AI-driven recruitment hires across the US has revealed a systemic racial bias.

Researchers from Stanford University found a startling pattern of racial disparities when looking at the interview offers resulting from 4 million job applications submitted to 156 employers. The situation is aggravated by the “monoculture” in AI hiring software: More than 90% of US employers are screening job applicants with software, with 60% of Fortune 500 companies using the same tool, HireVue, the researchers found.

Applicants who applied to multiple companies using AI had all their applications rejected more often than would be expected if each company’s screening methods were independent. They calculated that Black and Asian candidates were rejected in greater numbers than baseline figures would suggest. According to the survey, 29,000 more Asians would have been interviewed if AI had not been deployed.

The researchers are concerned about the way in which AI is being used. “AI screening tools bring together three properties that should not co-exist in high-stakes decision-making: They are pervasively adopted, highly consequential, and opaque to the public,” they said in a news release presenting their work.

The effect of this will lead to workplaces dominated by a monoculture which may not be beneficial for companies going forward.

This article first appeared on CIO.

I will sit right down (waiting for the gift of sound and vision)
And I will sing (waiting for the gift of sound and vision)

— David Bowie

Apple is planning to sponsor and present 14 AI research papers at the annual IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) in Denver next week, just days before it introduces major new AI features at its Worldwide Developer Conference (WWDC).

The fresh research explores topics such as using LLMs in image generation, quality testing, and user interface prototyping. For months, supply chain rumors have hinted at a radical evolution for the ubiquitous AirPods in the form of built-in ambient cameras. With this in mind, it’s noteworthy that one of the research papers, “From Where Things Are to What They’re For: Benchmarking Spatial–Functional Intelligence for Multimodal LLMs,” specifically seems to cater for such use cases. 

Accessibility for the people

In application, this tech promises profound potential for accessibility. It suggests that someone with limited vision might be able to get their AirPods to guide them through an unfamiliar room. This is something that should fit well inside the company’s ongoing narrative around machine vision intelligence and accessibility. 

Accessibility is central to a second presentation to be made during the Generative AI for Sign Language Workshop at the conference. Led by Apple’s Colin Lea, who presented a session on speech tech for people with speech disabilities at a similar event, this focus on machine vision intelligence and accessibility is entirely deliberate. 

Indeed, even though the industry and critics condemn Apple for lagging behind others in the AI space, the publication of these 14 papers at a key industry session just before WWDC shows the company has been doing a great deal of foundational work behind the scenes. We expect this work to bear its first fruit at WWDC, and it is important to understand the disclosures as a power move. Apple is using the show to celebrate its strengths in AI development, and given its decade work on Apple Car, many of those strengths relate to machine vision intelligence. 

Apple is so advanced in the field it is already deploying advanced models that empower consumers. Just last week, it promised to introduce a new tool called Image Explorer in VoiceOver to help partially sighted customers later this year. Among many other features, this will arrive alongside a system to let disabled users control compatible wheelchairs with spoken word commands. 

Apple is pushing boundaries all the way. Its paper “VSAS-Bench: Real-Time Evaluation of Visual Streaming Assistant Models,” proves it is actively refining models to process live video instantly on consumer hardware. 

What matters, the human or the machine?

The difference between Apple and its competitors is deep and philosophical. I’d argue that while others build cloud-dependent chatbots, Apple is embedding AI tools that solve real human problems in its systems. 

This extends to its plans at WWDC, where it will introduce a raft of AI tools made with help from Google Gemini and a host of AI services it has developed in house. The latter will include a great many accessibility tools of the type it will discuss at the CVPR event, the beauty of which being that they will run privately and on-device. You could argue that while other tech giants are using AI to automate white-collar jobs or build a surveillance dystopia, Apple is searching for applications of machine intelligence that solve real human problems. 

The company seems pretty realistic about the ongoing AI transformation. It recognizes that its own ecosystem must become a peer player in the emerging AI-augmented environment the tech industry seems intent on building. 

With that in mind, Apple is willing to engage in strategic, mutually beneficial partnerships, such as permitting Siri to use third-party AI services to handle requests. But even as it does that, it is also focusing on those areas in which it can make a unique difference, such as the accessibility features Apple as a platform has always provided.

Open up

As the Vision Pro demonstrated, and as these mythical video-enabled AirPods will in the future suggest, computers are steadily getting smarter. So, the way we use them is also changing as we move away from the rigid boundaries of keyboards, mice, and touchscreens. Apple’s quest for ambient computing began long before the sudden gold rush for generative AI chatbots. 

In the end, as the latter services become commodified, the way humans interact with them will define the next generation of hardware. That’s exciting for Apple, given that product design is where it excels. The era of sound and vision may finally have arrived.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

Researchers in Switzerland claim to have built a perfect random number generator from two quantum superconducting chips, a 30-meter-long pipe, and some software. The resulting device could be used to generate cryptographic keys, or to offer a “public randomness service” for lotteries or blockchain applications, they say.

They’re not the first to make the claim.

Many sources of randomness are biased. For example, coins or dice tend to favor one side. “Even modern random number generators, which are based on quantum mechanical effects like the reflection of photons from beam splitters, are not entirely immune to such a systematic error or ‘bias’,” said Andreas Wallraff, one of the leaders of the research team at ETH Zurich.

Similar biases can be found in purely software-based pseudo-random number generators. This has led to security problems in IoT devices and WhatsApp, among other applications.

To get around that, the researchers set up of two supercomputing chips, each representing one qubit, cooled to near absolute zero. The chips are connected by a 30-meter-long microwave guide, similarly cooled, and the microwave photons flying between them create a situation of quantum entanglement.

The results produced by this process are then transformed via a special algorithm to generate perfect randomness. “The resulting sequence of zeros and ones is now really perfectly random, and we can even certify that,” said Renato Renner, the other team leader. “The technical improvements allowed us to create random numbers that will remain perfectly random for all eternity.”

The team published their results this week in an article entitled “Experimental randomness amplification” in Nature.

This article first appeared on CSO.

It’s hard for people to tell the difference between AI-generated advertising and writing. So why do they respond better to the human-made stuff?

AI vs. Mad Men

Ipsos, along with faculty members from Syracuse University’s S.I. Newhouse School of Public Communications, just published a unique advertising study. They took 20 real ads from major brands, including Cheerios, Chewy, Febreze, Fiat, H&M, Old Navy, Herbal Essences, Ray-Ban Meta, TurboTax and Visa. They fed the same creative briefs used by the human ad creatives into Google Gemini, then used OpenAI’s Sora to generate fully AI-produced counterparts with no human intervention. 

They showed the ads to 3,000 consumers. Only 25% of AI ad viewers were at least somewhat confident the spot was AI-made, and 40% of all viewers were uncertain either way — suggesting the public isn’t great at spotting ads that are AI generated. 

But here’s the interesting part: While most people didn’t register that ads were AI-generated, they also didn’t respond to them like they did with human-generated ads. They consistently rated human-made work as more eye-catching and more imaginative. 

In other words, people assumed AI ads were made by people, but didn’t particularly like them compared to human-generated ads. And that means human-generated ads performed much better. 

Ads made by people without AI were 14% stronger on short-term sales impact and 17% stronger on long-term brand health.

To me, the data here suggests that while people can’t easily discern the difference between AI- and human-generated content, the AI stuff hits wrong on a subconscious level. And I think that’s happening with AI social posts, AI blog posts and AI slop in general. 

In fact, I’ve noticed it strongly in my own response to AI-generated content. It often looks perfect but bothers me for reasons that aren’t immediately obvious. 

The researchers explained AI’s inability to match human ad creativity by pointing out that AI draws from what already exists, while great advertising breaks new ground. AI can replicate the conventions of advertising, but it can’t transcend them, make a creative leap or engender emotion like people can. 

A broad range of research beyond the Ipsos study suggests that skillful people working with AI tools will always outperform AI alone, and often outperform people not using AI tools. Ipsos’ advice? Ad agencies should keep people at the center of brand storytelling and emotive assets. 

Can AI write right?

Another recent study looked at written web content and compared how human-written articles “performed” on search engines compared to AI-generated content. Semrush analyzed 42,000 blog pages across 20,000 keywords, ran every single one through GPTZero’s AI detector, and cross-referenced the results with actual Google Search results. It also surveyed 224 search-engine optimization (SEO) professionals about their AI habits and beliefs.

They found a disconcerting disconnect between what SEO people believe and what is actually true. Some 72% of SEO professionals who use AI content say it performs just as well or better than human-written content in search rankings. But it turns out that human-generated posts strongly outperform AI-generated. 

Content classified as purely AI-generated appeared in the top spot in search result just 9% of the time. Content classified as human-written was there 80% of the time.” That’s a roughly 8-to-1 advantage. (Note that the coveted top link in search results typically gets around one-third of the clicks.)

For lower page-one positions — from the fifth position down (which get relatively few clicks) — AI- and human-generated posts perform more similarly. (The researchers also found that when people write posts with a little help from AI, their posts rank better much than AI-only content.)

Those Semrush results are consistent with previous research. 

• NP Digital conducted an oft-cited study two years ago that found that human-written content ranked higher 94.12% of the time on Google than AI content. 
• A Graphite/Common Crawl analysis found that 86% of articles ranking high on Google Search are human-written (only 14% AI-generated), and ChatGPT and Perplexity cite human-written articles 82% of the time (only 18% AI). 
• On LinkedIn, more than half of site’s long-form content in 2025 was classified as “Likely AI” by Originality.ai. Engagement on verified human content was 61% higher than the AI-marked posts. 

Note that engagement performance varied by industry; that 61% result is an aggregate average across all industries. Ironically, in the category of “Leadership & Inspiration,” AI posts outperformed human posts by 75%. 

The absurd lesson here: If you want to be a thought leader on LinkedIn, don’t lead with your own thoughts. 

Quantity vs. quality

What all this research boils down to is that human-generated content (with or without help from AI) attracts far more traffic and higher engagement than AI-generated content. AI content is essentially invisible in high-value channels and while it might be high in quantity, it’s low in quality where it really matters — with reach and influence. 

As with the ad creative study by Ipsos, the conclusion of all this research is the same: People (and search engines) respond much better to creative content produced by people compared with AI-generated content. 

In short, AI is great at “flooding the zone” at high speed and low cost — and there’s a ton of AI-generated content out there. A quick check reveals that: 

• More than half of all written content on websites is now AI-written.
• Almost half of all music uploaded is now AI-generated.
• Nearly one-quarter of all videos uploaded are AI-generated or manipulated.
• Around 40% of all podcast episode uploads are AI-generated.
• More than 70% of all images uploaded to social media may be AI-generated or manipulated.
• And wll over half of all social posts are AI-generated

The specific numbers are my best estimates, and they’re changing fast each month. The takeaway is that AI-generated content is exploding in volume. 

But it isn’t reaching people the way human-generated content does. Take podcasts, for example. While roughly 40% of new podcast episode uploads are AI-generated, that 40% captures less than 1% of the listening hours. Of the top 100 podcasts, zero are AI-generated.

A clear picture is emerging about the use of AI for content generation. AI is great for churning out a lot of content at low cost. It can be good for some kinds of content — if a skillful person directs it. And AI can be a helpful tool for content creators. 

But when it comes to direct comparisons between people and AI, it’s clear that the winning content — the stuff with the best “performance” on search, best reception by people and the most engaging — is always human-generated. 

CryptoLocker. WannaCry. DarkSide. Conti. MedusaLocker. Qilin. The ransomware threat has exploded over the past decade, and it isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world.

Ransomware gained in popularity in large part because of the immediate financial payoff for attackers: It works by encrypting the files on your hard disk, then demanding that you pay a ransom, frequently in Bitcoin or other cryptocurrency, to decrypt them. Now many ransomware gangs are switching tactics, stealthily infiltrating enterprise systems, collecting sensitive corporate data over time, and later threatening to expose that data if the organization doesn’t pay up.

Nevertheless, individuals and businesses are still at risk from traditional ransomware attacks. In this article, I’ll show you how to keep yourself safe in Windows 11 — and Windows 10 too, for those who haven’t yet moved to Windows 11 — including how to use an anti-ransomware tool built into both versions of Windows.

(Administrators, see “What IT needs to know about ransomware and Windows” at the end of this article.)

This article assumes that you’re already taking the basic precautions against malware in general, including running anti-malware software and never downloading attachments or clicking links in email from unknown senders and suspicious-looking email. Also note that this article has been updated for Windows 11 25H2 and Windows 10 22H2. If you have an earlier Windows release, some things may be different.

Use controlled folder access

Microsoft is concerned enough about ransomware that it built an easy-to-configure anti-ransomware tool directly into Windows 10 and 11. Called controlled folder access, it protects you by letting only safe and fully vetted applications access your files. Unknown applications or known malware threats aren’t allowed through.

By default, the feature is not turned on, so if you want to protect yourself against ransomware, you’ll have to tell it to get to work. And you can customize exactly how it works by adding new applications to its whitelist of programs that can access files, and adding new folders in addition to the ones that it protects by default.

To switch it on, you’ll need to access Windows Security. To get to it in Windows 11, click Start > Settings to open the Settings app, then select Privacy & Security > Windows Security.  

In Windows 10, click Start > Settings to open the Settings app, then select Update & Security > Windows Security.

In Windows Security, select Virus & threat protection. On the screen that appears, scroll down to the “Ransomware protection” section and click Manage ransomware protection. On the next screen, under “Controlled folder access,” toggle the switch to On. You’ll get a prompt asking if you want to make the change. Click Yes.

You shouldn’t leave it at that and feel safe yet, because there’s a chance that you have folders you’d like to protect that the feature ignores. By default, it protects Windows system folders (and folders underneath them) like C:\Users\UserName\Documents, where UserName is your Windows user name. In addition to Documents, Windows system folders include Desktop, Music, Pictures, and Videos.

But all your other folders are fair game for any ransomware that makes its way onto your PC.

To add folders you want protected, click the Protected folders link that appears after you switch on controlled folder access. A prompt appears asking if you want to make the change. Click Yes. Click the Add a protected folder button that is on top of the list of protected folders that appears, then navigate from the screen that appears to the folder you want to protect and click Select Folder.

Continue to add folders in this way. Remember that when you add a folder, all folders underneath it are protected as well.

If you decide at any point to remove a folder, get back to the “Protected folders” screen, click the folder you want to remove, and then click Remove. Note that you won’t be able to remove any of the Windows system folders that are protected when you turn the feature on. You can only remove the ones that you’ve added.

Microsoft determines which applications should be allowed access to protected folders, and unsurprisingly, among them are its own Microsoft Office apps. Microsoft hasn’t published a list of which apps are allowed, though, so consider taking action to let apps you trust access your files.

To do it, go back to the screen where you turned on controlled folder access and click Allow an app through Controlled folder access. A prompt appears asking if you want to make the change. Click Yes. From the screen that appears, click Add an allowed app, navigate to the executable file of the program you want to add, click Open, and then confirm you want to add the file. As with adding folders to the list of protected folders, you can remove the app by getting back to this screen, clicking the application you want to remove, then clicking Remove.

Hint: If you’re not sure where executable files are located for programs you want to add to the allow list, look for the folder name with the program’s name in the “WindowsProgram Files” or “WindowsProgram Files (x86)” folders, then look for an executable file in that folder.

Note: In Windows 11, OneDrive folders are automatically protected by controlled folder access when you turn it on. However, they may not necessarily be protected in Windows 10. In Windows 10, on the “Ransomware protection” page, you’ll be notified in the Ransomware data recovery section whether your OneDrive files are protected. If they’re not protected, click the Set up OneDrive button there.

Back up… but do it properly

The whole point of ransomware is to hold your files hostage until you pay to unlock them. So one of the best protections from ransomware is to back up your files. That way, there’s no need to pay the ransom, because you can easily restore your files from the backup.

It’s a good idea to not just back up to a local drive but additionally use a reputable cloud-based storage and backup service. If you back up to a drive attached to your PC, when your PC gets infected with ransomware, the backup drive will likely be encrypted along with any other disks inside or attached to your PC. Cloud backups are generally less vulnerable but not wholly immune to ransomware attacks.

Make sure that your backup service uses versioning — that is, it keeps not just the current version of each of your files, but previous ones as well. That way, if the most current version of your files gets infected, you can restore from previous versions. Most popular backup and storage services, including Microsoft OneDrive, Google Drive, Carbonite, Dropbox, and many others, use versioning. It’s a good idea to get familiar with the versioning feature of whichever service you use now, so you can easily restore files in a pinch.

Some services, including OneDrive and Google Drive, now offer ransomware detection. Users are notified of suspicious activity and can use the vendors’ tools to remove infected files and restore older versions.

Stay patched

Microsoft regularly releases Windows 10 and Windows 11 security patches, and they’re automatically applied via Windows Update. But if you hear about a ransomware outbreak, you shouldn’t wait for Windows Update to work — you should immediately get the update yourself so that you’re protected as soon as possible. And it’s not just Windows updates you want to get. You also want to make sure Windows Security, Microsoft’s built-in anti-malware tool, has the latest anti-malware definitions.

To do both in Windows 10, go to Settings > Update & Security > Windows Update and click the Check for updates button. In Windows 11, go to Settings > Windows Update and click the Check for updates button. (If updates are already waiting for you, you’ll see them listed instead of the Check for updates button.) If Windows finds updates, it installs them. If it requires a reboot, it will tell you.

You need to worry not just about Windows staying patched, but other software as well. If you use an anti-malware program other than Windows Security, make sure it and its malware definitions are up to date.

And the other software on your PC should be kept up to date as well. So check how each piece of software gets updated and make sure to update each one regularly. For help keeping all your apps up to date, consider setting up an automated tool like Patch My PC Updater or Software Update Monitor (see our tutorial “How to keep your apps up to date in Windows 10 and 11”) — or, if you’re comfortable using the command line, try the WinGet command (see “WinGet: The best way to keep Windows apps updated”).

Disable macros in Microsoft Office

Ransomware can be spread via macros in Office files, so to be safe you should turn them off. Microsoft now disables macros from the internet by default, but that doesn’t necessarily mean that they’re turned off in your version of Office, depending on when you installed it and whether you’ve updated it.

To turn them off, when you’re in an Office application, select File > Options > Trust Center > Trust Center Settings and select either Disable all macros with notification or Disable all macros without notification. If you disable them with notification, when you open the file you’ll get a message warning that the macros were disabled and letting you turn them on. Only turn them on if you’re absolutely sure they’re from a safe, trusted source.

Get ransomware protection and/or mitigation tools

Just about any anti-malware program includes built-in anti-ransomware protections, but there are several programs that promise to specifically target ransomware. Most are paid, but there are also some free options.

Bitdefender offers free decryption tools that can unlock your data if you’ve been attacked by ransomware and it’s being held ransom. They can only decrypt data that’s been encrypted with certain specific pieces or families of ransomware, including REvil/Sodinokibi, DarkSide, MaMoCrypt, WannaRen, and several others. Avast offers its own set of free decryption tools.

What IT needs to know about ransomware and Windows

Many Microsoft 365 and Windows commercial plans, especially at the enterprise level, include ransomware detection and protection tools. Advanced products such as Microsoft Defender XDR are also available under separate licenses.

Even without those tools, there’s plenty that admins can do to protect Windows systems from ransomware. The most obvious: Apply the latest security patches to not just all PCs in an organization, but all servers and any other enterprise-level hardware. Also lock down application permissions, train users to spot phishing attempts, and, of course, securely back up all corporate data.

IT also needs to make sure the notoriously insecure SMB1 Windows networking protocol is disabled in all devices. Multiple ransomware attacks have spread through the 30-year-old protocol; even Microsoft says it should be used by no one, ever.

The good news is that Windows 10 version 1709, released in October 2017, finally did away with SMB1. (It’s not in Windows 11, either.) But that’s only for PCs with clean installs of version 1709 or later. Older PCs that were updated from earlier versions of Windows still have the protocol built in.

The Microsoft support article “Detect, enable and disable SMBv1, SMBv2, and SMBv3 in Windows” offers details about how to turn off the protocol. It recommends killing SMB1 but keeping SMB2 and SMB3 active, and only deactivating them for temporary troubleshooting.

Administrators can use the controlled folder access feature (covered earlier in this article) to stop ransomware from encrypting files and folders of PCs running Windows 11 or Windows 10 version 1709 or later. They can use the Group Policy Management Console, the Windows Security Center, or PowerShell to turn on controlled folder access for users on a network, customize which folders should be protected, and let additional applications access the folders beyond the Microsoft defaults, as detailed  in the Microsoft articles “Enable controlled folder access” and “Customize controlled folder access.”

One potential issue with controlled folder access is that it might block apps that users typically use from accessing folders. So Microsoft recommends using audit mode first, to see what will happen when controlled folder access is turned on. For information about how to do it, go to Microsoft’s “Evaluate exploit protection” documentation.

As noted above, Office macros can spread ransomware. Microsoft is now blocking macros downloaded from the internet by default, but to be safe, IT should use Group Policy to block them. For advice on how to do it, go to the “Block macros from running in Office files from the Internet” section on Microsoft’s “Macros from the internet will be blocked by default in Office” documentation.

This article was originally published in January 2018 and most recently updated in May 2026.

Google DeepMind CEO Demis Hassabis believes progress toward artificial general intelligence (AGI) is moving faster than expected and that society now has only a few years to prepare. He believes AGI could arrive around 2030, though acknowledges it could be here in 2029 — or even sooner.

In an interview with Axios, Hassabis said that today’s AI agents — systems capable of performing tasks independently — should be viewed as a sort of “practice run” for significantly more powerful AI in the future. He also warned that governments, economists, and society at large are not taking this development seriously enough.

One particular risk he highlighted is that AI systems in the future might begin to improve their own development. “All the leading labs are pretty focused on that,” Hassabis told Axios. “It will yield clear benefits in the form of faster research. But there are also risks associated with that type of system.”

T

All of the big AI models violate EU rules on AI and data protection to varying degrees, according to the nonprofit research foundation Aithos.

Aithos tested the models using its own tool, LARA (Legal Assessment for Real-world Agents), which simulates real-world situations where AI assistants may find themselves in legally questionable situations, according to The Register. The tests measure compliance with the GDPR and the EU’s AI Regulation, among other things and found the models collected user data without proper consent, attempted to manipulate vulnerable individuals, or created psychological profiles of users.

According to the results, all major language models failed to meet EU legal requirements; some violated the rules in up to 93% of cases. The best result was achieved by the Anthropic model Claude Opus 4.7, which was in compliance about 54% of the time.

Aithos warned that responsibility for the shortcomings does not lie solely with AI companies. Companies that build their own AI agents on top of these models could also be held legally liable.

“The future of AI should be accessible, available, and open to people and builders everywhere, and it should not require an absurd amount of resources only available to a handful of cloud providers,” Paolo Ardoino, CEO, Tether.

About 700 million people use generative AIs like Gemini and ChatGPT weekly, but adoption is far from uniform. McKinsey’s 2025 State of AI survey found that nearly half of respondents from companies with more than $5 billion in revenue have reached the AI scaling phase, compared with just 29 percent of those from companies with less than $100 million in revenue, a gap that only widens further down the chain, locking out smaller businesses, developers, and everyday users.

Retail and small businesses are limited to basic AI utilities that their facilities can power, such as text-based inference and multimedia generation, using base models. That is billions of end users, and developers locked out of full utilization and development of intelligent software due to high infrastructure demands.

Tether’s edge-first LoRA fine-tuning framework for Microsoft’s Bitnet LLM is an important step towards developing an infrastructure system that supports billions of AI agents and intelligent machines. By reducing the computational overhead of machine learning and enabling consumer-grade devices to perform advanced operations, Tether’s edge-first approach ensures greater leverage for the larger population.

Imagine a 13-billion-parameter model being fine-tuned on everyday handheld devices like Samsung S25 and iPhone 16, as well as on regular personal computers. The breakthrough combines resource-efficiency and platform-agnostic techniques to develop a fine-tuning framework for the ternary-quantized LLM.

Behind Tether’s Bitnet fine-tuning framework

Bitnet LLM was born out of the vision of an intelligent AI model that doesn’t consume outrageous computing resources even at full precision. Earlier attempts at resource-efficient AI relied on trade-offs, such as running small-parameter models at higher precision or larger-parameter models at lower precision, but neither approach fully solved the problem.

Bitnet takes a more fundamental approach. The result is a model that achieves linear efficiency while consuming only a fraction of the computing resources traditionally required.

The challenge, however, is that contemporary GPUs are optimized for the very floating-point operations Bitnet eliminates, creating a hardware compatibility gap. Compounding this, Bitnet was originally confined to its own Bitnet.cpp inference engine, limiting its broader utility. Tether’s breakthrough addresses both constraints at once by integrating a Vulkan and Metal GPU backend that unlocks true cross-platform capabilities for BitNet inference and LoRA fine-tuning on heterogeneous consumer GPUs, including mobile GPUs. Bitnet can now run on more mature, widely supported inference engines without sacrificing its efficiency advantages.

Vulkan’s cross-platform nature is key here. Unlike CUDA, which ties developers to NVIDIA hardware, Vulkan runs across a broad range of GPUs and operating systems, opening Bitnet to genuinely multi-platform deployment. Tether’s Bitnet fine-tuning framework implements a dynamic tiling technique to mitigate limitations in Vulkan driver buffer allocation on mobile GPUs.

The dynamic tiling algorithm technique was first applied in the fine-tuning framework for QVAC Fabric LLM, the AI model that powers Tether’s QVAC Workbench application.

This implementation demonstrates the efficiency of this approach: fine-tuning a 13-billion-parameter model across a range of consumer devices with varying GPU configurations.

The Bitnet LLM Fine-tuning framework is Tether’s latest achievement and part of a broader expansion into open-source AI and communication technologies that challenge current, slow, fragile, and controlled systems. These developments are open-sourced and packaged as modules in the QVAC SDK for easy deployment and to help developers build edge-first AI applications without needing anyone’s permission.

Tether envisions superintelligence as a foundational element possessed by its owner and is enforcing this through:

Local-first AI

Synonymous with decentralized AI, “Local-first” AI aims to create sovereign AI solutions that do not rely on centralized infrastructure, such as data centers, to operate. They are considered cost-effective, relatively more sustainable, and unarguably more private than centralized AI. Tether is building AI applications that rely entirely on the device’s resources. These applications store data in device memory and use its processors for advanced operations, such as fine-tuning and inference.

P2P computing network for AI inference

Tether’s AI applications are built on the Pear runtime. Pear is a tooling platform for fully P2P applications that can operate without servers. Pear leverages the Holepunch tech stack. Holepunch is purpose-built for stable, direct communication between devices. Pear enables delegated inference for AI applications such as QVAC Workbench. Delegated inference enables a unified, dynamic workstation architecture where compute tasks are fluidly distributed between mobile and desktop environments, allowing either device to offload high-intensity processing to the most capable system. That is, you can start a task on your mobile device and delegate it to your desktop or laptop for completion.

AI for everyone

The only way to scale intelligence to the needs of a ten-billion-strong society is to push it to the edge. This, in turn, depends on the progress made by experiments aimed at cost-effectively localizing AI computation.

Billions of AI agents and countless AI applications deployed by developers in every region of the world, running effectively on user-owned resources, is the only way we can democratize superintelligence and avoid creating another ‘luxury’ cutting-edge technology controlled by unicorns and fully accessible only to elites.

Tether is pioneering limitless superintelligence for an ever-growing society and applications. Follow the journey to truly local and edge-first AI solutions

Apple publishes its App Store fraud prevention report every year,. And when it does, the company presses the point that its curated system brings much value to developers and customers, including highly effective protection against fraud. It says it prevented more than $2.2 billion in potentially fraudulent transactions in 2025 alone.

A tax worth paying

The company said it has prevented $11.2 billion in such fraud in the last six years. That’s a lot of value for the 15% or lower commission that all but the biggest-selling developers are required to pay on their store sales.

Don’t believe the hype, as most developers are not generating the $1 million a year required before the 30% payment kicks in.

You might reflect that if there is an Apple Tax, it’s a progressive tax in which those with the broadest shoulders help support the wider developer community, which is probably why some tech billionaires don’t like it. 

But I’m not here to write about taxation; I’m here to highlight the value the App Store brings. Apple diligently works to protect customers and developers against the ever-growing threat of cybercrime at a scale few other companies could hope to match. That matters in an environment dominated by ever more sophisticated attacks, including scenarios in which a developer submits a benign app for review and then modifies it once the app is online to commit financial fraud.

More than fraud prevention

It’s not just fraud Apple protects App Store customers from. It also attempts to protect privacy. Look, we know that tech firms now exist for whom privacy is a roadblock to profit; they want to take all your information for free to sell it for money, or worse. Apple stands against this and has done so for years, which is why it is under steady attack by entities that want privacy destroyed to boost their bottom line. Nation states and nation-state-adjacent attacks don’t help in the battle for your private digital life, throwing huge resources at undermining personal protections.

Apple’s report gives you a solid glimpse at the anti-privacy environment. App Store rejected 443,000 app submissions for privacy violations; it also rejected 22,000 apps for holding undocumented anti-privacy features. 

The upshot is that while Apple’s protections aren’t 100% perfect, they’re still industry leading. Where incidents do take place, they are resolved swiftly, and the bait-and-switch approach (in which an app pretends to be benign but carries malware) remains the biggest threat. That’s why customers should always verify they trust a developer before downloading apps.

The threats coming over the hill

The thing is, all of these threats are evolving, and Apple is equipped to evolve in parallel with them. In part, that’s because it has scale, in part because it has that huge 2.2-billion-device ecosystem, in part because the company entered the app store race with deep understanding of how online transactions were evolving in the first place. It didn’t run iTunes for years only to learn nothing.

Coming up over the hill we can see new-breed quantum-based threats. Along with artificial intelligence, that combination will likely spawn a mass attack of AI-generated, malware-infested apps being built and submitted at a record pace. 

We will also likely see increased attacks made against developers in order to extract their Developer ID to help in the submission of such apps. And we will see increasingly sophisticated algorithmic hacks to attack security, identity, and even app ownership. Protecting against those consequential evolutions will be neither easy nor cheap. Doing so will require near state-level protection, a degree of security no small entity can meet. We have no idea if smaller app stores can even visualize such protection — and the EU doesn’t know, either.

In time, hopefully, new businesses will emerge offering quantum-safe security to protect online purchases. But for now, we’ll mostly need to look to large entities such as Apple, or payment services providers, to make the grade. 

Near state-level protection

Will Apple put protection at scale in place to protect against these incoming threats against its App Store? It seems likely, given it is already investing in OS-level mitigations to protect encryption on its services, including around encrypted communications. 

It is also in Apple’s interest to future-proof protection around payment services, ergo also the App Store. At the same time, as Apple’s latest fraud report confirms, the threat landscape remains highly volatile. Time will show that the store’s degree of protection is well worth the cost of Apple’s progressive App Store tax. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

For years, software developers on H-1B visas benefited from steady demand among US technology employers. That market is becoming more selective as companies redirect spending toward AI and rely more heavily on coding assistants.

Recent layoffs at companies including Meta and Amazon have added to the uncertainty, with engineering and software roles affected even as major technology companies continue to deepen investments in AI.

Developers and analysts say traditional engineering roles are becoming harder to land, recruiters are asking more often for AI-related experience, and workers are being pushed to keep pace with tools such as GitHub Copilot, Claude, and ChatGPT.

The shift is being driven by both AI investment and broader economic uncertainty, according to Pareekh Jain, CEO of Pareekh Consulting. Companies are changing the profile of the developers they want, hiring fewer people in some areas while paying more for AI talent.

“AI investments are changing company hiring strategy,” Jain said. “They require a different profile, fewer numbers, and also across geographies.”

This shift is colliding with a tougher sponsorship environment for H-1B developers.

Jain said companies are more selective about hiring visa-dependent workers than they were two or three years ago, especially when permanent residents and US citizens are more available in the market.

“Companies are not looking for H-1B now,” Jain said. “They are building a local workforce and preferring green card holders and citizens.”

Employers may now be more likely to consider H-1B candidates only when they have immediate project needs, rather than building a longer-term bench of visa-dependent workers.

Concerns are visible in public forums used by technology workers. In one January post on Blind, an anonymous senior software engineer with seven years of experience said she had been laid off while on an H-1B visa and was “not interview-ready,” highlighting how quickly job loss can become a visa problem for H-1B workers in the US.

Junior developers face the squeeze

The combination of AI tools and tighter hiring is hitting early-career developers hardest, said Adarsh ML, a product engineer at Ather Energy who tracks global engineering hiring trends.

“Companies are increasingly looking for specialized engineers with machine learning and data science skills,” Adarsh said. “Job opportunities for people with zero to three or four years of experience are not really there anymore.”

The shift is also changing team structures, Adarsh said. Earlier, one manager may have had two or three interns and several freshers reporting to them. Now, many of those roles are being replaced by AI agents.

“Companies now want people who understand software well enough to catch the mistakes these AI agents make,” Adarsh said.

That creates a longer-term risk for the software talent pipeline.

“If companies only want people with five years of experience to manage AI agents today, who will have that experience five years from now?” he said. “There may not be enough experienced developers left.”

AI literacy becomes baseline

The impact is not the same for every role. Sophia James, an Indian software professional based in the US who works in database monitoring, said AI has not significantly changed her team’s daily workflow. But AI literacy is becoming a management expectation.

“Managers are trying to understand whether we are keeping up with the changes happening in the market,” James said. “Recently graduated students, whether BS or MS, are finding it difficult to get jobs. But people who already have jobs, like us, are not facing that much of an issue in terms of projects continuing.”

Jain also stressed that AI literacy is now becoming a baseline expectation for software developers, even outside AI-focused roles.

“Being AI-literate is a must now, even if the role is not directly in AI development,” he said. “This is like knowing Excel even if you are not from finance in the earlier era.”

Fewer developers required

Jain said AI coding tools are likely to reduce the number of developers companies need for similar tasks, making the technology deflationary for some software work.  

But Jain added the impact may not be entirely negative. Enterprises will need to invest in data, cloud, and modernization to become AI-ready, creating new work. AI could also encourage companies to build more applications internally instead of buying from SaaS providers, potentially creating opportunities for IT services firms.

The effect is already visible in hiring decisions. Nikhil Dhiman, head of engineering at CarInfo, said AI is changing the economics of early-stage software development, particularly when companies are building proofs of concept or testing new ideas.

“Some companies are very cautious now,” he said. “They want to leverage AI more and hire less. They just want to see the impact first.”

Navigating the new hiring market

Familiarity with tools such as ChatGPT and GitHub Copilot is now a baseline requirement for developers, said Sanchit Vir Gogia, chief analyst at Greyhound Research.

Developers need deeper expertise in areas such as cloud infrastructure and data engineering, as well as security and AI governance, he said. Those skills are closer to the systems enterprises need to validate and scale, rather than the routine coding work AI tools are starting to compress.

“The engineer who only produces output grows easier to replace as the output grows easier to generate,” Gogia said. “The engineer who can validate it, secure it, situate it in a real business, and stand behind the result becomes harder to replace.” For H-1B developers, he said, adaptation also requires visa planning. Developers should understand portability rules and employer sponsorship timelines before a job loss forces urgent decisions.

“A high-skilled worker has up to 60 days after a role ends, and the right to begin new employment the moment a valid portability petition is filed,” Gogia added. “The strategic error is treating that window as a safety net rather than a planning horizon.”

The article originally appeared on InfoWorld.

Over the past decade, there’s something I’ve hinted at, mentioned in passing as a part of broader discussions, and told more people than I can count privately via email and other one-on-one conversations.

And now, as the writer of the internet’s longest-standing Android column and newsletter — a fancy way of saying someone who is apparently now old as molasses — I feel like I’d be doing a disservice if I didn’t just come out and say it as prominently and plainly as possible:

There is no valid reason anyone should be buying Motorola Android devices in 2026. None.

It’s a shame, too, ’cause Motorola has a heck of a history within Android and the mobile realm in general. And, to its credit, the company does still make some impressive-looking and at times quite interesting hardware.

But the compromises that come with that package are just too serious and consequential to be forgiven. That’s been the case for some time now, truth be told — but with yet another facepalm-inducing infraction being added onto the list now, it’s time to say it loud and clear:

Please stop buying Motorola Android phones. And please join me in telling everyone you know the same thing. 

Trust me: You’ll be doing them a major favor. And here, with no punches pulled and absolutely no sugarcoating, is exactly why.

[Get level-headed knowledge in your inbox with my free Android Intelligence newsletter — three new things to try every Friday and tons of other tasty treats.]

The Motorola Android compromise: Part I

I won’t beat around the bush: The most pressing reason Motorola Android phones are completely inadvisable to buy is the reason that’s been present for the longest — and that’s the company’s complete and utter disregard for even minimally acceptable post-sales software support.

It’s something I’ve noted in my data-based Android Upgrade Report Cards for more years than I can even remember at this point, and it’s almost comically consistent: Year after year, upgrade cycle after upgrade cycle, Motorola simply does not give a damn about investing the time or the money to bring current Android versions to its existing customers in anything close to a timely manner. Once you’ve forked over your phone and put away your wallet, good luck: You’ll be lucky if you get a single software update from Motorola after that, half a year to a year after the fact — and you almost certainly won’t hear a single peep from the company about the progress (or lack thereof) at any point along the way.

Motorola has managed to score an almost impressive number of back-to-back “F” scores on my annual analyses; no other Android device maker even comes close to that record. And lest you think this is purely about pokiness in providing polish and surface-level progress, remember that practically every Android software update is packed with critically important changes around privacy, security, and performance — and the way apps are able to interact with both your data and your hardware.

Running outdated software isn’t just dangerous — it’s downright irresponsible, especially if you’re a professional using your phone for business purposes but even if you’re just a regular ol’ schmoe focused purely on personal stuff. No one who understands a thing about security would ever recommend that, and that’s exactly what you’re signing up for anytime you buy a Motorola-made device.

So that’s part one, and that’s the biggest problem with Motorola’s Android products. But it isn’t the end of this tale nor the reason I was finally moved to write this missive, with the hopes that it’d eventually reach any Android-interested phone-buyers with Motorola on their minds.

Motorola’s more recent Android offenses

All update-related issues aside, the problem with Motorola’s Android products is that they make all sorts of compromises that are all about lining Motorola’s pockets at the expense of your experience.

The most recent example and the straw that broke the Android columnist’s (increasingly creaky) back is the new discovery that Motorola had seemingly been indirectly hijacking the Amazon app on its devices and sneakily injecting an affiliate code into links. The end result of such actions, according to observations published this week, is generating unearned revenue from your day-to-day purchases.

That’s an underhanded and shady-seeming practice, to say the very least. It just feels icky and ethically reckless. And clearly, what was demonstrated was intended to go unnoticed, which is always a pretty apparent sign in my mind that someone’s doing something shifty.

Following the discovery and subsequent outcry, Moto released a statement saying that the behavior was “unintended” and the result of its partnership with a company called Device Native. According to Moto, it had teamed up with that organization to develop “an app search and suggestion experience for the Moto App Launcher.” You can choose to interpret that how you will, but the reality is that Device Native is a company that exists to inject personalized, native-seeming ads directly into the core Android software experience, as its website plainly establishes — with “no user opt-in required,” allowing for easier “scale” of “monetization globally.”

On some level, at least, Motorola evidently decided to work with this company and integrate its ad technology into the Android experience on its phones. Regardless of whether the Amazon code injection was truly deliberate, which organization caused it to happen, and who was or wasn’t aware of the actions, Motorola opted to place this ad-serving system into the phones it was selling and to allow the company behind it to exert this kind of control over its customers’ experiences — as well as, one would imagine, likely leaning on it for other forms of invasive system-level ad integration.

And sure, maybe Moto will back down from this practice and perhaps even distance itself from the partnership entirely if the outrage grows loud enough. But does someone stopping a shady-seeming practice simply because they got caught and people complained make for the kind of company you want to trust in general?

It’s similar to the way Moto lards up its devices with so much preinstalled bloatware that you actually have to fight to get through it or — Goog forbid — remove it and reclaim the product you paid hundreds of dollars to purchase. Heck, even the company’s top-of-the-line, nearly $2,000 folding Razr Fold phone is guilty of this sin, and that’s just embarrassing for a device of that price and caliber.

Even with Motorola’s lower-level phones, though, we’re talking about devices that often cost $500 or close to that. These aren’t bottom-of-the-barrel, heavily subsidized garbage gadgets. You could get one of Google’s Pixel 10a phones for that same price or often even less — without any of the bloatware, the link-hijacking and potential ad-injecting shenanigans, or the unforgivable software support failures. You’d get a full seven years of guaranteed timely and reliable software updates, from major Android versions to monthly security patches and the quarterly feature drops that accompany those. And that’s to say nothing of the superior camera experience and other assorted advantages.

You could go with one of Samsung’s midrange models, too, imperfect as those are in their own ways, and it’d still be a massive step up from the Motorola madness.

We’ve reached a point where there really is just no comparison — and, again, no reason why anyone should be buying a Motorola phone anymore. The issue, unfortunately, is that most of the people who are buying Moto devices are the same people who aren’t reading columns like these. They’re the people who waltz into a carrier store, see whatever model is featured on the shelf or pushed by a commission-earning, partnership-promoting salesperson, and walk out with whatever caught their eye or had the best promotional pricing on that particular day.

Make no mistake about it: These types of devices give Android a bad name and propagate the myth of the entire platform being a second-rate dumping ground for “folks who can’t afford iPhones.” Android is so much more and so much better than that. You deserve so much better than that.

Plain and simple, this isn’t the Motorola of yesterday. At this point, there’s no excuse — and no reason to keep setting yourself up for failure when so many better options exist.

Say goodbye, Moto. And make sure everyone you know who won’t be reading this column knows why they should do the same.

Get unmatched Android insight in your inbox with my free Android Intelligence newsletter — three new things to try and zero punches pulled every Friday.

The rise of generative AI (genAI) technology has prompted a growing debate about the future of software-as-a-service (SaaS) business models. 

Some of the fears are overblown: enterprises are unlikely to vibe-code their own applications to replace their SaaS suppliers anytime soon, while software vendors have yet to see per-seat sales fall off due to mass automation of white-collar jobs. (In fact, some now predict the opposite will happen.)

At the same time, AI has the potential to change the way work is carried out, with AI agents empowered to interact with software applications on behalf of users. For software vendors, that could mean a future where applications are accessed less through traditional user interfaces as AI agents connect via APIs. 

It’s an inevitable shift, says Box CEO Aaron Levie, and one that requires software vendors to adapt their existing products and business models to prepare for agent workflows. 

Computerworld recently spoke with Levie about how Box — and other SaaS vendors — can adapt as agentic AI threatens to upend existing business models. (This interview has been edited for clarity.)

Discussion about a “SaaS-pocalypse” has died down recently, and software stocks have rebounded. At the same time, it seems clear the adoption of AI agents could change how workers interact with software. How can companies like Box adapt to this new environment? If AI increasingly becomes the interface users interact with, where does the long-term value lie? “People are realizing that you’re not going to rebuild a lot of the systems that people were kind of claiming you would [with vibe-coding]; it just doesn’t make sense. So, that part is sort of dissipating. However, headless software and the ability to use your systems via AI is obviously going to happen, there’s no question. 

“So, I think the conversation is shifting from ‘AI disrupts software’ to ‘AI is going to be the biggest consumer and user of software going forward.’ And for that, the main thing is: can you have a business model that allows you to actually monetize the consumption of those agents using your underlying tools? We’re fortunately built for that; we’ve had an API business model basically forever, so we’re well prepared.

“There’ll be some companies that have to pivot a little bit more significantly over time — there’s no question that will happen in a bunch of organizations. We’re big believers that AI will be the biggest user and interface for the future of software.”

How important is it for Box to retain that interaction with human workers, rather than becoming more of the underlying layer AI agents interact with? “I would say that we’re totally comfortable with that shift. When you have AI agents, you still need a place to be able to secure the data — you need to protect it, you need to govern it, you need to make sure you know who’s accessing it. None of that changes in the world of AI. In fact, if anything, it actually increases. 

“We don’t really care if it’s an agent using the data, an application using the data, a person using the data — we want to be the best content management system that connects your information to all of those applications.”

How does that perspective feed into your product development and roadmap “It basically means that we need to be a headless platform. That means customers need to be able to access their data via MCP inside of ChatGPT, inside of Claude, inside of all these systems. It means that we care as much about our APIs and access to those APIs as we now do our user experience. We have to make sure that both of those environments are as simple and clean as possible, and as usable as possible.

“It’s basically as if there’s another constituent now in our ecosystem that we have to go and pay attention to.

“We need to be the best place to manage your content, and then wherever you want to work with it from, we’re totally fine. So, if you want to work with your files from your desktop, from Claude Cowork, from ChatGPT Codex — we just want to make sure we are universally accessible across every single place that people want to work with their data.”

Could that mean changes around how you price access to your software? Do you expect a shift to usage-based pricing? “Not as much as is probably being talked about online, because seats still make sense for the employee and the end user. Even when an agent is doing work on your data, it’s still you invoking that agent. It sort of makes sense that the seat is still attached to the underlying end user employee, even though an agent is going to be doing work on your data.

“We think the seat model will be quite durable over time. What this does is just add another business model, where you have agent-only interactions; those will be primarily coming through the API, and then that will be a consumption model.”

What are your thoughts on outcome-based pricing? Is that something you look at? “We do one thing that’s close to that — we have the Box Agent that does things like data extraction. It extracts your data and we charge based on the number of pages that you want to extract data from. So there are some things that approximate outcomes, but not at the level of resolving a customer service ticket or something like that, that maybe has been talked about. We’re probably going to be more aligned to…the amount of compute that that is used.”

What are your conversations with customers around moving to a usage-based model? A lot of organizations are used to fixed monthly subscriptions — can metered AI agents become problematic? “I think it definitely can be. This is sort of a common tension in general.… We saw this with cloud computing, for instance. The difference with cloud computing is that cloud was relatively centralized, versus the use of AI and tokens are much more diffuse. That’s a big difference that companies have to think about.

“There’s always this tension: you can pre-buy and have a subscription, but then you might be overpaying for periods where you’re not using it as much. Or you can only pay for what you use, in which case you might have some volatility in the pricing of what happens.”

How are customers progressing in adopting AI agents — particularly, the move from pilot projects to production. What are some of the biggest barriers to wider deployment of agents? “We’re very much moving from coding agents to the rest of knowledge work: this is the jump that’s starting to occur. In that, one of the big questions and challenges is how companies get agents the right context and information to work with — how do they enable agents with the right level of constraints in their organization from a security and compliance standpoint? This is our kind of reason to exist, and what we’re helping our customers on.

“Overall, it’s just a transformational moment in the enterprise. Every customer that I talk to, every dinner that we have with customers, every CIO meeting I’m in, every CEO meeting I’m in, it’s all about agents.

“Agents have thrown the whole world into this kind of dynamic period of, ‘What does the shape of your organization look like? What’s the future of a manager versus an individual contributor? What are the workflows that you can go and execute on?’ There are so many different ways that this is starting to change.”

You were part of another major industry transition with the adoption of cloud computing. Are there similarities you see or major differences that customers can learn from? “The big difference between [them] is that, with cloud, you could centralize the deployment of and management of.Cloud really only affected 3% of your organization that was moving from the data center to the cloud, and then every employee got better products and experience as a result of that. The change was really kind of fairly concentrated. AI affects every single employee in the company. It’s a radically different type of transformation of what work looks like.

“There are only so many analogies you can make to cloud before quickly you realize, no, this is actually a different transformation. Maybe it’s even closer to the PC, in the sense of every single worker has to change what they’re doing to be productive. It’s not a technology delivery shift, it’s a fundamental reworking of every workflow in the enterprise. And so that’s I think what most companies are going through right now.”

Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns.

The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United Services Institute (RUSI), a UK-based defense and security think tank, defines PF as the use of funds or financial services to acquire, develop or otherwise deal in weapons of mass destruction (WMD). It states, “North Korea and Iran are now developing and deploying AI models to aid with sanctions evasion activities.”

Key findings include the fact that AI is now capable of mass producing high-quality fraudulent documents, as well as automating what the report describes as “the administrative minutia of managing extensive shell company  networks.” AI powered systems, it states, can also “analyze blockchain patterns in real time to dynamically adjust cryptocurrency mixing strategies, effectively evading detection tools.”

In addition, it says, “[tools such as generative AI] which can produce sophisticated fraudulent identification documents, for example, have helped North Korea perpetrate phishing attacks against Western companies.”

Dr. Aaron Arnold, senior associate fellow with the Centre for Finance and Security at RUSI, who authored the paper, said in an email that what prompted it was an uptick over the last year in North Korea’s use of AI to facilitate and enhance its cyber operations, in the form of phishing schemes designed to generate revenue for the country’s ballistic missile and nuclear weapons programs.

He advised enterprise IT managers who need to protect their organizations from becoming victims of sanction evasion activities that “[it] means largely adapting to a landscape where traditional human-focused security boundaries are being bypassed by automated technologies.”

For IT managers, said Arnold, “this might entail incorporating defensive AI, the use of behavior-based analytics, using ‘circuit breakers’ when there is heavy use of API or MCPs, updating personnel training, and hardening identity verification, especially for any remote hiring.” 

Distinction between AI-assisted and AI-enabled activity is ‘central’

Sanchit Vir Gogia, chief analyst at Greyhound Research, said that the RUSI report matters “because it names the right structural shift. AI is not creating sanctions evasion from thin air, it is compressing and scaling methods that already work.”

He pointed out that none of the sanction-evading techniques such as fraudulent documents, synthetic identities, shell companies, hidden beneficial ownership, crypto laundering, and others are new. “What changes is the speed, quality, volume and coordination with which these methods can now be assembled,” he said.

According to Gogia, “the distinction between AI-assisted and AI-enabled activity is central. AI-assisted evasion uses AI for discrete tasks: writing a better email, producing a cleaner document, generating a stronger false profile, translating a pitch, summarizing regulations or preparing a plausible job application. AI-enabled evasion is more serious.”

A ‘structural asymmetry’

This tactic, he said, “begins to coordinate the system itself. It links identity, documents, ownership structures, payment routes, cloud access, crypto wallets, API calls and timing. The difference is not whether AI helps someone fake a document. The difference is whether AI begins to orchestrate the deception.”

That is why the report’s findings should worry enterprise leaders, he noted: “Many organizations still assume the bad actor is mostly human, mostly linear and mostly slow. That assumption is expiring. AI lets adversaries run more attempts, with fewer errors, across more channels, in more languages, with better paperwork and greater patience than most enterprise review processes can absorb. This is not a tale of genius criminals discovering magic. It is the story of ordinary controls meeting industrialized plausibility.”

The evidence today, he pointed out, is strongest around tactics such as identity fraud, document fraud, synthetic personas, remote-worker deception, phishing, social engineering, crypto obfuscation and workflow abuse. “Fully autonomous evasion networks sit on the horizon,” he said. “They are serious, but they are not yet the everyday baseline.”

This distinction matters, said Gogia: “If enterprises obsess over cinematic autonomous agent scenarios while leaving remote hiring, vendor onboarding, payment approvals, and document review full of holes, they will lose in the most prosaic way imaginable.”

The report, he said, also gets the “asymmetry” right. “Offensive actors can learn across the ecosystem,” he said. “They can scrape open information, reuse leaked records, study enforcement patterns, test onboarding forms, inspect public procurement data, watch court filings, probe compliance thresholds and [use the information to] refine their behavior.”

Defenders, by contrast, are hemmed in by privacy rules, fragmented data, explainability requirements, jurisdictional boundaries, conservative operating models and siloed technology estates. “Offensive AI learns broadly,” he said. “Defensive AI often learns from fragments. That is the structural asymmetry.”

He explained that the regulatory landscape also amplifies the problem, in that regulatory bodies “still speak in separate dialects. [For example] the EU AI Act pushes organizations toward stronger obligations for high-risk AI. NIST-style frameworks push risk management, transparency, and governance.”

A trust architecture problem

Financial Action Task Force (FATF) expectations push national risk assessment and counter-proliferation controls, he noted, while banking regulators focus on model risk, accountability and operational resilience. “None of these streams is irrelevant. The trouble is that criminals do not organize themselves around regulatory workstreams. They organize around outcomes.”

What that means, said Gogia, “is that enterprise cannot wait for a clean global rulebook. It will not arrive in time. CIOs, CISOs, compliance officers and boards need a working governance model now. They need privacy-preserving analytics, controlled data environments, audit trails, legal safeguards and clear model-risk accountability.”

He said that enterprise IT managers should treat the situation as a trust architecture problem rather than a narrow sanctions-screening problem. “The uncomfortable truth is that AI is not simply helping bad actors write better phishing emails or forge tidier documents,” he noted. “It is helping them manufacture legitimacy across a chain of enterprise workflows.”

Likely outcome an ‘AI arms race’

Report author Arnold also noted that there are signs that cyber criminals have discovered new AI technologies and abilities that legitimate enterprises could adopt for legitimate applications.

History, he said, “is replete with [criminals] developing novel solutions to tough problems, [which are] later adopted by law enforcement. Much of our anti-financial crime policy is effectively a response to bad actors exploiting systems or using technology in novel ways to perpetrate crimes. In this scenario, I think an ‘AI arms race’ between enforcement authorities and bad actors is the most likely outcome.”

Gogia added, “the baddies are not teaching enterprises how to invent AI. They are teaching enterprises where trust is leaking. That is the lesson worth taking seriously.”

This article originally appeared on CIO.com.

Apple has spent billions of dollars to develop satellite connectivity for iPhone; I very much doubt it did so solely to rescue stranded hikers. The company will most certainly have had a bigger prize in its sights when it first began working with GlobalStar (now owned by Amazon).

The most logical reason to invest in satellite coverage for its devices is the most obvious — to provide network infrastructure for new breeds of device and new service models. You don’t acquire access to massive amounts of bandwidth for nothing. And Apple’s steady introduction of new satellite-supported services shows it is interested in introducing these services, even though the offer isn’t extensive enough yet to require iPhone users to pay for access, yet.

The decision not to charge for those satellite services suggests they’re just the thin end of the company’s plans for satellite deployment.

It’s possible the company’s ambitions were limited by GlobalStar’s ability to put satellite constellations in orbit. That work was ongoing last time I looked, and I fully expect existing Apple satellite services will be extended to new nations, even under Amazon’s watch.

Amazon enters the room

Amazon’s recent $11.6 billion acquisition of GlobalStar is interesting. You can see that Apple is now forced to work with its old frenemy, even as both partners already profit from strong, steady Apple hardware sales via the online retailer. So they know they can make money together.

“Apple and Amazon have a long and proven track record of working together through Amazon’s core infrastructure services, and we look forward to building on that collaboration with Amazon Leo,” Greg Joswiak, Apple’s senior vice president of worldwide product marketing, said when the deal was announced. (The transaction isn’t expected to close until next year.)

Making money together is often seen as a strength in business relationships and Amazon has agreed to continue supporting Apple products and to collaborate with Apple on future satellite services.

When it comes to mobile telecoms, Amazon isn’t the only game in town, and neither is Starlink. Cellular operators are inking deals with satellite providers all over the world, all with the intention of bringing network access to those who otherwise can’t get a decent connection.

Just today in the UK, Virgin Media O2 announced plans to switch on the O2 Satellite service for iPhone users tomorrow, enabling customers — particularly in rural areas — to get a satellite connection where traditional cellular coverage is unavailable. It could simply identify new ways to enhance the Find My service.

Orange last year offered its own satellite comms to French customers, while Deutsche Telekom partners with others to provide SMS via satellite in Europe and the US. You’ll find similar alliances in most key territories, including Australia and Japan. The direction of travel exposes an industry embracing satellite as a way to widen existing cellular infrastructure, which makes sense given the relative cost of installing conventional masts in some regions. 

Many ways to crack it

There’s speculation Apple could become a satellite carrier, a move that would put it in competition with carrier partners. But Apple doesn’t need to do to provide satellite communication services to iPhone users, nor would it want to relinquish the symbiotically profitable relationships it’s developed with carriers.

It could, for example provide satellite calling as a hardware feature available with every iPhone across all supported carriers, possibly as an additional service that guarantees customers can get a connection, even in the countryside. It could evangelize the service as being “Private by Design,” and supplement this with data over satellite to support apps, particularly agentic AI apps. 

Combined with the next wave of AI enhancements Apple is expected to deliver for its systems, the combination of an always-on, resilient, private data connection and AI could prove invaluable to many customers. That’s particularly true for enterprise customers seeking global solutions that respect sovereign data, privacy, data retention policy and managed AI services – especially as terrestrial infrastructure becomes an attack target. Such scenarios will only become more widely understood as 6G emerges, with its built-in support for satellite infrastructure.

What will Apple do?

Will Apple move in that direction, or maintain its focus on the consumer markets? Will it decide that rather than deploying its own part-owned satellite constellations as it was with GlobalStar, it is better to work with carrier partners? Will it wait for 6G with its enhanced, standards-based support for satellite communications? 

Those are answers we don’t yet have. But it is quite clear that as satellite communications truly enter the mass market, Apple has put together many of the technical, hardware, software and infrastructure pieces it will need to ensure the iPhone is a peer player in whatever use cases emerge. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Google’s shiny new Android 17 update may be on the brink of making its way out into world, but one of the most consequential Android notification upgrades I’ve seen in ages is actually available for anyone, on any device, this instant.

It’s one of those things you don’t even realize is missing — and awkwardly has been, all this time — until you have it in front of you and see just how helpful and at times even invaluable it is.

And that’s the ability to have any or all of your notifications saved and restored whenever you restart whatever Android device you’re using — so that nothing important gets awkwardly tossed aside, lost, and forgotten, likely without your ever even noticing or being aware of what you’ve missed.

How many potentially important pending alerts have you lost as a result of that reboot trash chute? I couldn’t even begin to count, myself, and am slightly terrified to think of the answer. But with this easy new improvement in place, it’ll never happen again.

And best of all? It’ll take you roughly two minutes, once, to set up and then forget about and just know it’s working on your behalf from that moment forward.

Lemme show ya how.

[Keep the off-the-beaten-path knowledge coming with my free Android Intelligence newsletter — three new things to try every Friday and my Android Notification Power-Pack as a special welcome bonus!]   

Your new Android notification safety net

The secret sauce that makes this sorcery possible comes not from Google itself but from a crafty independent developer who’s been expanding our Android notification smarts for many a moon now.

His app is called BuzzKill. You’ve probably heard me rave about it before, with other noteworthy features and additions it’s introduced over time.

Whether you already have BuzzKill on your device or this is your first time encountering it, though, it’s well worth your while to take note of this new capability that snuck into the app not long ago.

First, a quick primer/refresher on what BuzzKill is, in case you aren’t already familiar: BuzzKill is essentially a way to create Gmail-like filters for your Android notifications. You use it to create simple custom rules for what happens when different types of notifications arrive — in an intuitive “if this, then that”-style form — with all kinds of interesting and advanced options for making your alerts more effective.

The latest addition to the app is an experimental option called, appropriately enough, “Restore after reboot.” And it does exactly what you’d expect: Anytime your device restarts, it automatically swoops in to save any active notifications that fit the parameters you select and then instantly restores ’em back into active status once your phone is back up and running.

Without such a system in place, any notifications that you either hadn’t yet looked at or maybe had glanced at and left pending as a reminder to deal with later would more often than not just vanish entirely — and you’d have no easily visible record of their presence or any real indication that they’d been there at all. That’s a dangerous recipe for forgetting something important, whether it’s an email you intended to engage with, a Slack message you needed to acknowledge, or even a task of some sort that had popped up for you to ponder.

The beauty of the BuzzKill approach to fixing this is that it really is a “set it and forget it” sort of system: You just create whatever rule you want now, get it up and running, and then rest easy knowing it’ll always find and restore any active notifications anytime your device restarts — as Android itself should but for whatever reason does not.

2 minutes to auto-restored Android notifications

All right — here are the specific steps to getting your new notification safety net in place:

• First, go download BuzzKill from the Play Store, if you don’t already have it.
  • The app costs four bucks as a one-time purchase, which — believe me — is nothing compared to the ongoing value it’ll give you with this and its many other notification-enhancing possibilities.
  • It doesn’t require any unusual permissions, doesn’t collect any form of data from your phone, and doesn’t have any manner of access to the internet — meaning it’d have no way of sharing your information even if it wanted to. 
• Once you’ve gone through the app’s initial setup and made your way to its main screen, tap on the circular button in the lower-right corner of the screen to create a new rule.
• On the screen that comes up next, consider which specific sorts of notifications you want to have restored whenever your device restarts.
  • You could always start with any and all notifications and then go back in to refine and limit the rule more once you see how it works. You might eventually want to ask it to avoid restoring alerts from certain low-priority apps — like, say, Google Photos — so that it doesn’t bother bringing back stuff that you don’t actually need.
  • If/when you want to create any such restrictions, tap the text that says “any app” to change which apps will be included and/or tap the text that says “contains anything” if you want to restrict based on what specific text a notification does or doesn’t include.
  • If you don’t want to create any limitations and just want all of your active notifications to be restored, at least to start, leave those lines alone and mosey on down to our next step.

• Tap the line that says “do nothing” and scroll down to find the “Restore after reboot” option. It’ll be toward the bottom of the list, within the “System actions” section.

• Tap that, then tap “Pick action” to confirm.
• And last but not least, tap “Save rule” to, y’know, save your rule and set it into action.

You should then see the rule showing up as active and running on the main BuzzKill screen.

And that really is all there is to it: Whenever your phone next restarts, any notifications that were visible and active at the time of the restart should just show back up via BuzzKill as soon as things boot back up. If you want to get fancy, you could even make certain especially important notifications “sticky” in general, so that if you inadvertently swipe ’em away while your phone is running normally, they’ll automatically come right back even in that scenario.

It’s not the flashiest feature you’ll see this year, and it doesn’t have any whizbang AI shenanigans to make it seem headline-worthy by current-day standards. But it will work and quite possibly be one of the most practical, actually helpful additions you make to your phone all year — even if and arguably especially if you only think about it once in a great while, when you notice it working its magic and saving you from losing something significant.

Discover even more life-enhancing Android treasures with my free Android Intelligence newsletter — three new things to try every Friday and my free Android Notification Power-Pack today.

Tech companies seem to be falling over each other these days in firing people to either replace them with AI or to pay to build AI infrastructure. Wouldn’t it be nice if they at least waited until AI actually worked for business?

On the one hand, top tech businesses such as Amazon, Block, Cisco, Cloudflare, and Meta have all announced that they’re slashing payrolls — either because AI can do the same work as people or they need the cash to build out their AI infrastructure. Isn’t that great? All together, of the 37,638 tech job cuts so far this year, 47.9% — almost half —  can be tracked back to AI. 

On the other hand, despite all the AI hype and hysteria, no one has yet proven that AI is, generally speaking, really all that helpful for businesses. Oh, I know, I know. You did great things with OpenClaw vibe programming. Microsoft’s CEO, Satya Nadella, claims 20% to 30% of the company’s code was written by AI. And Nvidia assures us that 88% of its surveyed customers report AI has increased their revenues. 

But really, what else would they say? “Dear Board, we just blew half a billion bucks on Nvidia GPUs, and we’re losing money hand over fist?” I don’t think so.

The truth is, as an IDC study reports, a mind-boggling 88% of proof-of-concept AI projects never reach production. Lest we forget, MIT’s The GenAI Divide: State of AI in Business 2025 study found that 95% of AI projects fail to deliver measurable P&L impact. 

Now, I have to acknowledge that AI is finally becoming truly helpful in business. As a guy who knows a thing or two about programming, Linus Torvalds, creator of Linux and Git, said at Open Source Summit North America, “I’m personally 100% convinced that AI is changing programming.” He estimates that “AI will increase your productivity by a factor of 10.” 

But is that reason enough to slash make workforce cuts of between 10% to 40%? (Short answer: No. Longer answer: Noooo!)

It’s not just the mass firings. Workers who are either awaiting the axe, or have escaped it for the moment, are miserable. As one Meta employee told The San Francisco Standard, “I tend to cry in the shower,” and, “A lot of my feelings about my job are about the general chaos and not just the layoffs. ” 

So, explain this to me: When everyone knows AI-driven layoffs are coming, exactly how well do you expect them to work? You really think they can give their best? 

Making matters worse, it’s an open secret that IBM, Google, and Meta are having their employees train their AI replacements. As a popular meme puts it, workers are now “building your own coffin.” Is it any wonder that a lot of people — 29% of all employees and 44% among Gen Z workers —  are deliberately sabotaging work when the boss insists they train their AI replacements?

It also sure doesn’t help office morale when the CEO keeps saying AI will replace half of all employees. A particularly egregious example of this was when Standard Chartered CEO Bill Winters proclaimed his bank would slash thousands of jobs and replace “lower-value human capital” with AI.  

He’s since backed off the claim, but come on — we all know he meant it. Just like all the other CEOs who’ve said similar things, between FOMO and the knowledge that AI job news is sure to make the stock price jump, they’re eager to cut headcounts and boast about how successful AI will make them. 

What happens a few quarters down the road? Their attitude today seems to be let  tomorrow take care of tomorrow. I hate to tell them, but that really doesn’t work in the long run. (Not, mind you, that a future much farther ahead than the next quarter seems to matter much anymore to business executives.)

It should. As a recent Deloitte study stated: “Most respondents reported achieving satisfactory ROI on a typical AI use case within two to four years. This is significantly longer than the typical payback period of 7seven to 12 months expected for technology investments. Only 6% reported payback in under a year, and even among the most successful projects, just 13% saw returns within 12 months.” 

AI, in short, is not the miracle cure for what ails businesses that its fans claim. 

Will that stop businesses? I doubt it. While I appreciate that California Gov., Gavin Newsom is trying to bandage the AI job bleedout by mandating studies on subsidizing companies to keep employees rather than replace them with AI, I doubt that will do much to staunch the wound. 

At the Open Source Summit North America, Linux Foundation CEO Jim Zemlin was optimistic about AI and jobs. He pointed out that, thanks to AI becoming  “pretty damn good coders,” the number of open-source projects on GitHub has led to a “surge of new code and projects.” 

Zemlin also believes that while few developers will write code, “engineers will still design, review, secure, and integrate that code.” (He’s referring to what’s becoming  known as forward-deployed engineers.) This, in turn, will supposedly lead to tech job growth. 

I’d feel a lot better about that prediction if I believed the C-suite suits at most companies were capable of truly forward-looking thinking rather than focusing entirely on hiking the stock price by making the next quarter look good through staffing cuts. 

In the long run, sure, AI will make us more productive. But, we’re not there yet. For now, companies need to keep employees happy, not shove AI down their throats — and work out carefully and thoughtfully how AI will really work for business. 

If ever there were a lawsuit in which a jury and judge should have ruled against both the accuser and the defendants, Elon Musk’s suit against OpenAI and Microsoft was it. 

The high-profile legal battle pitted the world’s richest man against a company worth more than $3 trillion, another that might soon launch a $1 trillion IPO, and tech execs claiming to have only the good of the world in mind, not mere filthy lucre, while they develop a technology some fear could eventually destroy humankind.

The lawsuit was eventually thrown out, but only on technical grounds. Meanwhile, unregulated AI marches on, with Musk, OpenAI and Microsoft all getting richer.

The only winner in this suit was hypocrisy. Here’s why.

Back to the beginning

To understand how this unfolded, we need to go back to OpenAI’s beginnings. The company was founded by current CEO Sam Altman, Musk and others in 2015 — back when AI was a niche technology, used primarily for image and speech recognition, robotics, and experiments in self-driving cars.

The founders funded OpenAI out of their own pockets as a nonprofit company aimed at developing AI for the good of the world. Then, as the technology evolved, Altman, Musk and others grew worried it might become so powerful that, without serious guardrails, it could pose a danger to humans. They feared what might happen if AI reached the level of a super-powerful artificial general intelligence (AGI) system, superior to humans on a variety of tasks, with general problem-solving skills rather than narrowly targeted ones – and the ability to think for itself rather than heeding humans. 

In an earlier version of Musk’s suit against OpenAI and Microsoft, Musk put their fears this way: “A.G.I. poses a grave threat to humanity — perhaps the greatest existential threat we have today.”

Early on, OpenAI wasn’t on many people’s radar. When Microsoft invested $1 billion in the company in 2019, few outside the tech industry took notice. Between 2021 and 2023 Microsoft invested $2 billion more, still without drawing a lot of attention.

Then in November 2022, OpenAI released ChatGPT, launching the generative AI (genAI) revolution — and all the disruption that has followed since. Eventually, as it became clear how important and valuable genAI technology would become, Microsoft’s investment ballooned to $13 billion.

Nonprofit no more

OpenAI insiders were convinced several years before ChatGPT’s release that the company could become tremendously profitable. With potentially trillions of dollars at stake, in 2017 they started looking for a way to turn the nonprofit operation into a for-profit company.

It was at that point, OpenAI says, that Musk pushed to gain majority equity in the company if it went public, take control of the board, and become CEO. When the other founders balked, Musk withheld funding.

Last year, OpenAI released copies of emails he sent to it during the height of their in-fighting. In one, in February 2018, he lobbied for the creation of a for-profit arm, pointing out that, “a for-profit pivot might create a more sustainable revenue stream over time and would, with the current team, likely bring in a lot of investment.” 

Musk then suggested that OpenAI “attach to Tesla as its cash cow.” When the other founders dismissed the idea, Musk threw a fit and quit the company. OpenAI went ahead and launched a for-profit arm, becoming a hybrid of a for-profit and nonprofit company in 2019.

Years later, in 2024, Musk filed suit, targeting OpenAI, Altman, OpenAI co-founder and president Greg Brockman, and Microsoft — accusing them of “stealing a charity” by creating the for-profit arm of OpenAI, and taking the $13 billion Microsoft investment. He claimed they had all illegally enriched themselves through the profit/nonprofit setup and sought $150 billion in damages. (OpenAI fired back last year with a counter suit.)

It took only two hours for the jury to rule against Musk, though the ruling didn’t address his actual claims. Rather, the suit was thrown out because it had been filed after the statute of limitations had run out.

Cynicism and hypocrisy win out

Everyone in this case was driven by venality. Altman portrayed himself as only wanting to develop AI to help humanity — and as evidence, pointed out he has no equity in OpenAI. What he neglected to add, though, is that he has more than a $2 billion stake in companies that have deals with OpenAI, and stands to gain billions more if those deals grow after any IPO.

Microsoft, meanwhile, has used its investments in OpenAI to become a multi-trillion-dollar company. And if, as expected, OpenAI becomes a trillion-dollar company when it files its IPO later this year, Microsoft’s 27% ownership stake in the company would make it $270 million richer. That’s not a bad payoff for turning a blind eye to the way in which OpenAI performed a bait-and-switch from nonprofit to for-profit company. 

As for Musk…, well, what can you say about someone who claims he wants to save humankind from the evils of AI, while at the same time lobbying for OpenAI to become a for-profit company and milking it like a cash cow? 

He’s shown he’s not only the world’s wealthiest man. He’s also the world’s most hypocritical. 

A Windows launch isn’t the end a process — it’s really just the beginning. Microsoft continually works on improving Windows 11 by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent version of Windows 11 — currently version 25H2 — over the past year. For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it. The most recent updates appear first.

The easiest way to install updates is via Windows Update. Not sure how? See “How to handle Windows 10 and 11 updates” for full instructions. Note that Windows 11 version 25H2 is being released as a phased rollout and may not be available to you in Windows Update yet.

If you’re still using Windows 10, see “Windows 10: A guide to the updates.” And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 11, see “Windows 11 Insider Previews: What’s in the latest build?”

Updates for Windows 11 25H2 and 24H2

KB5089573 (OS Builds 26200.8524 and 26100.8524) Preview

Release date: May 26, 2026

With this update, Windows quality updates include additional high-confidence device targeting data, making more devices eligible to receive new Secure Boot certificates. The old certificates expire at the end of June: see Computerworld’s FAQ for details. The build also adds Group Policy and MDM settings that IT admins can enable to limit the Secure Boot service data sent to Microsoft. (See Microsoft documentation.)

This update also includes a wide variety of new features being rolled out gradually, including Shared Audio, which enables two Bluetooth audio devices to connect to a single Windows 11 PC at the same time; Multi-App Camera, which allows multiple applications to access the camera stream simultaneously; improved visibility into NPU usage in Task Manager; and several performance and behavior improvements for Windows Hello.

There is one known issue in the update, in which after you install update KB5089549, some devices might fail to complete installation with error code 0x800f0922. This issue occurs on devices that have limited free space on the EFI System Partition (ESP), especially if it has 10MB or less available.

(Get more info about KB5089573 Preview, including workarounds for the issue described above.)

KB5089549 (OS Builds 26200.8457 and 26100.8457)

Release date: May 12, 2026

This build enables dynamic status reporting for Secure Boot states in the Windows Security app. It also fixes a bug in which the Remote Desktop Connection security warning dialog sometimes rendered incorrectly in multi-monitor configurations with different display scaling settings.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2026 Security Updates.

The build has one known issue: devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5089549.)

KB5083631 (OS Builds 26200.8328 and 26100.8328) Preview

Release date: April 30, 2026

This update includes a large number of new features being rolled out gradually, including File Explorer’s ability to handle new archive formats including uu, cpio, xar, and NuGet Packages (nupkg). Windows also gets a new way to monitor agents from the taskbar. It supports agents across first- and third-party apps, with Researcher in the Microsoft 365 Copilot app as the first adopter. 

Also being rolled out gradually is a security improvement that changes how the Windows kernel trusts third‑party drivers. Default trust for cross‑signed drivers is removed, while drivers from the Windows Hardware Compatibility Program (WHCP) and an allow list of trusted legacy drivers remain allowed. 

The update also includes several changes available immediately, including one that increases coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout. For more information, see Windows Secure Boot certificate expiration and CA updates.

A bug in the Remote Desktop Connection security warning dialog is being fixed immediately. Previously, the dialog could have rendered incorrectly in a multi-monitor scenario when the monitors had different scaling settings.

(Get more info about KB5083631 Preview.)

KB5083769 (OS Builds 26200.8246 and 26100.8246)

Release date: April 14, 2026

This update fixes several bugs, including one that caused device reset to fail when using the “Keep my files” or “Remove everything” options. It also improves protection against phishing attacks that use Remote Desktop (.rdp) files. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.

It also enables dynamic status reporting for Secure Boot states in Settings > Update & Security > Windows Security, with a green, yellow, or red badge indicating your current Secure Boot status. See Secure Boot certificate update status in the Windows Security app for more information.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Update, April 15: Microsoft has confirmed an issue with this release: “Devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.” See Microsoft’s KB5083769 information page for details and workarounds.

(Get more info about KB5083769.)

KB5086672 (OS Builds 26200.8117 and 26100.8117) Out-of-band

Release date: March 31, 2026

This update fixes a bug in which some devices running Windows 11 version 25H2 or 24H2 encountered the following error while installing the Windows preview update KB5079391 (listed below): “Some update files are missing or have problems. We’ll try to download the update again later. Error code: (0x80073712).”

(Get more info about Windows 11 KB5086672 Out-of-band.)

KB5079391 (OS Builds 26200.8116 and 26100.8116) Preview

Release date: March 26, 2026

This update includes a variety of new features being rolled out gradually, including one that allows you to turn Smart App Control (SAC) on or off without needing a clean install. To make changes, go to Settings > Windows Security > App & Browser Control > Smart App Control settings. When turned on, SAC helps block untrusted or potentially harmful apps. To learn more, see App & Browser Control in the Windows Security App.

The build also includes several improvements and bug fixes, including one that improves Application ID tagging in Application Control for Business policies. With this update, the system identifies which apps should receive tags more accurately and behaves more reliably, Microsoft says.

(Get more info about Windows 11 KB5079391 Preview.)

KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band

Release date: March 21, 2026

This update fixes a bug some users experienced when signing in to apps with a Microsoft account. Even when the device had a working internet connection, a “no Internet” error appeared during sign-in and prevented access to Microsoft services and apps such as Microsoft Teams Free and OneDrive.

(Get more info about KB5085516 Out-of-band.)

KB5079473 (OS Builds 26200.8037 and 26100.8037)

Release date: March 10, 2026

This build improves how Windows Defender Application Control (WDAC) handles COM objects allowlisting policies. COM objects were blocked when the endpoint security policy was set higher than the allowlisting policy. With this update, COM objects are allowed as expected.​ The build also introduces additional high confidence device targeting data to Windows quality updates, increasing coverage of devices eligible to automatically receive new Secure Boot certificates.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5079473.)

KB5077241 (OS Builds 26200.7922 and 26100.7922) Preview

Release date: February 24, 2026

This update includes a variety of new features being rolled out gradually, including one in which Quick Machine Recovery (QMR) turns on automatically for Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management. For domain‑joined or enterprise managed devices, QMR stays off unless it is enabled by the organization.

It also includes several features available immediately, including one in which Windows quality updates include additional high-confidence device-targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

(Get more info about KB5077241 Preview.)

KB5077181 (OS Builds 26200.7840 and 26100.7840)

Release date: February 10, 2025

This Patch Tuesday build fixes several bugs, including one that prevented some devices from connecting to certain WPA3‑Personal Wi‑Fi networks. It also includes a broad set of targeting data that identifies devices and their ability to receive new Secure Boot certificates. Devices will receive the new certificates only after they show sufficient successful update signals, which helps ensure a safe and phased rollout.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5077181.)

KB5074105 (OS Builds 26200.7705 and 26100.7705) Preview

Release date: January 29, 2025

In this build, several new features are immediately available, including one for Data Protection Application Programming Interface (DPAPI) domain backup key management. Administrators can now set how often keys rotate automatically. This strengthens cryptographic security and reduces reliance on older encryption algorithms.

One new feature is being gradually rolled out: The Settings Agent now supports more languages, with expanded support for German, Portuguese, Spanish, Korean, Japanese, Hindi, Italian, and Chinese (Simplified).

A variety of bugs have been fixed, including one that caused some systems to stop responding during startup when Windows Boot Manager debugging was enabled.

Get more info about KB5074105 Preview.)

KB5078127 (OS Builds 26200.7628 and 26100.7628) Out-of-band

Release date: January 24, 2026

This update fixes a bug in which some applications were unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage, such as OneDrive or Dropbox. In certain Outlook configurations that store PST files on OneDrive, Outlook sometimes hung and failed to reopen unless the process was terminated or the system was restarted. Users may have also experienced missing sent items or previously downloaded emails.

(Get more info about KB5078127 Out-of-band.)

KB5077744 (OS Builds 26200.7627 and 26100.7627) Out-of-band

Release date: January 17, 2026

This update fixes a bug in which some users experienced sign-in failures during Remote Desktop connections. This issue affected authentication steps for different Remote Desktop applications on Windows such as the Windows App.

There is one known issue in this build, in which the password icon might be missing or invisible in the lock screen sign-in options.

Get more info about KB5077744 Out-of-band.)

KB5074109 (OS Builds 26200.7623 and 26100.7623)

Release date: January 13, 2026

This build fixes several bugs, including one in which you might experience RemoteApp ​​​​​​​connection failures in Azure Virtual Desktop (AVD) environments. This might occur after installing KB5070311. It also updates the Windows core component, WinSqlite3.dll. Previously, some security software might have detected this component as vulnerable. 

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2026 Security Updates.

It has one known issue, in which you might notice that the password icon is not visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue. This issue primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5074109.)

KB5072033 (OS Builds 26200.7462 and 26100.7462)

Release date: December 9, 2025

This build fixes several bugs, including one in which File Explorer briefly flashed white when you navigated between pages.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2025 Security Updates.

It has one known issue, in which the password icon might not be visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue — it primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5072033.)

KB5070311 (OS Builds 26200.7309 and 26100.7309) Preview

Release date: December 1, 2025

A variety of new features are being gradually rolled out in this build, including several for Copilot+ PCs. The Click to Do context menu in Copilot+ PCs now has a streamlined design that makes it easier to access frequently used actions such as Copy, Save, Share, and Open. In Copilot+ PCs you can now also use Windows Studio Effects, which provide AI-powered camera enhancements, on an additional camera such as a USB webcam or your laptop’s built-in rear camera.

New features being rolled out gradually to all Windows 11 PCs include a simplified File Explorer context menu for easier navigation. Common actions like Share, Copy, and Move now appear in a single organized menu.

A variety of bugs have been fixed for all PCs, including one in which the Local Security Authority Subsystem Service (LSASS) could become unstable due to an access violation.

There are two known issues in this build, one in which when opening File Explorer in dark mode, the window might briefly display a blank white screen before loading files and folders. In addition, the password icon is missing or invisible in the lockscreen sign-in options on some PCs. (Here’s a workaround for the latter bug.)

Get more info about KB5070311 Preview.)

KB5068861 (OS Builds 26200.7171 and 26100.7171)

Release date: November 11, 2025

This Patch Tuesday build fixes several bugs, including one in which closing Task Manager with the Close button didn’t fully end the process, leaving background instances that could slow performance over time.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5068861.)

KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

Release date: October 28, 2025

A variety of new features are being gradually rolled out in this build, including several for Click to Do on Copilot+ PCs — notably a streamlined interaction between Click to Do and Copilot. You can now type a custom prompt directly into the text box, which sends your prompt and selected on-screen content to Copilot. Suggested prompts appear below the text box and are available for text selections in English, Spanish, and French. 

New features are being gradually rolled out for all Windows 11 PCs as well, including a redesigned Start menu, which includes scrollable “All” section and category and grid views. The menu now adapts to your screen size.

A variety of bugs have been fixed, including one in which text sometimes didn’t render correctly when editing content within a multiline text box in certain apps.

Get more info about KB5067036 Preview.)

KB5070773 (OS Builds 26200.6901 and 26100.6901) Out-of-band

Release date: October 20, 2025

This build fixes one bug, in which USB devices, such as keyboards and mice, did not function in the Windows Recovery Environment (WinRE). This issue prevented navigation of any of the recovery options within WinRE.

This build has one known issue: some digital TV and Blu-ray/DVD apps might not play protected content as expected after installing the August 29, 2025, Windows non-security preview update (KB5064081) or later updates. Apps that use Enhanced Video Renderer with HDCP enforcement or Digital Rights Management (DRM) for digital audio might show copyright protection errors, frequent playback interruptions, unexpected stops, or black screens. Streaming services are not affected. 

(Get more info about KB5070773 Out-of-band.)

KB5066791 (OS Builds 19044.6456 and 19045.6456)

Release date: October 14, 2025

This build fixes several bugs, including one that caused the print preview screen to stop responding in Chromium-based browsers.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5066791.)

KB5065789 (OS Builds 26200.6725 and 26100.6725) Preview

Release date: September 29, 2025

This build gradually rolls out a wide variety of new features, including one in which you can use AI actions in File Explorer to edit images or summarize documents. To do it, right-click (or press Shift + F10 on the keyboard) on the file and select AI actions. 

Several bugs have also been fixed, including one in which you might not have been able to connect to shared files and folders if you were using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT).

(Get more info about KB5065789 Preview.)

Windows 11 25H2

At the end of September, Microsoft upgraded Windows 11 from version 24H2 to 25H2, in a slow rollout that could take months to complete. Typically in the past, Microsoft would introduce new features in a once-a-year update like this. That’s not the case with 25H2, though.

Microsoft has been introducing new features in smaller updates all year round, so 25H2 doesn’t include any major new features. Rather, it includes all the new features that have accumulated in all those smaller updates.

As the company explains, “While this update doesn’t introduce major new features, it activates enhancements that have been gradually rolled out over the past year ensuring your device is up to date with the latest refinements.”

Here are some of the most important features in 25H2 that have been introduced for end users and IT pros since 24H2 was released last fall:

New features for users:

• File Explorer has several useful new features, notably AI actions, which can edit images or summarize documents. AI options such as Blur background, Erase objects, and Remove background are all now displayed in the context menu.
• Task Manager gets a number of minor tweaks, including performance improvements when changing the sort order of processes.
• You can now display the apps that have recently used on-device generative AI models provided by Windows. You can also choose which apps are permitted to use the generative AI technologies. To do that and more, go to Settings > Privacy & security > Text and Image Generation.

New features for IT:

• IT admins can use policy-based tools to easily remove preinstalled Microsoft Store apps from Enterprise and Education editions of Windows 11, version 25H2 and later. This can streamline device provisioning and prevent removed apps such as Microsoft Clipchamp, Media Player, and Microsoft Teams from being reinstalled. For more information, see Policy-based removal of preinstalled Microsoft Store apps and RemoveDefaultMicrosoftStorePackages in the ApplicationManagement Policy CSP.
• Enterprise access points now support Wi-Fi 7, which enables increased speeds, greater throughput, improved reliability, and enhanced security. For details, see https://aka.ms/WiFi7forEnterprise.
• Windows Backup for Organizations is now generally available.
• A new feature called Quick Machine Recovery can recover Windows devices when they encounter critical errors that prevent them from booting. Quick machine recovery searches for remediations in the cloud and recovers from widespread boot failures, reducing the burden on IT admins on cases when multiple devices are affected. For more information, see Computerworld’s Quick Machine Recovery explainer.

Updates for Windows 11 24H2

KB5068221 (OS Build 26100.6588) Out-of-band

Release date: September 22, 2025

This update fixes a bug that affected Microsoft Office applications running in Microsoft Application Virtualization (App-V) environments. The failure occurred due to a double handle closure in the AppVEntSubsystems32 or AppVEntSubsystems64 system component.

There is one issue in this build: you might fail to connect to shared files and folders using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP (NetBT). This issue can occur if either the SMB client or the SMB server has the September 2025 security update installed.

(Get more info about KB5068221 (OS Build 26100.6588) Out-of-band).

KB5065426 (OS Build 26100.6584)

Release date: September 9, 2025

This build fixes several bugs, including one that caused non-admin users to receive unexpected User Account Control (UAC) prompts when MSI installers performed certain custom actions, such as configuration or repair operations in the foreground or background during the initial installation of an application.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5065426.)

KB5064081 (OS Build 26100.5074) Preview

Release date: August 29, 2025

A wide variety of new features are being gradually rolled out in this build, including a new personalized homepage in Windows Recall that displays your recent activity and top-used apps and websites (available only in Copilot+ PCs). Among the changes rolling out to all users is a new grid view for Search from the Windows taskbar that helps you more quickly and accurately identify the desired image within your search.

Several bugs have also been fixed, including one in which some system recovery features did not work properly due to a temporary file sharing conflict. This affected certain device management tools and disrupted key functions on some devices.

(Get more info about KB5064081 Preview.)

KB5063878 (OS Build 26100.4946)

Release date: August 12, 2025

This build fixes a bug that caused delays during sign-in on new devices. The delay was due to certain preinstalled packages. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5063878.)

KB5062660 (OS Build 26100.4770) Preview

Release date: July 22, 2025

A wide variety of new features are being gradually rolled out in this build, including a new agent in Copilot+ PCs that is designed to help you find and change settings on your PC. You can describe what you need help with, such as “how to control my PC by voice” or “my mouse pointer is too small,” and the agent will suggest steps to resolve the issue. The agent uses AI on your PC to understand your request and, with your permission, can automate and complete tasks for you. It is rolling out to Snapdragon-powered Copilot+ PCs now, with support for AMD and Intel PCs coming soon. 

Several bugs have also been fixed, including one in which If you have an app pinned to your desktop and it updates, the app icon might not display correctly and instead show a white page.

(Get more info about KB5062660 Preview.)

KB5064489 (OS Build 26100.4656) Out-of-band

Release date: July 13, 2025

This update fixes a bug that prevented some virtual machines (VMs) from starting when Virtualization-Based Security (VBS) was enabled. It affected VMs using version 8.0 (a non-default version) where VBS was offered by the host. In Azure, this applies to standard (non–Trusted Launch) General Enterprise (GE) VMs running on older VM SKUs. The problem was caused by a secure kernel initialization issue.

(Get more info about KB5064489 Out-of-band.)

KB5062553 (OS Build 26100.4652)

Release date: July 8, 2025

The build fixes several bugs, including one in which notification sounds didn’t play. Affected sounds included those for on-screen alerts, volume adjustments, and sign-in. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5062553.)

KB5060829 (OS Build 26100.4484) Preview

Release date: June 26, 2025

A wide variety of new features are being gradually rolled out in this build, including a new Settings home page that includes enterprise-specific device info cards for commercial customers on PCs managed by an IT administrator. The taskbar also now resizes icons to fit more apps when space runs low.

Users in the European Economic Area will see several small changes related to default browsers, such as mapping additional file and link types to the default browser and pinning it to the taskbar and Start menu.

A variety of bugs have also been fixed, including one that prevented the automatic renewal of expiring certificates in Windows Hello for Business.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5060829 Preview.)

KB5063060 (OS Build 26100.4351) Out-of-band

Release date: June 11, 2025

This out-of-band update replaces the KB5060842 Patch Tuesday release, fixing a bug in which Windows sometimes restarted unexpectedly when users opened games that use the Easy Anti-Cheat service. Easy Anti-Cheat automatically installs with certain games to enhance security and prevent cheating in multiplayer online PC games. 

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

(Get more info about KB5063060 Out-of-band.)

KB5060842 (OS Build 26100.4349)

Release date: June 10, 2025

After installing this update, Windows will retain system restore points for 60 days only. Restore points older than 60 days are not available. This 60-day limit will also apply to future versions of Windows 11, version 24H2.

The build fixes a bug that prevented users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​ It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060842.)

KB5058499 (OS Build 26100.4202) Preview

Release date: May 27, 2025

A wide variety of new features are being gradually rolled out in this build, including one in which Click to Do gets the new Ask Copilot action. When you highlight text or an image, Click to Do offers the Ask Copilot option. Selecting it opens Microsoft Copilot with your content in the prompt box. You can send the selected text or image directly to the Copilot app to complete your prompt.

A variety of bugs have also been fixed, including one in which devices with BitLocker on removable drives could encounter a blue screen error after resuming from sleep or hybrid-booting.

(Get more info about KB5058499 Preview.)

KB5061977 (OS Build 26100.4066) 

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

(Get more info about KB5061977.)

KB5058411 (OS Build 26100.4061)

Release date: May 13, 2025

This update fixes two bugs, one in which your microphone might have muted unexpectedly, and the other in which the eye controller app didn’t launch. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058411.)

KB5055627 (OS Build 26100.3915) Preview

Release date: April 25, 2025

This build gradually rolls out several new features for Copilot+ PCs, including a preview of Windows Recall. When you opt in, Recall takes snapshots of your activity so you can quickly find and go back to what you have seen before on your PC. With it, you can use a timeline to find the content you remember seeing.

Copilot+ PCs also get a new natural-language Windows search in which you can search for anything on your PC without having to remember specific file names, exact words in file content, or settings names. Just describe what you’re looking for. On Copilot+ PCs, you can also more easily find photos stored and saved in the cloud by typing your own words (like “summer picnics”) in the search box at the upper-right corner of File Explorer. 

All PCs get a number of new features, including speech recap, in which you can keep track of what Narrator has spoken and access it for quick reference. With speech recap, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said using keyboard shortcuts.

A variety of bugs are being fixed, including one in which some devices experienced intermittent internet connections when resuming from sleep mode. Several AI components have also been updated.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows.

(Get more info about KB5055627 Preview.)

KB5055523 (OS Build 26100.3775)

Release date: April 8, 2025

This update includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. 

(Get more info about KB5055523.)