Kategorie

The pro-Israel "Predatory Sparrow" hacking group claims to have stolen over $90 million in cryptocurrency from Nobitex, Iran's largest crypto exchange, and burned the funds in a politically motivated cyberattack. [...]

North Korean advanced persistent threat (APT) 'BlueNoroff' (aka 'Sapphire Sleet' or 'TA444') are using deepfake company executives during fake Zoom calls to trick employees into installing custom malware on their computers. [...]

After reports suggested Meta has tried to poach employees from OpenAI and Google Deepmind by offering huge compensation packages, OpenAI CEO Sam Altman weighed in, saying those reports are true. He confirmed them during a podcast with his brother Jack Altman.

“There have been huge offers to a lot of our team,” said Sam Altman, “like $100 million in sign-on bonuses, more than that in annual compensation.”

According to Altman, the recruitment attempts have largely failed. “I’m really glad that, at least so far, none of our best people have chosen to take it.

Sam Altman says he thinks it’s because employees have decided that OpenAI has a better chance of achieving artificial general intelligence, AGI, than Meta. It could also be because they believe that OpenAI could one day be a higher-valued company than Meta.

Every Mac, iPhone, or iPad user should do everything they can to protect themselves against social engineering-based phishing attacks, a new report from Jamf warns. In a time of deep international tension, the digital threat environment reflects the zeitgeist, with hackers and attackers seeking out security weaknesses on a scale that continues to grow. 

Based on extensive research, the latest edition of Jamf’s annual Security 360 report looks at security trends on Apple’s mobile devices and on Macs. It notes that we’ve seen more than 500 CVE security warnings on macOS 15 since its launch, and more than 10 million phishing attacks in the last year. The report should be on the reading list of anyone concerned with managing Apple’s products at scale (or even at home).

Security begins at home

With phishing and social engineering, protecting personal devices is as important as protecting your business machines. According to Jamf, more than 90% of cyberattacks originate from social engineering attacks, many of which begin by targeting people where they live. Not only that, but up to 2% of all the 10 million phishing attacks the company identified are also classified as zero-day attacks — which means attacks are becoming dangerously sophisticated. 

This has become such a pervasive problem that Apple in 2024 actually published a support document explaining what you should look for to avoid social engineering attacks. Attackers are increasingly creative, pose as trusted entities, and will use a combination of personal information and AI to create convincing attacks. They recognize, after all, that it is not the attack you spot that gets you, it’s the one you miss.

Within this environment, it is important to note that 25% of organizations have been affected by a social engineering attack — even as 55% of mobile devices used at work run a vulnerable operating system and 32% of organizations still have at least one device with critical vulnerabilities in use across their stack. (The latter is a slight improvement on last year, but not much.)

The nature of what attackers want also seems to be changing. Jamf noticed that attempts to steal information are surging, accounting for 28% of all Mac malware, which suggests some degree of the surveillance taking place. These info-stealing attacks are replacing trojans as the biggest threat to Mac security. The environment is similar on iPhones and iPads, all of which are seeing a similar spike in exploit attempts, zero-day attacks, and convincing social-engineering-driven moves to weaponize digital trust.

The bottom line? While Apple’s platforms are secure by design, the applications you run or the people you interact with remain the biggest security weaknesses the platform has. Security on any platform is only as strong as the weakest link in the chain, even while attack attempts increase and become more convincing and complex. 

Defense is the best form of defense

Arnold Schwarzenegger allegedly believes that one should not complain about a situation unless you are prepared to try to do something to make it better. “If you see a problem and you don’t come to the table with apotential solution, I don’t want to hear your whining about how bad it is,” he says.

With that in mind, what can you as a reader do today to help address the growing scourge of Apple-focused malware? Here are some suggestions from Jamf:

• Update devices to the latest software.
• Protect devices with a passcode.
• Use two-factor authentication and strong passwords to protect Apple accounts.
• Install apps only from the App Store.
• Use strong and unique passwords online.
• Don’t click on links or attachments from unknown senders.

And, of course, don’t use older, unprotected operating systems or devices — certainly not when handling critical or confidential data.

Layer up, winter is coming

Organizations can build on these personal protections, of course. Apple devices need Apple-specific security solutions, including endpoint management solutions; enterprises should adopt device management; and they should prepare for the inevitable attacks by fostering a positive, blame-free culture for incident reporting and by eliminating inter-departmental siloes. Investment in staff training is important, too. 

It is also important to understand that in a hybrid, multi-platform, ultra mobile world there is no such thing as strict perimeter security anymore. That’s why it is essential to secure endpoints and implement zero-trust. It’s also why it is important to adopt a new posture toward security — there is no single form of effective security protection. At best, your business security relies on layers of protection that together form an effective and flexible security defense.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. [...]

A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and cryptocurrency wallets. [...]

Phishing has evolved—and trust is the new attack vector. ChainLink Phishing uses real platforms like Google Drive & Dropbox to sneak past filters and steal credentials in the browser. Watch Keep Aware's on-demand webinar to see how these attacks work—and how to stop them. [...]

CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges. [...]

Episource warns of a data breach after hackers stole health information of over 5 million people in the United States in a January cyberattack. [...]

The ongoing protests in Los Angeles have pushed a national issue further into the spotlight: recent actions by the US Immigration and Customs Enforcement agency (ICE), including the detention of immigrants and, in some cases, the revocation of visas.

Naturally, immigration is a hot-button topic. But for companies with diverse workforces — particularly those employing foreign-born workers on H-1B visas — the priority is not to take a political stand, but to provide appropriate counsel and protection for affected employees.

Rajeev Madhavan, cofounder and general partner at Clear Ventures in Silicon Valley, notes that while these issues have not yet directly impacted the computer science and AI sectors where he invests, work visa approvals are taking longer than usual.

“The H-1B visa is a very impractical — or at the very least, unpredictable — process. As a result, when you hire someone on an H-1B visa, it may take much longer than you realize to get it,” he says.

This poses a challenge for the US startup and technology ecosystem, Madhavan says, pointing out that many tech founders are immigrants.

“They went to do some good work at places like Google, Meta, or any of these companies, and spend three, four years getting experience — getting their green card in the process — and then they turn to becoming an entrepreneur on some idea that they originate,” Madhavan says.

Of the 42 US-based companies appearing on Forbes’ 2025 list of the top 50 startups developing promising AI applications, for example, 60% were founded by people born outside the United States, according to the Institute for Progress. And new research from Stanford’s Venture Capital Initiative found that 44% of America’s billion-dollar startups were founded by immigrant entrepreneurs.

Because of the uncertainty around immigrants’ place in the US workforce under the Trump administration, Madhavan is seeing more talent either working remotely or launching ventures in other markets, such as Canada, China, and India. He’s concerned about the long-term implications of this shift.

“You will certainly have a lot more stringent rules that will be enforced, which is actually very sad — our leadership and technical background may get eroded in that process,” he says.

What Madhavan sees potentially happening on a national scale can also unfold within individual companies. We spoke with business leaders and legal experts about how to best support foreign-born talent, sustain a strong culture during turbulent times, and reinforce an employer brand that genuinely welcomes diversity.

Three rules: compliance, compliance, and compliance

Jean-Noël BenHamou, a licensed US and Canadian attorney and executive managing partner of BHLG, which specializes in global immigration law, explains that much of the online fear surrounding visa revocation and deportation stems from misinformation.

“The US immigration system is far from being perfect, but it is nevertheless based on the rule of law. And it does not just revoke visas without serious cause,” he says.

Because of this legal foundation, BenHamou believes maintaining immigration status is straightforward — if approached with diligence.

“When it comes to immigration, we have the same three rules: Compliance, compliance, and compliance. This is the name of the game,” he says.

Compliance can be a heavy burden for individual employees. “It’s hard to do your job and know foreign countries’ law at the same time,” says Thomas Sykstus, an attorney from Bond, Botes, Sykstus & Tanner.

To ease that burden, Sykstus recommends that companies offer proactive legal support, beginning with clear organization. For H-1B professionals, that means keeping thorough records — including approval letters, I-94 records, job offer letters, and pay stubs — readily accessible.

H-1B workers should be provided with copies of all such records, and companies should also be able to quickly produce these documents on behalf of their employees.

BenHamou stresses the importance of promptly reporting any changes in work status.

“If your role changes — whether it’s a promotion, whether it is a shift in responsibilities, whether it is a change in location, whether it’s a change from full-time to part-time — these changes must be reported,” he says.

While this might seem like a routine task, he notes, many workers fail to recognize the significance of such changes.

“If it is a material change, it needs to be reported. And if it is not clear whether or not it would be considered a material change, then in an abundance of caution, just disclose it,” he advises.

Another common misstep is violating visa terms through actions that may seem harmless. Moonlighting, for example, is common in the tech industry but is off-limits for H-1B holders.

“It technically is a violation of your visa conditions: You’re hired by the petitioning employer for that specific role, for that specific location. Anything outside of that, they haven’t sponsored you. That’s where the issue is,” says Sykstus.

While H-1B professionals should strive to stay in good standing with the law, BenHamou reassures them that not every minor infraction poses a risk to their visa.

“A regular parking violation is not going to get you in trouble. I think that any crime that would involve moral turpitude would definitely put you in big problems: for instance, DUI or reckless driving, causing death or severe injuries. These are the types of crimes that you want to stay away from, period,” says BenHamou.

ICE at the door

Despite following best practices, H-1B holders may still face visits from immigration authorities. BenHamou warns that site inspections by ICE or US Citizenship and Immigration Services (USCIS) may become more common.

“So employees should always have access to their original visa documents. Bring your passport to work. Bring your approval notice. Be prepared for any type of encounter,” he says.

Under intense pressure from the White House, ICE is significantly ramping up efforts to find and deport undocumented immigrants. That makes it more likely for people who are in the country legally to be mistakenly targeted, according to former ICE director Sarah Saldaña.

“You’re going to have [ICE agents] who are being pushed to the limit, who in a rush may not get things right, including information on a person’s status,” she told the New York Times.

Sykstus notes that while ICE visits are more common in blue-collar industries such as construction, they are still possible in tech settings.

In such encounters, he emphasizes, H-1B professionals should protect their rights. “Don’t speak with them. Don’t sign anything. Call an attorney first. Talk your options out,” he says.

Companies that employ H-1B workers should also be prepared, with HR and legal teams ready to quickly step in with documentation and legal counsel.

Employer responsibility beyond compliance

While legal compliance is critical, BenHamou emphasizes that immigration support shouldn’t stop at the letter of the law. For companies, the responsibility goes deeper. “It’s cultural, it’s ethical, and it’s strategic,” he says.

After an employee has fulfilled their I-9 requirements and completed onboarding, BenHamou believes their immigration status should be kept strictly confidential — limited to HR, senior leadership, and possibly their direct manager. He sees this discretion as a standard that should be embedded in the company’s culture.

He also stresses the importance of transparency with potential hires around what it takes to achieve permanent residency in the US. “Those individuals are putting their life on hold for 5 to 10 years before seeing the end of the tunnel,” he says, referring to current USCIS processing times for green cards.

Providing this clarity early on helps foster a healthier team dynamic.

“As an employer, by being transparent and open about what it takes to get there from the first minute you join the company, you’re facilitating their integration with their team and vice versa. You’re bringing cohesion within the team,” he says. 

Sykstus agrees that transparency is key. He recommends holding company-wide information sessions to explain how work visas like the H-1B function — not just under current law, but in anticipation of future policy changes.

“If you know something’s coming down the pipe, sitting on the president’s desk, who is likely going to sign it, and it will affect your [employee’s] immigration status, it’s probably important to get ahead of the ball there,” he says.

In light of recent instances in which visa holders who had traveled abroad were denied re-entry to the US, at least two major tech firms in Silicon Valley have advised H-1B holders to limit international travel, Sykstus says.

“Sudden policy changes and heightened border security could bar re-entry. So if you leave, you might have trouble coming back, [even] if you’ve already been here and have had no problems whatsoever,” he says.

This climate of uncertainty can understandably cause anxiety, not just for foreign workers, but also for teammates who rely on them and have formed friendships with them. Sykstus encourages companies to provide access to employee assistance programs or counseling services — whether in-house or through third-party providers — that include support for immigration-related stress.

Angelina Gennis, a principal analyst at Forrester, adds that companies must also be prepared for situations where, despite best efforts, an employee has to leave the US due to circumstances beyond the company’s control.

“However, what we can control is ensuring that our people are okay, even if they need to leave us — so what sort of resources we can offer legally if they do have to leave us to make sure that they get home safely,” she says.

Supporting diversity in turbulent times

Building a culture that supports global talent requires more than behind-the-scenes policy work — it must also be reflected in the company’s outward messaging. And that messaging must align with employees’ lived experiences, says Shahar Silbershatz, CEO of Caliber, a brand reputation analytics company.

“If international hires feel uncertain, unsupported, or in the dark about immigration processes, that story travels quickly and can undermine even the most well-intentioned DEI messaging,” he says.

According to Silbershatz, the solution lies in proactive and empathetic communication with employees. “That means explaining policy shifts in plain language, providing real support to impacted employees, and making your long-term commitment to diverse talent visible,” he says.

Gennis believes businesses should first zoom out and anchor the conversation in their brand values. “That way, the company is being consistent in the messaging,” she says.

Gennis also emphasizes the importance of equipping managers to lead these conversations with care. She advises training managers to engage employees thoughtfully, using intentional language, checking in personally, and ensuring team members understand both the process and where to seek support.

This alignment between managers and the company’s employer brand is especially critical for organizations recruiting globally for highly specialized roles, such as in artificial intelligence. Just like these workers’ skills, the employer messaging must be targeted and intentional.

Employers should be aware that internal communications around immigration policy may be leaked publicly, Silbershatz cautions. Leaders should “approach how they communicate any new policies with clarity and conviction, keeping employee well-being central to any messaging,” he says.

That emphasis on clarity and care feeds into a broader organizational responsibility — one that BenHamou believes must be embedded in the company’s culture and long-term vision.

“The goal is to build a workplace that does not just hire global talent — it’s to build a workplace that protects it, supports it, and thrives because of it,” he says.

Chinese AI startup MiniMax has thrown down the gauntlet to established AI giants, releasing what it boldly claims is the world’s first open-source, large-scale hybrid-attention reasoning model that could fundamentally change the economics of advanced AI development.

MiniMax defines “hybrid-attention” as a combination of its Lightning Attention mechanism and Mixture-of-Experts architecture, which activates only the relevant parts of the model for each task.

The Shanghai-based company said its new MiniMax-M1 model delivers a knockout punch to computational inefficiency, requiring just 30% of the computing power needed by rival DeepSeek’s R1 model when performing deep reasoning tasks — a breakthrough that could democratize access to sophisticated AI capabilities.

“In complex, productivity-oriented scenarios, M1’s capabilities are top-tier among open-source models, surpassing domestic closed-source models and approaching the leading overseas models, all while offering the industry’s best cost-effectiveness,” the company said, announcing the hybrid-attention reasoning model.

A David vs. Goliath moment in AI

What makes MiniMax-M1 particularly intriguing isn’t just its performance — it’s how the company achieved it. While tech titans have been throwing hundreds of millions of dollars at AI development, MiniMax managed to train its model for a mere $534,700.

To put that in perspective, DeepSeek spent $5-$6 million on its R1 model, while OpenAI’s GPT-4 reportedly cost over $100 million to develop.

“The entire reinforcement learning phase used only 512 H800s for three weeks, with a rental cost of just $534,700,” the company explained. “This is an order of magnitude less than initially anticipated.”

However, industry analysts urge caution. “MiniMax’s debut reasoning model, M1, has generated justified excitement with its claim of reducing computational demands by up to 70% compared to peers like DeepSeek-R1,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research. “However, amid growing scrutiny of AI benchmarking practices, enterprises must independently replicate such claims across practical workloads.”

Extended context capabilities

M1’s most impressive feature might be its ability to handle massive amounts of information simultaneously. With a context window supporting one million input tokens and up to 80,000 output tokens, the model can essentially read and understand multiple novel tasks at once while maintaining coherence across the entire conversation.

“A significant advantage of M1 is its support for an industry-leading 1 million token context window, matching the closed-source Google Gemini 2.5 Pro,” MiniMax noted in the post. “This is 8 times that of DeepSeek R1 and includes an industry-leading 80,000 token reasoning output.”

For context, OpenAI’s GPT-4o can handle only 128,000 tokens — enough for about one novel task. M1’s expanded capacity opens doors for applications that were previously impractical, from analyzing entire legal documents to debugging massive code repositories.

Real-world performance that matters

Beyond impressive technical specifications, M1 demonstrates strong real-world capabilities across multiple benchmarks. The model comes in two variants — M1-40k and M1-80k, referring to their “thinking budgets” — with the larger version consistently outperforming its smaller sibling across most tests.

In software engineering tasks, both versions scored 55.6% and 56.0%, respectively, on the challenging SWE-bench validation benchmark. While slightly trailing DeepSeek-R1-0528’s 57.6%, they significantly outpaced other open-weight models in this critical area of productivity.

“MiniMax-M1-80k consistently outperforms MiniMax-M1-40k across most benchmarks, which fully validates the effectiveness of extended computational resources during testing,” the company added.

Breaking down barriers to AI access

Perhaps most significantly, MiniMax is releasing M1 under a true Apache 2.0 open-source license — unlike Meta’s Llama models, which use restrictive community licenses, or DeepSeek’s partially open approach. This decision could accelerate innovation by giving researchers and developers unprecedented access to cutting-edge reasoning capabilities.

Gogia sees this as particularly significant for mid-market companies. “MiniMax’s M1 represents more than just architectural efficiency — it symbolizes the new accessibility of advanced reasoning AI for mid-market enterprises,” he noted. “With open-source licensing, reduced inference costs, and support for 1 M-token context windows, M1 aligns squarely with the evolving needs of midsize firms that seek capability parity with larger players but lack hyperscaler budgets.”

The company is backing up its open-source commitment with competitive pricing for those who prefer API access. Input processing costs just $0.4 per million tokens for contexts up to 200,000 tokens, rising to $1.3 per million tokens for the full 1-million-token capability.

“Due to its relatively efficient use of training and inference computing power, we are offering unlimited free use on the MiniMax APP and Web, and providing APIs on our official website at the industry’s lowest prices,” the company announced.

What this means for the industry

M1’s release comes at a pivotal moment in AI development, as the industry grapples with the massive computational costs of training and running advanced models.

The timing is particularly noteworthy, coming just weeks after fellow Chinese company DeepSeek shook the industry with its own cost-effective approach to AI development. This pattern suggests Chinese companies are finding innovative ways to compete with better-funded Western rivals through superior engineering rather than just throwing money at problems.

Yet challenges remain for Chinese AI models in Western markets. Despite technical achievements, Gogia notes that “Chinese LLMs remain under-adopted in North America and Western Europe” due to concerns around governance and regulatory compliance in industries with strict procurement frameworks.

A company on the rise

MiniMax isn’t exactly a household name yet, but it’s rapidly becoming one of China’s most-watched AI companies. Founded in 2021 by former SenseTime executives, the startup has raised $850 million from heavyweight investors including Alibaba, Tencent, and IDG Capital, achieving a $2.5 billion valuation.

This M1 announcement kicks off what MiniMax is calling “MiniMaxWeek,” with additional product releases planned for the coming days. For enterprise users and developers, M1 represents something potentially transformative: enterprise-grade AI reasoning capabilities without enterprise-grade infrastructure requirements. However, as Gogia cautioned, “The real test will lie in how quickly CIOs can extract operational savings at scale, without compromising accuracy or governance.”

BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote code execution on vulnerable servers. [...]

There’s no denying it: When it comes to Windows and AI chatbots, ChatGPT leads the pack.

Microsoft invested more than $13 billion in OpenAI, after all. And while the company has pinned Copilot to the taskbar on Windows PCs and placed a Copilot key on new laptops, its Copilot system is still built atop the same large language model (LLM) technology at ChatGPT’s core. That means the system will always be similar to ChatGPT until Microsoft releases its own AI models.

But there’s finally a reason to use Copilot instead of ChatGPT on your PC. It’s a feature Microsoft announced a while ago and is finally making available natively within Windows: You can now share any app on your PC with the Copilot AI chatbot and then have a conversation about it. And Copilot can draw highlights on your screen while you chat.

It’s called Copilot Vision, it’s really interesting — but it has more limits than you might think.

Want more tips for your Windows PC? Sign up for my free Windows Intelligence newsletter. I’ll send you free in-depth Windows Field Guides as a special welcome bonus!

The ChatGPT-Copilot Windows matchup

Traditionally, Copilot has lagged behind ChatGPT in many ways. While OpenAI has confidently stuck with the same ChatGPT interface for a long time, Microsoft has repeatedly hemmed and hawed and changed its mind on what Copilot even should be.

For example, after turning Copilot into something more like the personal companion from Her, Microsoft recently got rid of that more companion-focused app and pivoted Copilot back to more of a standard chatbot interface — for now.

My biggest problem with Copilot, though, is the lack of a crisp model selection tool. ChatGPT lets you get into the weeds and select exactly which AI model you’re using. Microsoft’s Copilot has a simple dropdown box where you select “Quick Response,” “Think Deeper,” or “Deep Research.” If you select Quick Response, you’re not sure what model you’re using: Are you using GPT-4o, or did Copilot just route your query to a less expensive model to save money? There’s no predictability.

Copilot has other limits that aren’t surprising, considering Microsoft has spent the last few years repeatedly reinventing the wheel by constantly creating new Copilot apps. For example, the ChatGPT app lets you search your entire history to find conversations if you want to pull something up. It lets you organize conversations into folders. It gives you the ability to customize your experience. It feels more like a mature app — again, no surprise considering Microsoft has been repeatedly starting from scratch rather than improving a single app over time.

Microsoft’s secret weapon

Despite all those weak points, Copilot has one compelling advantage over ChatGPT — its integration with other Microsoft platforms and services. For example, if you use Microsoft 365 apps like Word and Excel (once called Office apps), you’ll need a $20 per month Copilot Pro subscription rather than a $20 per month ChatGPT Plus subscription. And organizations will need to get AI features for Microsoft 365 through Copilot.

But, while Microsoft quickly added deep Copilot integration to M365, the company lagged when it comes to adding integration to Windows. That’s now changed with Copilot Vision, which arrived first for browsing web pages in Microsoft Edge and officially became available on both Windows 11 and Windows 10 in the US this month. (It will likely launch in additional countries in the future.)

For the moment, the feature works only in real-time voice mode. If you want to have a conversation in text mode, you’ll need to provide screenshots of your screen to Copilot along with text prompts — just as you would with ChatGPT.

How to use Copilot Vision on Windows

To get started with Copilot Vision in its new Windows-native form, just launch the Copilot app from your taskbar or Start menu. (If you have a laptop with a Copilot key, you can just press that, too.)

At the bottom right corner of the Copilot app — at the right side of the text input box — you’ll see a glasses-shaped icon for “Share screen with Copilot.” Click that to get started.

You’ll then be prompted to choose the window you want to share. Copilot doesn’t get access to your PC’s entire display — just the specific app you choose. And it can’t actually control anything in that app: Copilot will be able to see what’s on your screen in that app, and it will be able to draw highlights to call your attention to things. But that’s it.

Copilot will show you a list of all your open windows, and you can share any one you want with the AI model — but just one window at once.

Chris Hoffman, Foundry

Once you’ve shared whatever app you want, you can have a conversation and ask questions about it. You might ask “How exactly do I accomplish this task in Photoshop?” or “What do you think of this hotel I’m about to reserve online? Are there better options?” and keep the conversation going for as long as you like.

While you’re sharing an app and having a voice conversation, you’ll see a floating box at the bottom of your screen. Click “Stop” to stop sharing.

A floating box will appear just above your taskbar icons while you’re sharing a window and having a voice conversation.

Chris Hoffman, Foundry

You can ask it to point out things on the screen, and it can highlight different areas to draw your attention to them. This is a simplistic feature at launch, as it can point out only one thing. Let’s say you need to find an option five menus deep: The system would highlight the individual icon or menu option visible on your screen, and that’s it. The highlights aren’t great for quickly guiding you through complex interfaces on the fly.

Copilot Vision can highlight things on your screen to draw your attention to them.

Chris Hoffman, Foundry

The Copilot Vision cons

Beyond that, Microsoft’s Copilot Vision AI experience has some of the same limits as any AI chatbot at the moment. It wants to validate you, the user. It may nod along, even if you get something wrong. For example, here’s a quick interaction I had:

“How do I draw something in Word?”

“To draw in Word, you’d go to the ‘Draw’ tab on the Ribbon…”

“Okay, so it’s under the Layout tab, right?”

“That’s correct!”

“Nope, it was under the Draw tab.”

“Mm-hm.”

This isn’t an attack on AI chatbots in general, the underlying GPT model from OpenAI, or Copilot itself. It’s just a limitation of the technology — at least at the moment. When interacting with Copilot, ChatGPT, or any other LLM, you need to stay on your toes and question what you’re hearing.

The real limitations with AI voice modes

While voice modes might feel more “futuristic” than text-based LLM interactions, text-based interactions are simply better and richer at the moment. First of all, this voice-based experience is just relying on text. Under the hood, the things you’re saying are getting converted to text, and the LLM is outputting text that is being spoken aloud by a different process. This is crucial to understand: The LLM cannot hear any emotional tone you have in your voice. Additionally, while the Copilot voice you hear may appear to have an emotional tone, that is being inserted by the text-to-speech process after the LLM outputs its text.

This results in a rather uncanny valley experience. The LLM can’t receive any of your vocal cues or tone. It will respond in a voice that appears to have an emotional tone, but the emotional tone isn’t provided by the LLM at all. And, again, it isn’t responsive to your emotional tone.

Beyond that, voice-based interactions are naturally quicker and more surface-level than text-based interactions, where deeper and more analytical responses are possible. So, for lots of tasks, a deeper text-based interaction might be much better than a quick voice-based interaction. If you think it’s not being “smart” enough, try dropping back to text mode and following the tips in my guide to the secret to using generative AI.

There’s no real-time sharing of your screen in text mode, though: You’ll need to take screenshots and provide them along with your text prompts. In Copilot, you can click the “+” button at the right side of the message box and select “Take Screenshot” to quickly add a screenshot. That’s one way to get something like “Vision” along with a text conversation.

Then again, you could always provide screenshots to ChatGPT, too. Now, though, at least, Microsoft has some reason to hope you might be inspired to stick with Copilot instead and think of it as your go-to Windows companion.

Looking for more thoughtful Windows analysis and useful PC tips? Sign up for my free Windows Intelligence newsletter today. I’ll send you three new things to try each Friday.

Right now, Gemini’s getting a bit of a bad rap — at least, among certain circles of savvy users who are closely tuned into the technology.

It’s easy to see why: Google rushed Gemini out of the gates way before it was ready. It increasingly crippled the perfectly fine Google Assistant experience in the meantime, and still today, Gemini can’t do everything Assistant did in terms of day-to-day device basics (while Assistant no longer handles those same tasks consistently anymore, either).

Gemini’s also overly complicated and confusing, with its many models and cryptically coded options. It’s being shoved in our faces at every possible opportunity in a move reminiscent of a certain other much-maligned Google service. And, most troubling of all, it’s being positioned as an all-purpose answer machine when it gets answers wildly wrong anywhere from 5 to 20% of the time.

Just like all the other generative AI chatbots of the moment, in other words, it’s a steaming hot mess — even if most of the the mainstream tech-tappin’ masses may not fully realize it yet.

But the problem with Gemini (and other similar systems) is less the technology itself and more the way the tech industry for some reason insists on framing it. These large-language model mechanisms just aren’t good at understanding context or offering factual answers. They shouldn’t be set up to serve as replacements for search. They get stuff wrong shockingly often, for cryin’ out loud, and they always will. It’s par for the course, and it’s just plain silly. (Seriously: The hits keep comin’ — and comin’, and comin’, and…well, you get the idea.)

They are, however, useful in other ways — namely when it comes to lower-level, more mundane sorts of tasks where context, judgment, and a lack of flat-out fabricating aren’t required.

Here, specifically, are 21 simple ways Gemini can actually be useful and worth using on Android — with minimal “AI” (in the current sense of the term), no “brainstorming” ballyhoo, and absolutely no error-filled info-seeking involved.

Note that Gemini is not available in all countries, due to differing regulations in different parts of the world. If you’re in a place where the service is supported and you don’t yet have it on your device, you can download the official Google Gemini app and open it up to get started — then either long-press your device’s power button or say Hey Google to summon it from there, depending on the specifics of your setup.

Part I: Notes and memory with Gemini on Android 

1. In a reminder that the simplest features are often the most practical of all, Gemini can remind you of anything, anytime — just like Google Assistant could before it. Simply fire it up and say Remind me [whatever] at [whenever — day and/or time], and the deed will be done.

Gemini can set a reminder for you without even interrupting what you’re doing.

JR Raphael, Foundry

It may not be flashy, but I’d be willing to wager you’ll rely on that much more often than the on-demand image generation or “creative thought partner” poppycock Google and every other AI-obsessed company is pushing with these things these days.

2. Basic reminders aside, Gemini is great at remembering specific info and then recalling it for you later. Try telling the service something like Remember that the door code is 90210, Remember that my rental car license plate is WIGGLES77, or Remember that Jed’s wife is named Tallulah — then, whenever you need to recall the related nugget, just ask: What’s the door code, What’s my rental car license plate, or What’s Jed’s wife’s name (or whatever question is appropriate for what it remembered).

3. The next time you need to make a more extensive note to yourself, pull out the classic old Assistant trick of telling Gemini to Create a note that says whatever you’ve got on your mind. It’ll save it into the Google Keep Android app for easy future finding.

[Psst: Love shortcuts? My free Android Shortcut Supercourse will teach you tons of time-saving tricks. Start now for free!]

Part II: Places and events with Gemini on Android 

4. If you’re ever feeling lost — or maybe you’re out on a Very Important Business Call and at a location you want to track down again in the future — fire up Gemini on your phone and ask the soul-searching question Where am I? Gemini will give you the nearest address in return. And then…

5. After you’ve asked Gemini for your current location, try saying Remember that location as…, followed by some sort of description you might use in the future — the best place to park, the home of the seven-foot egg roll, the place where I lost my mind (after eating a seven-foot egg roll), or whatever the case may be. You can then later ask Gemini where that place is, and it should serve back up the very same spot for your rediscovering pleasure.

6. Gemini can help you get from point A to point B, too. In addition to asking it to Start a navigation to some particular place, you can ask it questions like How long would it take me to get In ‘N’ Out Burger right now and other equally important inquiries.

7. Just like Assistant before it, Gemini is great at helping you check in on your calendar. Ask it What’s on my agenda for today, When’s my first meeting tomorrow, or When’s my next haircut — or any other variations on those same concepts you can come up with — for a quick ‘n’ easy way to see what you’ve got ahead.

8. You don’t have to stop with calendar check-ins: Gemini can also make new appointments for you in some especially useful ways. In addition to simply asking it to Create a new calendar appointment for [whatever] on [whatever day and time], you can summon Gemini anytime you’ve got info about an event on your screen — in an email, on a website, within a text or Slack thread, or whatever — then tap the button that says “Ask about screen” and say Create a calendar appointment for this. Gemini will interpret the visible info and format it into a full event on your calendar in a single swift step.

Creating calendar events is especially easy with Gemini’s assistance.

JR Raphael, Foundry

Part III: Intelligent interactions with Gemini on Android 

9. When you’re looking at a web page, a document, or any other type of text on your Android device and you aren’t in a position to read it with your own two eyes — if, for instance, you’re walking, driving, or climbing high atop a towering tree in Narnia — get Gemini, tap that same “Ask about screen” button we went over a second ago, and say Read this out loud. Just please, for the sake of our collective sanity, put in your frickin’ earbuds first.

10. If, on the other hand, you want a summarized version of something on your screen, follow those same steps from the previous tip but this time say Summarize this. Gemini will start to speak a simple summary of the info aloud to you (provided you spoke aloud to it), or you can press the pause button and read its streamlined overview yourself if you’d rather.

11. Speaking of summarizing, Gemini’s (non-milk-related) condensing powers also extend to the domain of YouTube — where a quick ‘n’ simple summarization can sometimes really be useful. Use that same “Ask about screen” button again while you’ve got a video in front of ye and say Summarize this video. 

Get a simple text summary of any long video in seconds with Gemini by your side.

JR Raphael, Foundry

In advance: You’re welcome.

12. One more slice of summarizing sorcery worth noting: No matter what you’re doing on your device, you can call up Gemini and ask it to Summarize my most recent incoming emails. As long as you’ve got the Gemini Gmail/Google Workspace integration active, El Gembo will give you a bird’s eye view of what’s awaiting in your inbox at that very moment.

13. Trying to identify something you see on your screen — a landmark, a plant or flower, or even a person named Joe Pesci? Caress that Gemini “Ask about screen” button while it’s visible and ask exactly what you want to know: What building is this? What type of flower is this? Who is this? Gemini will tap into the same smarts seen in the superb Google Lens Android setup and give you an answer in the blink of an eye.

Part IV: Basic device functions with Gemini on Android 

14. Check up on your phone’s power in a jiff by asking Gemini What’s my battery level? (You can also try asking it What’s the frequency, Kenneth? — but I wouldn’t necessarily expect any real results in return.)

15. Save yourself the sometimes-awkward finger-stretching and snap a screenshot of anything on your screen simply by asking Gemini to Take a screenshot. Easy!

16. On a related note, you can review your captured screenshots without lifting a finger by giving Gemini the very logical command of Show my screenshots.

17. It may seem obvious, but Gemini can send text messages on your behalf. Just say — brace yourself… — Send a text message to followed by the name of the person you’ve got in mind (and, optionally, the entire message, too, if you want to save yourself a second step).

18. Similarly, your Android Gemini assistant can place a call via the command Call followed by the name of the contact or number you’re needing.

19. Set your sound volume in a split second by asking Gemini to Set the media volume — or call volume, ring volume, notification volume, or alarm volume — either on a one to 10 scale or to a specific percent value.

Adjusting any system volume level is never more than a spoken command away.

JR Raphael, Foundry

20. You can also rely on Gemini to adjust all sorts of system settings — for instance, asking it to Turn Do Not Disturb on (or off), Turn the flashlight on (or off), Turn Bluetooth on (or off), and Turn airplane mode on (or off).

21. And last but not least, Gemini can get you where you need to be within your Android system settings without any of the usual hunting. Tell it to Open up the Accessibility settings — or any other area or specific option — and watch it fly you over precisely where you need to be.

Keep the advanced Android knowledge coming with my free Android Shortcut Supercourse. Tons of time-saving tricks await!

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions. [...]

Microsoft 365 (and Office 365) subscribers get more frequent software updates than those who have purchased Office without a subscription, which means subscribers have access to the latest features, security patches, and bug fixes. But it can be hard to keep track of the changes in each update and know when they’re available. We’re doing this for you, so you don’t have to.

Following are summaries of the updates to Microsoft 365/Office 365 for Windows over the past year, with the latest releases shown first. We’ll add info about new updates as they’re rolled out.

Note: This story covers updates released to the Current Channel for Microsoft 365/Office 365 subscriptions. If you’re a member of Microsoft’s Office Insider preview program or want to get a sneak peek at upcoming features, see the Microsoft 365 Insider blog.

Version 2505 (Build 18827.20164)

Release date: June 17, 2025

This build fixes a bug that caused the “Try the new Outlook” toggle to be enabled when working in Classic Outlook side by side with the new Outlook.

Get more info about Version 2505 (Build 18827.20164).

Version 2505 (Build 18827.20150)

Release date: June 10, 2025

This build fixes several bugs, including one for the entire Office suite in which a Save As attempt on an existing file didn’t complete successfully, and subsequent attempts continued to encounter issues when trying to save to a file that no longer existed.

This Patch Tuesday release also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about  Version 2505 (Build 18827.20150).

Version 2505 (Build 18827.20140)

Release date: June 3, 2025

This build offers a variety of bug and performance fixes.

Read about Version 2505 (Build 18827.20140).

Version 2504 (Build 18730.20186)

Release date: May 20, 2025

This build introduces a new PowerPoint feature: Notification emails for mentions, tasks, comments, and replies will now contain context previews even when the source document is encrypted, and the email will inherit the document’s security policies.

Get more info about Version 2504 (Build 18730.20186).

Version 2504 (Build 18730.20168)

Release date: May 13, 2025

This build fixes a bug in which users were seeing high CPU usage when typing in Outlook. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2504 (Build 18730.20168).

Version 2504 (Build 18730.20142)

Release date: May 6, 2025

This build includes various bug and performance fixes.

Get more info about Version 2504 (Build 18730.20142).

Version 2504 (Build 18730.20122)

Release date: April 29, 2025

This build fixes a wide variety of bugs, including one in which PowerPoint was unable to open a file from a network mapped drive from File Explore, another in which Word closed unexpectedly when opening .doc files, and another for the entire Office suite in which large 3D files couldn’t be inserted.

Get more info about Version 2504 (Build 18730.20122).

Version 2503 (Build 18623.20208)

Release date: April 17, 2025

This build fixes a bug that could cause Excel to stop responding.

Get more info about Version 2503 (Build 18623.20208).

Version 2503 (Build 18623.20178)

Release date: April 8, 2025

This build fixes a single bug in Word in which users may have encountered an issue with saving, seeing the message “saving…” in the title bar. It  also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2503 (Build 18623.20178).

Version 2503 (Build 18623.20156)

Release date: April 2, 2025

This build lets you use Dark Mode in Excel, which darkens your entire sheet, including cells, and may reduce eye strain. It also fixes several bugs, including one in Word in which opening specific files that contain many tracked changes and comments resulted in poor performance, and one in PowerPoint in which the app was not displaying the icon for an inserted PDF object.

Get more info about Version 2503 (Build 18623.20156).

Version 2502 (Build 18526.20168)

Release date: March 11, 2025

This build fixes several bugs, including one in which some Word files with numerous tracked changes and comments were slow. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2502 (Build 18526.20168).

Version 2502 (Build 18526.20144)

Release date: March 5, 2025

This build fixes a wide variety of bugs, including one in Word in which the default font size may not be 12pt as expected, and another in which PowerPoint automatically closed when the system went into hibernate or sleep mode.

Get more info about Version 2502 (Build 18526.20144).

Version 2501 (Build 18429.20158)

Release date: February 11, 2025

This build removes the option to display Track Changes balloons in left margin in Word. It also includes a variety of security updates. See “Release notes for Microsoft Office security updates” for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2501 (Build 18429.20158).

Version 2501 (Build 18429.20132)

Release date: January 30, 2025

In this build, the advanced Track Changes option to set the margin for balloons in Word has been removed.

A wide variety of bugs have also been fixed, including one in which ActiveX controls used an excessive amount of GDI handles in PowerPoint, and another for the entire Office suite in which images couldn’t be pasted from SharePoint.

 Get more info about Version 2501 (Build 18429.20132).

Version 2412 (Build 18324.20194)

Release date: January 16, 2025

This build fixes one bug, in which apps would exit unexpectedly when running on Windows Server 2016.

Get more info about Version 2412 (Build 18324.20194).

Version 2412 (Build 18324.20190)

Release date: January 14, 2025

This build fixes a bug in Word in which the layout of tables were changed unexpectedly. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2412 (Build 18324.20190).

Version 2412 (Build 18324.20168)

Release date: January 7, 2025

This build makes tables in Outlook more accessible for screen readers. It also fixes a wide variety of bugs, including one in Word in which a document saved to a network shared folder and set to “Always Open Read-Only” would open in “Editing” mode, and another for the entire Office suite in which application didn’t render the grid properly after switching from page break preview to normal view.

Get more info about Version 2412 (Build 18324.20168).

Version 2411 (Build 18227.20162)

Release date: December 10, 2024

This build fixes a bug in Word and Outlook where characters didn’t render correctly when using Save Selection to Text Box Gallery. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2411 (Build 18227.20162).

Version 2411 (Build 18227.20152)

Release date: December 5, 2024

This build fixes a wide variety of bugs, including one in Excel in which some cells might not be rendered properly upon scrolling in a worksheet using freeze panes, one in Word which prevented emails with linked SVG content from saving or sending, and one in which some PowerPoint presentations created by third-party tools didn’t open correctly and some content was removed.

Get more info about Version 2411 (Build 18227.20152).

Version 2410 (Build 18129.20158)

Release date: November 12, 2024

This build fixes a variety of bugs, including one in Word in which all characters didn’t appear correctly when creating an Outlook task from OneNote, and one in PowerPoint in which embedded BMP images in the PowerPoint slide were not opening.

This build also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2410 (Build 18129.20158).

Version 2410 (Build 18129.20116)

Release date: October 28, 2024

This build enables filtering capabilities for the comment pane in Excel and fixes a variety of bugs, including one in Word in which the title bar no longer showed a “Saved” status for locally saved files, and one in PowerPoint in which a graphics-related issue caused the app to close unexpectedly at times.

Get more info about Version 2410 (Build 18129.20116).

Version 2409 (Build 18025.20160)

Release date: October 15, 2024

This build fixes a single bug in Word, in which emails with linked SVG content couldn’t be saved or sent.

Get more info about Version 2409 (Build 18025.20160).

Version 2409 (Build 18025.20140)

Release date: October 8, 2024

This build fixes a variety of bugs, including one in Word in which text wasn’t clearly visible in High Contrast Mode when using “Draft with Copilot” and referencing a meeting under “Reference your content.”

This build also includes multiple security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2409 (Build 18025.20140).

Version 2409 (Build 18025.20104)

Release date: September 25, 2024

This build fixes a single bug, in which when you saved a file in Word, the save status was missing from the Title bar.

Get more info about Version 2409 (Build 18025.20104).

Version 2409 (Build 18025.20096)

Release date: September 23, 2024

This build improves the user experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file or when configuring standalone Information Rights Management through the Restrict Access feature. This change affects Excel, PowerPoint, and Word.

The build also fixes a variety of bugs, including one in Word in which Document Mode would switch from “editing” to “viewing” if user enabled “Track Changes” and set “For Everyone.”

Get more info about Version 2409 (Build 18025.20096).

Version 2408 (Build 17928.20156)

Release date: September 10, 2024

This update will remove Flip video support when the service goes offline on October 1, 2024. The build also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2408 (Build 17928.20156).

Version 2408 (Build 17928.20114)

Release date: August 26, 2024

This build allows you to disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (e.g., sensitivity labels and rights management) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 Apps. Instead, these services will rely on their existing security admin controls in Purview portals.

The build also fixes a variety of bugs, including one in Outlook that caused default SMIME labels to fail to apply when a user replied to or forwarded an unlabeled message, and one for the entire suite in which people couldn’t install Microsoft 365 apps on an enrolled device.

Get more info about Version 2408 (Build 17928.20114).

Version 2407 (Build 17830.20166)

Release date: August 13, 2024

This build includes a variety of security updates for Excel, Outlook, PowerPoint, Project, Visio, and the entire Office suite. See Microsoft’s Release notes for Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2407 (Build 17830.20166).

Version 2407 (Build 17830.20138)

Release date: August 1, 2024

This build fixes a wide variety of bugs, including one in which coauthoring on text boxes in Excel sometimes gave unexpected results, another in PowerPoint in which line widths were not preserved when exporting arrow shapes to PDF, and another in Word in which revisions were sometimes skipped when reviewing using VBA.

Get more info about Version 2407 (Build 17830.20138).

Version 2406 (Build 17726.20160)

Release date: July 9, 2024

This build fixes several bugs, including one in Word and Excel in which characters don’t appear correctly in Text Box Gallery. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2406 (Build 17726.20160).

Version 2406 (Build 17726.20126)

Release date: June 26, 2024

This build fixes a wide variety of bugs, including one in which Excel documents might be unexpectedly edited when a mandatory sensitivity label has not been applied, one that caused Outlook to exit unexpectedly shortly after launch for some users, and one in which pasting data from Word or Excel to an Outlook template as a link would cause an error message to appear.

Get more info about Version 2406 (Build 17726.20126).

Version 2405 (Build 17628.20164)

Release date: June 19, 2024

This build includes a variety of unspecified bug and performance fixes.

Get more info about Version 2405 (Build 17628.20164).

Version 2405 (Build 17628.20144)

Release date: June 11, 2024

This build fixes one bug, which prevented users from sending mail for a few hours after updating add-ins with on-send events. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2405 (Build 17628.20144).

Version 2405 (Build 17628.20110)

Release date: May 30, 2024

This build fixes a wide variety of bugs, including one in Excel in which an embedded workbook in .xls format might not have closed properly, one that that caused Outlook to close when using Copilot Summarize, one in Word in which content controls may have been removed when coauthoring, and one for the entire Office suite in which the Organization Chart Add-In for Microsoft programs was not loading properly.

Get more info about Version 2405 (Build 17628.20110).

Version 2404 (Build 17531.20152)

Release date: May 14, 2024

This build fixes a number of bugs, including one in Word where content controls might be removed when coauthoring, and one that caused Sovereign users to be unable to create ToDo tasks from Outlook.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2404 (Build 17531.20152).

Version 2404 (Build 17531.20140)

Release date: May 7, 2024

This build fixes two bugs in Outlook, one in which it closed unexpectedly using the Scheduling Assistant when creating a new meeting or viewing an existing meeting, and another that caused add-in developers to hit timeouts when retrieving notifications from an Outlook client context.

Get more info about Version 2404 (Build 17531.20140) .

Version 2404 (Build 17531.20120)

Release date: April 29, 2024

This build reduces workbook size bloat from unnecessary cell formatting with a new “Check Performance” task pane. In addition, it fixes a wide variety of bugs, including one in Excel in which the default font could not be set; one in Outlook in which custom forms from MAPI form servers stopped responding; one in PowerPoint in which online videos did not play in some cases; one in which when opening certain Word documents would cause the error, “Word experienced an error trying to open the file”; and one in which the Office update installer appeared to be unresponsive.

Get more info about Version 2404 (Build 17531.20120) .

Version 2403 (Build 17425.20176)

Release date: April 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2403 (Build 17425.20176).

Version 2402 (Build 17328.20184)

Release date: March 12, 2024

This build fixes three bugs: one in which Access closed unexpectedly, one in which Excel closed unexpectedly when opening files with pivot tables and table design in macro-enabled files, and one in which Word closed unexpectedly when the undo function was used.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2402 (Build 17328.20184).

Version 2402 (Build 17328.20162)

Release date: March 4, 2024

This build fixes several bugs, including one that crashed Outlook when a link was clicked on, and another for the entire Office suite in which opened Office apps didn’t automatically start when a laptop was reopened, and an error message appeared after manual relaunch.

Get more info about Version 2402 (Build 17328.20162).

Version 2402 (Build 17328.20142)

Release date: February 28, 2024

This build fixes a variety of bugs, including one that caused Outlook to exit unexpectedly when expanding a conversation in the search results from a search of “All Mailboxes,” and another in which users were not able to create a bullet list with hyphens in PowerPoint.

Get more info about Version 2402 (Build 17328.20142).

Version 2401 (Build 17231.20236)

Release date: February 13, 2024

This build fixes several bugs, including one in which macros were being corrupted when saving Excel files and another that affected the entire Office suite in which add-ins would not load after Click trust for content add-in was selected.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2401 (Build 17231.20236).

Version 2401 (Build 17231.20194)

Release date: February 1, 2024

This build fixes a single bug in which expanded groups in the message list collapsed when users changed which column they were arranged by.

Get more info about Version 2401 (Build 17231.20194).

Version 2401 (Build 17231.20182)

Release date: January 30, 2024

This build fixes a wide variety of bugs, including one in which Excel would stop responding when saving changes, one in PowerPoint in which Notes and Slide layout would open with incorrect proportions when a file was opened from a protected view, and one in Word in which comment cards appeared too wide and cut off text when changing or switching the screen in use.

Get more info about Version 2401 (Build 17231.20182).

Version 2312 (Build 17126.20132)

Release date: January 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2312 (Build 17126.20132).

Version 2312 (Build 17126.20126)

Release date: January 4, 2023

This build introduces a new sensitivity toolbar in Word, Excel, and PowerPoint that helps users understand the security policies that apply to their documents. It’s available when users are creating copies of their documents in File / Save As. In addition, Office now had a new default theme, which Microsoft says is “more modern and accessible.”

It also fixes a wide variety of bugs, including one in Excel in which Custom Menu text was truncated when right-clicking in a cell, one in PowerPoint in which restoring a previous version of a presentation was not working as expected when using Version History, and one in Word in which the content control end tag was marked at the end of the document automatically if the document was edited in Word Online and then opened in Word desktop.

Get more info about  Version 2312 (Build 17126.20126).

Version 2311 (Build 17029.20108)

Release date: December 12, 2023

This build fixes one bug in Outlook, in which the message list was blank when switching between the “Focused” and “Other” views.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2311 (Build 17029.20108).

Version 2311 (Build 17029.20068)

Release date: November 29, 2023

This build automatically inserts image captioning for Excel’s images. When you insert an image into a spreadsheet, accessibility image captioning is automatically generated for you.

It also fixes a wide variety of bugs, including one in Excel in which list box controls would not respond to mouse clicks after scrolling using the mouse wheel, and one in Word in which the language of a presentation was not retained when saving or exporting the presentation to a PDF file.

Get more info about Version 2311 (Build 17029.20068).

Version 2310 (Build 16924.20150)

Release date: November 14, 2023

This build fixes several bugs, including one in which Outlook failed to comply with the default browser settings for some users, and another in which new lines were added to an Outlook signature when pressing Enter in the body of the email.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2310 (Build 16924.20150).

Version 2310 (Build 16924.20124)

Release date: Oct. 31, 2023

This build fixes a bug that caused Outlook to exit unexpectedly when clicking the More link in the Search results list.

Get more info about Version 2310 (Build 16924.20124).

Version 2310 (Build 16924.20106)

Release date: Oct. 25, 2023

In this build, the Teams Meeting App works in Outlook, too. With it, you’ll be able to configure a meeting app while scheduling an invite in Outlook. The meeting app will be ready to use when you chat or join the meeting on Teams.

A wide variety of bugs have also been fixed, including one in Excel where certain Pivot Tables would load slowly; one in which OneNote would close unexpectedly when rapidly navigating from one .PDF file to another .PDF file between different sections, or when performing an undo operation on a .PDF printout insertion; and one in the entire Office suite that caused unexpected black borders to appear around screen captures added with the Insert Screenshot functionality.

Get more info about Version 2310 (Build 16924.20106).

Version 2309 (Build 16827.20166)

Release date: October 10, 2023

This build fixes two bugs, one in which users were missing their Outlook add-ins, and another in Word in which subheading numbering with a custom Style would disappear if the file was saved and reopened. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2309 (Build 16827.20166).

Version 2309 (Build 16827.20130)

Release date: September 28, 2023

This build introduces two new features, including the ability to disable specific types of automatic data conversions in Excel and support for the “Present in Teams” button to present local files in PowerPoint Live in Microsoft Teams.

Several bugs have also been fixed, including one in which the setting to control how Outlook opens previous items at start-up was missing from the Options window, and another in Word in which the Add-ins tab was not visible when using custom toolbar information.

Get more info about Version 2309 (Build 16827.20130).

Version 2308 (Build 16731.20234)

Release date: September 12, 2023

This build fixes several bugs, including one that caused Outlook to close unexpectedly when viewing an email, and another in PowerPoint in which the presenter view slide section zoomed in and out when zooming in the notes section.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2308 (Build 16731.20234).

Work management platform Asana is warning users of its new Model Context Protocol (MCP) feature that a flaw in its implementation potentially led to data exposure from their instances to other users and vice versa. [...]

Paddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed many U.S. consumers, including older adults. [...]

Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its systems and steal insurance claim documents. [...]

Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive traffic to phishing pages. [...]