Kategorie

The Crowdstrike disaster in July 2024 gave Microsoft a black eye. How could third-party security software fail so spectacularly — to the point that millions of Windows PCs became unbootable unless system administrators physically fixed them in person? 

That’s the question Microsoft has been trying to answer with the Windows Resiliency Initiative, which is now bearing fruit. Beyond that, Microsoft has been implementing changes to make Windows more resilient in general, ensuring Windows PCs can fix themselves and another outage can’t wreak the same havoc Crowdstrike did.

With that in mind, let’s look at what Microsoft has in store for Windows 11 PCs. And, yes, this includes the end of the famous blue screen of death.

Want more Windows PC insights? Sign up for my free Windows Intelligence newsletter. I’ll send you free in-depth Windows Field Guides as a special welcome bonus!

The advent of hotpatching

Hotpatching, which is usually buried in talk about enterprise reliability, is one of the most interesting changes Microsoft has been working on — and while this change is currently aimed at enterprise users, it isn’t hard to imagine a version of it extending to regular PC users down the road. And it has the potential to affect how everyone uses Windows.

Despite the technical name, hotpatching is simple: When Windows downloads and installs the monthly security update, it can immediately apply the update without a reboot. 

The difference may seem subtle, since Windows 11 PCs could already install an update without a reboot. But previously the security fix wouldn’t take effect until after rebooting — something that many people delayed until it was more convenient for them, leaving their PC unprotected in the meantime. 

With hotpatching, it all happens automatically, eliminating the need to reboot for Windows updates. Perhaps you’ll still have to reboot once a year for the biggest update, but overall, your PC is going to be better protected than before.

A recent Microsoft blog post buries talk of hotpatching and instead discusses how only organizations running Windows 11 Enterprise can use hotpatching with the “Windows Autopatch” cloud service.

That’s true — this is first and foremost for IT departments with Windows 11 PCs. But as Microsoft continues working on the technology, it’s worth considering how easily this could expand beyond Enterprise versions of Windows at some point down the line. Imagine a future version of Windows — perhaps Windows 12? — where a headline feature was “no more rebooting for Windows Updates.” We might be closer to that than you think!

The self-healing PC

Quick Machine Recovery may be the best new Windows feature most people will never think about — even if they use it!

Windows has something called the Windows Recovery Environment, and Windows boots right to it if your PC can’t start properly —  often fixing common problems your PC faces. However, when CrowdStrike dragged down PCs across the world, the recovery environment couldn’t automatically fix it, forcing system administrators to manually fix each affected PC in person.

Quick Machine Recovery is designed to avoid situations like that by acting as a “self-healing” system of sorts for Windows computers. In short, it ensures that the recovery environment can get solutions to problems from the internet. Let’s say another antivirus program, a bad driver, or even a buggy Windows Update takes down PCs and the recovery environment can’t fix them. With this update, when in the recovery environment, your PC can connect to Microsoft’s server (over Wi-Fi or wired Ethernet) and download fixes directly from Microsoft. And if Microsoft spots a problem affecting a large number of PCs, it can address it preemptively without all the manual fixes that were needed during CrowdStrike.

The Windows Recovery Environment has been able to access the network for years — dating back to Windows 10 — but now Microsoft is putting that network access to better use.

The Windows Recovery Environment is getting a huge upgrade.

Chris Hoffman, Foundry

Microsoft says this will be available later in this summer. While enterprises can activate it on Windows 11 Professional and Enterprise, it’s also available on Windows 11 Home, where it’s turned on by default. It should help Windows silently recover from the worst errors without all the manual work.

The…black screen of death?!

Microsoft is about to end blue screen of death errors forever — by getting rid of the traditional blue screen. Instead, if your system encounters an unexpected failure and needs to restart, you’ll see a black screen of death instead. (Luckily, we’ll still be able to call them “BSODs.”)

The new black screen of death won’t show you a frowny face anymore.

Chris Hoffman, IDG

Surprisingly, this color swap isn’t just an aesthetic choice — it’s part of a “simplified user interface.” Instead of the large frowny face and scannable QR code that were ushered in with the Windows 8 BSOD (and that, by most counts, few people actually used), almost all that appears on the new black screen of death is the stop code and the explanation of what caused the problem — in short, the technical information that actually matters. This should make it easier for people to remotely troubleshoot systems without the clutter.

More importantly, Microsoft already did a lot of work with Windows 11’s 24H2 update on speeding up this reboot. According to the company, the crash dump collection process, which is how Microsoft captures pertinent crash information when your system blue-screens or black-screens, now takes about two seconds. With the reboot process faster than ever, the idea of whipping out your phone to scan a QR code seems quaint.

User-mode antivirus

More importantly, the biggest architectural change for Windows is getting antivirus and other security software out of the Windows kernel. This is why CrowdStrike’s disastrous update was so difficult to fix: Because the security software runs at such a low level in Windows, Windows couldn’t say “Oops, this didn’t work, let’s fix it” — instead, the whole system crashed.

When Microsoft was designing Windows Vista nearly 20 years ago, the company wanted to get security software out of the Windows kernel. But, with Microsoft starting to offer its own antivirus at the time, security companies argued it was being anti-competitive and would hurt their business. Stung by the US government going after it allegedly monopolizing the web browser market on Windows, Microsoft backed off and let security companies continue to integrate at a low level with Windows, despite tightening down other parts of the operating system.

With CrowdStrike’s explosion, though, Microsoft decided to take another crack at this. The result is the “Windows endpoint security platform,” which will arrive in private preview form for Microsoft’s antivirus partners this month. They’ll be able to create antivirus and endpoint security software that runs outside the Windows kernel, ensuring they won’t cause the operating system to fail if they encounter a problem. 

In other words, this is user-mode antivirus — antivirus software that runs as a normal process without getting its hooks into the Windows kernel in a way that can cause serious problems. 

This isn’t ready to go for regular PC users yet, but antivirus companies will be starting to work on software that takes advantage of it soon. And in a Microsoft blog post, the company provides quotes from a variety of companies like Bitdefender, Sophos, Trend Micro, and CrowdStrike itself about how excited they are to be partnering with Microsoft on this. Microsoft appears to be trying to move carefully so that it’s not seen as a monopolist — especially in case a security company comes after them, like back in 2006.

Overall, this is good news and should make Windows more reliable. It’s possible the reduced access to deep parts of Windows could make some security software less powerful. But, after the CrowdStrike disaster, it’s clear changes to Windows were needed — and should have been made long ago.

Protected print mode and driver cleanup

Speaking of the Windows kernel, many hardware drivers run in there, too. It was major news when USB showed up all those years ago and you could plug in a USB drive, keyboard, mouse, or another standard device and it would just work without needing to hunt down a hardware driver for each device. We take it for granted now, but imagine having to install SanDisk’s driver suite to copy files off a USB flash drive!

Printers never quite caught up, though. (That was a bigger problem than you might realize, since printer drivers have historically been a frequent source of security problems.)

That’s all starting to change. We’re in the middle of a big migration to a standard printer driver system, though it’s easy to miss it. Windows is currently in a hybrid mode where it accepts both traditional legacy printer drivers and modern printer drivers for Mopria-certified printers. You can activate Windows Protected Print mode under Settings > Bluetooth & devices > Printers & scanners on Windows 11. When you do, Windows will block the installation of older third-party drivers and force the usage of the “Windows modern print stack.” 

Windows protected print mode isn’t on by default yet, but it’s the future.

Chris Hoffman, Foundry

Microsoft is also starting to delete old legacy drivers from Windows Update — you can still install them if you want, but Windows Update won’t automatically download them on your PC when you plug in an old device. It looks like Microsoft is slowly cleaning up the hardware driver, which can only be good news for security and reliability. (Microsoft doesn’t mention this work as part of the Windows Resiliency Initiative, but it’s closely related.)

Encryption by default

Last but not least, disk encryption has always been a little confusing on Windows. Professional editions of Windows got access to full BitLocker drive encryption, while Home editions of Windows got access to the simplified BitLocker device encryption feature — but only if their hardware supported it.

Encryption is critical for data security, though — it’s the only thing that stops a thief, or anyone else who gets ahold of your laptop, from digging through all your personal documents. 

With Windows 11’s 24H2 update, released near the end of 2024, Microsoft lowered the hardware requirements and started activating BitLocker device encryption by default on new Windows 11 installations in more scenarios. It still requires you sign in with a Microsoft account — Microsoft will back up your BitLocker recovery key to your Microsoft account, ensuring Home users have a backup method if they lose their password.

While this also isn’t part of the resiliency initiative — at least, not officially — with more Windows 11 PCs using secure encryption for their storage, this definitely falls into the same general bucket. It’s important to note, though, that while you can poke around in Settings or Control Panel to see whether Windows is using encryption, Windows doesn’t normally call this out or warn you if your PC’s storage isn’t encrypted for some reason.

Windows often automatically encrypts the storage on new PCs.

Chris Hoffman, Foundry

AI features on Copilot+ PCs get a lot of hype, and it’s easy to drum up interest by showing off screenshots of new Start menu and taskbar designs. But these rarely-discussed, under-the-hood features that increase security and resiliency are what will ultimately make Windows better for everyone — both enterprises with fleets of PCs and the average user with a Windows 11 PC at home. It’s great to see Microsoft focusing on improvements like these.

Want to stay up to date on Windows? Sign up for my free Windows Intelligence newsletter. You’ll get free copies of Paul Thurrott’s Windows Field Guides as a bonus when you sign up, too!

Have a question that needs to process an encyclopedia-length dataset? Nvidia says its new technique can answer it instantly.

Built leveraging the company’s Blackwell processor’s capabilities, the new “Helix Parallelism” method allows AI agents to process millions of words — think encyclopedia-length — and support up to 32x more users at a time.

While this could dramatically improve how agents analyze voluminous amounts of text in real time, some note that, at least for enterprise applications, it may be overkill.

“Nvidia’s multi-million-token context window is an impressive engineering milestone, but for most companies, it’s a solution in search of a problem,” said Wyatt Mayham, CEO and cofounder at Northwest AI Consulting. “Yes, it tackles a real limitation in existing models like long-context reasoning and quadratic scaling, but there’s a gap between what’s technically possible and what’s actually useful.”

Helix Parallelism helps fix LLMs’ big memory problem

Large language models (LLMs) still struggle to stay focused in ultra-long contexts, experts point out.

“For a long time, LLMs were bottlenecked by limited context windows, forcing them to ‘forget’ earlier information in lengthy tasks or conversations,” said Justin St-Maurice, technical counselor at Info-Tech Research Group.

And due to this “lost in the middle” problem, models tend to use only 10% to 20% of their inputs effectively, Mayham added.

Nvidia researchers pointed out that two serious bottlenecks include key-value (KV) cache streaming and feed-forward network (FFN) weight loading. Essentially, when producing an output, the model must scan through past tokens stored in a cache, but this strains GPU memory bandwidth. The agent also must reload large FFN weights from memory when processing each new word, slowing processes down considerably.

Traditionally, to address this, developers have turned to model parallelism, a machine learning (ML) technique that distributes components of a large neural network across multiple devices (such as Nvidia GPUs) rather than just using one. But eventually, this can lead to even more memory problems.

Helix Parallelism is inspired by the structure of DNA. It splits memory and processing tasks, handling them separately and distributing them across multiple graphics cards. This “round-robin” staggering technique reduces the strain on any single unit’s memory, reducing idle time and GPU overload, avoiding duplication, and making the system more efficient overall, Nvidia said.

Researchers performed simulations using DeepSeek-R1 671B — which, as its name would imply, has 671 billion parameters to support strong reasoning capabilities — and found that the technique cut response time by up to 1.5x.

St-Maurice said this isn’t just a technical feat; “it’s reshaping how we approach LLM interaction and design.” Helix parallelism and optimized KV cache sharding are giving LLMs an expanded “onboard memory” that is highly analogous to how developers improved older processors such as Pentiums, he noted.

“This means LLMs can now ingest and reason across massive volumes of data, all while maintaining coherence in real-time,” said St-Maurice. “If we think of LLMs as the new processors in our modern architecture, this is a logical forward progression.”

Use cases in law, coding, compliance-heavy sectors

Nvidia researchers point to use cases including AI agents following months of conversation, legal assistants reasoning through gigabytes of case law, or coding copilots navigating “sprawling repositories.” The company plans to integrate the technique into inference frameworks for AI systems supporting various industries.

Mayham agreed that this technique can be useful in “narrow domains” such as compliance-heavy sectors requiring “full-document fidelity” or medical systems analyzing lifetime patient histories in one shot.

“But those are edge cases,” he said. “Most orgs would be better off building smarter pipelines, not buying racks of GB200s.”

More typically, retrieval-augmented generation (RAG) systems that surface the “right 10K tokens” often outperform brute-force approaches across a million tokens, he said.

St-Maurice noted that in today’s world, generating encyclopedia-sized responses for humans is not the win. Rather, it’s about making LLM output relevant and usable by other AIs.

“This capability could be a game-changer for AI agents that can now maintain richer internal states, engage in far more complex, long-running chats and perform deeper document analysis,” he said.

He added that this breakthrough also aligns with the growing discipline of context engineering, which involves curating and optimizing information within vast context windows to maximize an agent’s effectiveness and reliability.

One of the most profound implications of this new technique for AI research could be multi-agent design patterns, he said. With the ability to process and exchange larger amounts of data within expanded context windows, AI agents can communicate and collaborate in ways “previously impractical.”

“This improved ‘memory’ and contextual awareness allows for more intricate coordination, shared understanding of complex histories and more robust collaboration on multi-step tasks,” said St-Maurice.

From a systems perspective, he pointed to Nvidia’s emphasis on a “deeply integrated hardware-software co-design” to address scaling issues, rather than relying on software-centric pattern management in a data layer.

Still, “the fundamental challenges of data movement across memory hierarchies will persist,” said St-Maurice. Loading and unloading vast amounts of contextual data in GPU memory will continue to create latency bottlenecks and complex dynamics around data transfer. This could potentially lead to ‘swapping-like’ inefficiencies, and thus performance degradation, in real-time processing as context continues to scale.

“This highlights that even with hardware breakthroughs, ongoing optimization of data flow will remain a critical frontier,” St-Maurice noted.

Post Office managers and supplier Fujitsu allowed erroneous data from the Horizon IT accounting system to be used to prosecute hundreds of innocent sub-postmasters, despite knowing it was flawed, the first part of a report on the UK’s biggest ever IT scandal has found.  

The results of this mismanagement were devastating, with the report estimating that prosecutions by the Post Office were a factor in at least 13 suicides, with a further 59 people telling the Horizon IT inquiry that they contemplated taking their own lives.

As one sub-postmaster testified: “The mental stress was so great for me that I had a mental breakdown and turned to alcohol as I sunk further into depression. I attempted suicide on several occasions and was admitted to a mental health institution twice.”

What has yet to be determined — and could yet result in criminal prosecution — is why managers persisted with prosecutions for alleged fraud over so many years, despite ample evidence that Horizon was prone to serious errors.

Hundreds of prosecutions

Horizon was launched in 1999 by Fujitsu, which had acquired it as part of its takeover of ICL the previous year. Designed to automate sales, stocktaking, and accounting across 18,500 post offices, the system was deployed in two phases: what is now called ‘legacy’ Horizon between 1999 and 2010, and Horizon Online, or HNG-X, after that.

Horizon’s role was to modernize a paper accounting system with one that recorded all money going into and out of sub-postmasters’ accounts using a centralized online database.  

However, even before launch, Fujitsu was aware that Horizon was prone to intermittent “bugs, errors and defects,” the report found. But despite Post Office managers knowing this, “throughout the lifetime of Legacy Horizon, the Post Office maintained the fiction that its data was always accurate,” the report said.

The hundreds of prosecutions that resulted from this are now viewed as the largest miscarriage of justice in British history. It discredited not only the Post Office and Fujitsu managers, but the criminal justice system that for years remained blind to ongoing miscarriages despite repeated complaints by campaigners.

“All of these [prosecuted] people are properly to be regarded as victims of wholly unacceptable behavior perpetrated by a number of individuals employed by and/or associated with the Post Office and Fujitsu from time to time, and by the Post Office and Fujitsu as institutions,” said the report.

Infallibility fallacy

Horizon’s Achilles’ heel was its tendency to generate apparent accounting shortfalls in the sub-postmaster accounts, in some cases for large sums.

The contract between the Post Office and the self-employed sub-postmasters made the latter liable for these losses. When a shortfall was flagged, sub-postmasters were asked to pay the money back, or, in more than 900 cases, were prosecuted for theft.

In 17 prosecutions the Horizon IT Inquiry Report examined in detail, the choice was stark – financial ruin, or jail time for the accused, and in some cases, both.

The underlying weaknesses of Horizon have already been well documented, including by technology journalists who were instrumental in exposing the system’s shortcomings as early as 2010. These included bugs that could cause the system to create multiple phantom withdrawals, to double payments, or to generate old-fashioned rounding errors.

The obvious conclusion is that the system was poorly coded, with not enough testing and revision to iron out flaws. Feedback from sub-postmasters was routinely ignored, with managers sticking to the belief that the system could not be wrong.

One might speculate that this was partly a feature of the 1990’s mindset from which Horizon emerged. Centralized databases and accounting systems were seen as the future, and too many assumptions were made about their infallibility.

The report has yet to make a judgment on why the system was trusted for so long, and it’s possible that managers at first believed Horizon was uncovering genuine fraud.

At some point, however, this stopped being the case, the report said. The implication is that managers at Fujitsu and the Post Office knew that Horizon was generating imaginary shortfalls and decided to cover that up to protect themselves and their institutions.

This week’s findings are part one of the inquiry, and focus primarily on the human effects of the Horizon IT scandal. A second report is expected later in 2025 or in 2026 which will examine the specific flaws in the Horizon’s system in more detail. It will also assess any wrongdoing by managers.

For the wider IT sector, the effects of the Horizon IT scandal could continue to linger. Large IT projects from the 1990s already have a poor reputation in the UK, with several going over budget or failing to deliver their expected returns. Horizon – now a watchword for incompetence and moral failure – has only amplified this widely held view.

Microsoft 365 (and Office 365) subscribers get more frequent software updates than those who have purchased Office without a subscription, which means subscribers have access to the latest features, security patches, and bug fixes. But it can be hard to keep track of the changes in each update and know when they’re available. We’re doing this for you, so you don’t have to.

Following are summaries of the updates to Microsoft 365/Office 365 for Windows over the past year, with the latest releases shown first. We’ll add info about new updates as they’re rolled out.

Note: This story covers updates released to the Current Channel for Microsoft 365/Office 365 subscriptions. If you’re a member of Microsoft’s Office Insider preview program or want to get a sneak peek at upcoming features, see the Microsoft 365 Insider blog.

Version 2506 (Build 18925.20158)

Release date: July 8, 2025

This Patch Tuesday build fixes several bugs in Outlook, PowerPoint, Word, and the whole Office suite, including one that caused the Copilot icon to unexpectedly display in Outlook when Copilot had been disabled by the admin in government cloud.

The release also includes a variety of security updates (see details).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2506 (Build 18925.20158).

Version 2506 (Build 18827.20176)

Release date: July 1, 2025

This build fixes a wide variety of bugs, including one in Word in which print preview sometimes stopped working when printing long emails.

Get more info about Version 2506 (Build 18827.20176).

Version 2505 (Build 18827.20176)

Release date: June 26, 2025

This build introduces several new features, including one in Excel in which the PivotTables dialog box interface has been replaced by a redesigned panel, making it easier to view all of your options and simpler to change your data selection before inserting a recommended PivotTable.

Get more info about Version 2505 (Build 18827.20176).

Version 2505 (Build 18827.20164)

Release date: June 17, 2025

This build fixes a bug that caused the “Try the new Outlook” toggle to be enabled when working in Classic Outlook side by side with the new Outlook.

Get more info about Version 2505 (Build 18827.20164).

Version 2505 (Build 18827.20150)

Release date: June 10, 2025

This build fixes several bugs, including one for the entire Office suite in which a Save As attempt on an existing file didn’t complete successfully, and subsequent attempts continued to encounter issues when trying to save to a file that no longer existed.

This Patch Tuesday release also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about  Version 2505 (Build 18827.20150).

Version 2505 (Build 18827.20140)

Release date: June 3, 2025

This build offers a variety of bug and performance fixes.

Read about Version 2505 (Build 18827.20140).

Version 2504 (Build 18730.20186)

Release date: May 20, 2025

This build introduces a new PowerPoint feature: Notification emails for mentions, tasks, comments, and replies will now contain context previews even when the source document is encrypted, and the email will inherit the document’s security policies.

Get more info about Version 2504 (Build 18730.20186).

Version 2504 (Build 18730.20168)

Release date: May 13, 2025

This build fixes a bug in which users were seeing high CPU usage when typing in Outlook. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2504 (Build 18730.20168).

Version 2504 (Build 18730.20142)

Release date: May 6, 2025

This build includes various bug and performance fixes.

Get more info about Version 2504 (Build 18730.20142).

Version 2504 (Build 18730.20122)

Release date: April 29, 2025

This build fixes a wide variety of bugs, including one in which PowerPoint was unable to open a file from a network mapped drive from File Explore, another in which Word closed unexpectedly when opening .doc files, and another for the entire Office suite in which large 3D files couldn’t be inserted.

Get more info about Version 2504 (Build 18730.20122).

Version 2503 (Build 18623.20208)

Release date: April 17, 2025

This build fixes a bug that could cause Excel to stop responding.

Get more info about Version 2503 (Build 18623.20208).

Version 2503 (Build 18623.20178)

Release date: April 8, 2025

This build fixes a single bug in Word in which users may have encountered an issue with saving, seeing the message “saving…” in the title bar. It  also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2503 (Build 18623.20178).

Version 2503 (Build 18623.20156)

Release date: April 2, 2025

This build lets you use Dark Mode in Excel, which darkens your entire sheet, including cells, and may reduce eye strain. It also fixes several bugs, including one in Word in which opening specific files that contain many tracked changes and comments resulted in poor performance, and one in PowerPoint in which the app was not displaying the icon for an inserted PDF object.

Get more info about Version 2503 (Build 18623.20156).

Version 2502 (Build 18526.20168)

Release date: March 11, 2025

This build fixes several bugs, including one in which some Word files with numerous tracked changes and comments were slow. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2502 (Build 18526.20168).

Version 2502 (Build 18526.20144)

Release date: March 5, 2025

This build fixes a wide variety of bugs, including one in Word in which the default font size may not be 12pt as expected, and another in which PowerPoint automatically closed when the system went into hibernate or sleep mode.

Get more info about Version 2502 (Build 18526.20144).

Version 2501 (Build 18429.20158)

Release date: February 11, 2025

This build removes the option to display Track Changes balloons in left margin in Word. It also includes a variety of security updates. See “Release notes for Microsoft Office security updates” for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2501 (Build 18429.20158).

Version 2501 (Build 18429.20132)

Release date: January 30, 2025

In this build, the advanced Track Changes option to set the margin for balloons in Word has been removed.

A wide variety of bugs have also been fixed, including one in which ActiveX controls used an excessive amount of GDI handles in PowerPoint, and another for the entire Office suite in which images couldn’t be pasted from SharePoint.

 Get more info about Version 2501 (Build 18429.20132).

Version 2412 (Build 18324.20194)

Release date: January 16, 2025

This build fixes one bug, in which apps would exit unexpectedly when running on Windows Server 2016.

Get more info about Version 2412 (Build 18324.20194).

Version 2412 (Build 18324.20190)

Release date: January 14, 2025

This build fixes a bug in Word in which the layout of tables were changed unexpectedly. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2412 (Build 18324.20190).

Version 2412 (Build 18324.20168)

Release date: January 7, 2025

This build makes tables in Outlook more accessible for screen readers. It also fixes a wide variety of bugs, including one in Word in which a document saved to a network shared folder and set to “Always Open Read-Only” would open in “Editing” mode, and another for the entire Office suite in which application didn’t render the grid properly after switching from page break preview to normal view.

Get more info about Version 2412 (Build 18324.20168).

Version 2411 (Build 18227.20162)

Release date: December 10, 2024

This build fixes a bug in Word and Outlook where characters didn’t render correctly when using Save Selection to Text Box Gallery. It also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2411 (Build 18227.20162).

Version 2411 (Build 18227.20152)

Release date: December 5, 2024

This build fixes a wide variety of bugs, including one in Excel in which some cells might not be rendered properly upon scrolling in a worksheet using freeze panes, one in Word which prevented emails with linked SVG content from saving or sending, and one in which some PowerPoint presentations created by third-party tools didn’t open correctly and some content was removed.

Get more info about Version 2411 (Build 18227.20152).

Version 2410 (Build 18129.20158)

Release date: November 12, 2024

This build fixes a variety of bugs, including one in Word in which all characters didn’t appear correctly when creating an Outlook task from OneNote, and one in PowerPoint in which embedded BMP images in the PowerPoint slide were not opening.

This build also includes a variety of security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2410 (Build 18129.20158).

Version 2410 (Build 18129.20116)

Release date: October 28, 2024

This build enables filtering capabilities for the comment pane in Excel and fixes a variety of bugs, including one in Word in which the title bar no longer showed a “Saved” status for locally saved files, and one in PowerPoint in which a graphics-related issue caused the app to close unexpectedly at times.

Get more info about Version 2410 (Build 18129.20116).

Version 2409 (Build 18025.20160)

Release date: October 15, 2024

This build fixes a single bug in Word, in which emails with linked SVG content couldn’t be saved or sent.

Get more info about Version 2409 (Build 18025.20160).

Version 2409 (Build 18025.20140)

Release date: October 8, 2024

This build fixes a variety of bugs, including one in Word in which text wasn’t clearly visible in High Contrast Mode when using “Draft with Copilot” and referencing a meeting under “Reference your content.”

This build also includes multiple security updates. See Release notes for Microsoft Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2409 (Build 18025.20140).

Version 2409 (Build 18025.20104)

Release date: September 25, 2024

This build fixes a single bug, in which when you saved a file in Word, the save status was missing from the Title bar.

Get more info about Version 2409 (Build 18025.20104).

Version 2409 (Build 18025.20096)

Release date: September 23, 2024

This build improves the user experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file or when configuring standalone Information Rights Management through the Restrict Access feature. This change affects Excel, PowerPoint, and Word.

The build also fixes a variety of bugs, including one in Word in which Document Mode would switch from “editing” to “viewing” if user enabled “Track Changes” and set “For Everyone.”

Get more info about Version 2409 (Build 18025.20096).

Version 2408 (Build 17928.20156)

Release date: September 10, 2024

This update will remove Flip video support when the service goes offline on October 1, 2024. The build also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2408 (Build 17928.20156).

Version 2408 (Build 17928.20114)

Release date: August 26, 2024

This build allows you to disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (e.g., sensitivity labels and rights management) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 Apps. Instead, these services will rely on their existing security admin controls in Purview portals.

The build also fixes a variety of bugs, including one in Outlook that caused default SMIME labels to fail to apply when a user replied to or forwarded an unlabeled message, and one for the entire suite in which people couldn’t install Microsoft 365 apps on an enrolled device.

Get more info about Version 2408 (Build 17928.20114).

Version 2407 (Build 17830.20166)

Release date: August 13, 2024

This build includes a variety of security updates for Excel, Outlook, PowerPoint, Project, Visio, and the entire Office suite. See Microsoft’s Release notes for Office security updates for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2407 (Build 17830.20166).

Version 2407 (Build 17830.20138)

Release date: August 1, 2024

This build fixes a wide variety of bugs, including one in which coauthoring on text boxes in Excel sometimes gave unexpected results, another in PowerPoint in which line widths were not preserved when exporting arrow shapes to PDF, and another in Word in which revisions were sometimes skipped when reviewing using VBA.

Get more info about Version 2407 (Build 17830.20138).

Version 2406 (Build 17726.20160)

Release date: July 9, 2024

This build fixes several bugs, including one in Word and Excel in which characters don’t appear correctly in Text Box Gallery. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2406 (Build 17726.20160).

Version 2406 (Build 17726.20126)

Release date: June 26, 2024

This build fixes a wide variety of bugs, including one in which Excel documents might be unexpectedly edited when a mandatory sensitivity label has not been applied, one that caused Outlook to exit unexpectedly shortly after launch for some users, and one in which pasting data from Word or Excel to an Outlook template as a link would cause an error message to appear.

Get more info about Version 2406 (Build 17726.20126).

Version 2405 (Build 17628.20164)

Release date: June 19, 2024

This build includes a variety of unspecified bug and performance fixes.

Get more info about Version 2405 (Build 17628.20164).

Version 2405 (Build 17628.20144)

Release date: June 11, 2024

This build fixes one bug, which prevented users from sending mail for a few hours after updating add-ins with on-send events. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2405 (Build 17628.20144).

Version 2405 (Build 17628.20110)

Release date: May 30, 2024

This build fixes a wide variety of bugs, including one in Excel in which an embedded workbook in .xls format might not have closed properly, one that that caused Outlook to close when using Copilot Summarize, one in Word in which content controls may have been removed when coauthoring, and one for the entire Office suite in which the Organization Chart Add-In for Microsoft programs was not loading properly.

Get more info about Version 2405 (Build 17628.20110).

Version 2404 (Build 17531.20152)

Release date: May 14, 2024

This build fixes a number of bugs, including one in Word where content controls might be removed when coauthoring, and one that caused Sovereign users to be unable to create ToDo tasks from Outlook.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2404 (Build 17531.20152).

Version 2404 (Build 17531.20140)

Release date: May 7, 2024

This build fixes two bugs in Outlook, one in which it closed unexpectedly using the Scheduling Assistant when creating a new meeting or viewing an existing meeting, and another that caused add-in developers to hit timeouts when retrieving notifications from an Outlook client context.

Get more info about Version 2404 (Build 17531.20140) .

Version 2404 (Build 17531.20120)

Release date: April 29, 2024

This build reduces workbook size bloat from unnecessary cell formatting with a new “Check Performance” task pane. In addition, it fixes a wide variety of bugs, including one in Excel in which the default font could not be set; one in Outlook in which custom forms from MAPI form servers stopped responding; one in PowerPoint in which online videos did not play in some cases; one in which when opening certain Word documents would cause the error, “Word experienced an error trying to open the file”; and one in which the Office update installer appeared to be unresponsive.

Get more info about Version 2404 (Build 17531.20120) .

Version 2403 (Build 17425.20176)

Release date: April 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2403 (Build 17425.20176).

Version 2402 (Build 17328.20184)

Release date: March 12, 2024

This build fixes three bugs: one in which Access closed unexpectedly, one in which Excel closed unexpectedly when opening files with pivot tables and table design in macro-enabled files, and one in which Word closed unexpectedly when the undo function was used.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2402 (Build 17328.20184).

Version 2402 (Build 17328.20162)

Release date: March 4, 2024

This build fixes several bugs, including one that crashed Outlook when a link was clicked on, and another for the entire Office suite in which opened Office apps didn’t automatically start when a laptop was reopened, and an error message appeared after manual relaunch.

Get more info about Version 2402 (Build 17328.20162).

Version 2402 (Build 17328.20142)

Release date: February 28, 2024

This build fixes a variety of bugs, including one that caused Outlook to exit unexpectedly when expanding a conversation in the search results from a search of “All Mailboxes,” and another in which users were not able to create a bullet list with hyphens in PowerPoint.

Get more info about Version 2402 (Build 17328.20142).

Version 2401 (Build 17231.20236)

Release date: February 13, 2024

This build fixes several bugs, including one in which macros were being corrupted when saving Excel files and another that affected the entire Office suite in which add-ins would not load after Click trust for content add-in was selected.

This build also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2401 (Build 17231.20236).

Version 2401 (Build 17231.20194)

Release date: February 1, 2024

This build fixes a single bug in which expanded groups in the message list collapsed when users changed which column they were arranged by.

Get more info about Version 2401 (Build 17231.20194).

Version 2401 (Build 17231.20182)

Release date: January 30, 2024

This build fixes a wide variety of bugs, including one in which Excel would stop responding when saving changes, one in PowerPoint in which Notes and Slide layout would open with incorrect proportions when a file was opened from a protected view, and one in Word in which comment cards appeared too wide and cut off text when changing or switching the screen in use.

Get more info about Version 2401 (Build 17231.20182).

Version 2312 (Build 17126.20132)

Release date: January 9, 2024

This build fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2312 (Build 17126.20132).

Version 2312 (Build 17126.20126)

Release date: January 4, 2023

This build introduces a new sensitivity toolbar in Word, Excel, and PowerPoint that helps users understand the security policies that apply to their documents. It’s available when users are creating copies of their documents in File / Save As. In addition, Office now had a new default theme, which Microsoft says is “more modern and accessible.”

It also fixes a wide variety of bugs, including one in Excel in which Custom Menu text was truncated when right-clicking in a cell, one in PowerPoint in which restoring a previous version of a presentation was not working as expected when using Version History, and one in Word in which the content control end tag was marked at the end of the document automatically if the document was edited in Word Online and then opened in Word desktop.

Get more info about  Version 2312 (Build 17126.20126).

Version 2311 (Build 17029.20108)

Release date: December 12, 2023

This build fixes one bug in Outlook, in which the message list was blank when switching between the “Focused” and “Other” views.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2311 (Build 17029.20108).

Version 2311 (Build 17029.20068)

Release date: November 29, 2023

This build automatically inserts image captioning for Excel’s images. When you insert an image into a spreadsheet, accessibility image captioning is automatically generated for you.

It also fixes a wide variety of bugs, including one in Excel in which list box controls would not respond to mouse clicks after scrolling using the mouse wheel, and one in Word in which the language of a presentation was not retained when saving or exporting the presentation to a PDF file.

Get more info about Version 2311 (Build 17029.20068).

Version 2310 (Build 16924.20150)

Release date: November 14, 2023

This build fixes several bugs, including one in which Outlook failed to comply with the default browser settings for some users, and another in which new lines were added to an Outlook signature when pressing Enter in the body of the email.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2310 (Build 16924.20150).

Version 2310 (Build 16924.20124)

Release date: Oct. 31, 2023

This build fixes a bug that caused Outlook to exit unexpectedly when clicking the More link in the Search results list.

Get more info about Version 2310 (Build 16924.20124).

Version 2310 (Build 16924.20106)

Release date: Oct. 25, 2023

In this build, the Teams Meeting App works in Outlook, too. With it, you’ll be able to configure a meeting app while scheduling an invite in Outlook. The meeting app will be ready to use when you chat or join the meeting on Teams.

A wide variety of bugs have also been fixed, including one in Excel where certain Pivot Tables would load slowly; one in which OneNote would close unexpectedly when rapidly navigating from one .PDF file to another .PDF file between different sections, or when performing an undo operation on a .PDF printout insertion; and one in the entire Office suite that caused unexpected black borders to appear around screen captures added with the Insert Screenshot functionality.

Get more info about Version 2310 (Build 16924.20106).

Version 2309 (Build 16827.20166)

Release date: October 10, 2023

This build fixes two bugs, one in which users were missing their Outlook add-ins, and another in Word in which subheading numbering with a custom Style would disappear if the file was saved and reopened. It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2309 (Build 16827.20166).

Version 2309 (Build 16827.20130)

Release date: September 28, 2023

This build introduces two new features, including the ability to disable specific types of automatic data conversions in Excel and support for the “Present in Teams” button to present local files in PowerPoint Live in Microsoft Teams.

Several bugs have also been fixed, including one in which the setting to control how Outlook opens previous items at start-up was missing from the Options window, and another in Word in which the Add-ins tab was not visible when using custom toolbar information.

Get more info about Version 2309 (Build 16827.20130).

Version 2308 (Build 16731.20234)

Release date: September 12, 2023

This build fixes several bugs, including one that caused Outlook to close unexpectedly when viewing an email, and another in PowerPoint in which the presenter view slide section zoomed in and out when zooming in the notes section.

It also fixes a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2308 (Build 16731.20234).

Samsung has announced multiple data security and privacy enhancements for its upcoming Galaxy smartphones running One UI 8, its custom user interface on top of Android. [...]

M&S confirmed today that the retail outlet's network was initially breached in a "sophisticated impersonation attack" that ultimately led to a DragonForce ransomware attack. [...]

A novel tapjacking technique can exploit user interface animations to bypass Android's permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. [...]

A Windows launch isn’t the end a process — it’s really just the beginning. Microsoft continually works on improving Windows 11 by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent version of Windows 11 — currently version 24H2. For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it. The most recent updates appear first.

The easiest way to install updates is via Windows Update. Not sure how? See “How to handle Windows 10 and 11 updates” for full instructions. Note that Windows 11 version 24H2 is being released as a phased rollout and may not be available to you in Windows Update yet.

If you’re still using Windows 10, see “Windows 10: A guide to the updates.” And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 11, see “Windows 11 Insider Previews: What’s in the latest build?”

Updates for Windows 11 24H2 KB5062553 (OS Build 26100.4652)

Release date: July 8, 2025

The build fixes several bugs, including one in which notification sounds didn’t play. Affected sounds included those for on-screen alerts, volume adjustments, and sign-in. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5062553.)

KB5060829 (OS Build 26100.4484) Preview

Release date: June 26, 2025

A wide variety of new features are being gradually rolled out in this build, including a new Settings home page that includes enterprise-specific device info cards for commercial customers on PCs managed by an IT administrator. The taskbar also now resizes icons to fit more apps when space runs low.

Users in the European Economic Area will see several small changes related to default browsers, such as mapping additional file and link types to the default browser and pinning it to the taskbar and Start menu.

A variety of bugs have also been fixed, including one that prevented the automatic renewal of expiring certificates in Windows Hello for Business.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5060829 Preview.)

KB5063060 (OS Build 26100.4351) Out-of-band

Release date: June 11, 2025

This out-of-band update replaces the KB5060842 Patch Tuesday release, fixing a bug in which Windows sometimes restarted unexpectedly when users opened games that use the Easy Anti-Cheat service. Easy Anti-Cheat automatically installs with certain games to enhance security and prevent cheating in multiplayer online PC games. 

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

(Get more info about KB5063060 Out-of-band.)

KB5060842 (OS Build 26100.4349)

Release date: June 10, 2025

After installing this update, Windows will retain system restore points for 60 days only. Restore points older than 60 days are not available. This 60-day limit will also apply to future versions of Windows 11, version 24H2.

The build fixes a bug that prevented users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​ It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060842.)

KB5058499 (OS Build 26100.4202) Preview

Release date: May 27, 2025

A wide variety of new features are being gradually rolled out in this build, including one in which Click to Do gets the new Ask Copilot action. When you highlight text or an image, Click to Do offers the Ask Copilot option. Selecting it opens Microsoft Copilot with your content in the prompt box. You can send the selected text or image directly to the Copilot app to complete your prompt.

A variety of bugs have also been fixed, including one in which devices with BitLocker on removable drives could encounter a blue screen error after resuming from sleep or hybrid-booting.

(Get more info about KB5058499 Preview.)

KB5061977 (OS Build 26100.4066) 

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

(Get more info about KB5061977.)

KB5058411 (OS Build 26100.4061)

Release date: May 13, 2025

This update fixes two bugs, one in which your microphone might have muted unexpectedly, and the other in which the eye controller app didn’t launch. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058411.)

KB5055627 (OS Build 26100.3915) Preview

Release date: April 25, 2025

This build gradually rolls out several new features for Copilot+ PCs, including a preview of Windows Recall. When you opt in, Recall takes snapshots of your activity so you can quickly find and go back to what you have seen before on your PC. With it, you can use a timeline to find the content you remember seeing.

Copilot+ PCs also get a new natural-language Windows search in which you can search for anything on your PC without having to remember specific file names, exact words in file content, or settings names. Just describe what you’re looking for. On Copilot+ PCs, you can also more easily find photos stored and saved in the cloud by typing your own words (like “summer picnics”) in the search box at the upper-right corner of File Explorer. 

All PCs get a number of new features, including speech recap, in which you can keep track of what Narrator has spoken and access it for quick reference. With speech recap, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said using keyboard shortcuts.

A variety of bugs are being fixed, including one in which some devices experienced intermittent internet connections when resuming from sleep mode. Several AI components have also been updated.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows.

(Get more info about KB5055627 Preview.)

KB5055523 (OS Build 26100.3775)

Release date: April 8, 2025

This update includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. 

(Get more info about KB5055523.)

KB5053656 (OS Build 26100.3624) Preview

Release date: March 27, 2025

This build gradually rolls out several new features for Snapdragon-powered Copilot+ PCs, including one in which you can search for anything on your PC without having to remember specific file names, exact words in file content, or settings names. Just describe what you’re looking for.

On Copilot+ PCs you can also more easily find photos stored and saved in the cloud by typing your own words (like “summer picnics”) in the search box at the upper-right corner of File Explorer. In addition to photos stored locally on your Copilot+ PC, photos from the cloud will now show up in the search results together. 

Snapdragon-powered Copilot+ PCs also will allow you to use natural-language processing in voice access, by using your own words rather than using rigid, predefined commands.

In addition, the build includes a variety of bugs being immediately fixed, including one in which some third-party apps rendered the graphics settings page unresponsive.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows.

(Get more info about KB5053656 Preview.)

KB5053598 (OS Build 26100.3476)

Release date: March 11, 2025

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5053598.)

KB5052093 (OS Build 26100.3323) Preview

Release date: February 25, 2025

In this build, a variety of new features are being rolled out gradually, including one that lets you snooze or turn off the “Start backup” reminder in the File Explorer address bar. This only applies if you are not already backing up your files and folder. To view this new option, right-click Start backup.

A number of bug fixes are being rolled out gradually, including one for a bug in which the address bar overlapped files in File Explorer when you used the F11 full-screen mode. A variety of bug fixes take immediate effect, including for a bug in which there were display rendering issues when you tried to connect to certain PCs.

There are two known issues in this build, including one in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. In addition, devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5052093 Preview.)

KB5051987 (OS Build 26100.3194)

Release date: February 11, 2025

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5051987.)

KB5050094 (OS Build 26100.3037) Preview

Release date: January 28, 2025

In this build, a variety of new features are being rolled out gradually, including one in which an icon will appear in the system tray when you use an app that supports Windows Studio Effects. This only occurs on a device that has a neural processing unit (NPU). Select the icon to open the Studio Effects page in Quick Settings. To view the app that is using the camera, hover over the icon for a tooltip.

A number of bug fixes are being rolled out gradually, including one for a bug in which a search would sometimes repeat when you didn’t want it to. Other bug fixes are immediately available, including one in which the display of some games appears oversaturated when you use Auto HDR.

There are three known issues in this build, including one in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. In addition, following the installation of the October 2024 security update, some customers report that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. And devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update

(Get more info about KB5050094 Preview.)

KB5050009 (OS Build 26100.2894)

Release date: January 14, 2025

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5050009.)

KB5048667 (OS Build 26100.2605)

Release date: December 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5048667.)

KB5046740 (OS Build 26100.2454) Preview

Release date: November 21, 2024

This build adds a number of interface features are being rolled out gradually. The system tray shows a shortened date and time, and there’s a new section for touchscreen edge gestures in Settings. When you right-click an app on the Start menu, a jump list will appear (if the app has a jump list). And if you hold Ctrl + Shift down when you click a jump list item, you open the item as an admin.

A variety of bugs have been fixed in this build, including one in which the users page might have caused Task Manager to stop responding when you use the keyboard.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5046740 Preview.)

KB5046617 (OS Build 26100.2314)

Release date: November 12, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5046617.)

KB5044384 (OS Build 26100.2161) Preview

Release date: October 24, 2024

In this build, you can now configure the Copilot key on the keyboard. On new devices, the key opens the Copilot app. If you sign in to your account using a Microsoft Entra ID, the key opens the M365 app. You can make the key open a different app or open Search. To do this, go to Settings > Personalization > Text input. 

In addition, a variety of features are being rolled out gradually, including one in which you can stop the suggestions to turn off notifications from certain apps. Select the ellipsis (…) in the notification and turn it off. You can also go to Settings > System > Notifications and turn it off from there. 

A variety of bugs have also been fixed, including one in which you were unable to view some parts of the UI when you run certain apps.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5044384 Preview.)

Windows 11 24H2 KB5044284 (OS Build 26100.2033)

Release date: October 8, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2024 Security Updates.

This build also fixes one bug in which the Remote Desktop Gateway Service stopped responding when a service used remote procedure calls (RPC) over HTTP.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5044284.)

Windows 11, version 24H2

Release date: October 1, 2024

The Windows 11 24H2 update (also called Windows 11 2024 Update) is now being gradually rolled out. It may take some months before it reaches everyone, so you may not have it yet. As with previous annual Windows updates, it’s not a major upgrade, but does include a variety of minor new features.

Following are the highlights for end users:

• File Explorer gets several new features, including support for TAR and 7z compression and the ability to add metadata to PNG files, so you can add information to your images.
• New privacy settings for Wi-Fi networks give more control over which applications can access the list of nearby Wi-Fi networks. Limiting the applications that can access that list can make it more difficult for others to pinpoint your location.
• You can now join Wi-Fi networks by scanning QR codes, and create a QR code to allow others to share your mobile hotspot with others.
• A new Energy Saver mode reduces electric consumption on desktop PCs as well as laptops, helping you reduce your carbon footprint and improving laptop battery life. It reduces energy consumption from background tasks as well as those running in the foreground.
• Copilot now runs as a separate app, and is movable and resizable like any other app, rather than running in a sidebar panel.
• Copilot+ PCs get several new features, including Cocreator in Paint, which uses AI to generate images; enhancing video calls with AI-powered noise cancellation and improved lighting; and what Microsoft calls Auto Super Resolution, which gives games higher resolution and offers smoother gameplay.

For IT admins, highlights include:

• Policy improvements and automatic account management for Windows Local Administrator Password Solution (LAPS)
• Personal Data Encryption (PDE) for users’ Documents, Desktop, and Pictures folders
• App Control for Business
• Windows protected print mode
• Local Security Authority (LSA) protection
• Support for Wi-Fi 7
• SHA-3 support

See this blog post from Microsoft’s Harjit Dhaliwal for more information.

Prerelease updates for Windows 11 24H2 KB5043178 (OS Build 26100.1882) Preview

Release date: September 30, 2024

This build for Windows 11 24H2 offers a variety of new features, some of which will show up immediately and some of which are being rolled out gradually. Among the features that will roll out gradually is a new energy recommendation to turn off high dynamic range (HDR). This helps to conserve energy on devices that have HDR displays. Go to Settings > Power & battery > Energy recommendations.

Among the features available immediately is one that lets you manage your Copilot Pro subscription in Settings. Sign in to your Microsoft account and go to Settings > Accounts.

Several bugs have been fixed, including one in which Task Manager stopped responding when you switched from a high-contrast theme to a normal theme.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5043178 Preview.)

KB5043080 (OS Build 26100.1742)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043080.)

KB5041865 (OS Build 26100.1591) Preview

Release date: August 27, 2024

This build for Windows 11 24H2 offers a variety of new features that are being rolled out gradually, including one in which you can share content to your Android device from the Windows Share window.

Several bugs have been fixed, including one in which a deadlock occurred in the domain controller when it started up in the DNS client.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5041865 Preview.)

KB5041571 (OS Build 26100.1457)

Release date: August 13, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates. It also fixes several bugs, including one in which the “Use my Windows user account” checkbox was not available on the lock screen to connect to Wi-Fi.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041571.)

KB5040529 (OS Build 26100.1301) Preview

Release date: July 30, 2024

This build for Windows 11 24H2 offers a variety of new features that are being rolled out gradually, including the new account manager being on the Start menu. When you use a Microsoft account to sign in to Windows, you will get a glance at your account benefits. This feature also makes it easy to manage your account settings.

One feature is being rolled out immediately, in which Widgets icons on the taskbar are no longer pixelated or fuzzy. You also get a larger set of animated icons.

Several bugs have been fixed, including one in which devices that use certain WLAN cards stopped responding.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5040529 Preview.)

KB5040435 (OS Build 26100.1150)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates. It also This update adds PCR 4 to PCR 7 and 11 for the default Secure Boot validation profile.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5040435.)

KB50439304 (OS Build 26100.1000) Preview

Release date: June 28, 2024

This build fixes a variety of bugs, including one in which Windows Defender Application Control (WDAC) failed to verify the policies of some apps.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5041865 Preview.)

KB5039239 (OS Build 26100.863)

Release date: June 15, 2024

This build pins Copilot to the taskbar and makes it behave like a traditional app that can be resized and moved. The build also fixes several bugs, including one in which the volume of Bluetooth devices were automatically set to maximum when you connected to them.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5039239.)

Updates to Windows 11 version 23H2 KB5043145 (OS Builds 22621.4249 and 22631.4249) Preview

Release date: September 24, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately, and some of which are being rolled out gradually. Among the features that will roll out gradually is the ability to share local files directly from the search results that appear in the Search box on the taskbar. Among the bug fixes that roll out immediately are one that addresses an issue in which Task Manager stopped responding when you switched from a high contrast theme to a normal theme.

(Get more info about KB5043145 Preview.)

KB5043076 (OS Builds 22621.4169 and 22631.4169)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, in which you might face issues with booting Linux if you have enabled the dual-boot setup for Windows and Linux in your device. Your device might fail to boot Linux and show the error message “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”

(Get more info about KB5043076.)

KB5041587 (OS Builds 22621.4112 and 22631.4112) Preview

Release date: August 27, 2024

This build, for both Windows 11 22H2 and 23H2, includes the ability to share content to your Android device from the Windows Share window. To do it, must pair your Android device to your Windows PC and use the Link to Windows app on your Android device and Phone Link on your PC.

In Voice Access, you can also now dictate the characters that you spell at a faster speed, and you have more editing options for the commands that select, delete, and move within text. The build also fixes several bugs, including one in which when you pressed Ctrl + F, sometimes the search did not start.

The new features and bug fixes will roll out to users gradually.

(Get more info about KB5041587 Preview.)

KB5041585 (OS Builds 22621.4037 and 22631.4037)

Release date: August 13, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041585.)

KB5040527 (OS Builds 22621.3958 and 22631.3958) Preview

Release date: July 25, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately and some of which are being rolled out gradually. Among the features that will roll out gradually is pinning apps to the taskbar by dragging them from the Pinned section of the Start menu, and right-clicking a tab in File Explorer to duplicate it. Among the bug fixes that will roll out gradually is a memory leak that occurred when you interacted with archive folders.

Among the bugs fixed immediately is one in which in Group Policy Preferences you could not choose a group from the target domain for ILT or choose an account from Local Users and Groups.

(Get more info about KB5040527 Preview.)

KB5040442 (OS Builds 22621.3880 and 22631.3880)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which enterprise users may face issues while upgrading from Windows Pro to a valid Windows Enterprise subscription. OS upgrade operations may fail, and this might be shown in the LicenseAcquisition scheduled task in Task Scheduler > Task Scheduler Library > Microsoft > Windows > Subscription as ‘Access denied error (error code 0x80070005)’ under ‘Last Run Result.’

(Get more info about KB5040442.)

KB5039302 (OS Builds 22621.3810 and 22631.3810) Preview

Release date: June 25, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately and some of which are being rolled out gradually. Among the bug fixes that will show up immediately is one that addresses an issue in which ejecting USB devices using the Safely Remove Hardware option failed when Task Manager was open.

Among the features that will roll out gradually is a new account manager on the Start menu that makes it easier to manage your account settings and lets you see your account benefits. Also being rolled out gradually is support for Emoji 15.1.

(Get more info about KB5039302 Preview.)

KB5039212 (OS Builds 22621.3737 and 22631.3737)

Release date: June 11, 2024

This update fixes a variety of bugs, including one in which the taskbar might briefly glitch, not respond, or disappear and reappear.

In addition, it has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5039212.)

KB5037853 (OS Builds 22621.3672 and 22631.3672) Preview

Release date: May 29, 2024

This build introduces a variety of minor feature updates, including one that lets you use your mouse to drag files between breadcrumbs in the File Explorer address bar and another that lets you create QR codes for webpage URLs and cloud files from the Windows share window.

The build also fixes a variety of bugs, including one in which File Explorer stopped responding when you swiped from a screen edge after turning off edge swiping, and another in which handwriting panels and touch keyboards did not appear when you used a pen.

(Get more info about KB5037853 Preview.)

KB5037771 (OS Builds 22621.3593 and 22631.3593)

Release date: May 14, 2024

This update fixes a bug that caused VPN connections to fail, and another in which Server Message Block (SMB) clients failed to make SMB Multichannel connections, making file transfers are slow.

In addition, it has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5037771.)

KB506980 (OS Builds 22621.3527 and 22631.3527) Preview

Release date: April 23, 2024

In this build, the Recommended section of the Start menu will show some Microsoft Store apps. In addition, widgets icons on the taskbar are no longer pixelated or fuzzy, and Windows widgets on the lockscreen are more reliable.

The build also fixes a variety of bugs, including one in which Windows Local Administrator Password Solution’s Post Authentication Actions (PAAs) did not occur at the end of the grace period. Instead, they occurred at restart.

There is one known issue in this build, in which you might be unable to change your user account profile picture.

(Get more info about KB5036980 Preview.)

KB5036893 (OS Builds 22621.3447 and 22631.3447)

Release date: April 9, 2024

This build offers a wide variety of minor new features, including dedicated mode for Windows 365 Boot. When you sign in on your company-owned device, you also are signed into to your Windows 365 Cloud PC. This uses passwordless authentication, like Windows Hello for Business.

The update also adds suggestions to Snap Layouts. When you hover over the minimize or maximize button of an app to open the layout box, app icons will display various layout options. Use them to help you to choose the best layout option.

In addition, the update changes the apps that appear in the Windows share window. The account you use to sign in affects the apps that are in “Share using.” For example, if you use a Microsoft account (MSA) to sign in, you will see Microsoft Teams (free). When you use a Microsoft Entra ID account (formerly Azure Active Directory) to sign in, your Microsoft Teams (work or school) contacts show instead.

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5036893.)

Windows 11 KB5035942 (OS Builds 22621.3374 and 22631.3374) Preview

Release date: March 26, 2024

In addition, in Windows Hello for Business admins can now use mobile device management to turn off the prompt that appears when users sign in to an Entra-joined machine. To do it, turn on the “DisablePostLogonProvisioning” policy setting. After a user signs in, provisioning is off for Windows 10 and Windows 11 devices.

There is one known issue in this build, in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows.

(Get more info about KB5035942 Preview.)

KB5035853 (OS Builds 22621.3296 and 22631.3296)

Release date: March 12, 2024

This build fixes a bug that affected the February 2024 security and preview updates. They might not have installed, and your device might shave stopped responding at 96% with the error code “0x800F0922” and the error message, “Something did not go as planned. No need to worry – undoing changes. Please keep your computer on.”

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5035853.)

KB5034848 (OS Builds 22621.3235 and 22631.3235) Preview

Release date: February 29, 2024

In this build, you can now use the Snipping Tool on your PC to edit the most recent photos and screenshots from your Android device. You will get an instant notification on your PC when your Android device captures a new photo or screenshot. To turn this on, go to Settings > Bluetooth & devices > Mobile devices. Choose Manage devices and allow your PC to access your Android device.

The build also adds support for the USB 80Gbps standard, the next generation of USB4 that has twice the bandwidth of USB 40Gbps. To use USB 80Gbps, you must have a compatible PC and USB4 or Thunderbolt peripheral.

The build also fixes several bugs, including one in which the Windows Settings Home page randomly stopped responding when you went to the page, and another in which devices failed to make the automatic switch from cellular to Wi-Fi when they could use Wi-Fi.

There is one known issue in this build, in which Windows 11 devices attempting to install the February 2024 security update, released February 13, 2024 (KB5034765), might face installation failures and the system might stop responding at 96%.

(Get more info about KB5034848 Preview.)

KB5034765 (OS Builds 22621.3155 and 22631.3155)

Release date: February 13, 2023

In this build, the Copilot in Windows icon now appears on the right side of the system tray on the taskbar. Also, the display of “Show desktop” at the rightmost corner of the taskbar will be off by default. To turn it back on, go to Settings > Personalization > Taskbar. You can also right-click the taskbar and choose Taskbar settings. These changes will be gradually rolled out.

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5034765.)

KB5034204 (OS Builds 22621.3085 and 22631.3085) Preview

Release date: January 23, 2024

This build fixes a variety of bugs, including one that stopped search from working on the Start menu for some users because of a deadlock, and another that that caused devices to intermittently stop responding after you installed a print support app.

There is one known issue in this build, in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview).

(Get more info about KB5034204 Preview.)

KB5034123 (OS Builds 22621.3007 and 22631.3007)

Release date: January 9, 2024

This build fixes several bugs, including one in which devices shut down after 60 seconds when you used a smart card to authenticate on a remote system, and another in which some Wi-Fi adapters could not connect to some networks, particularly those that use 802.1x to authenticate.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one affecting ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5034123.)

KB5033375 (OS Builds 22621.2861 and 22631.2861)

Release date: December 12, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are four known issues in this build, including one which affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5033375.)

KB5032288 (OS Builds 22621.2792 and 22631.2792) Preview

Release date: December 4, 2023

In this update, Copilot in Windows (in preview) can be used across multiple displays, and it can be used with Alt+Tab. When you press Alt+Tab, the thumbnail preview for Copilot in Windows appears among other thumbnail previews of open windows. You can switch between them using the Tab keystroke. This is available to a small audience initially and will deploy more broadly in the months that follow.

The update also fixes a wide range of bugs, including one in which the Copilot icon did not show as being as active when it’s open on the taskbar.

There are four known issues in this update, one applicable to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5032288 Preview.)

KB5032190 (OS Builds 22621.2715 and 22631.2715)

Release date: November 14, 2023

This build introduces a preview of the Copilot for Windows AI assistant and a File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also introduces the Windows Backup app that can be used to quickly get your current PC backed up and ready to move to a new PC. In addition, there are many other new features and interface changes throughout Windows, including for Settings, Windows Spotlight, security graphics, voice access, Narrator, and others.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one that affects ID admins in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5032190.)

KB5031455 (OS Builds 22621.2506 and 22631.2506) Preview

Release date: Oct. 31, 2023

This update introduces a preview of the Copilot for Windows AI assistant and File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also includes minor interface changes to many parts of the operating system, including taskbar, system tray, security notifications, and more.

There is one known issue, which applies to IT admins: using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5031455 Preview.)

KB5031455 (OS Build 22621.2506) Preview

Release date: Oct. 26, 2023

This build introduces a preview of the Copilot for Windows AI assistant and a File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also introduces the Windows Backup app that can be used to quickly get your current PC backed up and ready to move to a new PC.

There is one known issue in this build that applies to IT admins: using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5031455 Preview.)

KB5031354 (OS Build 22621.2428)

Release date: October 10, 2023

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5031354.)

KB5030310 (OS Build 22621.2361) Preview

Release date: September 26, 2023

This update adds websites to the Recommended section of the Start menu. These websites come from your browsing history. You can remove any website URL from the Recommended section using the shortcut menu. To turn off the feature, go to Settings > Personalization > Start.

It also fixes a variety of bugs, including one in which the search box tooltip did not appear in the correct position, and another in which the search button disappeared when you interacted with the search flyout box.

In addition, if you want to use a variety of new features, such as the AI-driven Copilot for Windows and improvements to File Manager, Paint, and other apps, go to Settings > Windows Update, toggle on “Get the latest updates as soon as they’re available,” and then restart your PC. For more details, see Microsoft’s blog post.

(Get more info about KB5030310 Preview.)

KB5030219 (OS Build 22621.2283)

Release date: September 12, 2023

This build removes a blank menu item from the Sticky Keys menu and includes a variety of security updates. For details, see Microsoft’s Security Update Guide and September 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5030219.)

The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 22H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.” If you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”

Updates to Windows 10 versions 21H2 and 22H2 KB5062554 (OS Builds 19044.6093 and 19045.6093)

Release date: July 8, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5062554.)

KB5061087 (OS Build 19045.6036) Preview

Release date: June 24, 2025

This build fixes a variety of bugs, including one that caused jump lists to disappear from the Start menu.           

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061087 Preview.)

KB5060533 (OS Builds 19044.5965 and 19045.5065)

Release date: June 10, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060533.)

KB5058481 (OS Build 19045.5917) Preview

Release date: May 28, 2025

This build offers several new features, including one that brings back the clock view that displays seconds on the calendar. It also fixes several bugs, including one in which in GDI/GDI+, some GB18030-2022 characters in plane 2 were not rendered.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5058481 Preview.)

KB5061979 (OS Builds 19044.5859 and 19045.5859)

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061979.)

KB5061768 (OS Builds 19044.5856 and 19045.5856)

Release date: May 19, 2025

This out-of-band build fixes a bug in the recent May 13 Patch Tuesday build (KB5058379) that caused the Local Security Authority Subsystem Service (LSASS) process to terminate unexpectedly, triggering an Automatic Repair prompting for the BitLocker recovery key.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061768.)

KB5058379 (OS Builds 19044.5854 and 19045.5854)

Release date: May 13, 2025

The update improves Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI) for the detection of Linux systems. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058379.)

KB5055612 (OS Build 19045.5796) Preview

Release date: April 22, 2025

This build fixes two bugs, including one in which the check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2). This issue might have potentially caused GPU paravirtualization support to fail.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5055612 Preview.)

KB5055518 (OS Builds 19044.5737 and 19045.5737)

Release date: April 8, 2025

The update has a broad variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5055518.)

KB5053643 (OS Build 19045.5679) Preview

Release date: March 25, 2025

This build fixes several bugs, including one in which USB-connected dual-mode printers that support both US Print and IPP Over USB protocols unexpectedly output incorrect or unwanted text, and another in which thumbnails in File Explorer crashed, resulting in white pages appearing instead of the actual thumbnails.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5053643 Preview.)

KB5053606 (OS Builds 19044.5608 and 19045.5608)

Release date: March 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5053606.)

KB5052077 (OS Build 19045.5555) Preview

Release date: February 25, 2025

This build fixes several bugs, including one in which the OpenSSH (Open Secure Shell) service failed to start, preventing SSH connections.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5052077 Preview.)

KB5051974 (OS Builds 19044.5487 and 19045.5487)

Release date: February 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5051974.)

KB5050081 (OS Build 19045.5440) Preview

Release date: January 28, 2025

This build includes the new version of the Outlook app. IT admins can learn how to manage the new version at the Microsoft Learn page “Control the installation and use of new Outlook.”

The build also fixes a variety of bugs, including one in which the Capture Service and Snipping Tool stopped responding when you pressed Windows logo key + Shift + S several times while Narrator was on.

There are two known issues in this build, including one in which the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. In the other one, PCs that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5050081 Preview.)

KB5049981 (OS Builds 19044.5371 and 19045.5371)

Release date: January 14, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5049981.)

KB5048652 (OS Builds 19044.5247 and 19045.5247)

Release date: December 10, 2024

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5048652.)

KB5046714 (OS Build 19045.5198) Preview

Release date: November 21, 2024

This build fixes a variety of bugs, including one in which Win32 shortcuts did not back up to the cloud. 

(Get more info about KB5046714 Preview.)

KB5046613 (OS Builds 19044.5131 and 19045.5131)

Release date: November 12, 2024

This update fixes a bug in which some games did not start or stopped responding after you installed KB5044384. This occurred because some games use a third-party DRM component that are not compatible with that update. This update makes changes to support those games while the game developers address the DRM issue.

The update also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5046613.)

KB5045594 (OS Build 19045.5073) Preview

Release date: October 22, 2024

This build starts the rollout of the new account manager on the Start menu that makes it easy to view your account and access account settings. To change to a different user, select the ellipsis (…) next to “Sign out.” Not everyone will see this change yet, because it’s rolling out gradually.

The build also fixes a variety of bugs, including one in which a vmswitch triggers a stop error. This occurs when you use Load Balancing and Failover (LBFO) teaming with two virtual switches on a virtual machine (VM). In this case, one virtual switch uses single root Input/Output virtualization (SR-IOV).

(Get more info about KB5045594 Preview.)

KB5044273 (OS Builds 19044.5011 and 19045.5011)

Release date: October 8, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5044273.)

KB5043131 (OS Build 19045.4957) Preview

Release date: September 24, 2024

This build fixes several bugs, including one in which playback of some media might have stopped when you use certain surround sound technology, and another in which Windows server stopped responding when you used apps like File Explorer and the taskbar.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about Windows 10 22H2 KB5043131 Preview).

KB5043064 (OS Builds 19044.4894 and 19045.4894)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043064.)

KB5041582 (OS Build 19045.4842) Preview

Release date: August 29, 2024

This build fixes several bugs, including one in which when a combo box had input focus, a memory leak could occur when you closed that window.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5041582 Preview.)

KB5041580 (OS Builds 19044.4780 and 19045.4780)

Release date: August 13, 2024

This release has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041580.)

KB5040525 (OS Build 19045.4717) Preview

Release date: July 23, 2024

This build fixes a variety of bugs, including one in which the Transmission Control Protocol (TCP) send code caused systems to stop responding during routine tasks, such as file transfers. This issue led to an extended send loop.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5040525 Preview.)

KB5040427 (OS Builds 19044.4651 and 19045.4651)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which you might be unable to change your user account profile picture.

(Get more info about KB5040427.)

Windows 10 2022 Update (version 22H2)

Release date: October 18, 2022

The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.

Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.

To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.

(Get more info about the Windows 10 2022 Update.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

• Wi-Fi security has been enhanced with WPA3 H2E standards support.
• GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

• Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
• For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
• Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
• The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
• An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
• Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

• Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
• Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
• Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

• The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
• The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
• The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
• When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
• When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
• When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
• The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

• IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
• Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
• Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
• Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
• Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”

Windows 10 May 2020 Update (version 2004)

Release date: May 27, 2020

Version 2004, called the Windows 10 May 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a variety of new features for both users and system administrators. For more details, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”

Here’s a quick summary of what’s new in 2004:

• Cortana now runs as a standalone app in a resizable window. It also loses a variety of capabilities, such as playing music, controlling home devices, and working on the lock screen.
• Task Manager now displays new information, including the temperature of your GPU and your disk type.
• Settings gets many small tweaks, including adding a header with account information, and a redone network status page that combines information that used to be found on multiple pages, such as your IP address, current connection properties and data usage.
• The Windows Subsystem for Linux (WSL) gets more features. It now uses a real Linux kernel, and is faster than previously.
• IT can now take advantage of Windows Hello biometrics logins rather than passwords, by setting that up as the default on enterprise devices.
• Installing and setting up Windows for others has been made easier thanks to new controls added to Dynamic Update, which can lead to less downtime during installation for users.
• A variety of new commands have been given to PowerShell for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing the work of downloading update and upgrade packages among multiple devices in business deployments.
• The security of the Chromium version of Edge has been improved, thanks to porting Application Guard to it.

Windows 10 November 2019 Update (version 1909)

Release date: Nov. 12, 2019

Version 1909, called the Windows 10 November 2019 Update, is the most recent update to Windows 10. There are very few new features in this update, making it more like a service pack of old than a feature update. At this point it’s not clear whether in the future there will be one full-featured update and one service-pack-like update per year or whether Microsoft will go back to its two-feature-updates-a-year schedule. For more details, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”

Here’s a quick summary of what’s new for users in 1909.

• It lets you create calendar events straight from the taskbar. To do it, click the time on the taskbar and you’ll open the Calendar view. Now click a date and time, then type the event’s name into the text box. You’ll also be able to choose the date, time and location.
• When you type a search into the search box, it will now search through files in your OneDrive account as well as on your PC. Also, as you type, a drop-down menu with suggested files appears. Click a file to open it.
• Voice assistants in addition to Cortana, including Amazon’s Alexa, will be able to run on Windows 10’s lock screen.
• Under-the-hood improvements should speed up the performance of some PCs, as well as increase the battery life in some laptops.
• The Start Menu has gotten minor tweaks. When you hover over items in the navigation pane on the left side of the menu, the items clearly show what you’re about to click.

What IT needs to know: The following features in 1909 are of note for IT staff.

• Windows containers no longer need to have their host and container versions match. That requirement restricted Windows from supporting mixed-version container pod scenarios. Previously, containers from older versions of Windows 10 couldn’t be run on newer versions of Windows 10. In this update, it’s possible, so that a container made using 1903, for example, can be run on 1909.
• Windows Defender Credential Guard, which protects enterprise users’ logins and credentials against theft, is now available for ARM64 devices. Some Windows 10 convertible PCs use ARM64.
• Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow devices running Windows 10 in S mode to install and run Win32 (desktop) apps. Before this, S Mode only allowed devices to run apps from the Microsoft Store. Microsoft Store apps don’t run on the desktop.
• The security of BitLocker encryption has been improved. Whenever BitLocker is used to encrypt a device, a recovery key is created, but before this security improvement, it was possible for an unauthorized user to get access to the recovery key and decrypt the device. Now, PCs have additional security if a key is exposed. Here’s how Microsoft explains the change: “Key-rolling or Key-rotation feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on demand request from Microsoft Intune/MDM tools or upon every time recovery password is used to unlock the BitLocker protected drive.”

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
• A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
• Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
• The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
• The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
• Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
• Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
• The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
• The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
• Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
• The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
• You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

• Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
• There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
• Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
• Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
• There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
• The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
• Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For  more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
• The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
• You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
• Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
• Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
• Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
• New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
• The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

• The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
• Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
• ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
• Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
• Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
• Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,”  “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

• It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
• Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
• The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
• Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
• System settings that previously were in multiple locations have been consolidated into the Settings app.
• There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
• New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
• The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

• Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
• Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
• New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
• The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
• Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
• If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”

With Microsoft preparing to lay off more than 9,000 employees, Xbox producer Matt Turnbull urged those affected to use AI tools to help them cope, according to Aftermath. Turnbull wrote in a post on LinkedIn that while many people have strong feelings about generative AI (genAI) tools like OpenAI’s ChatGPT and Copilot, they can also be helpful for resume writing, career planning, and job searching.

“These are really challenging times, and if you’re going through a layoff or even quietly preparing for one, you’re not alone and you don’t have to go through it alone,” Turnbull wrote. “No AI tool can replace your voice or your life experiences. But at a time when mental energy is scarce, these tools can help you move forward faster, calmer, and with greater clarity.”

Microsoft announced in January that it would invest $80 billion in AI infrastructure.

Turnbull later deleted his post from LinkedIn.

Microsoft has released the KB5062554 cumulative update for Windows 10 22H2 and Windows 10 21H2, with thirteen new fixes or changes. [...]

Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team

Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures. Advanced Protection gives you the ability to activate Google’s strongest security for mobile devices, providing greater peace of mind that you’re better protected against the most sophisticated threats.

Advanced Protection acts as a single control point for at-risk users on Android that enables important security settings across applications, including many of your favorite Google apps, including Chrome. In this post, we’d like to do a deep dive into the Chrome features that are integrated with Advanced Protection, and how enterprises and users outside of Advanced Protection can leverage them.

Android Advanced Protection integrates with Chrome on Android in three main ways:

• Enables the “Always Use Secure Connections” setting for both public and private sites, so that users are protected from attackers reading confidential data or injecting malicious content into insecure plaintext HTTP connections. Insecure HTTP represents less than 1% of page loads for Chrome on Android.
• Enables full Site Isolation on mobile devices with 4GB+ RAM, so that potentially malicious sites are never loaded in the same process as legitimate websites. Desktop Chrome clients already have full Site Isolation.
• Reduces attack surface by disabling Javascript optimizations, so that Chrome has a smaller attack surface and is harder to exploit.

Let’s take a look at all three, learn what they do, and how they can be controlled outside of Advanced Protection.

Always Use Secure Connections

“Always Use Secure Connections” (also known as HTTPS-First Mode in blog posts and HTTPS-Only Mode in the enterprise policy) is a Chrome setting that forces HTTPS wherever possible, and asks for explicit permission from you before connecting to a site insecurely. There may be attackers attempting to interpose on connections on any network, whether that network is a coffee shop, airport, or an Internet backbone. This setting protects users from these attackers reading confidential data and injecting malicious content into otherwise innocuous webpages. This is particularly useful for Advanced Protection users, since in 2023, plaintext HTTP was used as an exploitation vector during the Egyptian election.

Beyond Advanced Protection, we previously posted about how our goal is to eventually enable “Always Use Secure Connections” by default for all Chrome users. As we work towards this goal, in the last two years we have quietly been enabling it in more places beyond Advanced Protection, to help protect more users in risky situations, while limiting the number of warnings users might click through:

• We added a new variant of the setting that only warns on public sites, and doesn’t warn on local networks or single-label hostnames (e.g. 192.168.0.1, shortlink/, 10.0.0.1). These names often cannot be issued a publicly-trusted HTTPS certificate. This variant protects against most threats—accessing a public website insecurely—but still allows for users to access local sites, which may be on a more trusted network, without seeing a warning.
• We’ve automatically enabled “Always Use Secure Connections” for public sites in Incognito Mode for the last year, since Chrome 127 in June 2024.
• We automatically prevent downgrades from HTTPS to plaintext HTTP on sites that Chrome knows you typically access over HTTPS (a heuristic version of the HSTS header), since Chrome 133 in January 2025.

Always Use Secure Connections has two modes—warn on insecure public sites, and warn on any insecure site.

Any user can enable “Always Use Secure Connections” in the Chrome Privacy and Security settings, regardless of if they’re using Advanced Protection. Users can choose if they would like to warn on any insecure site, or only insecure public sites. Enterprises can opt their fleet into either mode, and set exceptions using the HTTPSOnlyMode and HTTPAllowlist policies, respectively. Website operators should protect their users' confidentiality, ensure their content is delivered exactly as they intended, and avoid warnings, by deploying HTTPS.
Full Site Isolation

Site Isolation is a security feature in Chrome that isolates each website into its own rendering OS process. This means that different websites, even if loaded in a single tab of the same browser window, are kept completely separate from each other in memory. This isolation prevents a malicious website from accessing data or code from another website, even if that malicious website manages to exploit a vulnerability in Chrome’s renderer—a second bug to escape the renderer sandbox is required to access other sites. Site isolation improves security, but requires extra memory to have one process per site. Chrome Desktop isolates all sites by default. However, Android is particularly sensitive to memory usage, so for mobile Android form factors, when Advanced Protection is off, Chrome will only isolate a site if a user logs into that site, or if the user submits a form on that site. On Android devices with 4GB+ RAM in Advanced Protection (and on all desktop clients), Chrome will isolate all sites. Full Site Isolation significantly reduces the risk of cross-site data leakage for Advanced Protection users.

JavaScript Optimizations and Security

Advanced Protection reduces the attack surface of Chrome by disabling the higher-level optimizing Javascript compilers inside V8. V8 is Chrome’s high-performance Javascript and WebAssembly engine. The optimizing compilers in V8 make certain websites run faster, however they historically also have been a source of known exploitation of Chrome. Of all the patched security bugs in V8 with known exploitation, disabling the optimizers would have mitigated ~50%. However, the optimizers are why Chrome scores the highest on industry-wide benchmarks such as Speedometer. Disabling the optimizers blocks a large class of exploits, at the cost of causing performance issues for some websites.

Javascript optimizers can be disabled outside of Advanced Protection Mode via the “Javascript optimization & security” Site Setting. The Site Setting also enables users to disable/enable Javascript optimizers on a per-site basis. Disabling these optimizing compilers is not limited to Advanced Protection. Since Chrome 133, we’ve exposed this as a Site Setting that allows users to enable or disable the higher-level optimizing compilers on a per-site basis, as well as change the default.

Settings -> Privacy and Security -> Javascript optimization and security

This setting can be controlled by the DefaultJavaScriptOptimizerSetting enterprise policy, alongside JavaScriptOptimizerAllowedForSites and JavaScriptOptimizerBlockedForSites for managing the allowlist and denylist. Enterprises can use this policy to block access to the optimizer, while still allowlisting1 the SaaS vendors their employees use on a daily basis. It’s available on Android and desktop platforms

Chrome aims for the default configuration to be secure for all its users, and we’re continuing to raise the bar for V8 security in the default configuration by rolling out the V8 sandbox.

Protecting All Users

Billions of people use Chrome and Android, and not all of them have the same risk profile. Less sophisticated attacks by commodity malware can be very lucrative for attackers when done at scale, but so can sophisticated attacks on targeted users. This means that we cannot expect the security tradeoffs we make for the default configuration of Chrome to be suitable for everyone.

Advanced Protection, and the security settings associated with it, are a way for users with varying risk profiles to tailor Chrome to their security needs, either as an individual at-risk user. Enterprises with a fleet of managed Chrome installations can also enable the underlying settings now. Advanced Protection is available on Android 16 in Chrome 137+.

We additionally recommend at-risk users join the Advanced Protection Program with their Google accounts, which will require the account to use phishing-resistant multi-factor authentication methods and enable Advanced Protection on any of the user’s Android devices. We also recommend users enable automatic updates and always keep their Android phones and web browsers up to date.

Notes

1. Allowlisting only works on platforms capable of full site isolation—any desktop platform and Android devices with 2GB+ RAM. This is because internally allowlisting is dependent on origin isolation. ↩

Microsoft has released Windows 11 KB5062553 and KB5062552 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]

Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. [...]

Microsoft is cutting prices by 60% on generative AI (genAI) technologies in Azure designed to provide better understanding and insights for videos, text, speech, and images.

The Azure AI Content Understanding analyzes information from multimedia documents, extracts insights, and validates the information. Organizations can then use these insights to build AI agents.

“Whether you’re extracting layout from documents or identifying actions in a video, the new pricing structure delivers up to 60% cost savings for many typical tasks and more control over your spending,” Microsoft said in a blog post Monday.

The feature transforms unstructured information across all types of documents into more usable data for human workers, Vinod Kurpad, group product manager for Azure AI, said during a presentation about the technology at the recent Build conference. 

“It’s designed to process multi-modal data including documents, images, audio, and video and transform all of that multi-modal and mixed-modal content into actionable insights,” Kurpad said.

Users can feed audio, video, images, or text into the tool, which will extract content from the documents. They can also set up a template that specifies the type of information to extract and understand and what kind of summaries to generate.  An analyzer provides a confidence score, which validates the understanding extracted from the document.

The feature can also be used for sentiment analysis from audio and video files, which can be used for customer support. The features can be integrated into agents workers are already using to automate workflows.

The Azure AI Content Understanding is a three-step process from start to finish, with each step priced individually depending on the content type and engagement levels with documents. The steps include content extraction (which includes speaker recognition, identity verification, and layout and structure); field extraction (which includes tuning and genAI processing); and contextualization (which includes validating the information).

For example, Microsoft said content extraction from a 1,000-page document will cost $5, compared to $13 previously. Field extraction for a 1,000-page document now costs $14.14, down from $30 under the old pricing model.

The AI Content Understanding for Video now costs $3.83 for one hour of video, which includes content extraction, genAI processing, and contextualization.

The pricing is based on tokens, which are also offered to developers by Google and OpenAI. “We’ve restructured how you pay for document, audio, and video analysis — moving from rigid field-based pricing to a flexible, token-based system that lets you pay only for what you use,” Microsoft said.

This technology can be customized for agents in specialized verticals such as the finance industry, compliance, and healthcare.

ASC Technologies AG is already using the technology to analyze all Microsoft 365 communications, including emails and chat. The results are delivered five times faster and provide a clear view of costs, Tobias Fengler, chief engineering officer at the Germany-based company, said during the Build presentation.

“We have 30% less R&D effort because we have to work with fewer services, and we have implemented a few new agentic AI workflows,” Fengler said.

One Microsoft customer in the finance sector, Ramp, uses Content Understanding to automatically transform receipts, bills, and multi-line invoices into structured data, the presenters said.

The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. [...]

Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access—no open firewall ports required. Learn more and get a free trial. [...]

Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. [...]

It rains. It pours. Apple has lost its top AI models exec to Meta on the same day the Trump Administration slaps a 36% tax on Macs made in Thailand and US trade advisor Peter Navarro lashes out at Apple CEO Tim Cook. 

Apple has been struggling to figure out how to transition its supply chain to other nations for years. We all know how complex that task is, and there are literally dozens of reasons it makes sense to keep some manufacturing outside the US, focusing energy domestically on advanced next-generation process development to keep America at the forefront of tech industry achievement.

Tim Cook keeps asking for time

Navarro doesn’t seem to want to listen to those arguments or those challenges, accusing Cook of continually “asking for more time in order to move his factories out of China.” 

The Trump advisor thinks that with new advanced manufacturing techniques and artificial intelligence, Apple should be able to make iPhones in the US — though doing so would likely drive the cost of the devices to $3,500 each, damaging Apple’s business for little benefit in terms of automated factory jobs. Apple meanwhile has pledged to spend over $500 billion in the US on advanced chip manufacturing and other next-generation tasks.

It’s not just iPhones. 

Now, Thailand’s in Trump’s sights

Apple has diversified some Mac production to Thailand, and now the administration has slapped a 36% tariff on imports from that country. That tax is going to make Macs and Apple Watches more expensive to US consumers, and Apple may be forced to swallow the higher costs to the detriment of profit margins. 

What makes this worse is the changing goal posts in play. Apple has evidently listened to calls to diversify manufacturing outside China; it set up its first Apple Watch manufacturing facility in Thailand in 2022 and has been engaged in — and spent billions on doing — a switch to India for iPhone.

The US government now appears to have changed the target somewhat and insists not only on moving outside of China, but of moving production to the US. That’s an ambition likely to be only partially possible at best, given lack of key skills, raw materials, components, and infrastructure. Apple management will know this, and will no doubt be saddened at the lack of pragmatism.

Meta goes for broke on AI

Apple’s hardware business will suffer as a result. It looks like its software and services arm will feel the pinch, as well. The company’s long-term problems with Apple Intelligence just won’t go away, and as we hear speculation that some of the company’s key AI developers are unhappy that Apple may move to adopt third-party services; the leader of its Foundation Models group, Ruoming Pang, is leaving, poached by big money from Meta. He will join Meta’s own AI development efforts. 

There is also speculation that others among Apple’s AI staff might also plan to quit. Pang’s former deputy Tom Gunter also left Apple recently.

A former Google AI lead, Pang was reportedly in charge of the AI foundational models team at Apple, where he supervised more than 100 engineers to build AI models for Siri and other on-device features. The team’s work was pivotal to Apple’s AI strategy, Bloomberg reported — though it seems worth noting the results of that labor appear to be running a little late.

Pang may not be the only unhappy AI researcher in Cupertino. The company also reportedly nearly lost the entire team behind its open-source machine learning framework, MLX. Engineers apparently threatened to quit, forcing Apple to come up with reasons to remain.

A long week

What’s driving dissatisfaction seems to be lowered morale across the team following its failure to ship new Apple Intelligence features on time. Apple’s decision to look to other companies to plug the gap has also affected staff mood, with many already frustrated at Apple’s slow and measured approach to AI deployment. Developers want to move fast and break things, which seems a bad idea when curating an ecosystem of billions of devices. 

Any one of these setbacks would be a problem for any company. But to achieve all of them this week, by Tuesday, really seems to be a shortcut to making this a tough week at Apple HQ.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

For those of us who lean on Tails to safeguard our digital privacy and anonymity, the 6.17 release doesn't come with flashy headlines or gimmicks''but that's exactly the point. Tails continues to be a cornerstone for those who need a secure operating environment, and this iteration focuses on refinement.