Kategorie

Printers and scanners are increasingly becoming ways for cyber crooks to deliver phishing attacks, thanks to a flaw in the Microsoft 365 Direct Send feature.

The Varonis forensics team has uncovered an exploit which allows internal devices such as printers to send emails without authentication. The vulnerability has been used to target more than 70 organizations, predominantly in the US, with threat actors spoofing internal users and delivering phishing emails without needing to compromise any accounts whatsoever.

The campaign has been successful because emails sent from within Microsoft 365 (M365) undergo less scrutiny than standard inbound email.

There may be trouble in the industry’s biggest AI alliance, with a contract dispute about AGI threatening to topple the partnership between OpenAI and Microsoft.

The dispute, according to a report from The Information, involves a line in their contract that allows for the alliance to die once AGI (artificial general intelligence), the ability for genAI to replicate the capabilities of human thought, is achieved.

The problem is not with the lack of a precise AGI definition. It is that the concept is impossible to prove. OpenAI could deliver 100 proofs that show that they have achieved AGI and Microsoft could counter with 100 proofs that it hasn’t. Sentience is impossible to prove — or to disprove — with examples.

“They’re never going to settle on a definition of AGI that is intuitively satisfying to all. Any attempt to define AGI by looking at the internals of how the mind works often gets muddied by things like qualia and consciousness, which are notoriously difficult to pin down using an externally verifiable measure,” said John Licato, an associate professor at the University of South Florida’s Bellini College of Artificial Intelligence. “Instead, I expect they’re going to need to pick a somewhat arbitrary dividing line, purely tied to tests of performance. One example might be based on some consensus-based variant of the Turing Test in which a group of laypeople are asked to interact [blindly] with either humans or the AI, and they are then asked which they interacted with. If a large enough percentage of people are fooled, then the test is passed.”

Both sides want to exit the deal

Setting aside any AGI test, what is likely behind the argument is the desire by both parties to end the agreement, given how much has changed since the deal was struck in 2019.

The contractual AGI trigger appears to end any additional code-sharing, but there are no indications that Microsoft would have to surrender, or even stop using OpenAI code it had received before AGI was declared. 

And analysts and enterprise IT executives agree that Microsoft is well-positioned to aggressively continue its genAI efforts without continuing to receive code from OpenAI.

Microsoft no longer needs OpenAI

Justin St-Maurice, a technical counselor at Info-Tech Research Group, said he doubts that ending the partnership would set Microsoft back in any serious way.

“Microsoft has its own models, a strong Azure ecosystem, and access to increasingly capable open-source LLMs. They don’t actually need OpenAI to deliver a successful product. Right now, the real bottleneck with Copilot isn’t the underlying model, but the rigid, rules-based implementation layered on top,” St-Maurice said. “Swapping out OpenAI with a different LLM won’t break an already weak user experience …. As LLMs are becoming commoditized, the magic lies in the integration, not the engine.”

St-Maurice had a strong reaction to one reference in The Information‘s story about the stated reason for the AGI deal killer clause during the original contract negotiations.

It said: “The idea behind the AGI contract provision is that Microsoft, as one of the world’s most powerful for-profit firms, shouldn’t get access to technology that might eventually help people colonize other planets or develop nuclear fusion. Doing so would go against OpenAI’s founding principle in 2015 to develop technology for the benefit of all of humanity, an idea that has roots in the beliefs of OpenAI founders, including CEO Sam Altman and Tesla CEO Elon Musk, who wanted to ensure the most powerful technologies didn’t end up in the hands of for-profit firms.”

OpenAI’s principles have changed since 2019

St-Maurice said that claim is rather absurd, given how OpenAI has not been acting at all like a non-profit.

“Sorry, how exactly is OpenAI sticking to its founding principles in 2025?” St-Maurice asked. “It’s hard not to wonder if OpenAI doesn’t want the world’s most powerful for-profit firms to have AGI technology because it would rather be the world’s most powerful for-profit firm with AGI technology.”

St-Maurice added: “They’re not doing this for humanity, and OpenAI has a lot of work to do to convince me otherwise. The rhetoric about ‘benefiting all of humanity’ rings a little hollow when Sam Altman is openly forecasting mass job displacement and a future where society becomes dependent on the technology class. It’s hard to see altruism when it also appears to conveniently consolidate control.”

Execs see little impact

Enterprise IT executives appeared to agree that even if the partnership dissolves, they will feel little to no impact.

Vinod Goje, the VP engineering manager at Bank of America, said Microsoft is well-positioned for a post-OpenAI model future. It has the cloud infrastructure, the enterprise relationships, and the financial firepower to pivot faster than most realize, he pointed out, stressing that he was speaking personally and not representing his employer. While losing exclusive access to OpenAI’s latest models would sting, they’ve got partnerships with Meta, their own research teams, and enough resources to acquire or develop alternatives.

“The real disruption isn’t whether Microsoft can survive without OpenAI. It’s that we’re essentially flying blind on the most consequential technology decisions of our lifetime,” he noted. “When you can’t even agree on what AGI looks like, how do you write contracts? How do you regulate it? How do you prevent it from being controlled by whoever gets there first? It’s a preview of the governance chaos coming if we don’t get serious about how AGI is defined, verified and shared. What this really reveals is the structural weakness in how we govern foundational technologies.”

Goje argued that the MS-OpenAI situation shows how unprepared the industry is for the implications of GenAI.

“The Microsoft-OpenAI standoff is a canary in the coal mine for the entire AI industry. We’re watching a $10 billion partnership potentially unravel over something as fundamental as ‘What is intelligence?’” Goje said. “This dispute is forcing the industry to confront an uncomfortable truth: we’re building the future without a roadmap. The companies that figure out governance frameworks first, not just the technology, will be the ones that actually shape what comes next.”

Another enterprise IT executive agreed.

“I don’t think there will be any material impact [if Microsoft and OpenAI split],” said Brian Phillips, VP of Macy’s technology, “especially if they can keep the code they have been using.”

The Federal Trade Commission (FTC) has approved $126,000,000 in refunds to be sent to 969,173 Fortnite players as part of a settlement over allegations that Epic Games tricked users into making unwanted purchases. [...]

A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. [...]

OpenAI’s planned productivity suite could dismantle traditional habits of how users create and consume documents in the same the way the company changed browsing and search habits.

“OpenAI is increasingly seeing itself as a productivity tool, and that would include the need to address actual creation tools like Office does,” said Jack Gold, principal analyst at J. Gold Associates.

OpenAI hasn’t officially announced a product, but The Information reported (subscription required) that the generative AI (genAI) company has already designed a rival to the dominant productivity tools.

But good luck getting customers to move from Microsoft 365 or Google Workspace, analysts said, noting that the top two productivity suites are well entrenched among users and organizations.

OpenAI is already including certain elements of a productivity suite in its offerings, such as multiple export format support, said Wayne Kurtzman, research vice president of collaboration and communities at IDC. The feature is available in ChatGPT features such as Canvas, which “is a new interface for working with ChatGPT on writing and coding projects that require editing and revisions,” according to OpenAI’s website.

“That can be construed, correctly or not, as starting to build a productivity suite,” Kurtzman said.

IDC sees the market favoring newer digital experiences in creating and consuming content, he said. “Whether OpenAI sees this as an opportunity they would like to pursue in new ways is yet to be seen,” Kurtzman said.

The future of productivity and collaboration suites lies in user interface simplification via genAI, said J.P. Gownder, vice president and principal analyst on Forrester’s Future of Work team. He described it as “a lot less pulling down menus or drawing and a lot more prompt engineering and providing sources to the AI so it can compose the asset.”

Document creation could look something like this: GenAI would take a first swing at creating a business document that the user then edits, iterates, and finalizes. That approach will become much more common.

Users will go “over the top,” asking Microsoft’s Copilot to create PowerPoint presentations, specifying the documents such as meeting notes or oral instructions that it should use to create the deck.

“I predict that, by 2029, Microsoft PowerPoint will hide or remove 80% of the elements on the Ribbon, the set of navigation controllers. Why? Because you won’t need them anymore; you will go ‘over the top,'” Gownder said.

OpenAI trying to innovate in this area makes sense; companies like Zoom and beautiful.ai already do this, though not to the level of sophistication users will see in the future with Microsoft’s suite, Gownder said. “…Entering this space, for OpenAI, is a lot riskier, because of its partial ownership by Microsoft and because Copilot uses OpenAI’s models,” he said.

Microsoft is already heading in the direction of making Copilot its main interface to create documents, spreadsheets and presentations, the company’s chief product officer of experiences and devices, Aparna Chennapragada, told Computerworld in a recent interview.

Google has already integrated genAI capabilities into Workspace, but hasn’t managed to capture much market share from Microsoft, Gold said. “But like so many other companies have found when they try to compete with Office, it’s very hard to have much impact,” he said.

Gold floated the idea of OpenAI possibly leveraging open-source tools such as OpenOffice or LibreOffice, which could help from a time-to-market and cost perspective. “Let the open ecosystem provide the necessary capabilities, which already results in a pretty rich productivity suite, and just have OpenAI do the integration of AI tools,” he said.

There remain a lot of open questions about OpenAI’s ability to deliver a productivity suite, which isn’t easy, said Jeff Kagan, an independent analyst.

OpenAI needs the talent, product groups, and market share to carve out a sizable niche, Kagan said. “I don’t expect Microsoft to sit back. I expect they will quickly intensify their offerings to hang onto their market share,” he said.

Also, if OpenAI CEO Sam Altman decides to implement competing features, he will need to think hard about the relationship with Microsoft CEO Satya Nadella.

“It’s still way too early to have any idea what the next step will be. Stay tuned,” Kagan said.

New South Wales police in Australia have arrested a 27-year-old former Western Sydney University (WSU) student for allegedly hacking into the University's systems on multiple occasions, starting with a scheme to obtain cheaper parking. [...]

A frisson of Trump-related news fizzled out in the last week. No, not a temporary outbreak of peace in the Middle East, but news of a smartphone originally announced as being made in America. Except, since making that claim, the Trump organization has changed to somewhat more ambiguous claims.

Which raises the question, why can’t you make a mass market phone in the US?

To get into this, it’s important to think about what is required when making a phone.

First, you need a design; secondly, you need components; third, you need an operating system; fourth, you require highly skilled labor to build the devices; and finally, you need a factory and distribution network big enough to handle manufacturing, logistics, and supply. Assembling the logistics of smartphone supply takes a lot of time and a lot of money. Pulling all these pieces together is a lot more complex than making a pencil — and that’s complicated enough, as the classic text by Leonard E. Read explains. 

To be honest, it’s complicated

That’s not to say it’s completely impossible. There is one device — Purism’s Liberty smartphone — that claims to be made in the US. The hangup is that the device costs $2,000, has limited specifications, and can only be produced in small quantities. It’s not completely made in the USA, either, since many of its components are made outside the US. 

That’s unlikely to change without major investment in component manufacturing plants, the cost of which could be prohibitive when you look at the fast pace with which those components might need to be upgraded or replaced as technology advances.

This is even before you consider the risk of entering markets already populated by incumbents and the low margins shared by those already-established manufacturers. It means that the entities most likely to bring component manufacturing in the US are probably going to be the same people who already make those components. And as they have the economy of scale behind them, it’s going to be next to impossible for US firms to compete. 

That makes that part of the supply chain a huge risk, which means it makes a lot more sense for US manufacturers and the US government to think about what components mobile devices will need in the future and begin to invest in the patents, raw materials, and manufacturing capabilities to make those things. But that’s going to take time, require long-term investment, and has its own set of risks — as everyone who invested in Betamax found out when VHS won the video format wars.

To some extent, this inherent risk is part of what US firms have outsourced internationally in the past, because lower-cost economies meant that the cost of building factories for components that never shipped was lower, which also reduced the risk. The US got the benefit of other people’s risk and didn’t pay the consequences when risks went wrong.

Mysterious materials

Of course, components are made of something, and that raises the other reason it’s pretty difficult to make a smartphone entirely in the US: raw materials. So many of the raw materials used in various components packed inside smartphones are incredibly rare and found only in specific geographies. 

This alone makes it inevitable that at least some raw material will need to be imported. But the cost of the materials and the cost of importing them sometimes makes it cheaper to manufacture components closer to the raw material source of supply. After all, if you use one ton of rare materials to manufacture 10 pounds of considerably more valuable components then it makes sense (because it is cheaper) to ship the component, not the material.

So now we have an inevitability in which at least some key smartphone components are unlikely ever to be made in the US. Perhaps those technologies can be replaced down the road, but that is limited by the laws of physics — which is to say it isn’t guaranteed. And to develop new things, you also need access to trained staff.

The alternative is to make smartphones that use components harvested from recycled devices, though doing so immediately means the devices might be dated, not as powerful, and potentially exposed to component-based security risks.

Magical people

Scientists, engineers, researchers, electronics experts, metallurgists, all of these skills are essential to the smartphone value chain. America just doesn’t have enough trained people to occupy all these roles. Sure, it’s possible you could replace some of the lower value skills with robots (made where?), but meeting that skill shortage is going to take a big commitment to education and training, or a focused approach to immigration, or both. And it will take years. 

That’s going to cost, and because there is presently a shortage of these skills, you’ll find that salaries will be far higher in the US than elsewhere. The cost increases the magnitude of risk for manufacturers/suppliers, meaning they will raise prices for the components or assembly services they provide. I’m not sure, but I imagine that these costs, including assembly costs, are why the Liberty phone costs $2,000.

Magical places

Once you have raw materials and components logistics sorted, and you’ve hired enough good staff to make the devices, you’re hit the next problem — location. Where will you put the factories? If you choose to centralize production in a low-cost, perhaps less-popular part of the US, you might have difficulty recruiting staff who won’t want to abandon their existing lives to move. That means for a serious manufacturing deployment you’ll put your factories in places where people with the skills you need might actually want to live.

This further increases costs, but also means access to factory space becomes another competitive challenge. It’s one you can solve with money, of course, but that’s yet another level of risk and investment that needs to be met in order to make phones in the good old US of A.

Then, once you’ve got the materials, components, people, and factories — you need to bring it all together. Even assuming it has become possible through some triumph of magical thinking to make most of the components in the US, it is unlikely all these parts will be made in the same place, or even the same state. 

Being where?

That means you’ll need to spend time putting together an effective and affordable logistics system for just-in-time delivery of components sourced from wherever they come from to the central assembly location. There are problems to this, but the impact once those are resolved is likely to be more traffic on local roads, more housing demands in local communities, and more demand for water, energy, and other infrastructure. 

What this usually means is that local property prices increase, usually at a rate that exceeds local wages. In most other places, what happens then is that people born and brought up in those areas can no longer afford to continue to live there and are priced out of the property market, increasing resentment, frustration, and poverty.

All of these changes damage local cohesion, even as local authorities need to somehow find the money to invest in roads, airports and all the other infrastructure the new people and factories are suddenly making much more excessive use of.

Think of the scale here.

iPhone factories in China and India employ tens of thousands of people — whole cities are dedicated to the task. And while it is somehow a little tempting to imagine the creation of an “iPhone City” somewhere in America, achieving that already looks a lot harder than first thought. 

The future will be better tomorrow

Fundamentally, what I’m saying is that shifting manufacturing ecosystems is a vastly complex task that demands huge investments of time and money — and even if the will is there, (and the US did actually vote for this), it makes more sense to invest gradually than to expect change overnight. Those investments have not yet been made, which is why the iPhone, Trump phone, or any other phone, is really not likely to be made in mass market quantities in the US before 2030 at the earliest, and probably not until later than that, if at all.

Will we even need smartphones by then? Who knows?

Think about the complexity of the above and it’s hard not to think that it makes more sense to focus investment on the big technologies the world will need tomorrow, rather than reinventing supply chains for the things we already have today. Because future tech innovation is where the money — and the jobs — will be.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC). [...]

A Kansas City man has pleaded guilty to hacking multiple organizations to advertise his cybersecurity services, the U.S. Department of Justice announced on Wednesday. [...]

Scattered Spider recently pivoted from targeting worldwide retailers to U.S. based insurance firms, with no signs of slowing down. Learn about Scattered Spider TTPs and how to defend your organization against MFA bypass, help desk scams, and more. [...]

An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials. [...]

At long last, Oracle Linux 10 has arrived , and it's not just another checkbox upgrade. Whether you're running on x86_64 or aarch64 platforms, this release aims squarely at IT admins wrangling resource-heavy workloads on-prem or in the cloud. The emphasis? Security, stability, and performance.

WhatsApp is adding a privacy feature to WhatsApp just days after reports emerged that Meta’s messaging app had been banned on government devices used by staffers at the US House of Representatives.

The feature can generate quick summaries of the latest messages WhatsApp users receive on their devices. The company added a unique twist — the summaries will be private and not visible to Meta or unauthorized users.

“You can get an idea of what is happening before reading the details in your unread messages,” Meta explained in a blog entry Wednesday.

The summaries are generated using Meta’s generative AI (genAI) technology, which is making its way into more applications. The company has already added it into the interfaces for WhatsApp, Facebook, and Instagram and is hiring engineers from rival genAI companies. It recently acquired Scale AI for $14.3 billion.

Privacy is a critical aspect of the feature, Meta stressed. “No one else in the chat can see that you summarized unread messages either. This means your privacy is protected at all times,” the company said.

Meta has had its struggles with privacy features in the past. This week, WhatsApp was reportedly banned on government devices used by House staffers due to security concerns.

But apparently Meta is looking to reverse that trend by creating secure AI environments that lock down the data from which the summaries are generated. It does so using a technology called “Private Processing” where “no one except you and the people you’re talking to can access or share your personal messages, not even Meta or WhatsApp,” Meta wrote in a briefing about the technology.)

Users can request a private computing environment, which is built on an emerging technology called confidential computing. The technology creates a secure enclave in which data is stored, AI summaries are generated and then served to users who can unlock the information.

A number of chipmakers are implementing confidential computing technology into their components. Intel chips can create a secure room in which data is accessible only to people with the right keys.  Nvidia offers similar confidential computing technology in its GPUs. And Google Cloud’s Gemini uses the technology so companies can deploy the AI model in private infrastructure. And Apple has Private Cloud Compute, where much of the customer data and AI queries are kept private to customers and not visible to Apple. 

Using genAI processing to summarize personal messages marks the first time Meta has applied Private Processing, Meta said. “We expect there will be others where the same or similar infrastructure might be beneficial in processing user requests,” the company explained.

Meta last week added secure keys to Facebook messaging, which provides an extra authentication layer for users to access messages.

There have been concerns about genAI companies using customer data to train models. Data privacy and genAI has also been a topic in sovereign AI, where individual nations have their own privacy and data residency regulations.

Google Docs is a powerful word processor that you use through your web browser. It’s integrated with Google Drive to store your documents in the cloud. In addition to the Docs web app, there are mobile apps for Android and iOS.

Anyone with a Google account can use Google Docs for free. It’s also available with Google Workspace — Google’s subscription-based online collection of office apps that also includes Gmail, Google Slides, Google Sheets, and more — with more advanced features.

This guide will get you started with the Google Docs web app and show you how to share and collaborate on your documents with other people.

We’ll also cover a few Gemini (Google’s generative AI assistant) features that are now integrated with Google Docs. Gemini tools are available in Google Docs with a Google Workspace Business Standard or greater plan, a Google AI Pro or greater plan, or if you sign up for Google Workspace Labs with your Google account.

[ See more Google Workspace tips and tutorials ]

Create or open a document

To start a new document or open one you’ve already saved in Google Drive, you’ll need to sign in to your Google or Google Workspace account. If you haven’t signed in yet, you’ll be prompted to do so when you click either link below.

Create a new document

From the Google Docs home screen: To start a new document, click the Blank thumbnail or select a template to the right. To see more templates that you can insert into your document and customize to your needs, click the Template gallery button in the upper-right corner of the screen; click any thumbnail to start a new document in that template.

The top of the Google Docs home screen, with templates across the top and stored documents listed below.

Howard Wen / Foundry

From the Google Drive home screen: To start a new blank document, click the New button at the upper-left of the screen and then click Google Docs. If you want to select a template to start a new document, click the New button, then move the cursor over the > to the right of “Google Docs” and select From a template. The Google Docs home screen will open, showing its full template gallery.

Creating a new Docs document from Google Drive.

Howard Wen / Foundry

From your browser’s address bar: You can immediately launch Google Docs with a new blank document by simply typing docs.new in the address bar of your web browser. (This works if you’re already signed in to your Google or Google Workspace account on the browser.)

Open a document

Documents that are already in your Google Drive storage appear on the Google Docs and Google Drive home screens. Double-click a document, and it will open in Google Docs.

You can use the search box at the top of either home screen to search for your document’s file name or text that is in it. On the Google Docs home screen, you can also click the folder icon on the right above the documents list. This opens a simplified version of your Google Drive inside a panel.

To open a document that someone else has shared with you via Google Drive: On the Google Drive home screen, click Shared with me in the left column, and then double-click the document to open it in Google Docs.

Upload a document for editing in Google Docs

If you have a document on your PC that you want to edit in Google Docs, you have to first upload it. Google Docs supports common text formats such as Microsoft Word (.docx), OpenDocument Format (.odt), Plain Text (.txt), and Rich Text Format (.rtf).

To upload via the Google Docs home screen: Click the folder icon on the right above the documents list, then click the Upload tab on the panel that opens. You can drag-and-drop the document onto this panel or browse your PC’s storage drive to find and select the document. The file is saved to your Google Drive in Docs format and opens immediately in the Docs web app.

To upload via the Google Drive home screen: Click New > File upload and select the document from your PC’s drive. The document retains its original formatting.

Working with Microsoft Word documents in Docs

Google Docs supports the ability to edit Word .docx files in their native format. You can edit and collaborate on a Word file right in Docs, with all changes made by you or your collaborators saved directly to the Word file.

To retain the Word format, though, you must upload the file through Google Drive. When you upload a Microsoft Word document through the Google Docs home screen, it is automatically converted to the Docs file format.

When you upload a Word through the Google Drive home screen, on the other hand, it is not automatically converted to Docs file format. So a Word document will retain its format and .docx file extension. In the documents list, Word docs are designated with a W icon instead of the usual Docs icon.

The top document shown here is in Word format.

Howard Wen / Foundry

If you would rather have Word (and other document format) files automatically converted to Docs format when you upload them via Google Drive, click the gear icon in the upper-right corner of the Google Drive home screen and select Settings from the drop-down menu. On the Settings page, scroll down to “Uploads” and check the checkbox marked Convert uploads to Google Docs editor format.

Converting PDF and image files to Docs format

Through Google Drive, you can upload a PDF or image file of a scanned document, then convert it so that you can edit it in Google Docs. The accuracy of this conversion depends on how readable the text is in the PDF or source image.

From the Google Drive home screen, click New > File upload and select the PDF or image file on your PC.

After the file is uploaded, right-click its filename on the Google Drive home screen and select Open with > Google Docs.

Converting a PDF to Google Docs format for editing.

Howard Wen / Foundry

Drive converts the PDF or extracts the text from the image file and opens the result in Google Docs for you to view and edit. This converted version appears listed on your Google Docs and Google Drive home screen as a new Docs document. Note that only the text from the source file is converted; if your PDF has images, those will not appear in the new document.

Work in a document

When you open a new or existing document, the document’s title appears at the top left. To change the title, place the cursor in the title and start typing.

The Google Docs compose/edit screen with a new, blank document.

Howard Wen / Foundry

The menu bar below the document’s title includes the following drop-down menus:

• File: commands for taking action on the whole document, such as Make a copy, Share, Rename, Page setup, and Print
• Edit: copy, paste, undo, redo, find and replace, and similar
• View: lets you change your view of the document and how you interact with it (more on that in a moment)
• Insert: insert items into your document, such as an image, table, special character, header or footer, or watermark
• Format: format text, paragraphs, and some other elements in your document such as tables
• Tools: extras such as getting a word count and translating your document into another language
• Extensions: find third-party apps that integrate with Docs and other Workspace apps
• Help: search for commands or get help for specific tasks

The toolbar below the menu bar has buttons for the most common word processing functions, such as formatting text and paragraphs, inserting links and pictures, running spell check, and printing.

Note that there is no Save command; Docs automatically saves any changes as soon as you make them.

Tools to help you start writing

When you start a new, blank document, buttons appear along the top of the document area, as shown in the previous screenshot; they’re shortcuts to tools to help you write. (They don’t appear when you load a document that already has content on it.) You can ignore these shortcuts if you want; just start typing and they’ll disappear.

If you’re using Google Docs under a free Google account or Business Starter Workspace plan, you’ll see these shortcuts at the top of a blank document:

Templates: This button opens a pane listing a subset of popular templates from the template gallery you can call up when creating a new document, as covered earlier in the story. To access this pane elsewhere in Google Docs: On the top menu bar, click File > New > From a template.

Meeting notes, Email draft, and More: These buttons all lead to “building blocks,” which are table templates that you can insert into your document. Some also have interactive elements, called “smart chips,” in them. See “How to use smart chips in Google Docs and Sheets” for in-depth information about smart chips and building blocks.

Clicking Meeting notes lets you extract information from an event scheduled on your Google calendar and set it in your document as a table.

The Email draft building block appears as a basic email composition window in your document. Inside each capsule to the right of “To,” “Cc,” and “Bcc,” you enter or select the email address or name of someone in your Google Contacts to insert as a People chip.

Clicking the More button opens the “Building blocks” panel along the right that lists several other building blocks you can insert into your document. There are building blocks for meetings, project management, contact management, and more.

To access building blocks elsewhere in Google Docs: On the top menu bar, click Insert > Building blocks and from the menu that opens, select the building block that you want to insert into your document. Or select View more on this menu to open the “Building blocks” side panel.

If you’re using Google Docs with a paid Workspace plan that includes Gemini, such as Business Standard, then you’ll see these buttons at the top of a blank document:

With a paid Workspace plan, the quick-start buttons for a blank document include the AI-powered “Help me write.”

Howard Wen / Foundry

Help me write: Clicking this opens a pane over your document. You type inside it to prompt Gemini to generate text that you can insert into your document. For details about using Help Me Write, see “How to use Gemini AI to write (and rewrite) in Google Docs and Gmail.”

To access Help Me Write elsewhere in Google Docs: Look for the vertical mini-toolbar along the right of your document. Clicking the Help me write icon at the top of this toolbar will open the “Help me write” pane over your document.

Templates and Meeting notes: These buttons work the same as described above under a free or Business Starter plan.

Cover image: You can embed an image, such as your business logo, that runs along the top of your document as a banner. Clicking this button opens a menu that lets you insert an image file stored on your PC, Google Drive, or Google Photos account, or you can search a stock image repository or enter a link to an image file online. You can also use Gemini to create an image: Select Generate an image and describe what you want it to create.

To access this tool elsewhere in Google Docs: On the top menu bar, click Insert > Cover image.

More: This button works the same as described above under a free or Business Starter plan, opening the “Building blocks” side panel.

The Gemini sidebar

There’s another way to interact with Gemini in Docs: Click the nova star icon at the upper-right corner (next to your Google account profile headshot) to open a Gemini side panel along the right. (If you’re using a free or Business Starter plan, this side panel will show an ad for Gemini and a button you can click to start a trial.)

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?quality=50&strip=all 581w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=227%2C300&quality=50&strip=all 227w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=528%2C697&quality=50&strip=all 528w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=127%2C168&quality=50&strip=all 127w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=64%2C84&quality=50&strip=all 64w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=364%2C480&quality=50&strip=all 364w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=273%2C360&quality=50&strip=all 273w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-07-gemini-side-panel.png?resize=189%2C250&quality=50&strip=all 189w" width="581" height="767" sizes="(max-width: 581px) 100vw, 581px">

The Gemini side panel in Google Docs.

Howard Wen / Foundry

You can use the Gemini sidebar for a variety of tasks, including brainstorming ideas, generating text, summarizing documents, creating lists, and more. See “Google Workspace: 7 great ways to use the Gemini AI sidebar” for detailed instructions and use cases for the Gemini side panel.

Editing, Suggesting, and Viewing modes

When you create or open a document, it is presented in Editing mode, in which you compose or edit your document normally. You can switch to two other modes:

Suggesting mode: Changes to your document appear as colored “suggestions” that can be accepted or rejected. This mode mostly comes into play when you’re collaborating with others; more on that later in this guide.

Viewing mode: You can’t edit the document, only scroll through and read it. Viewing mode can help you focus on reading through a document without being tempted to stop and edit it. You can also share a document with others in a way that limits them to Viewing mode; we’ll cover that in the sharing section of this guide.

To switch among these modes: Click the Editing mode pencil icon at the far right of the toolbar and make your selection. Alternatively, you can select View > Mode from the top menu bar.

Switching to Suggesting mode.

Howard Wen / Foundry

Document tabs

Along the left is the “Document tabs” side panel. (If you don’t see it, click the Show tabs & outlines button at the top left.) It’s a unique feature that lets you build interactive documents in two ways.

Heading links

Your document (whether it’s blank or already has content) is listed in this side panel as “Tab 1.” Click Tab 1 and it will expand down to list any headings that are in your document. When you click a heading in this side panel, your view in the main window will jump to that heading in your document.

You’ll find shortcuts to each heading in your document in the “Document tabs” side panel.

Howard Wen / Foundry

To add a heading to your document: On the toolbar above your document, click Normal text and from the drop-down menu, select a heading level (Heading 1, Heading 2, etc.) and type in your heading.

In the “Document tabs” side panel, you can rename “Tab 1” by clicking the three-dot icon to its right.

Multiple tab links

You can also add more tabs, where each tab represents a separate section of the document that has its own content and formatting, and switch among them.

For instance, you could have a project management document where one tab shows the project overview and goals, a second tab lists team members and their responsibilities for the project, a third tab is a timeline table, and so on. You could create a separate document for each of those items, but the tabbed setup keeps them more tightly tied together while allowing each section to retain its own unique purpose and formatting.

A document starts with just one tab, called “Tab 1” by default. To add a new tab (“Tab 2”), click the + next to “Document tabs” in the side panel. Your view in the main window switches to a new blank document area that you can put content on.

When you create a new tab, it feels like you’re starting a whole new document, but it’s still part of the same larger document. When you look at the top of the screen, you’ll see that the document title remains the same.

You can click back and forth between these two tabbed sections of the document using the tab links in the “Document tabs” navigation. You can add and navigate to additional tabs the same way.

You can switch between tabs in your document using the left navigation panel.

Howard Wen / Foundry

You can also add a subtab underneath another tab. In the “Document tabs” side panel, hover your cursor over the tab you want to attach a subtab to, click the three-dot icon that appears to its right, and from the menu that opens, select Add subtab.

You’ll quickly realize as you add tabs and subtabs that using the default names (Tab 1, Tab 2, etc.) isn’t very helpful. To rename any tab to something more meaningful, click its three-dot icon, select Rename, and type in a new name.

Links to headings across tabs

You can insert a link in one tab that goes to a heading that’s in another tab in your document. For example, a link in Tab 1 takes you to a specific heading in Tab 3.

To create this type of link: Select a tab in the “Document tabs” side panel. In the main window showing the document, right-click on a heading. From the menu that opens, select Copy heading link.

Now select another tab in the “Document tabs” side panel. In the main window, paste the link somewhere in the document. A long URL appears with a bar next to it that contains the title of your document. Click this bar or press the Tab key on your keyboard to insert the link in your document; it will appear as a capsule with your document’s title in it.

When you (or anyone you’ve shared your document with) click the capsule you inserted, a small bar opens showing the heading. Click it, and the view in the main window will jump to this heading in this other tabbed document.

Click the MILESTONES link in the main document window to go to that heading on Tab 1.

Howard Wen / Foundry

Share your document

Through Google Docs or Google Drive, you can share a document for others to view or edit.

From the Google Docs screen where you’re editing your document: Click the Share button at the upper right. Or, from the Google Drive home screen: Right-click the filename of your document and select Share > Share from the menu that opens. Either way, the Share pane opens.

Sharing a document in Google Docs.

Howard Wen / Foundry

Google lets you share your document privately by inviting specific people to access it, or publicly, which means anyone with the link to it can open it. In most cases, business users will want to share their documents privately with specific colleagues. But there may be a few times when you need to share it publicly, such as when you’re seeking public comments on a document.

Note: In managed business environments, your administrators may limit your sharing options. For example, you might not be allowed to share a document link publicly — or even share it privately with people outside your organization.

Share your document privately (only certain people can access it)

On the Share pane, type in the names or email addresses of the people you want to collaborate with on the document. The Share pane changes to a new view where you can add more people and change their access permissions for the doc. You can also type in a brief message to them.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?quality=50&strip=all 510w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?resize=300%2C268&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?resize=188%2C168&quality=50&strip=all 188w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?resize=94%2C84&quality=50&strip=all 94w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?resize=404%2C360&quality=50&strip=all 404w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-13-share-pane-permissions.png?resize=280%2C250&quality=50&strip=all 280w" width="510" height="455" sizes="(max-width: 510px) 100vw, 510px">

Setting permissions for a file being shared privately.

Howard Wen / Foundry

By default, every person you add is given Editor access to your document. You can change this by clicking Editor at the right of the invitees’ names and selecting another option from the dropdown that opens.

• Editor means they can change your document, add comments to it, and reshare it with other people.
• Commenter means they can view your document and add comments to it, but they cannot change it.
• Viewer means they can view your document, but they cannot change it or add comments to it.

Keep in mind that this setting applies to everyone you’re currently inviting to the document.

When you’re done, click Send. Everyone you’ve added will receive an email with a link they can click to access the document.

Change, limit, or revoke permissions

You can change anyone’s permissions for a document at any time by reopening the Share pane for the document. It will list everyone who has access to the document. Click the dropdown next to their name to change their permission level or remove their access entirely, then click Save.

You can also limit the overall permissions for a document somewhat by clicking the gear icon in the upper right of the Share pane:

• Unchecking the first box prevents others at the Editor level from resharing the document or changing other collaborators’ permission level.
• Unchecking the second box prevents anyone with Viewer or Commenter status from downloading, printing, or copying the document.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-14-advanced-share-permissions.png?quality=50&strip=all 513w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-14-advanced-share-permissions.png?resize=300%2C122&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-14-advanced-share-permissions.png?resize=150%2C61&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-14-advanced-share-permissions.png?resize=444%2C180&quality=50&strip=all 444w" width="513" height="208" sizes="(max-width: 513px) 100vw, 513px">

Unchecking these boxes curbs some of the default permissions for editors, viewers, and commenters.

Howard Wen / Foundry

Set an expiration date

Under a Google Workspace plan, you can also deny access to a person you’ve shared your document with on a specified date.

Click the down arrow to the right of a collaborator’s name and select Add expiration. Then, to the right of “Access expires…,” click the pencil icon and select an expiration date (and time if you want) on the pop-up calendar. It can be within one year of the current date.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?quality=50&strip=all 847w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=300%2C244&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=768%2C624&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=207%2C168&quality=50&strip=all 207w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=103%2C84&quality=50&strip=all 103w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=591%2C480&quality=50&strip=all 591w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=443%2C360&quality=50&strip=all 443w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-15-set-share-expiration.png?resize=308%2C250&quality=50&strip=all 308w" width="847" height="688" sizes="(max-width: 847px) 100vw, 847px">

Setting an expiration date for a person’s access to a document.

Howard Wen / Foundry

Share your document publicly (anyone can access it)

At the bottom of the Share pane is a Copy link button that you can click to copy the link to your document. By default, this link is restricted to those you invite to the document.

To change it to a public link: Click Restricted and select Anyone with the link from the dropdown menu.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?quality=50&strip=all 512w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=290%2C300&quality=50&strip=all 290w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=162%2C168&quality=50&strip=all 162w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=81%2C84&quality=50&strip=all 81w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=464%2C480&quality=50&strip=all 464w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=348%2C360&quality=50&strip=all 348w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-16-public-link2.png?resize=242%2C250&quality=50&strip=all 242w" width="512" height="530" sizes="(max-width: 512px) 100vw, 512px">

Changing permissions for a public link to a document.

Howard Wen / Foundry

By default, this link has Viewer access assigned to it. To allow anyone with the link to comment on or edit your document: Click the Viewer dropdown to the right and then select Commenter or Editor.

After you’ve made your above selections, click the Copy link button. You can now paste this link to your document into an email, direct message, or document, or post it on a public forum or social media. Remember that anyone who sees and clicks this link will be able to access your document.

To turn off the public link to your document, reopen the Share pane and click Anyone with the link. From the dropdown that opens, select Restricted. Then click the Done button.

Status of your shared documents

On your Google Drive or Google Docs home screen, your documents that are being shared either privately with others or as public links are marked by an icon of two silhouetted heads. (If you have the home screen of Google Drive set to “Grid layout,” this icon won’t appear with the thumbnail or filename of a shared document.)

The double silhouette icon to the right indicates that this is a shared document.

Howard Wen / Foundry

Collaborate on your document

The people you’ve shared your document with can collaborate with you on it if they’ve been designated as an Editor or Commenter. See “How to collaborate on a document” in our Google Drive collaboration guide for step-by-step instructions on how to add and review comments, edit a document, and collaborate on a document in real time.

One thing that can’t be stressed enough is how helpful it is if you and your collaborators use Suggesting mode. (Commenters will automatically be in Suggesting mode when they open the document, but Editors need to turn it on by clicking the pencil icon at the upper right and selecting Suggesting.)

If multiple people make changes to your document in Editing mode, it can become difficult to keep track of who did what. Under Suggesting mode, though, each collaborator’s text additions appear in a different color. So if they add an image, the border of that image will be the same color as their text color. Anything they delete will have a strikethrough in their assigned color.

Suggesting mode makes it easy to see who made each change to a shared document.

Howard Wen / Foundry

Note cards will appear to the right of your document; each shows a suggested change made to your document (and by whom and when the change happened). To accept the suggestion on a card, click the checkmark; to reject it, click the X.

To view your document with or without all the edits suggested by your collaborators: Click Tools > Review suggested edits from the top menu bar. A box will open at the upper-right corner. To view your document with the suggested edits merged in, click the Show suggested edits dropdown and select Preview “Accept all.” To view without the suggested edits, select Preview “Reject all.”

Reviewing suggested changes.

Howard Wen / Foundry

If you want to accept or reject all suggestions at once without going through them one by one, you can click the Accept All or Reject All buttons on this pane.

Whenever your document gets a suggested edit by a collaborator, an updated tally appears next to its filename, or on the upper-right of its thumbnail, on your Google Docs or Google Drive home screen.

Recover older versions of a document

Mistakes happen, and you may want to undo changes you or others have made to a document. To look up older versions of an open document, click File > Version history > See version history.

A panel opens on the right that shows a list of older versions of your document, organized by date and time. To see what an earlier version of the doc looks like, click its date or version name in the list. That version will appear in the main window.

Viewing an earlier version of a document.

Howard Wen / Foundry

If you want to use this older version to replace the current version of your document, click the blue Restore this version button at the upper-left of the screen. This restored version will then appear at the top of the version history list.

If you want to give an older version a unique name, click its date. You’ll be prompted to type in words to replace the date. The version’s date and time will then appear in smaller type underneath its new name.

Download and export your document to Word or PDF

You can download a document and convert it to PDF, .docx (if it’s not already a Word document), or another text format such as OpenDocument Format (.odt), Plain Text (.txt) or Rich Text Format (.rtf).

With the document open, select File > Download from the top menu bar and choose a file format. The document will be saved to your PC’s storage drive in that format.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?quality=50&strip=all 689w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=300%2C225&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=224%2C168&quality=50&strip=all 224w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=112%2C84&quality=50&strip=all 112w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=640%2C480&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=480%2C360&quality=50&strip=all 480w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-21-export-docx.png?resize=333%2C250&quality=50&strip=all 333w" width="689" height="517" sizes="(max-width: 689px) 100vw, 689px">

Downloading and converting a document to Word format.

Howard Wen / Foundry

Alternatively, you can select File > Email and then pick either Email this file or Email collaborators. This action will open a panel that lets you email your document as an attachment. PDF is the default, but you can click the PDF dropdown and choose Word or another format.

A third option under File > Email is Email draft. This inserts the Email draft building block discussed earlier in the story.

Use the Google Docs mobile app

The Docs mobile apps for Android, iPhone, and iPad have a simplified interface to accommodate small touchscreens. Except for version history, the same features described in this guide are in the mobile apps.

For example, through the Docs mobile apps, you can share documents (see “How to use Google Drive for collaboration” for instructions) and work on them with other people. This includes doing so under Suggesting mode.

Toolbars along the top and bottom of the app let you take actions such as formatting text and inserting images or tables. Clicking the three-dot icon at the far right of the top toolbar opens more options including turning on Suggesting mode, running spell check, and sharing your document.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?quality=50&strip=all 1440w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=270%2C300&quality=50&strip=all 270w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=768%2C853&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=922%2C1024&quality=50&strip=all 922w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=1382%2C1536&quality=50&strip=all 1382w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=627%2C697&quality=50&strip=all 627w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=151%2C168&quality=50&strip=all 151w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=76%2C84&quality=50&strip=all 76w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=432%2C480&quality=50&strip=all 432w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=324%2C360&quality=50&strip=all 324w, https://b2b-contenthub.com/wp-content/uploads/2025/06/google-docs-22-android-app.png?resize=225%2C250&quality=50&strip=all 225w" width="922" height="1024" sizes="(max-width: 922px) 100vw, 922px">

Using the Google Docs Android app.

Howard Wen / Foundry

It can be tedious to work on a document on a small phone screen, but the Docs mobile app is handy for making quick edits or keeping up to date on changes to your document made by other people. Any changes you make to a document through the mobile app are automatically saved to your Google Drive. They will show up the next time you open the document from the Google Docs or Google Drive home screen in your PC’s web browser.

Use keyboard shortcuts

Save time in Google Docs by using keyboard shortcuts to execute tasks. Below are some of the most useful shortcuts. For more, select Help > Keyboard shortcuts from the top menu bar in Google Docs, or see Google’s extensive list of Google Docs keyboard shortcuts.

Handy Google Docs keyboard shortcuts BASICSActionChrome OS / Windows shortcutmacOS shortcutCopyCtrl-C⌘-CCutCtrl-X⌘-XPasteCtrl-V⌘-VUndoCtrl-Z⌘-ZRedoCtrl-Y⌘-YInsert or edit linkCtrl-K⌘-KOpen linkAlt-EnterOption-EnterFindCtrl-F⌘-FFind and replaceCtrl-H⌘-Shift-HSelect allCtrl-A⌘-AInsert commentCtrl-Alt-M⌘-Option-MCheck spelling and grammarCtrl-Alt-X⌘-Option-XOpen dictionaryCtrl-Shift-Y⌘-Shift-YPrintCtrl-P⌘-PTEXT AND PARAGRAPH FORMATTINGActionChrome OS / Windows shortcutmacOS shortcutBoldCtrl-B⌘-BItalicizeCtrl-I⌘-IUnderlineCtrl-U⌘-UNumbered listCtrl-Shift-7⌘-Shift-7Bulleted listCtrl-Shift-8⌘-Shift-8Align text leftCtrl-Shift-L⌘-Shift-LAlign text rightCtrl-Shift-R⌘-Shift-RCopy text formattingCtrl-Alt-C⌘-Option-CPaste text formattingCtrl-Alt-V⌘-Option-V Source: Google

This article was originally published in May 2019 and most recently updated in June 2025.

See more Google Workspace tips and tutorials

Microsoft has fixed a known issue that will cause the classic Outlook email client to crash when opening emails or starting a new message. [...]

Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems. [...]

The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 22H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.” If you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”

Updates to Windows 10 versions 21H2 and 22H2 KB5061087 (OS Build 19045.6036) Preview

Release date: June 24, 2025

This build fixes a variety of bugs, including one that caused jump lists to disappear from the Start menu.           

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061087 Preview.)

KB5060533 (OS Builds 19044.5965 and 19045.5065)

Release date: June 10, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060533.)

KB5058481 (OS Build 19045.5917) Preview

Release date: May 28, 2025

This build offers several new features, including one that brings back the clock view that displays seconds on the calendar. It also fixes several bugs, including one in which in GDI/GDI+, some GB18030-2022 characters in plane 2 were not rendered.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5058481 Preview.)

KB5061979 (OS Builds 19044.5859 and 19045.5859)

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061979.)

KB5061768 (OS Builds 19044.5856 and 19045.5856)

Release date: May 19, 2025

This out-of-band build fixes a bug in the recent May 13 Patch Tuesday build (KB5058379) that caused the Local Security Authority Subsystem Service (LSASS) process to terminate unexpectedly, triggering an Automatic Repair prompting for the BitLocker recovery key.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5061768.)

KB5058379 (OS Builds 19044.5854 and 19045.5854)

Release date: May 13, 2025

The update improves Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI) for the detection of Linux systems. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058379.)

KB5055612 (OS Build 19045.5796) Preview

Release date: April 22, 2025

This build fixes two bugs, including one in which the check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2). This issue might have potentially caused GPU paravirtualization support to fail.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5055612 Preview.)

KB5055518 (OS Builds 19044.5737 and 19045.5737)

Release date: April 8, 2025

The update has a broad variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5055518.)

KB5053643 (OS Build 19045.5679) Preview

Release date: March 25, 2025

This build fixes several bugs, including one in which USB-connected dual-mode printers that support both US Print and IPP Over USB protocols unexpectedly output incorrect or unwanted text, and another in which thumbnails in File Explorer crashed, resulting in white pages appearing instead of the actual thumbnails.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5053643 Preview.)

KB5053606 (OS Builds 19044.5608 and 19045.5608)

Release date: March 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5053606.)

KB5052077 (OS Build 19045.5555) Preview

Release date: February 25, 2025

This build fixes several bugs, including one in which the OpenSSH (Open Secure Shell) service failed to start, preventing SSH connections.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5052077 Preview.)

KB5051974 (OS Builds 19044.5487 and 19045.5487)

Release date: February 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5051974.)

KB5050081 (OS Build 19045.5440) Preview

Release date: January 28, 2025

This build includes the new version of the Outlook app. IT admins can learn how to manage the new version at the Microsoft Learn page “Control the installation and use of new Outlook.”

The build also fixes a variety of bugs, including one in which the Capture Service and Snipping Tool stopped responding when you pressed Windows logo key + Shift + S several times while Narrator was on.

There are two known issues in this build, including one in which the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. In the other one, PCs that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5050081 Preview.)

KB5049981 (OS Builds 19044.5371 and 19045.5371)

Release date: January 14, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5049981.)

KB5048652 (OS Builds 19044.5247 and 19045.5247)

Release date: December 10, 2024

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5048652.)

KB5046714 (OS Build 19045.5198) Preview

Release date: November 21, 2024

This build fixes a variety of bugs, including one in which Win32 shortcuts did not back up to the cloud. 

(Get more info about KB5046714 Preview.)

KB5046613 (OS Builds 19044.5131 and 19045.5131)

Release date: November 12, 2024

This update fixes a bug in which some games did not start or stopped responding after you installed KB5044384. This occurred because some games use a third-party DRM component that are not compatible with that update. This update makes changes to support those games while the game developers address the DRM issue.

The update also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5046613.)

KB5045594 (OS Build 19045.5073) Preview

Release date: October 22, 2024

This build starts the rollout of the new account manager on the Start menu that makes it easy to view your account and access account settings. To change to a different user, select the ellipsis (…) next to “Sign out.” Not everyone will see this change yet, because it’s rolling out gradually.

The build also fixes a variety of bugs, including one in which a vmswitch triggers a stop error. This occurs when you use Load Balancing and Failover (LBFO) teaming with two virtual switches on a virtual machine (VM). In this case, one virtual switch uses single root Input/Output virtualization (SR-IOV).

(Get more info about KB5045594 Preview.)

KB5044273 (OS Builds 19044.5011 and 19045.5011)

Release date: October 8, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5044273.)

KB5043131 (OS Build 19045.4957) Preview

Release date: September 24, 2024

This build fixes several bugs, including one in which playback of some media might have stopped when you use certain surround sound technology, and another in which Windows server stopped responding when you used apps like File Explorer and the taskbar.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about Windows 10 22H2 KB5043131 Preview).

KB5043064 (OS Builds 19044.4894 and 19045.4894)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043064.)

KB5041582 (OS Build 19045.4842) Preview

Release date: August 29, 2024

This build fixes several bugs, including one in which when a combo box had input focus, a memory leak could occur when you closed that window.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5041582 Preview.)

KB5041580 (OS Builds 19044.4780 and 19045.4780)

Release date: August 13, 2024

This release has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041580.)

KB5040525 (OS Build 19045.4717) Preview

Release date: July 23, 2024

This build fixes a variety of bugs, including one in which the Transmission Control Protocol (TCP) send code caused systems to stop responding during routine tasks, such as file transfers. This issue led to an extended send loop.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5040525 Preview.)

KB5040427 (OS Builds 19044.4651 and 19045.4651)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which you might be unable to change your user account profile picture.

(Get more info about KB5040427.)

Windows 10 2022 Update (version 22H2)

Release date: October 18, 2022

The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.

Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.

To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.

(Get more info about the Windows 10 2022 Update.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

• Wi-Fi security has been enhanced with WPA3 H2E standards support.
• GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

• Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
• For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
• Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
• The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
• An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
• Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

• Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
• Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
• Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

• The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
• The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
• The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
• When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
• When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
• When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
• The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

• IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
• Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
• Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
• Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
• Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”

Windows 10 May 2020 Update (version 2004)

Release date: May 27, 2020

Version 2004, called the Windows 10 May 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a variety of new features for both users and system administrators. For more details, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”

Here’s a quick summary of what’s new in 2004:

• Cortana now runs as a standalone app in a resizable window. It also loses a variety of capabilities, such as playing music, controlling home devices, and working on the lock screen.
• Task Manager now displays new information, including the temperature of your GPU and your disk type.
• Settings gets many small tweaks, including adding a header with account information, and a redone network status page that combines information that used to be found on multiple pages, such as your IP address, current connection properties and data usage.
• The Windows Subsystem for Linux (WSL) gets more features. It now uses a real Linux kernel, and is faster than previously.
• IT can now take advantage of Windows Hello biometrics logins rather than passwords, by setting that up as the default on enterprise devices.
• Installing and setting up Windows for others has been made easier thanks to new controls added to Dynamic Update, which can lead to less downtime during installation for users.
• A variety of new commands have been given to PowerShell for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing the work of downloading update and upgrade packages among multiple devices in business deployments.
• The security of the Chromium version of Edge has been improved, thanks to porting Application Guard to it.

Windows 10 November 2019 Update (version 1909)

Release date: Nov. 12, 2019

Version 1909, called the Windows 10 November 2019 Update, is the most recent update to Windows 10. There are very few new features in this update, making it more like a service pack of old than a feature update. At this point it’s not clear whether in the future there will be one full-featured update and one service-pack-like update per year or whether Microsoft will go back to its two-feature-updates-a-year schedule. For more details, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”

Here’s a quick summary of what’s new for users in 1909.

• It lets you create calendar events straight from the taskbar. To do it, click the time on the taskbar and you’ll open the Calendar view. Now click a date and time, then type the event’s name into the text box. You’ll also be able to choose the date, time and location.
• When you type a search into the search box, it will now search through files in your OneDrive account as well as on your PC. Also, as you type, a drop-down menu with suggested files appears. Click a file to open it.
• Voice assistants in addition to Cortana, including Amazon’s Alexa, will be able to run on Windows 10’s lock screen.
• Under-the-hood improvements should speed up the performance of some PCs, as well as increase the battery life in some laptops.
• The Start Menu has gotten minor tweaks. When you hover over items in the navigation pane on the left side of the menu, the items clearly show what you’re about to click.

What IT needs to know: The following features in 1909 are of note for IT staff.

• Windows containers no longer need to have their host and container versions match. That requirement restricted Windows from supporting mixed-version container pod scenarios. Previously, containers from older versions of Windows 10 couldn’t be run on newer versions of Windows 10. In this update, it’s possible, so that a container made using 1903, for example, can be run on 1909.
• Windows Defender Credential Guard, which protects enterprise users’ logins and credentials against theft, is now available for ARM64 devices. Some Windows 10 convertible PCs use ARM64.
• Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow devices running Windows 10 in S mode to install and run Win32 (desktop) apps. Before this, S Mode only allowed devices to run apps from the Microsoft Store. Microsoft Store apps don’t run on the desktop.
• The security of BitLocker encryption has been improved. Whenever BitLocker is used to encrypt a device, a recovery key is created, but before this security improvement, it was possible for an unauthorized user to get access to the recovery key and decrypt the device. Now, PCs have additional security if a key is exposed. Here’s how Microsoft explains the change: “Key-rolling or Key-rotation feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on demand request from Microsoft Intune/MDM tools or upon every time recovery password is used to unlock the BitLocker protected drive.”

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
• A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
• Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
• The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
• The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
• Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
• Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
• The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
• The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
• Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
• The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
• You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

• Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
• There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
• Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
• Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
• There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
• The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
• Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For  more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
• The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
• You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
• Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
• Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
• Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
• New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
• The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

• The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
• Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
• ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
• Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
• Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
• Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,”  “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

• It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
• Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
• The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
• Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
• System settings that previously were in multiple locations have been consolidated into the Settings app.
• There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
• New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
• The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

• Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
• Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
• New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
• The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
• Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
• If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”

CISA says a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software, which enables attackers to hijack and brick servers, is currently under active exploitation. [...]

Here's the kind of change that gets sysadmins and devs talking''and not always in agreement. Ubuntu is introducing a configuration tweak that disables Spectre-related security mitigations at the Intel Compute Runtime level, promising up to a 20% increase in GPU performance for systems running on Intel hardware.

A British national known online as "IntelBroker" has been charged by the U.S. for stealing and selling sensitive data from dozens of victims, causing an estimated $25 million in damages. [...]