Computerworld.com [Hacking News]

Lawmakers have failed to extend a surveillance law that allows US intelligence agencies to monitor targets abroad without a warrant.

Congress rejected a vote to extend Section 702 of the Foreign Intelligence Surveillance Act to July 2, which means, for a few days at least, some surveillance will be put on hold, for the first time since the Act was passed in 2008. The next possible chance for a vote will be June 28.

This has significance for CISOs because they need to be aware of how communication between the US and other countries is being monitored. The Act permits US intelligence agencies to collect texts and emails sent to and from foreigners living outside the US without a warrant — and when those communications are to or from an US citizen, it allows them to scoop them up too.

“For too long, the FBI has been able to piggyback on a major national security tool as an unconstitutional backdoor way of reading Americans’ communications,” Electronic Frontier Foundation Senior Policy Analyst Matthew Guariglia wrote in article about the renewal vote this week.

It is uncertain what will happen next. Some commentators expect things will proceed as if the Act had been extended, possibly through an executive order.  However, the industry may well revolt against this and we could see some tech providers take legal action.

This article first appeared on CSO.

Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are.  Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.

The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates.  Like tacos, Patch Tuesday is here to stay.

In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”

Patch Tuesday will continue to be an “important part of our strategy to keep users secure,” Microsoft said, adding that it’s now an important part of the cybersecurity industry.  As a case in point, Adobe, among others, follows a similar patch cadence.

Patch Tuesday coverage has also long been a staple of Computerworld’s commitment to provide critical information to the IT industry. That’s why we’ve gathered together this collection of recent patches, a rolling list we’ll keep updated each month.

In case you missed a recent Patch Tuesday announcement, here are the latest six months of updates.

For June, Patch Tuesday means an IT scramble

Microsoft this month released 206 updates affecting Windows, Office, Exchange Server, and its developer tools — including three Windows vulnerabilities already publicly disclosed. That trio includes an elevation of privilege in the Collaborative Translation Framework (CVE-2026-45586), a denial of service in HTTP.sys (CVE-2026-49160), and a BitLocker security feature bypass (CVE-2026-50507). At the moment, none appear to be under active exploitation, but all three are rated “Exploitation More Likely.” 

Even without an exploited zero-day, the June 2026 Patch Tuesday release requires Patch Now recommendations for Windows, Office, and Exchange. The latter is back in the patch picture with a consolidated security update that Microsoft recommends installing “as soon as possible.”

More info is available here on Microsoft Security updates for June 2026.

For May, Patch Tuesday means 139 updates — but no zero-days

Microsoft this month released 139 updates affecting Windows, Office, .NET, and SQL Server (though there were no updates for Microsoft Exchange Server). Despite the absence of zero-days, the May Patch Tuesday update still requires Patch Now recommendations for Windows and Office. 

The combination of three unauthenticated network RCEs (Netlogon, DNS Client, and SSO Plugin for Jira and Confluence), four Word Preview Pane RCEs, the large TCP/IP vulnerability cluster, and the carry-over BitLocker recovery condition (still active on Windows 10 and Windows Server) warrants an accelerated deployment release schedule. 

More info is available here on Microsoft Security updates for May 2026.

Microsoft’s Patch Tuesday release for April is a whopper

Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle in memory. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild. 

The Readiness team recommends “Patch Now” schedules for nearly every major product family: Windows, Office (with a zero-day), Microsoft Edge (Chromium), SQL Server, and Microsoft Developer Tools (.NET). April also brings Phase 2 of Microsoft’s Kerberos RC4 hardening with full enforcement set for July. There is a lot to cover, so here’s a useful infographic mapping the deployment risk for each platform.

More info is available here on Microsoft Security updates for April 2026.

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

Microsoft’s March Patch Tuesday release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in the wild.) Six additional vulnerabilities spanning the Windows Kernel, Graphics Component, SMB Server, Accessibility Infrastructure, and Winlogon are flagged as “Exploitation More Likely.”

The most significant change this month is the introduction of Common Log File System (CLFS) hardening with signature verification, which will affect how Windows handles log files across the operating system. More info on Microsoft Security updates for March 2026.

February’s Patch Tuesday release fixes 59 flaws, including 6 being exploited

The company’s Patch Tuesday release for February addresses 59 CVEs across the company’s product family — roughly half the volume of January’s 159 patches. Six vulnerabilities, affecting Windows Shell, MSHTML, Desktop Window Manager, Remote Desktop, Remote Access, and Microsoft Word, are already being actively exploited. (All five Critical-rated CVEs target Azureservices rather than Windows, however.) 

Both Windows and Office get a “Patch Now” recommendation, with CISA setting a March 3 enforcement deadline for all six exploited vulnerabilities. Two new enforcement timelines also take effect in April: Kerberos RC4 deprecation (CVE-2026-20833) and Windows Deployment Services hardening (CVE-2026-0386). More info on Microsoft Security updates for February 2026.

For January, Patch Tuesday starts off with a bang

The first Patch Tuesday release of 2026 addresses 112 CVEs across Microsoft’s product portfolio, including eight rated critical and three zero-day vulnerabilities. One zero-day (CVE-2026-20805), an information disclosure flaw in the Desktop Window Manager, is already under active exploitation, prompting CISA to add it to the Known Exploited Vulnerabilities catalog with a remediation deadline of Feb. 3, 2026. (Note: 95 of the vulnerabilities affect Windows.) More info on Microsoft Security updates for January 2026.

Microsoft this week released 206 updates affecting Windows, Office, Exchange Server, and its developer tools —  including three Windows vulnerabilities already publicly disclosed. That trio includes an elevation of privilege in the Collaborative Translation Framework (CVE-2026-45586), a denial of service in HTTP.sys (CVE-2026-49160), and a BitLocker security feature bypass (CVE-2026-50507). At the moment, none appear to be under active exploitation, but all three are rated “Exploitation More Likely.” 

Even without an exploited zero-day, the June 2026 Patch Tuesday release requires Patch Now recommendations for Windows, Office, and Exchange. The latter is back in the patch picture with a consolidated security update that Microsoft recommends installing “as soon as possible.” 

The Readiness team suggests testing start with domain controllers, Hyper-V hosts, anything self-hosting on HTTP.sys, and Outlook-heavy desktops —  in that order. To help navigate these changes, here’s a useful infographic detailing the risks of deploying the updates to each platform.

(More information about recent Patch Tuesday releases is available here.)

Known issues

This June release note from Microsoft flags known issues with three updates:

• KB5094128 — BitLocker recovery prompt on first restart (Windows Server 2022). The PCR7 condition we have tracked since April is still live on the platforms that did not receive May’s Boot Manager servicing fix. Devices with BitLocker enabled on the OS drive, the Group Policy “Configure TPM platform validation profile for native UEFI firmware configurations” set with PCR7 included, and System Information reporting Secure Boot State PCR7 Binding as “Not Possible” may prompt for the recovery key on the first restart after installing this update.
• KB5094127 — Windows 10 21H2/22H2. The release note carries a known-issue flag, too, with Windows 10 in the same boat as Server 2022: it has not received the Boot Manager servicing improvement that closed the BitLocker/PCR7 recovery condition on Windows 11. So, that same Group Policy configuration remains the trigger to check before deployment.
• KB5094125/KB5094128 — WSUS synchronization error details suppressed (Windows Server 2025 and 2022). WSUS no longer displays synchronization error details in its reporting. This is deliberate: the functionality was “temporarily removed to address the Remote Code Execution Vulnerability, CVE-2025-59287.” Microsoft offered no workaround.

One continuing advisory from May remains in effect: Windows Update can still replace manually installed graphics drivers with older OEM versions from the Windows Update catalogue.

Major revisions and mitigations

Unlike last month, this patch cycle delivered two genuine revisions and a cluster of out-of-band fixes that require action:

• Microsoft Teams Spoofing (CVE-2026-32185) — revised to version 3.0 on May 21. Microsoft announced the availability of the security update for Teams for Android; customers running affected versions should install it. If your mobile fleet runs Android, this is the action item.
• Microsoft Defender out-of-band cluster (May 19–21) — a Critical remote code execution flaw (CVE-2026-45584), plus an elevation of privilege (CVE-2026-41091) and a denial of service (CVE-2026-45498).
• SharePoint RCE (CVE-2026-45659) — a separate out-of-band fix also posted on May 21. SharePoint admins had three distinct security notices in a fortnight. The recommendation: deploy these clustered but separate patches as a single unit.

Interestingly, there were two omissions from last month’s list:

• SharePoint Server RCE (CVE-2026-47294) — published May 29 with the note that it “was addressed by updates that were released in May 2026, but the CVE was inadvertently omitted from the May 2026 Security Updates.”
• Windows DWM Core Library Information Disclosure (CVE-2026-48566) — also fixed in May, also left off the May list.

That makes two months running: the Patch Tuesday list is never final. The June release itself also carried a substantive revision:

• Remote Desktop cluster re-issued for Windows 11 26H1 — five RDP/RDS CVEs from 2024–2025, including two Critical RCEs (CVE-2024-49123, CVE-2024-49132) and the RDP Server RCE (CVE-2024-43582). If you are running 26H1, the June cumulative closes these older CVEs.

Windows lifecycle and enforcement updates

Given the month SharePoint just had, SharePoint 2016/2019 require some of the cycle’s most active patching on a platform with one update left. If migration is not already in progress, July’s final update is the deadline. Here are the other key dates:

• The 2011 KEK CA expires on June 24, and the UEFI CA for third-party boot loaders follows three days later, with the Windows Production PCA for the boot manager coming up October. 19. Devices that have not taken the Windows UEFI CA 2023 key updates under CVE-2023-24932 lose the ability to receive updated boot components once the certificates lapse. This is a big deal.
• With just one Patch Tuesday to go, SharePoint Server 2016 and 2019, Project Server 2016 and 2019, SQL Server 2016, and SQL Server 2014 ESU Year 2 all reach end of support on July 14. (InfoPath 2013, SharePoint Designer 2013, and Visual Studio 2022 17.12 LTSC go with them.)
• Kerberos RC4 hardening (CVE-2026-20833) moves from default-hardening to its enforcement phase next month. Accounts still depending on RC4 service tickets have weeks, not months.
• The graphics-driver targeting change (four-part to two-part Hardware IDs) pilots to September 2026, with broader enforcement planned for Q4 2026 to Q1 2027; until then, Windows Update can still downgrade manually installed display drivers.

This month’s release is a security-only release with a clear feature focus: the Remote Desktop client. The Remote Desktop ActiveX control (mstscax.dll) is the most patched component this cycle with five separate updates (see below). 

The secondary theme is Windows authentication, with three updates to the NTLM security package. Every Windows binary this month reports no functional changes, so the work is pure regression validation. Lower-risk patches reach DHCP, telephony, Hyper-V, UDF and Projected File System storage, and the graphics stack.

Remote Desktop client

The Remote Desktop client (mstscax.dll) draws a high-risk flag that lands specifically on printer redirection — the path that maps a client’s local printers into a remote session. A regression here typically shows as missing redirected printers, failed print jobs, or a hang on connect or reconnect. The wider Remote Desktop stack is also updated, including RemoteApp and clipboard redirection (rdpclip.exe, RdpCoreTS.dll) and Remote Desktop Licensing (lserver.dll). So, be sure to validate connection, session, and licensing together.

A passing run is a remote session that connects, redirects printers, prints, and survives a reconnect with no crashes or missing devices.

• Connect with Remote Desktop Connection (mstsc.exe) to a test host, enable printer redirection in Local Resources, and confirm redirected printers appear in the session.
• Print a test page from an app in the session to a redirected printer; repeat with two or more client printers installed.
• Disconnect and reconnect the session, then confirm the redirected printers are still present and usable.
• Repeat the printer test in both a full desktop session and a RemoteApp session.
• Exercise general remote access: connect through a Remote Desktop Gateway, use VMConnect to reach a VM, and verify clipboard and device redirection.
• On a Remote Desktop Licensing server, confirm clients connect with licensing enabled, across Per User and Per Device modes.

Windows authentication (NTLM)

Three updates touch the NTLM security support provider (msv1\_0.dll), the module behind network authentication when Kerberos is not used. Authentication changes are regression-sensitive: the failure modes are logon failures, broken file-share or RDP access, and application sign-in problems. Validate across domain-joined and workgroup machines.

• Sign in to domain-joined and standalone machines with domain, local, and cached credentials after a reboot.
• Access SMB file shares by host name and IP, including paths that fall back to NTLM, and confirm authenticated reads and writes.
• Authenticate to a Remote Desktop host and to line-of-business applications that rely on integrated Windows authentication.
• Watch the Security event log for new logon-failure or audit anomalies during the test window.

Other Windows components

The remaining updates carry no functional changes, so cover them with routine regression by area.

• Networking: exercise DHCP lease, renewal, and release on IPv4 and IPv6 (dhcpcore), sustained socket traffic over the WinSock driver (afd.sys, two updates), HTTP.sys request handling under IIS, and TAPI telephony integrations (tapisrv.dll).
• Virtualization: boot Generation 1 and Generation 2 VMs, including nested virtualization, to cover the Hyper-V hypervisor (hvix64/hvax64), and connect a VM through an external virtual switch (toggling NIC RSS) to cover vmswitch.sys.
• Storage and filesystems: read and write UDF-formatted media (udfs.sys), exercise the Projected File System minifilter (prjflt.sys), and validate cloud files hydration and Work Folders sync (cldflt.sys, workfolders.exe), including a ReFS volume with BitLocker enabled.
• Graphics and shell: run GPU-accelerated and 2D rendering workloads to cover Direct2D (d2d1.dll), GDI+ (gdiplus.dll), the Desktop Window Manager (dwmcore.dll), the Windows Imaging Component (windowscodecs.dll), and UI Automation (UiaManager.dll); watch for artifacts and accessibility regressions.
• Notifications and input: open apps that raise toast and push notifications (wpnapps.dll, wpncore.dll) and verify Text Services Framework input across keyboard layouts and IMEs (msctf.dll).

Microsoft Office & SharePoint

June’s Office updates are MSI editions only: Excel 2016 (KB5002877), Word 2016 (KB5002879), Office 2016 shared components (KB5002878, KB5002852, and the rich-edit control KB5002578), and Office Online Server 2019 (KB5002875). The shared Office 2016 component updates also apply to the SharePoint Server 2016, 2019, and Subscription Edition baselines. No Critical non-security client release ships this cycle, and Click-to-Run estates are unaffected.

• Open complex Excel workbooks with formulas, macros, and external data connections; save and reopen to verify integrity.
• Edit Word documents with embedded objects, tracked changes, and rich formatting that exercises the rich-edit control.
• On the SharePoint Server baselines (2016, 2019, Subscription Edition) and Office Online Server, validate document library operations, co-authoring, and browser-based viewing and editing.
• Confirm that Office add-ins and line-of-business integrations continue to operate.

Developer tools and databases

June’s fixes update the .NET SDK across the 8.0, 9.0, and 10.0 servicing lines (8.0.422, 9.0.315, 10.0.301), and ships SQL Server GDR security updates spanning SQL Server 2016 SP3 through SQL Server 2025, in both RTM+GDR and cumulative-update+GDR branches.

• After installing the .NET SDK update, build and run representative applications and confirm existing projects compile and execute normally.
• For SQL Server, install the GDR update onto the matching baseline or cumulative-update branch, then restart the service and run standard transactions.
• Verify a backup and restore, confirm Always On availability groups stay healthy, and test patch install and removal on each servicing branch.

The Readiness team suggests that this month’s testing lead with Remote Desktop. The client is both the most-patched component and the sole High Risk item, so give it a focused regression pass centered on printer redirection, then broaden to general connectivity, RemoteApp, clipboard and device redirection, gateway access, and licensing. 

The NTLM authentication updates are the second priority: validate domain and standalone logon, file-share access, and application sign-in. Everything else is a no-functional-change security update, so cover networking, Hyper-V, storage, and graphics with routine regression. Office is MSI-only, with Click-to-Run untouched, and the .NET and SQL Server updates round out the developer and database estate.

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings:

Browsers

Microsoft Edge released the stable version (149.0.4022.52) on June 4, per the Edge security release notes. Nothing ships for Internet Explorer, which remains retired. This cycle is unusually lopsided: just one Edge-engineered CVE against a very large Chromium upstream flow:

• CVE-2026-47644 — Copilot Chat (Microsoft Edge) — Information disclosure (CVSS 6.5, rated critical). For the second month running, Copilot Chat in Edge supplies the headline browser issue (May’s was CVE-2026-33111); Microsoft addresses the Copilot service component, with the browser update completing the fix.
• Chromium upstream — 407 CVEs relayed through MSRC this cycle, spanning the weekly Chrome release cadence since the May report: use-after-free, out-of-bounds read/write, type confusion, and policy bypass across V8, Blink, PDFium, WebRTC, ANGLE, and DevTools. The same fixes ship in the Chrome Stable channel; see the Chrome release blog for the upstream notes.

The Chromium volume looks alarming but is routine plumbing —  it flows to Edge through its own auto-update channel. Add these updates to your standard release schedule for Edge-managed environments.

Windows

Microsoft addressed 119 vulnerabilities in Windows this month, 22 rated critical and 97, important —  nearly double May’s count. Elevation of privilege again dominates by volume (49 entries), followed by remote code execution (28), information disclosure (16), security feature bypass (15), denial of service (6), and a handful of spoofing and tampering entries. All three of June’s publicly disclosed zero-days land here:

• CVE-2026-45586 — Collaborative Translation Framework (CTFMON) — Elevation of privilege (CVSS 7.8, publicly disclosed).
• CVE-2026-49160 — HTTP.sys — Denial of service (CVSS 7.5, publicly disclosed).
• CVE-2026-50507 — BitLocker — Security feature bypass (CVSS 6.8, publicly disclosed) —  BitLocker’s third entry this month, keeping it on the radar alongside the PCR7 known issue.

At the feature level, the critical risks are concentrated in nine areas:

• Remote Desktop Client — the largest single cluster: 11 CVEs, 7 rated critical, led by CVE-2026-47289 and CVE-2026-42985 (both CVSS 8.8, the latter “Exploitation More Likely”).
• Windows Kernel — CVE-2026-45657, remote code execution at CVSS 9.8, the joint-highest Windows score this cycle.
• HTTP.sys — CVE-2026-47291, unauthenticated remote code execution (CVSS 9.8, “Exploitation More Likely”) in the kernel-mode web server underpinning IIS, WinRM, and anything self-hosting on http.sys — paired with the disclosed DoS above.
• DHCP Client — CVE-2026-44815, remote code execution at CVSS 9.8.
• Active Directory Domain Services — CVE-2026-45648, remote code execution (CVSS 8.8) on the directory itself, with the Kerberos KDC adding a separate critical RCE (CVE-2026-47288).
• Hyper-V — three critical RCEs (CVE-2026-45607, CVE-2026-45641, CVE-2026-47652, up to CVSS 8.4) — guest-to-host risk on virtualization hosts.
• Windows Graphics Component — two critical RCEs (CVE-2026-44803, CVE-2026-44812, CVSS 7.8), both “Exploitation More Likely” vulnerabilities reachable through Office rendering paths.
• Windows Deployment Services — CVE-2026-42987, remote code execution (CVSS 8.1).
• Cryptographic Services and Device Health Attestation — critical elevation-of-privilege entries (CVE-2026-44810, CVSS 8.4; CVE-2026-33828, CVSS 7.8) in trust-anchor components.

Given the publicly disclosed vulnerabilities this month, add this Windows update to your Patch Now schedule.

Office

Microsoft released 53 Office CVEs this month — 10 critical, 43 important. Remote code execution again leads (24 entries), but the surprise is spoofing at 20 entries, almost all of it SharePoint. (SharePoint Server appears in 30 of the 53 CVEs this cycle.) The rest split across information disclosure (6), elevation of privilege (2), and a security feature bypass.

• Microsoft has addressed seven critical remote code execution entries, each CVSS 8.4, each with the Preview Pane confirmed as an attack vector: CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635 against Outlook and Word, plus CVE-2026-45461, CVE-2026-45463, CVE-2026-45472, and CVE-2026-45474 against Office broadly.

Add these Office updates to your Patch Now deployment, prioritizing Outlook-heavy desktops and SharePoint farms.

Microsoft Exchange and SQL Server

The pattern inverts from May: SQL Server receives nothing (no patches at all), while Exchange Server — absent in May — returns with a consolidated security update carrying seven CVEs for on-premises builds (Exchange Server 2016 CU23 and Exchange Server 2019), plus one cloud-side critical:

• CVE-2026-45504 — Exchange Server — Elevation of privilege (CVSS 8.8). The headline on-premises entry.
• CVE-2026-45503 and CVE-2026-47631 — Exchange Server — Information disclosure and spoofing, each CVSS 8.1.
• CVE-2026-45583 — Exchange Server — Remote code execution (CVSS 7.5), with three further spoofing/information-disclosure entries (CVE-2026-45500, CVE-2026-45501, CVE-2026-45502) rounding out the set.
• CVE-2026-48579 — Exchange Online — Information disclosure (CVSS 9.1, rated critical) —  addressed service-side, no customer action.

Microsoft also revised the May Exchange spoofing entry (CVE-2026-42897) to point at this same June security update, with the recommendation to install “as soon as possible.” Add the June Exchange SU to your Patch Now schedule.

Developer tools

Microsoft released 10 CVEs across its developer tooling this month, all rated important —  though the top score outranks most of this cycle’s criticals, and the concentration in Visual Studio Code (seven of 10 entries) continues last month’s pattern:

• Visual Studio Code — seven entries led by CVE-2026-47281, an elevation of privilege at CVSS 9.6 —  the highest developer-tools score in months. Behind it: CVE-2026-45482, a security feature bypass in the GitHub Copilot Chat extension (CVSS 8.4); CVE-2026-47292, remote code execution in the MSSQL extension (CVSS 7.8); a second elevation of privilege (CVE-2026-40376, CVSS 7.5); and security-feature-bypass, tampering, and information-disclosure entries (CVE-2026-48569, CVE-2026-47287, CVE-2026-47284).
• Microsoft .NET on Windows has three entries: CVE-2026-45490, a .NET SDK elevation of privilege (CVSS 7.8) across .NET 8.0, 9.0, and 10.0; CVE-2026-45591, an ASP.NET Core denial of service (CVSS 7.5); and CVE-2026-45491, a .NET tampering issue (CVSS 6.2).

Add these Microsoft updates to your standard developer update release plan.

Adobe (and third-party updates)

Adobe released APSB26-63 for Acrobat and Reader this cycle, fixing critical code-execution flaws; Adobe reports no exploitation in the wild. Add it to your standard third-party schedule. This is a big (fat) Windows update this month (and yes, I think that AI has something to do with the number of these patches). 

Good luck with your deployments.

An intruder has breached the French government’s encrypted messaging service, Tchap, showing once again that human error is a weak spot in any security system.

Tchap was developed in France as an example of national sovereignty and was designed to be a more secure option than WhatsApp for communication between government employees.

In this case, it wasn’t the technology that was at fault, but a user: The intruder gained access to the system by taking over their account, according to DINUM, the French government’s interministerial digital directorate.

DINUM said it has blocked the affected user’s access and is investigating how much information has been revealed. While the system’s encryption was not broken, the intruder would have been able to view unencrypted public chat rooms accessible to the account taken over, potentially affecting 73,467 of the system’s 825,000 users, DINUM said.

That matches at least part of a post on X (formerly Twitter) reporting the intruder’s claim to have accessed the account of a Tchap user in the education sector through social engineering, exposing 73,467 user accounts, 643,459 messages, 876 chat rooms with message history, and 59,386 media files totalling 13.51 GB, including references to documents marked “Diffusion Restreinte” (restricted distribution).

DINUM said that it had reminded all Tchap users that public chat rooms are accessible to any user and are not encrypted, so all participants should refrain from any sensitive or confidential information.

This article first appeared on CSO.

Microsoft’s president, Brad Smith, has reacted to student discontent with AI, telling today’s graduates that there is still a place for human creativity.

Students across the US have booed speakers who talked up AI at their graduation ceremonies in recent months, including Google’s former CEO Eric Schmidt, the CEO of a record label, and a real estate executive.

Smith hasn’t ventured out onto a podium to share his views, but in a lengthy blog post, AI, Jobs and the Next Generation, acknowledged students’ concerns about their futures.

He said that, just as painting survived the arrival of photography, so will the job market survive the arrival of AI. “While it may feel unfair that the job market is so uncertain, you were made for this moment. Technology is second nature to your generation. Constant change has taught you how to adapt quickly,” he wrote.

He also used the blog to promote a book written by his colleagues Ryan Roslansky and Aneesh Raman on how to get ahead at work in the age of AI.

The corporate world will see massive changes, he said: “This includes AI automation of tasks in current entry-level positions and, especially in the tech sector, corporate pressure to reduce headcount to help pay for AI’s enormous capital expenditures.”

Some of those changes are already here. In the past six months, we have seen massive job losses at Oracle, at Meta and at AWS. There are no signs of any let-up: Last month saw the tech industry shed more than 38,000 jobs. Students contemplating their future will find little comfort in Smith’s optimistic words, particularly as his essay shows that Microsoft is not making any changes to its AI program going forward.

Apple’s executives have been taking questions, hosting seminars, seemingly working around the clock to stress one very important thing: Apple is not using a white label version of Google Gemini to make Siri AI happen. They just pooled resources to get there. 

The new Siri AI is faster, more accurate, offers powerful contextual capabilities and shows how Apple has leap-frogged into a good peer position in an AI race critics felt it had already lost. Its market scale — even without the EU — is huge. For most consumers, Apple Intelligence and Siri will continue to be their primary/first engagement with artificial intelligence on a device.

Getting there took a lot of work, and Apple needed Google to get it done. Though there is still some confusion about what that means, Apple’s software chief tried to explain it this week. “We use none of the models that Google deploys to their customers, nor do we use the infrastructure and means by which they employ models to their customers,” Craig Federighi said in a presentation at WWDC.

Apple is not even using Google Search as the foundation of its system, he said. “This is the amount of Google Assistant we use,” Federighi said, pointing at an empty chart. “Nothing.”

Apple not Gemini, Siri AI is not Google’s

What makes this hard to understand is that we all know Apple partnered with Google to build Siri AI; back in January, we were told the next generation of Apple Foundation Models would be based on Gemini models and cloud technology. So, how can we have moved from partnership hero to usage zero?

The answer is, we didn’t. What happened is that Apple built its new Apple Frontier Models (AFMs) (the AI inside Siri AI) by training them using proprietary Apple data and reinforcement learning and then refined those models using “outputs from Google’s Gemini Frontier models.”

In other words, Apple used Google Gemini to help improve its own models, which means the models themselves, the AI in Siri AI, are Apple’s — but they were trained with help from Gemini. They are not white label iterations of those Google models. 

Apple also hit a second snag. Its very best model (AFM 3 Cloud Pro) requires more processor power to run than Apple could deliver using its own cloud-hosted Private Cloud Compute servers. Now, we know Apple doesn’t like using other people’s stuff. But it’s a realistic company that understands it sometimes must, and just as it uses AWS to support some of its services, it moved to adopt Google cloud services and Nvidia processors to drive the most demanding requests.

Apple A question of trust

Apple also developed a technological solution that means it can claim the interaction remains just as private as if it were run on your device. Apple has made it possible for independent security experts to confirm this and says it is the only company that can deploy software on those servers, with strong security to ensure your device only interacts with those servers when you want it to. So far, no one has broken this protection. 

I came across an interesting report in which Tekonyx Founder and Chief Research Officer Sid Nag explained the significance of Apple finding a way to expand its Private cloud Compute infrastructure beyond its own data centers.

“Apple is effectively arguing that trust in AI systems should come from cryptographic and architectural guarantees rather than trust in the cloud provider itself,” he told Fierce. Where enterprises have faced a choice between access to powerful AI or privacy, Apple has introduced a new solution he called “portable trust.” This could conceivably become a new IaaS offering from the companies involved over time.

Working together for the benefit of all

So, while Apple’s models were built with Google’s help, and while its most advanced models run with support from Google and Nvidia, the models are Apple’s alone. 

It’s good for Google, of course. Apple is paying for this use, which helps the search giant claw back some of the value of its massive, muti-billion-dollar AI infrastructure investment. It’s not clear how much Apple is paying; earlier this year, the $1 billion figure was bandied around. But Apple’s decision to tie usage to iCloud subscriptions in some hitherto undisclosed way hints that the deal may also see some token-based usage charges on top of the basic Apple fee. I’ve not come across any details, but that’s what I surmise based on the size of Apple’s ecosystem and the growing realization of how quickly users can consume AI capacity.

What AI models is Apple running?

AFM 3 Cloud Pro is one of five Apple Frontier Models driving Siri AI.  Here’s how Apple describes those five models:

On-device models

• AFM 3 Core, the next generation of Apple’s 3-billion-parameter dense model. You’ll use this for basic text generation, summaries, conversational replies, all the standard uses. It can also handle indexing, search, App Intents, basic dictation and contextual awareness.
• AFM 3 Core Advanced, the most powerful on-device model. This is what makes Siri’s voice match mood or context, does all the high-accuracy dictation, and can process various data to handle tasks across different apps. It’s the AI driving your more involved Siri conversations. 

AFM Core Advanced is impressive in its own right, because Apple has managed to cram a 20-billion-parameter model onto a smartphone. It has done this by using a sparse architecture, which means it activates just 1 to 4 billion parameters at a time depending on the request. It is, however, only available to Apple’s most powerful systems — iPhone 17 Pro, iPhone 17 Pro Max, iPhone Air, M4 or later iPad, M3 or later Mac with 12GB+ memory.

Server-based models

• AFM 3 Cloud, which Apple calls its server-side workhorse, optimized for speed, efficiency, and performance.
• ADM 3 Cloud (Image), for image generation and editing, which unlocks advanced photo-editing tools, the all-new Image Playground, and more.
• AFM 3 Cloud Pro, the most capable server-based model, which powers the most demanding use cases, like agentic tool use and complex reasoning.

All five were built using the same common foundation, which was then specialized to reflect the proposed use of that model. It’s interesting to look at the human evaluation tests Apple ran to test how well these models performed; they demonstrate impressive improvement on the company’s original models, effectively justifying the decision to work with Gemini.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and subscribe to The Core.

Several trends are now converging that threaten to pit tech companies against the general public. 

Miniaturization has finally enabled companies to build AI glasses that look and function like normal glasses, but with microphones and cameras. People are increasingly talking to AI, rather than typing. And multimodal input, especially video, is on the rise. 

Put all of these trends together and you get a nascent industry pushing toward all-day, everyday AI glasses with cameras — and a worried public already pushing back at  the idea.

Let’s look at how we got here.

Meta started it with a surprise hit: its second-generation Ray-Ban Meta glasses, which later gained multimodal AI capability. Its Meta Ray-Ban Display glasses add one in-lens screen — but both versions of the glasses have cameras. (The company is working on a third generation that will probably ship next year.)

Google provides the AI and software platform through Android XR and Gemini, partnering with hardware makers to put its AI on other companies’ glasses. At Google I/O last month, Google unveiled frames from Gentle Monster and Warby Parker running Android XR with Gemini AI; they’re scheduled to launch this fall. Google is working on two types of AI glasses, one with screens and one that is audio-focused. Both types have cameras, though. 

Samsung is working to launch AI-powered smart glasses, too, code-named “Jinju.” The company offered up details at Google I/O alongside Google. The glasses feature a 12-megapixel camera with autofocus; run on Android XR with Gemini AI; are co-designed with Gentle Monster and Warby Parker; and are slated to launch in July at the Samsung Unpacked event. 

(As with Meta and Google, Samsung is working on AI glasses with and without screens, but both of its models have cameras.)

Tech giant Apple is also on the glasses train, based on reporting from anonymous insiders. Codenamed N50, the Apple glasses could have two cameras, one for pictures and videos, the other for multimodal AI input and hand-gesture control. (Apple is also working on a pendant and next-gen AirPods, both of which have cameras.) 

There’s Amazon, which is reportedly developing a new line of consumer AI glasses with a camera after its earlier, camera-less Echo Frames and Carrera Smart Glasses lines failed. (My guess is the problem was Alexa, not the lack of cameras.) Although its Echo Frames have been effectively discontinued — displayed as sold out online — the company is already testing AI glasses with cameras for enterprise use on hundreds of US-based Amazon drivers. 

Amazon Smart Delivery Glasses

Amazon

Huawei in April launched its AI Glasses for the Chinese market — the lightweight glasses sport a dual-engine AI architecture and integration with its HarmonyOS ecosystem. It’s joined there by Xiaomi’s AI Smart Glasses, which are powered by the company’s HyperOS ecosystem and have cameras for photos and videos and for for reading QR codes. 

Beyond those well-known firms, other companies are making daily-wear AI glasses with cameras in them, including XREAL, Rokid, TCL, Solos, and Brilliant Labs.  

A minority of other companies is focused on glasses without cameras, including Even Realities (G1 and G2); MIRA (MIRA glasses); Dymesty (Dymesty AI glasses); Lucyd (Lucyd Lyte); and Huawei (Eyewear 2).

Get the picture?

Clearly, by the end of the year, the market will be flooded with all manner of AI glasses designed for everywhere, everyday wear. They can use prescription lenses or serve as sunglasses — and most of them will have cameras built in for photos, videos and multimodal AI. 

There’s just one problem: The public hates AI glasses with cameras.

Return of the ‘Glassholes’?

As we learned from Google Glass, a lot of people feel uncomfortable with a camera pointed at them while they’re talking to someone. And that backlash is back with the current generation of AI glasses. 

Because Meta is the market leader in the US, its Ray-Ban Meta glasses have borne the brunt of early disaffection. 

Texas Attorney General Ken Paxton recently launched a formal investigation into Meta’s AI glasses, calling them “a privacy nightmare for Texans,” claiming the devices “can easily invade personal privacy by collecting biometric data and recording Texans without their knowledge or consent.” 

Paxton also claimed the LED light on the glasses, which is designed to alert others that the camera is taking pictures or videos, can be easily defeated. In fact, some modders-for-hire charge up to $100 to physically destroy the LED and TikTok videos describe how to disable or cover the light. 

The pushback is happening elsewhere. Philadelphia courts banned smart Meta AI glasses with recording features from city courthouses and a petition is circulating to ban them from New York City bars and restaurants. MSC Cruise Line banned smart glasses in all public areas. And restaurants, gyms, and workplaces have begun banning smart glasses because of the camera. 

Uncertainty drives some of the concern. People don’t know whether they’re being recorded, and if they are, they don’t know who will see the video. It turns out, those  suspicions might be warranted. 

In February, Swedish publications Svenska Dagbladet and Göteborgs-Posten published an investigation that found Meta contractors in Kenya were reviewing footage from Ray-Ban Meta smart glasses — including “bank details, sex and naked people who seem unaware they are being recorded.” 

The New York Times published an internal Meta memo in February describing plans to add facial recognition (“Name Tag”) to Ray-Ban Meta glasses. The memo said the “political tumult in the United States would distract critics from the feature’s release.”

Then earlier this month, WIRED discovered dormant facial-recognition code called “NameTag” hidden inside Meta’s AI companion app. The code would let Ray-Ban Meta glasses identify strangers by face, a feature Meta publicly claimed “does not exist.” Meta quietly erased the code with an update one day after the exposé was published.

A coalition of civil society organizations wrote Congress to demand that Meta abandon its Name Tag facial recognition plans, calling it a “creepy and unacceptable escalation of surveillance.” The letter warned the technology could be adopted by law enforcement to surveil immigrants, people of color, and nonviolent protesters.

Finally, a range of reports involving AI glasses with cameras in them has emerged in recent months involving secret recording, harassment and extortion. 

The coming conflict over face cams

On one hand, all the biggest consumer electronics companies are either shipping AI glasses with cameras in them or planning to do so — and many smaller companies are looking to do the same. The industry expects AI glasses with cameras to go totally mainstream. 

On the other hand, a growing public, legal and legislative backlash has erupted in opposition to AI glasses with cameras in them. 

One possible outcome is that the public disdain for the cameras will fade, overwhelmed by widespread enthusiasm for the benefits they offer. A new social norm might emerge that mirrors the broad acceptance of everybody having cameras in their phones and pointing them in random directions. 

Another possibility is that companies will be forced by consumer disdain and legal action to abandon cameras in glasses and focus instead on AI glasses that can’t take pictures or use video for multimodal AI input. 

Either way, the war is surely coming. 

A German court has sparked a legal controversy by ruling that Google is responsible for defamatory comments generated by its own AI system. The search giant had argued that it couldn’t be blamed for the false results, but a Munich court has deemed that not to be the case and has ruled in favor of the two unnamed plaintiffs, both publishing companies, who the Google AI Overview inaccurately said engaged in shady business practices.

Google is required to remove the comments and ensure that they are not repeated. The case is certainly going to raise some questions globally. Will this mean that other courts are going to rule against AI vendors?

Bernhard Buchner, a partner at Lausen Rechtsanwälte, the legal firm that acted for the plaintiffs, said, “I believe it shows that online providers such as Google cannot hide behind the fact that a statement was generated by AI, but rather that they can be held liable for its output. It is an important step towards ensuring that providers of AI systems have to take responsibility for their outputs.”

So, does this mean that the decision could be replicated in the US or elsewhere? Alex Shahrestani, managing partner at Austin-based Promise Legal, said, “the short answer is ‘yes’:  the Munich ruling travels, because US courts are already making the same move.”

He explained that Section 230 of the US Communications Decency Act, which has been applied to protect online service providers like social media companies from lawsuits based on their decisions to transmit or take down user-generated content, was built for computer bulletin boards, “not for a model that writes its own answers. Once the AI is the author, the company is the publisher.”

This means, he said, “businesses now need named humans at accountability nodes, verification gates before AI output ships, and audit trails that survive discovery, because ‘the model recommended it’ is a legally empty sentence.”

Does the decision mean that other AI providers could find themselves in the same position? Buchner believes it’s possible, although, he said, the situation in this case is unusual; it does not involve a classic chatbot scenario, but one where the AI-generated statements are published as an ‘AI overview’ of a search query.

“Google’s liability here is based not so much on the fact that it operates the underlying AI, but rather on the publication of its output. However, it seems entirely conceivable to me that this could also be applied generally to inaccurate or defamatory AI,” he pointed out.

Nonetheless, said Carolyn Shelby, head of SEO at Yoast, the German ruling should ensure that companies will be more circumspect in how they handle AI in the future, to protect themselves from any legal action. The first thing they should do  is to separate low-risk use of AI from major decision-making.

“Using AI to summarize meeting notes, brainstorm campaign ideas, or create a first draft of something is very different from using it to make decisions about customers, employees, finance, compliance, health, legal claims, competitive positioning, or public communications,” she noted.

She pointed out that the effects of AI use could be devastating for companies. “The consequences could include customer complaints, reputational damage, regulatory attention, legal claims, correction costs, loss of trust, and internal disruption,” she said. “Even when a mistake does not become a lawsuit, the operational cost of correcting bad information can be significant.”

However, she noted, things may not change immediately.  “Many companies will wait until there is a high-profile court case, regulatory action, or major corporate embarrassment before they take this seriously. That is usually how governance catches up with technology. But the better-run organizations will start treating AI governance as part of normal business risk management now.”

And, said Shahrestani, after the Google decision, everything has changed. It will become more important to ensure that employees remain part of the process.

Under-the-hood AI changes and efficiency improvements at the OS layer across Apple’s platforms are certainly the highlights at WWDC 2026. But there have also been significant changes IT admins will need to prepare for, particularly around Declarative Device Management (DDM). 

The Intel age is over

Apple warned us this was coming, but macOS 27 will not support Intel at all. The company will deliver three more years of security updates for those devices, and you will still be able to use Rosetta to get Intel app binaries to run legacy apps on Apple Silicon. But if you still rely on any Intel apps or Macs, it really is time to plan your upgrade.

DDM becomes the present

It was the future once, but when it comes to Declarative Device Management (DDM) that future is now. Apple is removing all its legacy MDM mechanisms to replace them with DDM. “For IT admins, WWDC 2026 is a migration year,” wrote Fleet. “Apple is removing legacy MDM mechanisms and replacing them with Declarative Device Management (DDM). Some of it is urgent. Some of it just needs a plan.”

It’s a great step, though IT admins will need to ensure they aren’t relying on legacy MDM to handle any of their device fleets. That’s a particular issue around software and security update management. In most cases, your MDM provider has probably already introduced DDM support. But if you aren’t certain, now is the time to find out before your systems fail.

Apple has also added new DDM tools across various systems, apps, identities and more. Some of the highlights include:

• VPN and Network configurations can be provisioned using DDM; they also become credential-reliant, which should make management more streamlined.
• Apple Intelligence, Siri, and keyboard settings can also be configured via DDM, and admins can manage individual Apple Intelligence tools. 
• Web content filter and content caching both become controllable with DDM.
• A new privacy key lets IT manage things like camera or microphone access.
• Apple has added a device system health reporting function to verify that hardware components on iPhone and iPad are genuine.
• IT will be able to detect whether a device is in Lockdown Mode.

“One of the new features I’m most excited about is the ability to set permission defaults for managed apps and websites viewed in Safari,” said Adam Henry, senior product manager at Iru. “While the user is still prompted to allow these permissions, we can now present those requests as a unified prompt immediately upon app launch, along with a custom explanation as to why those permissions are important — think a teleconferencing app or website that always needs access to camera and microphone.

“Overall, I think this is a much more user-friendly solution that will likely increase permission compliance.”

Siri and AI

Although, Apple has introduced new management tools for AI, it’s important to remember some advice from Joel Rennich, senior vice president for product management at JumpCloud: “Traditional IAM models assume users directly interact with applications, but agentic systems change that assumption. AI intermediaries can now retrieve data, execute workflows, and make decisions across systems. Enterprises will need identity frameworks that govern both human and non-human actors consistently.”

He also noted: “The separation between where data lives and where it is used becomes increasingly invisible to the user. Intent becomes the primary input, not app selection.”

At the same time, the evolution of AI on Apple’s devices promises a lot for enterprise users. Matt Vlasach, Jamf senior vice president, enterprise products and solutions engineering, told me: “Most notable for me was Siri AI and the push towards on-device and more capable models that can do more with user context. While obvious for consumer use cases as illustrated in the keynote, the opportunity to evolve this to the work context using a more advanced Apple Intelligence framework is an exciting evolution.”

Farewell AFP

Apple has finally eradicated Apple Filing Protocol (AFP) in macOS. This will be an issue for any business that uses legacy Time Capsule or NAS storage devices, though in most cases those products are already obsolete and should be replaced. This is unlikely to be a huge challenge for most, given that Apple began using SMB as its primary file sharing protocol back in 2013 and support for AFP server disappeared in 2020. (Time Capsule fans might want to take a look at the TimeCapsuleSMB open-source project.)

Hello AppleCare log collection

Apple will introduce a new remote log collection capability that integrates directly with the company’s support infrastructure. So, when AppleCare support engages with an organization’s IT team, they can provide an enhanced logging token which can be shared to get the device to collect diagnostic logs to upload to AppleCare. You just know this will expedite remedy.

Single Sign-On improvements

As I noted here, there are some significant Single Sign-On (SSO) updates; two that caught my eye include:

• IT can now insist on biometric as well as password ID on managed devices.
• Authenticated Guest Mode with Platform SSO allows users to quickly and securely login to a shared Mac in a temporary session.
• Platform SSO on macOS 27 adds web-based authentication.

Network and more

Another change affects the system processes used in device management at a network level. Apple now requires that you use TLS 1.2 or later. If you or your MDM systems are not doing so, get ready for things to break. (Apple has published a support article to help IT test their network environments in preparation for this change.)

Apple also announced that IT admins will be able to purchase and manage app subscriptions directly in Apple School Manager and Apple Business Manager. And it introduced a managed migration feature that should help migrate data, while preserving device management enrollment and settings. 

More information

I’ve really only offered a flavor of some of the IT improvements introduced at WWDC. To find out more, watch the Apple sessions on “What’s new in managing Apple devices” and take a look at the Apple Platform Deployment guide; it should be updated before the new operating systems ship this fall 

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and subscribe to The Core.

When it comes to AI deployments, IT leaders are often caught in an awkward middle space, trying to reconcile conflicting directives from senior management with constantly changing AI models, capabilities, and costs; data governance and security needs; and the limitations of their own team.

“Very few real benefits can be attained by simply purchasing an AI product and giving it to employees. Vendors have been overselling that fallacy for the past three years,” said Nader Henein, a Gartner VP analyst.

“The reality is that strong AI value and consistent ROI are almost always a result of deep and intentional integration of AI capabilities into existing workflows. For that you need specialized teams, which do not come cheap, and organizations have been recruiting those teams in a variety of ways,” Heinen said.

Among the options available to IT leaders looking for help with AI deployments are traditional IT consultancies, AI-specific consultancies, and independent contractors. Large enterprises with deep pockets can consider acquiring an AI firm and integrating its technology and expert staff. The use of open source to reduce vendor lock-in is a strategy that can sit on top of those others, an approach that Capital One has used. 

But the option that has been getting the most attention recently is bringing in forward-deployed engineers (FDEs), teams of experts from AI vendors that embed with a customer’s in-house engineers to oversee AI rollouts within the enterprise environment. Both OpenAI and Anthropic have recently announced FDE offerings, for example, and Microsoft is partnering with consulting giant EY in a new FDE program for agentic AI deployments.

Engineering teams employed by AI vendors have key strengths, such as understanding their models better than anyone else, having experience integrating those models into different types of enterprise environments, and knowing about upcoming model capabilities before they’re announced. But they also have the obvious drawback of vendor lock-in. Even if future rollouts are not within their contracted deliverables, those vendor employees could subtly influence a client’s future AI efforts. 

Flavio Villanustre, CISO for LexisNexis Risk Solutions, cautions IT executives to move into FDE programs carefully. 

FDEs “are financially incentivized to grow customers’ use of a vendor’s AI products and to create stickiness with that vendor’s services,” he said. “While FDEs may be a reasonable value-added service by the AI vendor, customers should always find other unbiased expert opinions that can evaluate competitive solutions across multiple vendors.”

This is particularly important at a time when “investor-subsidized AI token business models are starting to show cracks,” Villanustre said. “Also, in the current rapid pace of innovation in this field where AI vendors are constantly leapfrogging each other, retaining the agility to move from one vendor to the next could create significant competitive advantages.”

Analysts, consultants, and other industry experts who spoke with Computerworld about FDEs echoed Villanustre’s caution, citing concerns around hidden costs, confidentiality, observability, and vendor lock-in.

Long-term costs and vendor lock-in

A key issue that IT executives need to consider is how long the FDE teams will be needed. The enterprise will likely need an ongoing series of AI deployments synced with the current AI model(s). If help is needed today, why would that change tomorrow?

Enterprises tend to overlook those longer-term costs, said John Sangyeob Kim, an AI engineer at software development vendor Solidroad.

“Deployment is maybe 20% of the total cost. The other 80% is keeping the system running through model upgrades, data drift, and edge cases that only appear after months in production,” Kim said. “Most contracts price the first part and assume the rest. Deployment isn’t the hard part of enterprise AI anymore. The next eighteen months are.”

And whether it’s intentional or not, FDEs will naturally favor their own product portfolio — it’s what they know best.

“FDEs from model labs are good at making their own models work in your environment. They are less suited for multi-model systems, because their incentive is to keep you inside their ecosystem,” Kim said.

Sanchit Vir Gogia, chief analyst at Greyhound Research, said IT leaders should look at the FDE model as a strategy involving ongoing operational power. 

“Whoever shapes the deployment pattern shapes the enterprise’s future muscle memory. Whoever owns the evaluation layer owns the truth layer. Whoever controls the integration logic controls the dependency map,” Gogia said. “This is why the FDE model matters. It is not just another delivery option. It is the frontier AI vendor moving closer to the customer’s workflow, operating model, and decision architecture.”

That proximity cuts both ways, Gogia noted. “FDEs are embedded inside the customer’s [environment], but they are also connected to the vendor’s commercial center of gravity. Their instinct will be to build around the model family, tooling assumptions, deployment patterns, and product roadmap they know best. This is perfectly natural. It is also precisely why CIOs must be cautious,” he said.

Allowing AI vendor employees an outsized say in enterprise deployment decisions could lock in model vendor dependency, which in turn will fuel high prices that can’t be fought effectively.

“FDEs can accelerate deployment and deepen dependency at the same time,” Gogia said. “Frontier AI vendors are no longer content to sell access to models. They increasingly want to shape how enterprises deploy intelligence. That is a larger prize.”

What happens when the FDE team leaves?

FDE post-departure risks are severe and often underappreciated, according to Justin Greis, CEO of consulting firm Acceligence and former head of the North American cybersecurity practice at McKinsey.

For one thing, the FDE team learns a massive number of operational details from the enterprise deployment. Although NDAs and confidentiality contracts protect any data accessed, they often don’t regulate observed processes and procedures. 

“The learnings are absolutely going to be taken from client to client,” Greis said. “Whoever helps deploy AI will learn far more than what appears in the statement of work. They will learn the real workflows, the undocumented exceptions, the data-quality gaps, the approval bottlenecks, the security workarounds, and the places where the business depends on a few people knowing what to do when the process breaks. That knowledge may be as sensitive and precious as the data itself.”

Another critical but often overlooked issue is how much meaningful control will IT have over the project if and when the FDE team leaves.

“The danger is not using outside help. Most companies will need outside help,” Greis said. “The danger is using outside help in a way that leaves the enterprise less capable and more dependent when the engagement is over.”

It is precisely those operational decisions that IT often neglects, said Solidroad’s Kim.

“The best predictor of success is not the vendor. It is whether one internal engineer truly understands the system before the implementer leaves. What matters is who owns the evaluation loop after the demo,” Kim said.

“What happens to our prompts, scorers, and guardrails when the model version changes? If we paused this engagement tomorrow, what would actually stop working, by design or by accident?” Kim asked. “Where do you want the enterprise’s AI learning, control, and dependency to live after the engagement is over?”

Kim argues that observability — the ability to understand and manage all elements of a complex enterprise environment — is a critical function to which IT often gives insufficient attention. Determining whether the project uses the enterprise’s observability stack or the vendor’s observability stack is crucial.

“If the implementer is using their observability stack, that is fine during the build, but you need a plan to migrate it to something you own before they leave; otherwise the visibility walks out of the door with them,” Kim said. “If they are using yours, that is the best case. It means they are working inside the system your team will operate long-term.”

A major problem crops up when they are using neither the enterprise’s nor the vendor’s observability stack. “Neither means they are building the system without any production observability layer at all, and you inherit a system you cannot see into. The first time something breaks in production, you have no traces, no failure history, and no way to tell whether the issue is a model regression, a data problem, or a code bug,” Kim said.

“If observability was not a priority during the build, evals and regression testing usually weren’t either, so you are inheriting a system you cannot measure and cannot safely change. That’s the worst possible handoff position,” he said.

Weighing the alternatives

While the FDE approach is not new, it is just now beginning a surge in popularity, and there are a finite number of such specialists available. That means not all companies even have the option of using FDEs.

This availability disconnect is especially prominent for non-US deployments, where on-site FDEs are rarer, said Gartner’s Henein. “Where is the development happening? There may not be FDEs available in that region,” he said. 

There are plenty of other places enterprises can turn to for AI help. Ishraq Khan, CEO of coding productivity tool vendor Kodezi, encourages IT executives to consider a wide range of options but notes that all approaches have major drawbacks.

“Traditional consultancies are usually stronger at governance, process, compliance, and organizational coordination. They know how large enterprises operate politically and structurally. The downside is that many move slower and often lack deep frontier AI specialization,” Khan said.

Gogia from Greyhound Research put it more colorfully: Traditional IT consulting firms “know how to get legal, risk, security, finance, HR, and business units into the same room without anybody setting fire to the carpet. For regulated enterprises, that matters,” he said.

Specialized AI consultancies have a different set of strengths, Khan said. “AI-native consultancies move much faster and are often more technically current, but many are still immature operationally. Some can build impressive demos without fully understanding long-term maintainability, governance, or production reliability.”

Greis from Acceligence commented on two other options for bringing in outside AI help. Using an independent contractor “can be great for eval design, architecture reviews, red teaming, agent design, or getting a stalled team unstuck,” he said, but it can increase the risk of “key-person dependency,” where a single external person is the only one who understands the system.

As for purchasing an AI firm and onboarding its employees, a practice known as “acquihiring,” Greis said it can work well when the AI capability and expertise being brought in are truly strategic for the acquiring enterprise. But there is a risk that the acquired team will be smothered by the parent company’s bureaucracy: “You buy a speedboat, bolt it to an aircraft carrier, and then wonder why it stopped moving,” he said.

Finally, an open-source strategy can give companies flexibility and reduce vendor dependence, but “many companies underestimate the operational burden that comes with it,” Kodezi’s Khan said. “Open source only helps if the organization has the internal talent and discipline to maintain it properly.”

Bottom line: enterprises need to define their true objectives before deciding on an approach. Khan offered several key questions for CIOs to consider: “Who owns the deployment after implementation? Can we move providers later without rebuilding everything? What happens if the vendor relationship changes or disappears? Are we optimizing for short-term deployment speed or long-term operational resilience?”

In any scenario where outside firms have direct access to enterprise systems, IT needs to be kept fully in the loop. “The worst outcome is when an enterprise successfully deploys AI but no longer fully understands how its own systems operate underneath,” Khan said.

External help for AI deployments: 6 options ProsConsAI vendor FDEs+  Best expertise on the main model being used–  Vendor lock-in

–  Operational detail leaksTraditional IT consultancies+  Best understanding of change management, legacy integration, global rollout, governance, and operating-model redesign–  Can be too slow, too expensive, or too genericAI consulting firms+  More practical AI deployment experience than traditional consultants

+  Less vendor lock-in than model-provider FDEs–  May not sufficiently understand enterprise-grade requirements: security, identity, auditability, compliance, incident response, cost controls, and long-term maintainabilityIndependent contractors+  Useful for precision tasks: eval design, architecture reviews, red teaming, agent design, or getting a stalled team unstuck–  Risk of ‘key-person dependency’‘Acquihiring’ an AI firm+  Works when the acquired capability is truly strategic–  Acquired team can be smothered inside existing bureaucracyDeploying open-source products+  Reduces dependency on one model vendor

+  Attractive for data sovereignty, control over enterprise systems, cost efficiencies, and regulated environments–  Enterprise takes on full responsibility for security, patching, evaluation, deployment, monitoring, and lifecycle management Source: Acceligence

Related reading:

• Here’s one career emerging from the AI shift: ‘forward-deployed engineers’
• The forward-deployed engineer: Why talent, not technology, is the true bottleneck for enterprise AI
• The new AI lock-in

Heads-up, my fellow Android-appreciating animals: Google’s in the midst of rolling out a subtle change to its privacy settings that’s well worth your while to notice.

The change includes a new clause that says the company can use images, files, video, and audio from your interactions with Google Lens, Search, and Gemini Live to train and improve its AI models.

By default, that switch will soon be on and active for your account.

But with about 20 seconds of one-time effort, you can opt out and flip it off (both literally and metaphorically, if you’re so inclined) once and for all.

Lemme show ya how.

[Get level-headed knowledge in your inbox with my free Android Intelligence newsletter. Something new and useful every Friday — from my keyboard to your email.] 

Google’s new AI training privacy default

First things first — the nature of the change: According to Google, starting in the next few days, a new “Search Services History” section within the general Google account settings will lead to a significant-seeming policy shift. As per an email the company sent out to users this week:

Your media [will now be] saved when Search Services History is on. Saved media includes your images, files, audio, and video from your interactions with Search services to help improve your experience. … Your saved media is also used to develop and improve Google services and technologies, including AI models and safety measures.

Riiiiiiiiiiight.

Now, to its credit, Google does say the data will never be associated with your account or identity once it’s used for these purposes, and it’ll rely on “filters” to “automatically remove a broad range of identifying info or sensitive personal information.” But still, whether you’re working with important corporate info or simply put off by the idea of your personal media being fed into the AI training machine, this may be news you aren’t exactly thrilled to hear.

If you’re finding AI increasingly creepy or you’re just not so keen on knowing whatever media you submit to search-related services will be used to train and develop AI for the future, now’s the time to proactively speak up and change your Google account settings to shut down this setup before it begins.

That, unfortunately, is where things get slightly complicated — ’cause for most of us, this new Search Services History section doesn’t seem to be present and available just yet.

But that doesn’t mean you’re plum out of luck.

Your 20-second opt-out roadmap

To start on your AI training opt-out adventure, make sure you’re signed into whatever Google account you rely on for work and/or personal purposes, then head to the Google Activity Controls page and see if you see a section there called “Search Services History.”

If you do, this is especially easy for you: Just use the option right then and there to disable the “Save Media” setting within that section, which will stop any media files from being saved and used without eliminating the entire history of things you’ve searched. (If you’d rather eliminate all of your Google Search history from being saved and used even for your own future discovery and recommendations, you can also opt to turn that entire section off. Just be aware that it may have some wide-reaching effects on the personalization you see across a lot of Google services.)

If you don’t see that section — and, again, that appears to be the case for most of us at this point — you’ve got two options for the moment:

1. You can completely disable all of “Web & App Activity.” Google says if you do this, once your account transitions over to the new approach, all of those “Search Services History” settings will stay off as well. Just be aware that doing so will prevent any and all search history from being saved for you from here on out — which, again, means you won’t be able to revisit your search history yourself and won’t see suggestions and personalization based on past searches throughout Google apps in the future.
2. If you want to avoid entirely eliminating all of your search history, you can for now uncheck the boxes only for “Include voice and audio activity” and “Include Visual Search History.” That’ll stop search-related media from being saved to your Google account for the time being — though I’d also suggest setting yourself a reminder to look back at that same page once a week or so until you see “Search Services History” appear and can confirm that “Save Media” is unchecked as a result of that previous preference. Right now, Google isn’t explicitly saying that such a preference will carry over, so I’d put it on yourself to double-check and make sure (and then make the needed adjustment in the new interface, if not).

The choice is ultimately 100% yours — but in this case, it’s up to you to take action and opt yourself out if you aren’t comfortable with the default. It’s an unfortunate position to be put in, but now you at least know what’s happening and how you can make your own decision to take back control.

Find the tips and tools that’ll *actually* help you with my free Android Intelligence newsletter. No hype, no nonsense — just useful new stuff in your inbox every Friday, from one (alleged) human to another. 

While AI is proliferating across the workplace, it is introducing a new productivity paradox: While the technology makes work feel faster, it actually pushes more burden onto employees to provide context, perform quality checks, then rinse and repeat across numerous disparate tools.

This, according to a new survey of 6,000 full-time digital workers by Glean’s Work AI Institute, results in two emerging behaviors: “botsitting,” all the unrecognized work that goes into making AI actually usable; and “botshitting,” shipping AI-generated work that is unverified, not that well understood, or perhaps not even trustworthy. The survey report was co-authored by experts from Work AI Institute, Emory University, Stanford University, UC Berkeley, UC Santa Barbara, UNC Charlotte, University College London, and University of Notre Dame.

“It’s definitely in many ways a vicious cycle that feeds itself,” said Rebecca Hinds, head of Glean’s research center the Work AI Institute, a research collaborative of AI experts. Enterprises need to begin understanding and addressing the “massive, massive human labor that’s at the core of this.”

Workers are using AI more, getting more frustrated

There’s no doubt that AI is quickly becoming a central teammate in the workplace. Glean’s Work AI Institute found that 87% of digital workers are using AI: It is already automating more than a quarter of their work and saving about 11 hours a week.

Still, only 13% say the use of AI has significantly improved their company’s performance, and their time savings are being eaten up by the same technology that is producing them. Employees lose about one-third of their work week (6.4 hours) botsitting: feeding AI context, supervising outputs, debugging errors, cleaning up AI-generated work, and switching between AI tools.

“We’re seeing high, high rates of multiple tool usage, and often those tools aren’t connected,” said Hinds.

In terms of context-feeding, large language models (LLMs) are trained on the vast corpus of the internet, but not always on enterprise-specific data. Thus, employees often have to provide additional information around their company’s products, customers, services, or other details.

“They’re often feeling frustrated when the tools don’t understand enough about day to day work to be useful,” said Hinds. Also, because employees are using multiple tools, they often have to repeat the same prompt over and over.

“It’s exhausting for workers to not only do this, but to have the work be unrecognized, often unrewarded and unacknowledged within the organization,” she said.

Similarly, workers are having to catch outputs that might look polished and finished on the surface, but could be wrong, incomplete, or missing important context. Debugging is the biggest driver of exhaustion, because it is often conducted by people who didn’t necessarily contribute to the initial output, Hinds noted, so they first have to dig up background information.

However, “not all botsitting is bad,” Hinds emphasized. “Certainly, we want workers to have some level of ownership and oversight.”

But when it is unnecessary, it can lead to botshitting, where users ship AI-generated work they haven’t verified because they’re overwhelmed or time-constrained. Sixty-nine percent of users admit to doing so, and 41% say they sometimes deliver work they could not explain if asked. Another 28% blame AI for mistakes they themselves caused.

“Botshitting is offloading your critical human thinking, judgment, and understanding,” Hinds explained. “You’re offloading that work that absolutely needs to remain with the human.”

Workers using multiple AI agents are significantly more likely to do this, she added, because agents are so scalable, and can spiral out of control if they don’t have the right controls or permissions built around them, causing overwhelmed users to give up on their verification efforts.

“You don’t often see the negative impacts until 3, 4, 5, steps down the line,” said Hinds. “Then it requires all of this cleanup work, detective work, to understand where did the agent go wrong.”

Using AI … but not too much

Interestingly, more than half of the workers surveyed said they get more day-to-day help from AI than they get from their managers, and consider it easier to collaborate with than humans.

Still, they seem to be facing a Goldilocks problem when it comes to sharing their use of AI. Among self-identified high AI achievers, 54% are using unapproved tools or using approved tools in noncompliant ways, and 36% are hiding how much AI helps them.

As Hinds explained, depending on the context and the level of psychological safety an organization has provided, it can be “differentially beneficial or harmful” to show you’re using AI, and, on the flip side, to conceal that you’re using it too much, because that might make you less valuable, or perceived as less valuable, she said.

It’s a complicated balance, because, she noted, “there’s massive pressure in so many organizations to demonstrate AI fluency, to demonstrate you’re a power user.”

What successful organizations are doing differently

In fact, the report said, “The companies pulling ahead are doing something different. They aren’t spending a greater share of their AI time using AI. They’re spending a greater share on the work around it: setting context, defining what ‘good’ looks like, building judgment, and deciding what should never have been handed to a model in the first place.”

The most transformative organizations are addressing AI challenges proactively: Providing training and support, treating AI as an opportunity to redesign work, and formally rewarding AI skills. In addition, it noted, the hardest skill to build is knowing when not to use AI.

It is “not just clicks of the tool, not just tokens used, but real skills, real learning,” said Hinds. In addition to investing in workers, these organizations are clearly stating AI strategy and clarifying the “why” behind it. Governance should also be “living and breathing,” with companies continuously re-evaluating policies.

And it needs to happen at every level, top execs included, said Hinds: “It’s being able to see the executives use the technology, sharing both the success stories and the failures.”

Successful companies are also actively using metrics anchored in existing key performance indicators (KPIs). They are measuring quality, efficiency, and employee engagement in different ways, and putting data in the hands of employees so they can assess their own adoption and success.

“It’s less about surveillance and more about feedback in terms of how we work collectively,” said Hinds.

What’s “fascinating but perhaps not surprising,” she said, is that workers are increasingly using AI itself as a teacher, and prefer it over other learning channels. This speaks to the importance of low-code, no-code tools, with low learning curves and organizational context, that are embedded directly into workflows.

“It is starkly different from what we’ve seen with previous technologies,” she said.

This article originally appeared on CIO.com.

Apple Silicon Macs fail at less than half the rate of Intel Macs, dramatically reducing the platform’s already industry-leading total cost of ownership (TCO), according to data revealed by London, UK-based Apple reseller Hoxton Macs.

While it’s true the data is based on a relatively small sample group, it does seem to reflect what the industry in general sees.

Apple’s chip design transforms Mac reliability

The success of Apple Silicon hardware is attributed to its simpler design, which integrates multiple components into a single chip, reducing the number of potential failure points. Additionally, Apple Silicon Macs run cooler, leading to less wear and tear on components such as batteries and USB-C ports, the report says. Across the wider laptop market, most studies show hardware faults affect one in five non-Apple machines over their first three years in use.

This builds on Apple’s enduring record for making good hardware as independent reliability surveys consistently rank the company as the most reliable laptop brand. To some extent, the data reflects the anecdotal experience most Mac users have — their computers seem to last much longer than other systems do, which helps them retain value on the second-user market.

Apple already had a good story to tell in terms of tech support before it introduced Apple Silicon machines. More than a decade ago, Fletcher Previn, then vice president of Workplace-as-a-Service at IBM, told the Jamf Nation User Conference that just 5% of IBM’s Mac-using employees needed to call the help desk; in contrast, an astonishing 40% of PC-using staff had to do so. That difference is significant because it translates into serious differences in cost; each tech support call made by those working on your ailing PC fleet has a price.

That TCO difference prompted Previn to say, “I can confidently say every Mac that we buy is making and saving IBM money.” Years later, as CIO at Cisco, he said the company’s tens of thousands of Mac users experienced five times fewer cyberthreats and nine times fewer virus issues than PCs, and that Cisco needed 33% fewer engineers to manage the Macs.

Those impressive real-world data points reflected Macs in the pre-Apple Silicon world. Those Intel Macs already worked better for longer and required less tech support. This month’s Hoxton Macs data, while based on a much smaller sample group, suggests that this particular advantage has grown even greater now. And it’s not just down to the silicon.

Fewer parts, less heat, fewer failures

Apple has designed its processors to deliver excellent performance per watt. Because these are SoCs (System on Chips) the power requirement to drive all the system components is that much lower, and it means whole categories of component failure are removed. The design also means they use less energy and generate less heat to run, dramatically reducing thermal wear and tear. 

“Fewer parts, less heat, simpler construction: the result is a machine with markedly fewer ways to break,” Hoxton Mac said in an extensive article explaining its data.

>Failure rates are consequential to everyone. Even a small failure rate means some people will end up with Macs that have hardware issues, which is always a problem for those affected. But the low fail rate should be reassuring to the millions of people switching to Apple’s  href="https://www.computerworld.com/article/4180406/after-a-quick-1-1m-sales-macbook-neo-set-to-reshape-the-pc-industry.html">even cooler-running MacBook Neos>. 

Those users might now justifiably look forward to lower running costs from their new computers, combined with good resale rates once they’re ready to upgrade. It doesn’t hurt Apple’s platform loyalty either — making it even more likely those millions of users will stay with the Mac rather than going back to where they were before.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and The Core.

I’ve been using and writing about Microsoft Copilot since it was publicly released in 2023. I’ve reviewed it, written articles about using it more effectively, explained how to curb hallucinations in it and other similar tools, and detailed how to use it in concert with Microsoft 365. It’s also been my go-to generative AI (genAI) tool for personal projects and advice.

But the time has come for me to leave it behind for my personal use. It’s become abundantly clear that for those tasks, Google Gemini is better. Here’s why.

Copilot is inept at solving a tech problem

Like many people who know something about technology, I’m the IT staff for friends and family. I’ve often used Copilot to help solve issues I can’t fix myself. Sometimes Copilot helps. And other times…, well, the last time I turned to it for troubleshooting advice is when I realized it was time to abandon Copilot.

My wife had bought a new iPhone, and I noticed she was receiving texts sent to her email address but hadn’t received any sent to her phone number. I asked Copilot for help.

I won’t go into the details of the wild goose chase Copilot sent me on — I’ll just offer a few lowlights. It first told me, with absolute authority, that there are “only two real explanations” for the problem and asked me to look at several settings to confirm which explanation would fix the issue.

It turned out that neither of the “two real explanations” were the cause. Undeterred, Copilot assured me, again with complete confidence, that it was going to send me “straight to the switch” that would immediately solve the problem.

I tried it. The switch didn’t work. Neither did the “final fix” it promised me. Nor did any of the other many “solutions” if offered after that so-called final fix. For more than an hour, it flailed with utter confidence and utter futility trying to diagnose and fix the problem. 

And then came the final indignity: After doing some digging, I realized Copilot was trying to solve the problem based on an old version of iOS, not the current one on my wife’s phone. When I confronted Copilot about that, it briefly apologized and promised it knew the solution: I had to call the cellphone carrier.

That was it for me. I’d had enough. I turned to Gemini for help. 

Thirty seconds later, Gemini diagnosed the problem and recommended a simple fix, which didn’t require a call to my phone carrier. It worked like a charm. Gemini had solved a tech problem in 30 seconds that Copilot couldn’t resolve after an hour. 

Copilot whiffs on personal research 

I often used Copilot for personal research projects. A recent one involved Parisian neighborhoods in the 1870s. I was looking for information about the area around the Saint-Lazare train station. When I asked Copilot, it told me the area was dangerous and poverty-ridden back then, with poor housing whose exteriors were heavily stained by coal smoke from arriving and departing trains.

That didn’t sit right with me. I recalled a well-known painting Paris Street; Rainy Day by the Impressionist painter Gustave Caillebotte, which depicted the neighborhood in the 1870s as wealthy and fashionable, filled with elegant Hausmann-style apartment buildings. I asked both Gemini and Claude about the neighborhood in the 1870s. They both told me it was expensive, fashionable and sought after by the well-off. I confirmed that with my own follow-up research.

Once again, Copilot had whiffed.

Copilot gives bad scheduling advice

I swim for exercise three or four times a week at my health club’s indoor pool. The club closed the pool for several months, so I decided to swim at the pool of an elementary school a short walk from my house. I hadn’t exercised there before and wanted to find the times on Monday through Friday when the pool would be least crowded. I asked Copilot for help.

As always, Copilot spoke with a solid air of authority. And once again, it was wrong. It told me that the least crowded time for public swimming on weekdays was between 11:30 a.m. and 12:30 p.m. or between 12:00 p.m. and 1:00 p.m.

On one count it was right: the pool would certainly not be crowded with public swimmers at those times. Because the pool doesn’t open to the public until 3 p.m. 

I turned to Gemini, which told me that 3 p.m., when the pool opened, would be the least-crowded time. Claude was no help. It demurred and said it didn’t know the answer – a rare, refreshing admittance of ignorance from a chatbot.

Gemini was on target again — 3 p.m. did indeed turn out to be the least-crowded time to swim. I often get a lane to myself, and at worst have to split a lane with one other swimmer. I asked several lifeguards if 3 p.m. was the least-crowded time on weekdays; they all confirmed it was.

Bye-bye, Copilot

For all those reasons, when it comes to personal research and advice, I’ve abandoned Copilot. I typically use Gemini now, although on occasion, I ask for a second opinion from Claude.

For my Computerworld work, I’ll keep using Copilot, and continue to write reviews of it, offer advice on how to use it and keep you informed about the latest news about it.

But other than that, for my personal use, Copilot is dead to me.

For the past few days, I’ve been immersed in Google’s latest vision of the future — an AI-infused dashboard that taps into info from all of your Google app activity and then uses that data to cook up a series of daily “stories” designed to “connect you with what matters.”

And — believe me, I don’t say this lightly — the experience of interacting with this system has me longing more than ever for the past.

The app is called Dreambeans. Google launched it as an experiment last Wednesday, and I was offered the opportunity to skip the standard waitlist and get immediate access to explore it.

I won’t beat around the bush: Using the app really has been an eye-opening, enlightening experience for me. Just not in the way that Google had presumably wanted.

[Get level-headed knowledge in your inbox with my free Android Intelligence newsletter. Something new and useful every Friday — from my keyboard to your email.]

Google Dreambeans and the next phase of AI

In many ways, Dreambeans feels like the ultimate example of everything Google’s been gunning for — and AI in general has been building up to — over the past several years.

With your permission, the app accesses your ongoing activity data from Google Workspace (including such services as Gmail, Google Calendar, and Google Drive) along with Google Search, Google Photos, and YouTube to create an evolving profile of your life and interests. That means everything from who you email to what’s on your agenda, what you’re writing or saving files about, and what sorts of subjects you’re searching for, videos you’re watching, and activities you and your friends, family, and other associates are appearing in throughout photos (and even how you all look in those photos) gets constantly analyzed and processed and used as fodder for a personalized feed that updates a few times a day.

On the surface, it sounds a little like Google Now — the excellent and all-too-short-lived proactive intelligence feature Google added into Android for a while back around 2012.

In practice, though, lemme tell ya: It feels dramatically different. Whereas Google Now felt almost magical in its ability to anticipate what you needed before you ever asked for it — with proactive cards on things like flight statuses based on itineraries in your inbox or flight-related searches you’d performed, traffic alerts based on your typical daily routes or appointments in your agenda, and links to maps for businesses you’d been researching — Dreambeans takes those same basic concepts to a whole other level that ends up feeling creepy and invasive, both in the info it’s offering and in the way it’s presenting it.

And, more broadly, it feels indicative of the way AI is heading in general — not just with this one app or with Google but across the industry and in a style that I think most people are increasingly finding off-putting and will only find ever more intrusive in time.

Now, let’s be clear: I’m no technophobe. Far from it: I love clever tech creations and thoughtful new touches that make our lives easier. Heck, I’ve spent much of my life searching for and writing about such feats. And that’s precisely why my reaction to Dreambeans strikes me as so significant: If I’m this put off by this concept, how will average tech users — most of whom are far less tuned into tech trends and intrigued by interesting new options then I am — react?

I’ll tell you more about what I’ve heard so far in a second. First, let me show you exactly what I’ve been seeing, so you can assess this thing for yourself and see how it comes across to your spidey senses.

Here’s a handful of the Dreambeans “story” suggestions that appeared in the app upon its first day working for me, with a few names and personal details blurred for privacy purposes:

Some of Dreambeans’ custom “stories” throughout my first day with the app.

JR Raphael, Foundry

I’m honestly not even sure where all of these suggestions came from, but what jumped at me right away were the (occasionally flattering) caricatures of me and my wife and the general sense of invasion from all the slightly too personal stuff and too familiar integration of family members’ names and interests integrated into the material.

For the record: I had been looking into speaker stuff at some point in the not-too-distant past; I’ve never once typed, uttered, or even considered the phrase “hand-loomed textiles” until just now; we had been looking at the arts festival it mentioned; I’ve never specifically searched for or expressed any interest in Scary Movie 6; and I am not into the band Genesis — though, to be fair, I can’t dance.

I showed all this same material to my wife as well as to several other friends and family members I’d categorize more as typical tech users — not tech professionals or card-carrying geeks but just regular people who own and use a variety of devices, as we all do, and rely on ’em for both personal and professional purposes with varying levels of dread, excitement, and/or indifference. Without exception and without any prompting or personal opinions presented to sway them, every single one of ’em responded the same basic way: “Oh. That’s creepy.” And: “I do not like that.” Without fail.

It doesn’t get much better from here, either. Most of the app’s subsequent suggestions have continued to veer just a touch too far onto the “ick” side of the spectrum, as well as occasionally being off-base in some pretty perplexing ways. For instance:

Nice AirPods, Mr. Apple fan!

JR Raphael, Foundry

For the record on this set: I do love the show Seinfeld — SERENITY NOW! more than ever — though it’s been some time since I’ve actively watched it; I somewhat famously am allergic to Apple products and avoid ’em whenever possible (notice the name of this column, anyone?); I don’t live in the same city as my brother but do find it creepy to have him pictured in ghoulish caricature form and brought randomly into a discussion about Plex (something he wouldn’t even remotely be interested in hearing from me about); and my various editorial newsletters are all powered by a service called Kit — not Beehiiv — which is mentioned in plenty of places both on my websites and throughout my emails.

Also, while my hairline may not be what it once was, I’m (ahem) not that bald yet — thankyouverymuch, Dreambeans.

Another example that I won’t show here was an item that pictured me in overalls working on installing some “coated stainless steel wire for [my] gallery canvases” — a reference to a community art gallery (with all sorts of details wrong and in some cases flat-out fabricated) connected to my mother’s recent passing. It casually mentioned her by name, too, alongside that eerie illustration of me performing a skill I definitely don’t have in my nonexistent home workshop. I don’t think I have to elaborate on how unsettling, unappreciated, and — again — invasive it felt to have that pop up in this feed.

More than anything, what I’ve been feeling while seeing all of this is a combination of (a) egad, it knows too much — especially when it casually name-drops and caricature-pics my wife, kids, and other family members — and (b) at the same time, the info it’s giving me isn’t especially helpful or insightful. It’s mostly just flat, generic, and — well, more or less exactly what you’d expect from something AI-generated.

Seeing caricatures and personal details about my kids is odd — and, at the same time, neither of my kids actually plays or has any interest whatsoever in soccer.

JR Raphael, Foundry

More than anything, in other words, it’s a combination of creepy and not particularly useful.

Some of what I’ve seen when opening Dreambeans’ personal “stories.” Yay?

JR Raphael, Foundry

And it’s the “creepy” part that really sticks with me the most.

The fine line Google forgot to avoid crossing

Maybe if the info I’m being served up here were exceptionally useful, this could be a tradeoff I’d be at least a little more likely to accept. Maybe. But in this scenario, it just feels odd and a little too invasive — which I’ve come to realize is a common theme surrounding much of what seems to be the next level of our forced-upon-us AI future.

Take Google’s Gemini Spark, for instance — the “agentic” AI assistant announced at Google I/O that’s meant to be a “proactive” helper tackling tasks on your behalf. David Pierce from The Verge got an early look at the tool in action and called it “the most impressive and terrifying AI experience” he’s had to date, also bringing that “creepy” word into the equation:

I can’t shake the deeply creepy feeling I get from the whole thing. What Spark did feels sort of magical, and very invasive. It’s weird that Spark is so casually telling me the names and ages of my children, reminding me that it knows where I live, and finding information I know for a fact I’ve never volunteered to Google. Intellectually, I know that Google knows an incredible amount about me — add up my emails, my calendar, my photos, and my search history, and you’ve pretty much got me pegged. But seeing Spark treat all that data not as something to be protected, but as something to be mined, just feels bad.

And that, I think, mirrors the exact reaction I’ve been experiencing with Dreambeans. We’ve all always known that Google knows a lot about us, but we’ve also — at least intellectually — understood how all of that data is and isn’t being used. And it’s never been rubbed in our faces just how much the company can figure out about us by putting all the various pieces together and creating an awkward sense of robotic intimacy.

I remember years ago, being in a Google press briefing where someone from the company talked about how much more their systems and services could accomplish but how they deliberately held back on going that far and overdoing the personalization — ’cause even though they had all that info and could make all those connections, they knew (at the time) that people wouldn’t respond well to seeing all their personal activity put together in such shocking ways. They knew (at the time) that most of us weren’t looking for an artificial BFF who knew too much about us. They knew (at the time) that giving us that sensation would cross the line into being creepy.

Well, this just in: That line’s officially been decimated. We’re in AI’s creepy era. And seemingly no one is worrying anymore if it’s actually something any of us want or will appreciate.

It kinda feels now like tech companies are actively rubbing in our faces how much they know about us — and even if there’s nothing truly nefarious going on with what they’re doing, it sure doesn’t feel good. It feels creepy. And at a time when trust in tech titans is shockingly low and most folks outside of the Silicon Valley bubble are feeling more and more frustrated with AI and all of the effects it’s foisting upon us, that isn’t a great look to be giving off.

Put those sensations alongside the sigh-inducing explosion of AI “content creators,” the proliferation of lifeless AI-generated “writing” (been on LinkedIn much lately?), and the troublingly blurry line between photorealistic AI-generated images and actual real-world photographs — not to mention the maddening experience of interacting with an AI bot support agent or encountering the ever-expanding array of AI-powered scams and security threats and AI-generated job cuts, just to name a few other problematic consequences this movement is imposing — and it’s hard not to question if all this purported progress is ultimately more helpful or harmful for us, as living, breathing humans in the real world.

A few months ago, at the three-year mark of Gemini’s launch, I posed the question: Did anyone actually ask for this? And, more pressingly: Is this the future we wanted? As we’re moving now into yet another era of AI innovation and seeing how it’s affecting our lives, it gets tougher every day to imagine many folks outside of the tech industry who’d answer with an emphatic yes.

And, unfortunately, you don’t need any fancy-schmancy AI chatbots to tell you that things are only gonna get more extreme — and, yes, more creepy — from here.

Find the tips and tools that’ll *actually* help you with my free Android Intelligence newsletter. No hype, no nonsense — just useful new stuff in your inbox every Friday, from one (alleged) human to another.

UK Prime Minister Keir Starmer’s speech on Monday insisting that tech companies create device controls to somehow block children from viewing or creating sexually explicit imagery has raised alarms among CISOs, who worry that the same technology could undermine enterprise security. Starmer gave tech firms three months to create and implement such restrictions voluntarily, at which point he said he would push for legislation to make it mandatory.

Behind the technical and logistical hurdles for tech firms to clear, such as how a device would determine that an image was inappropriate, and how it could reliably determine the subject’s age, is the issue of whether this process would interfere with encryption protections for enterprises worldwide. And that comes down to whether the required data analysis happens on the device or in the cloud. 

Starmer did not go into a lot of detail, preferring to let technology companies craft their own plans, but in this case the details matter. Analysts and consultants said that there has been a push for everything to happen on-device, which would avoid any encryption problems; if the inspected data never leaves the device, the encryption protection would stay intact.

But this plan for the process to stay on the device seems highly unlikely for multiple reasons. The first problem is device capabilities and hardware age. Although Apple and Google engineers would be working with the latest devices, much of the UK population is using much older and less capable hardware, analysts said. 

Although a 2-, 3- or 4-year-old phone might still be able to handle the additional load, it would likely suffer a dramatic slowdown sufficient to make users decidedly unhappy. That would mean that even if the execution of the data analysis began on the device, it would likely have to be shifted to the cloud for performance reasons. And once it moved into the cloud, the encrypted data problem begins. 

Trying to do this scanning on-device in the UK would fail, said Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group. “It will make unusable the majority of devices used in the UK today. It just can’t work on-device.”

However, Villanustre observed that on-device analysis for this kind of effort, which would need to scan everything that gets downloaded to the phone in search of prohibited images, might be viable in a few years, once the typical device becomes much more powerful. But not today.

Creates new risks

Leading secure messaging app provider Signal also issued a strong statement opposing Starmer’s proposal.

“The UK governmentʼs demand that all content on all devices sold or used in the UK be scanned on the presumption of nudity, using a dystopian combination of age verification and content scanning, will not safeguard children. It endangers us all, whilst strengthening Apple, Google and Microsoft’s market dominance and their control over our most personal information,” Signal said.  “Once created, [the program] will be expanded, forming a dangerous tool that will be wielded both in the UK and abroad to censor and surveil whatever they might consider ‘threats’ or ‘harmful content.’”

Signal has aggressively fought against such programs before. Similar privacy campaigns have also been launched in other parts of Europe. 

The long held fear is that moving encrypted data to the cloud, regardless of whether it remains encrypted or is converted to clear text, creates opportunities for attackers to access the sensitive data.

“The mechanism that flags and reports a match to external authorities creates a new, built-in exfiltration path,” said Jeff Valdes, a director at consulting firm Acceligence.

Could do more harm than good

Sanchit Vir Gogia, chief analyst at Greyhound Research, argued that the UK proposal is likely to do far more damage than good. He pointed to the short three month timeframe as evidence of a lack of good faith.

“Legislation of this complexity cannot be drafted in a quarter. The deadline is a pressure instrument, not a delivery schedule. Child safety is the destination. Device-wide inspection is the wrong vehicle,” Gogia said. “Apple and Google already run on-device nudity detection in bounded contexts, and it works: a child can be warned, an image blurred, a sharing attempt interrupted.”

Gogia pointed to another logistical problem, which is that some devices such as tablets are often shared between family members, which makes reliable age determinations all but impossible. 

“The deeper flaw is that the policy assumes a stable mapping between device, person, and age, and that mapping does not exist in real households,” Gogia said. “A device cannot know its holder has changed. The only architecture that survives this is default-child with recurring adult verification, which is surveillance arriving through the back door of household economics.”

In addition, he noted, “Children disproportionately inherit the old, out-of-support handsets the mandate cannot reach. Forcing churn manufactures electronic waste and punishes the families least able to buy new.”

Carmi Levy, an independent technology analyst, agreed that the computing overhead alone for such an effort could make this a deal-killer. 

“The compute requirements, particularly in light of the need to execute this kind of filtering in real time, would be immense. It is futile to assume this capability can ever be rolled out at scale without running into massive concerns on several fronts,” Levy said. “Simply deciding how to tune the filters is an almost impossible task. Although the overall definition of nudity, namely not wearing clothing, is generally agreed upon, the line where it becomes inappropriate for minors is neither static nor universally established. So it’s wildly optimistic to assume that a single threshold would be workable at the scale proposed by Prime Minister Starmer.”

Nidhi Luthra, a director at Acceligence, added that the logistical and technological roadblocks are also a big problem. 

“Technically, parts of this can work,” she said, but vendors would have to deal with age verifications, drifts in the models and false positives, and there is also the “lack of contextual information that truly would have let this work.” 

Puts CISOs in ‘an impossible bind’

The UK proposal also puts enterprise CISOs and IT directors who need to protect sensitive data in an impossible bind, Gogia said. 

They “can govern device management and conditional access. What they cannot govern is a mandatory inspection capability that updates according to political appetite rather than enterprise risk appetite,” he pointed out. “The proposal does not automatically create a breach inside Signal, WhatsApp, or Teams, but it creates the conditions for a new class of breach around them. The weakness need not live in the messaging protocol. It can live in the mandated inspection layer, the classifier update mechanism, the age-assurance workflow, or the logs that enforcement inevitably generates.”

Regime change could lead to abuse

Another common concern is that governments change hands, so limited capabilities granted today to one government might be used very differently by a future government. 

Brian Jackson, principal research director at Info-Tech Research Group, noted, “the current government may only use it to detect nudes, but what is to stop a future authoritarian government from using it to detect unfavorable political commentary? Creating a back door means there is potential for third parties — hackers — to exploit that back door to gain access to the user’s communications. This is exactly what encryption and on-device security measures are supposed to prevent.”

He added, “Apple’s Communication Safety feature, Google’s Family Link, and a range of parental control tools already use on-device AI to detect and restrict explicit imagery on children’s devices. The government is not filling a gap the market failed to address. It is proposing to transfer control of an existing capability from the device owner to the state. Parents can deploy this protection right now, on their terms. That is where the decision should sit.”

Ryan O’Leary, research director for privacy and legal technology at IDC, said the current proposal only involves the UK, and there’s no way to determine whether other governments will try something similar. He noted that the EU’s GDPR was widely expected to go global when it launched in 2016, but in ten years, it hasn’t.

O’Leary said that if this proposal is enacted in the UK, he would advise IT and cybersecurity executives to be extra cautious when sending team members to the region. 

“It would essentially be ‘China rules’” such as air gapping systems and traveling with disposable data-limited burner phones, O’Leary said. “It’s an exceptionally big deal if it goes through,” but, he added, the chance of it happening is very low. “It seems like the technology companies will call his bluff.”

This article originally appeared on CSOonline.

AIs struggle to understand documents designed for humans; the DocLang working group seeks to flip that imbalance with its specification for machine-readable business documents “built from the ground up for LLM tokenizers.”

The working group, founded by IBM, Nvidia, and Red Hat and hosted by the Linux Foundation’s LF AI & Data project, aims to create an open, universal, AI-native document format designed to improve how enterprises prepare, exchange, and govern document data for AI systems. ABBYY and Human Signal will also be involved in its development, and other contributors are welcome.

“Enterprises today work across a fragmented landscape of document formats, including PDFs, JPEGs, and other file types built primarily for human consumption rather than AI interpretation,” the group said in its launch announcement.

“This disconnect can introduce complexity, raise costs, and reduce reliability when extracting meaning from business documents,” as organizations increasingly rely on generative AI and agentic systems, it said.

Mark Collier, executive director of LF AI & Data, said the goal of the DocLang Specification Working Group is to “develop a vendor-neutral, interoperable standard that helps organizations prepare document data for AI more reliably, transparently, and at scale.”

DocLang defines a structured, machine-readable format for documents of any type, like JSON for data, that any tool can implement and any pipeline can consume. It builds on DocLing, a document processing toolkit hosted by LF AI & Data that can transform human-readable PDFs, word processor documents or spreadsheets into structured data.

Standards must evolve for AI

Something like DocLang is needed, said independent technology analyst Carmi Levy. “Existing document standards have done an admirable job allowing global stakeholders to confidently collaborate for decades, but it’s becoming increasingly clear that they are in desperate need of an update as AI reshapes the rules around how work gets done,” he explained.

Largely static document types, he said, “can be somewhat limiting when AI is redefining the very word, ‘document.’ In many ways. AI-age documents are far more iterative and dynamic than what they once were, and the definitions need to evolve with the times. The documents we currently live with simply weren’t designed for the AI age.”

Within that context, Levy said, “DocLang represents an early, best hope of achieving some kind of foundational baseline for document standards, one that will hopefully allow more intelligent, more efficient, lower-risk workflows than is currently the case.”

Taking an open-source, vendor-agnostic approach to the process ensures the collective will take precedence over the needs of specific vendors, he said, adding, “earlier standards-setting efforts around networking, documentation, the web, and the cloud powered the free-flowing digital landscape that defines modern life.”

An AI-centric documentation standard will carry that reality into the next generation of technology, said Levy.

A question of governance

The entire concept of LLMs, Jason Andersen, principal analyst at Moor Insights & Strategy said, “involves using natural human languages. The computer is supposed to understand us without us changing our syntax or language. Forcing a syntax on users is exactly what we have today with SEO and more advanced programming languages.”

With something like DocLang, where the standard can be applied to content ingestion, he said, “I would be OK with that being automated, which seems to be the intent. The use case I envision is that when I upload a document to an agent, a skill can be run to preprocess the document into the DocLang standard format, saving tokens.”

That makes sense, he said, adding that he thinks it’s good “if it can help generate outputs, like a visualization, that can be shared outside an AI tool. On that front, that is also why I am liking Web MCP, since you are just adding some code to the page, like CSS or JavaScript, and the consumer, in this case, an AI browser or skill, is better equipped to handle the site.”

The point, he said, is, “these standards need to preserve the fact that humans can still do what they want, and do not need to know any coding to be proficient. In terms of governance, I am not sure if it matters.”

But one analyst did foresee governance problems arising from DocLang’s use.

Yaz Palanichamy, senior research analyst at Info-Tech Research Group, said DocLang adoption will require organizations to implement and review controls in order to scale its use accountably and securely.

This article originally appeared on CIO.com.

MUNICH — Nextcloud has integrated Euro-Office into its workplace application suite, one of several updates to Nextcloud Hub unveiled on Tuesday that include a new compliance app for large organizations and a program to support developers building for its platform.

The announcements came during the company’s Nextcloud Summit 2026 here.

Euro-Office, announced in March, is billed as an open source, sovereign alternative to Microsoft Office for European organizations keen to reduce their reliance on US tech providers. It consists of four browser-based applications: a document editor, spreadsheet program, presentation tool, and a PDF editor — each enabling collaborative editing. Euro-Office documents can also be opened directly from the Nextcloud Files mobile app.

Nextcloud is one of several European companies that support Euro-Office, which is built on the open-source code base of OnlyOffice and distributed under the GNU Affero General Public License v3 (AGPL v3).

The integraton means Nextcloud users can now choose between two options in Nextcloud Office: Euro-Office and the existing Collabora integration. 

“Euro-Office uses a different architectural approach that can result in a better performance in the browser, a different user experience…, so it’s important that this option is available,” Jos Poortvliet, Nextcloud co-founder and vice president of communications, said at the Tuesday event.

Other changes in the Nextcloud Hub 26 Spring release include updates to Nextcloud‘s Talk video and voice meeting app, including AI noise suppression and the ability to start a call from any Nextcloud Hub app – an addition that will make collaborative editing easier, said Poortvliet. 

For Nextcloud Assistant, there are new AI agent capabilities. In addition to existing capabilities such as managing calendars and tasks, AI agents can now create cards in Nextcloud’s Deck task management app and update information in the Forms app.

There are also improvements to the AI assistant’s interface, which can be moved around to avoid blocking other applications and allow users to copy and paste text more easily without opening another tab. To meet EU AI Act requirements, Nextcloud will make it easier to see which  provider supplies the large language model (LLM) the Assistant runs on.

Nextcloud will also integrate the AI assistant directly into its Nextcloud Office suites via a sidebar chat interface, allowing users to address problems such as errors in the spreadsheet app.

NextCloud’s AI chat assistant is integrated into the company’s Office suites.

NextCloud

There’s also a new Governance app that helps large organizations — particularly governments and highly regulated industries — meet regulatory requirements with compliance tools to manage data held in Nextcloud Hub. It contains several features,  including sensitivity labels to control access rights; data retention and archive capabilities; and a legal hold option that preserves documents for legal purposes such as a court case.

The Governance app includes a Compliance Manager that provides a compliance score based on an organization’s regulatory requirements, and measures progress towards certain targets. Admins can also search and review documents shared by employees and generate audit reports for compliance. The Governance app is available to Nextcloud Enterprise customers.

Nextcloud also launched a program to support independent software providers interested in building apps on its platform. 

With AI making it easier for developers to build software that integrates with its platform, Nextcloud expects a 10-fold increase in the number of available apps — from 600 now to 6,000 over the next 12 months, according to Nextcloud CEO Frank Karlitschek.

Nextcloud promised to promote apps developed by partners in its App Store and sell subscriptions as part of the ISV program, as well as provide documentation and technical help to customers. In return, developers would provide guarantees to customers around security processes and long-term support.

“We can strengthen our ecosystem, the developers also make some money — because obviously we do a revenue share here — and we leverage the dynamics that we expect from AI coming very soon,” said Karlitschek.

Editor’s note: NextCloud paid for Matthew Finnegan’s travel and hotel costs for NextCloud Summit 2026, but had no editorial role in the creation of this story.

WWDC26 felt like a defining platform moment. Apple is no longer simply promising that AI will arrive eventually; it is arguing that Apple Intelligence and Siri AI should become central to the future of its ecosystem. If that works, the company will have turned AI from a perceived weakness into a new reason to stay inside Apple’s world.

Still, the bigger question is execution. Apple did not present AI as a lab experiment; it presented a polished, consumer-ready experience. That raises expectations. 

Apple must deliver this time

Users will not judge Apple Intelligence by model architecture or parameter counts. They will judge it by whether Siri understands them, whether actions work reliably, whether personal context feels useful rather than intrusive, and whether the experience is consistent across devices.

Since Monday’s announcements, we’ve learned that some features will not work on all devices — and there’s speculation Siri AI may not fully escape beta until 2027. “Until Apple puts a stake in the ground and says when the new Siri features will be available, the debate remains: Does Apple actually have the chops in personalized AI? The demo suggests yes. The lack of timing suggests maybe,” wrote analyst Gene Munster.

Optimists argue that Apple has regained momentum by presenting a coherent AI story, one built around privacy, integration and everyday utility rather than spectacle. Skeptics counter that many of the features resemble capabilities already available elsewhere, and say the company still needs to prove it can ship them at scale and make them a meaningful reason for consumers to upgrade.

What the analysts say

That balance is visible in analyst reaction. In a client note seen by Computerworld, Erik Woodring of Morgan Stanley described the keynote as clear progress on Apple’s AI roadmap and said it suggested monetization opportunities could arrive earlier than expected — even if the overall journey will be “a marathon, not a sprint.”

UBS, in contrast, said the privacy-focused AI additions are useful but unlikely to be a material driver of iPhone demand in the near term, while Barclays called the changes interesting but incremental, and not enough to drive an upgrade cycle.

Ben Wood, chief analyst at CCS Insight, argued that Apple had to answer concerns about its AI shortcomings and now has to prove that its privacy-led, integration-first approach translates into a meaningfully better everyday experience. “Consumers will not judge Apple Intelligence by model sizes, partnerships or technical architecture,” Wood told me. “They will judge it by whether Siri understands them, whether actions work, whether personal context feels useful rather than intrusive, and whether the experience is consistent across devices.”

Dipanjan Chatterjee, vice president principal analyst at Forrester, said Apple’s strength lies in shifting the focus from the underlying technology to outcomes such as usefulness, simplicity and trust, while warning that the company still has skeptics to win over after its stop-start AI rollout. “The lesson for brands is clear: market the value, not the ingredients,” said Chatterjee. “After stumbling with the Apple Intelligence roll-out, Apple’s success will hinge on delivering the new Siri experience quickly, and ensuring it works as promised for iPhone users at scale.”

What about Apple developers?

While many are infuriated about Europe’s inability to build compromise, Apple’s developer army otherwise seems positive about what the company has accomplished. 

“On the AI front, it never made sense to me for Apple to develop their own LLM, so focusing on powerful, fast and private for implementation of Apple Intelligence seems to be an effort that is progressing rather nicely.  In all, a pretty good Keynote, I’d say,” Rich Siegel, founder and CEO of Bare Bones Software, said in an interview.

“It’s great to see Apple continue to pursue a vision of AI that leverages local systems, preserves privacy, and integrates with third party tools,” said Ken Case, CEO of the Omni Group. “A lot of our work around the Apple Foundation Models and automation, App Intents, and adopting Swift look to be fruitful investments, but it’s clear there’s more to do starting this summer. It’s also welcome to see them refine Liquid Glass, giving customers more control and listening to feedback they’ve heard over the past year.”

“I expected that this year’s Siri revamp would be the biggest personal assistant update Apple has ever done, and that’s exactly what we got,” said Sergii Kryvoblotskyi, director of AI and research at MacPaw. “Since Apple acquired Siri back in 2010, it has lacked one thing: real intelligence. Behind the great speech recognition service it provided, the tech was not ready to provide real value to users.”

“Most notable for me was Siri AI and the push towards on-device and more capable models that can do more with user context,” Matt Vlasach, Jamf senior vice president, enterprise products and solutions engineering,” said in an interview. “While obvious for consumer use cases, as illustrated in the keynote, the opportunity to evolve this to the work context using a more advanced Apple Intelligence framework is an exciting evolution.”

“OS 27 feels like a deliberate reset, less about new features and more about polish and quality-of-life improvements, which most users will welcome,” said John Richards, general manager, IT products, at Iru. “The new capabilities are focused entirely on Apple Intelligence and Siri AI, and what’s encouraging is how much Apple leaned into privacy with the Gemini partnership. That combination of capability and privacy-first design is the right instinct.”

“The single biggest request I made at Apple’s Foundation Models workshop in Madrid was opening Private Cloud Compute to third-party developers,” said Serhii Popov, senior software Eengineer at CleanMyMac. “It’s here and free for apps under 2 million users. That’s a real breakthrough and a huge opportunity for a lot of great apps.”

How will integrated AI change things?

Joel Rennich, senior vice president for product management at JumpCloud, looked ay how on-device AI will transform other paradigms. For starters, it shifts identity from simple authentication to governing what actions an AI agent is allowed to take.v“Enterprises will need identity frameworks that govern both human and non-human actors consistently,” he said.

“iOS 27 and Apple Intelligence point toward an operating system that does not just launch apps, it executes intent,” Rennich said. “Instead of users navigating between tools, the OS increasingly mediates outcomes directly through AI. This changes how work is initiated and completed on devices.

“With Apple Intelligence integrated across core experiences like Siri, Safari, and system services, AI is no longer an overlay but infrastructure. The separation between where data lives and where it is used becomes increasingly invisible to the user. Intent becomes the primary input, not app selection.”

I also spoke with Hexnode CEO Apu Pavithran, who pointed to some of the concerns enterprise users might have following WWDC: “The keynote didn’t speak much to admins,” he said. “The features that matter most at the management layer, such as how Apple exposes Siri AI through MDM APIs, whether IT gets granular per-app controls for Apple Intelligence, how shared device deployments handle the new assistant — these will be answered in the developer documentation. This week, that’s where IT teams should be looking.”

“Admins should dig in immediately and see what’s changed. Watch the developer docs, audit how Apple Intelligence interacts with existing device policies, and remember that the keynote is only a part of the story for enterprises,” he said.

Making AI great again

“Rebuilt from the ground up, Apple is trying to make AI feel native, useful and invisible across the devices people already use every day,” Francisco Jeronimo, vice president for client devices at IDC, said in an interview. “This matters, because the winning AI experience for consumers will not be the loudest or most technically complex. It will be the one that understands context, respects privacy, works reliably across apps, and reduces friction without forcing users to change behavior.”

“[Apple] is also clearly seeking to differentiate through its privacy promises,” said CCS Insight’s Wood. “This looks like a step in the right direction, but there is no room for complacency, and Apple still has a long AI journey ahead.”

Pavithran reflected on something more. “Overall, it’s hard not to think of this year as a deliberately measured keynote, one that’s intentionally playing it safe and seeking to rewrite the AI narrative,” he said. “I won’t be surprised if this ends up setting the stage for a much bigger installment next year with incoming CEO John Ternus hitting the ground running with some ‘wow’ features like new hardware or agentic AI at scale.”

That we can now seriously consider that possibility shows the extent to which Apple has regained momentum in AI on its platforms.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and The Core.

A Windows launch isn’t the end a process — it’s really just the beginning. Microsoft continually works on improving Windows 11 by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent mainstream version of Windows 11 — currently version 25H2 — over the past year. (We also cover updates for Windows 11 26H1, a targeted release of Windows for devices with specific chips.) For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it. The most recent updates appear first.

The easiest way to install updates is via Windows Update. Not sure how? See “How to handle Windows 10 and 11 updates” for full instructions. Note that Windows 11 version 25H2 is being released as a phased rollout and may not be available to you in Windows Update yet.

If you’re still using Windows 10, see “Windows 10: A guide to the updates.” And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 11, see “Windows 11 Insider Previews: What’s in the latest build?”

Updates for Windows 11 24H2, 25H2, and 26H1 Windows 11 KB5094126 (OS Builds 26200.8655 and 26100.8655)

Release date: June 9, 2026

In this build, for devices running Windows 24H2 and 25H2, Windows quality updates now include additional high-confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

(For more about Secure Boot certificate upgrades, see the Computerworld story “FAQ: What you need to know about expiring Windows Secure Boot certificates.”)

The build also fixes one bug that could have resulted in Stop errors HYPERVISOR_ERROR (0x20001) and KMODE_EXCEPTION_NOT_HANDLED (0x1E) after installing KB5089573 on some devices during system restarts, virtual machine operations, or while running some gaming applications.

The build has one known issue, in which devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5094126.)

Windows 11 26H1 KB5095051 (OS Build 28000.2269)

Release date: June 9, 2026

This update, for devices on Windows 11 version 26H1, improves the reliability of BitLocker Drive Encryption testing by ensuring that all required files are available for the USB BIOS logo test.

It also has a wide variety of security updates. For details, see June 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5095051.)

KB5089573 (OS Builds 26200.8524 and 26100.8524) Preview

Release date: May 26, 2026

With this update, Windows quality updates include additional high-confidence device targeting data, making more devices eligible to receive new Secure Boot certificates. The old certificates expire at the end of June: see Computerworld’s FAQ for details. The build also adds Group Policy and MDM settings that IT admins can enable to limit the Secure Boot service data sent to Microsoft. (See Microsoft documentation.)

This update also includes a wide variety of new features being rolled out gradually, including Shared Audio, which enables two Bluetooth audio devices to connect to a single Windows 11 PC at the same time; Multi-App Camera, which allows multiple applications to access the camera stream simultaneously; improved visibility into NPU usage in Task Manager; and several performance and behavior improvements for Windows Hello.

There is one known issue in the update, in which after you install update KB5089549, some devices might fail to complete installation with error code 0x800f0922. This issue occurs on devices that have limited free space on the EFI System Partition (ESP), especially if it has 10MB or less available.

(Get more info about KB5089573 Preview, including workarounds for the issue described above.)

KB5089549 (OS Builds 26200.8457 and 26100.8457)

Release date: May 12, 2026

This build enables dynamic status reporting for Secure Boot states in the Windows Security app. It also fixes a bug in which the Remote Desktop Connection security warning dialog sometimes rendered incorrectly in multi-monitor configurations with different display scaling settings.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2026 Security Updates.

The build has one known issue: devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5089549.)

KB5083631 (OS Builds 26200.8328 and 26100.8328) Preview

Release date: April 30, 2026

This update includes a large number of new features being rolled out gradually, including File Explorer’s ability to handle new archive formats including uu, cpio, xar, and NuGet Packages (nupkg). Windows also gets a new way to monitor agents from the taskbar. It supports agents across first- and third-party apps, with Researcher in the Microsoft 365 Copilot app as the first adopter. 

Also being rolled out gradually is a security improvement that changes how the Windows kernel trusts third‑party drivers. Default trust for cross‑signed drivers is removed, while drivers from the Windows Hardware Compatibility Program (WHCP) and an allow list of trusted legacy drivers remain allowed. 

The update also includes several changes available immediately, including one that increases coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout. For more information, see Windows Secure Boot certificate expiration and CA updates.

A bug in the Remote Desktop Connection security warning dialog is being fixed immediately. Previously, the dialog could have rendered incorrectly in a multi-monitor scenario when the monitors had different scaling settings.

(Get more info about KB5083631 Preview.)

KB5083769 (OS Builds 26200.8246 and 26100.8246)

Release date: April 14, 2026

This update fixes several bugs, including one that caused device reset to fail when using the “Keep my files” or “Remove everything” options. It also improves protection against phishing attacks that use Remote Desktop (.rdp) files. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.

It also enables dynamic status reporting for Secure Boot states in Settings > Update & Security > Windows Security, with a green, yellow, or red badge indicating your current Secure Boot status. See Secure Boot certificate update status in the Windows Security app for more information.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Update, April 15: Microsoft has confirmed an issue with this release: “Devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.” See Microsoft’s KB5083769 information page for details and workarounds.

(Get more info about KB5083769.)

KB5086672 (OS Builds 26200.8117 and 26100.8117) Out-of-band

Release date: March 31, 2026

This update fixes a bug in which some devices running Windows 11 version 25H2 or 24H2 encountered the following error while installing the Windows preview update KB5079391 (listed below): “Some update files are missing or have problems. We’ll try to download the update again later. Error code: (0x80073712).”

(Get more info about Windows 11 KB5086672 Out-of-band.)

KB5079391 (OS Builds 26200.8116 and 26100.8116) Preview

Release date: March 26, 2026

This update includes a variety of new features being rolled out gradually, including one that allows you to turn Smart App Control (SAC) on or off without needing a clean install. To make changes, go to Settings > Windows Security > App & Browser Control > Smart App Control settings. When turned on, SAC helps block untrusted or potentially harmful apps. To learn more, see App & Browser Control in the Windows Security App.

The build also includes several improvements and bug fixes, including one that improves Application ID tagging in Application Control for Business policies. With this update, the system identifies which apps should receive tags more accurately and behaves more reliably, Microsoft says.

(Get more info about Windows 11 KB5079391 Preview.)

KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band

Release date: March 21, 2026

This update fixes a bug some users experienced when signing in to apps with a Microsoft account. Even when the device had a working internet connection, a “no Internet” error appeared during sign-in and prevented access to Microsoft services and apps such as Microsoft Teams Free and OneDrive.

(Get more info about KB5085516 Out-of-band.)

KB5079473 (OS Builds 26200.8037 and 26100.8037)

Release date: March 10, 2026

This build improves how Windows Defender Application Control (WDAC) handles COM objects allowlisting policies. COM objects were blocked when the endpoint security policy was set higher than the allowlisting policy. With this update, COM objects are allowed as expected.​ The build also introduces additional high confidence device targeting data to Windows quality updates, increasing coverage of devices eligible to automatically receive new Secure Boot certificates.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5079473.)

KB5077241 (OS Builds 26200.7922 and 26100.7922) Preview

Release date: February 24, 2026

This update includes a variety of new features being rolled out gradually, including one in which Quick Machine Recovery (QMR) turns on automatically for Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management. For domain‑joined or enterprise managed devices, QMR stays off unless it is enabled by the organization.

It also includes several features available immediately, including one in which Windows quality updates include additional high-confidence device-targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

(Get more info about KB5077241 Preview.)

KB5077181 (OS Builds 26200.7840 and 26100.7840)

Release date: February 10, 2025

This Patch Tuesday build fixes several bugs, including one that prevented some devices from connecting to certain WPA3‑Personal Wi‑Fi networks. It also includes a broad set of targeting data that identifies devices and their ability to receive new Secure Boot certificates. Devices will receive the new certificates only after they show sufficient successful update signals, which helps ensure a safe and phased rollout.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5077181.)

KB5074105 (OS Builds 26200.7705 and 26100.7705) Preview

Release date: January 29, 2025

In this build, several new features are immediately available, including one for Data Protection Application Programming Interface (DPAPI) domain backup key management. Administrators can now set how often keys rotate automatically. This strengthens cryptographic security and reduces reliance on older encryption algorithms.

One new feature is being gradually rolled out: The Settings Agent now supports more languages, with expanded support for German, Portuguese, Spanish, Korean, Japanese, Hindi, Italian, and Chinese (Simplified).

A variety of bugs have been fixed, including one that caused some systems to stop responding during startup when Windows Boot Manager debugging was enabled.

Get more info about KB5074105 Preview.)

KB5078127 (OS Builds 26200.7628 and 26100.7628) Out-of-band

Release date: January 24, 2026

This update fixes a bug in which some applications were unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage, such as OneDrive or Dropbox. In certain Outlook configurations that store PST files on OneDrive, Outlook sometimes hung and failed to reopen unless the process was terminated or the system was restarted. Users may have also experienced missing sent items or previously downloaded emails.

(Get more info about KB5078127 Out-of-band.)

KB5077744 (OS Builds 26200.7627 and 26100.7627) Out-of-band

Release date: January 17, 2026

This update fixes a bug in which some users experienced sign-in failures during Remote Desktop connections. This issue affected authentication steps for different Remote Desktop applications on Windows such as the Windows App.

There is one known issue in this build, in which the password icon might be missing or invisible in the lock screen sign-in options.

Get more info about KB5077744 Out-of-band.)

KB5074109 (OS Builds 26200.7623 and 26100.7623)

Release date: January 13, 2026

This build fixes several bugs, including one in which you might experience RemoteApp ​​​​​​​connection failures in Azure Virtual Desktop (AVD) environments. This might occur after installing KB5070311. It also updates the Windows core component, WinSqlite3.dll. Previously, some security software might have detected this component as vulnerable. 

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2026 Security Updates.

It has one known issue, in which you might notice that the password icon is not visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue. This issue primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5074109.)

KB5072033 (OS Builds 26200.7462 and 26100.7462)

Release date: December 9, 2025

This build fixes several bugs, including one in which File Explorer briefly flashed white when you navigated between pages.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2025 Security Updates.

It has one known issue, in which the password icon might not be visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue — it primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5072033.)

KB5070311 (OS Builds 26200.7309 and 26100.7309) Preview

Release date: December 1, 2025

A variety of new features are being gradually rolled out in this build, including several for Copilot+ PCs. The Click to Do context menu in Copilot+ PCs now has a streamlined design that makes it easier to access frequently used actions such as Copy, Save, Share, and Open. In Copilot+ PCs you can now also use Windows Studio Effects, which provide AI-powered camera enhancements, on an additional camera such as a USB webcam or your laptop’s built-in rear camera.

New features being rolled out gradually to all Windows 11 PCs include a simplified File Explorer context menu for easier navigation. Common actions like Share, Copy, and Move now appear in a single organized menu.

A variety of bugs have been fixed for all PCs, including one in which the Local Security Authority Subsystem Service (LSASS) could become unstable due to an access violation.

There are two known issues in this build, one in which when opening File Explorer in dark mode, the window might briefly display a blank white screen before loading files and folders. In addition, the password icon is missing or invisible in the lockscreen sign-in options on some PCs. (Here’s a workaround for the latter bug.)

Get more info about KB5070311 Preview.)

KB5068861 (OS Builds 26200.7171 and 26100.7171)

Release date: November 11, 2025

This Patch Tuesday build fixes several bugs, including one in which closing Task Manager with the Close button didn’t fully end the process, leaving background instances that could slow performance over time.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5068861.)

KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

Release date: October 28, 2025

A variety of new features are being gradually rolled out in this build, including several for Click to Do on Copilot+ PCs — notably a streamlined interaction between Click to Do and Copilot. You can now type a custom prompt directly into the text box, which sends your prompt and selected on-screen content to Copilot. Suggested prompts appear below the text box and are available for text selections in English, Spanish, and French. 

New features are being gradually rolled out for all Windows 11 PCs as well, including a redesigned Start menu, which includes scrollable “All” section and category and grid views. The menu now adapts to your screen size.

A variety of bugs have been fixed, including one in which text sometimes didn’t render correctly when editing content within a multiline text box in certain apps.

Get more info about KB5067036 Preview.)

KB5070773 (OS Builds 26200.6901 and 26100.6901) Out-of-band

Release date: October 20, 2025

This build fixes one bug, in which USB devices, such as keyboards and mice, did not function in the Windows Recovery Environment (WinRE). This issue prevented navigation of any of the recovery options within WinRE.

This build has one known issue: some digital TV and Blu-ray/DVD apps might not play protected content as expected after installing the August 29, 2025, Windows non-security preview update (KB5064081) or later updates. Apps that use Enhanced Video Renderer with HDCP enforcement or Digital Rights Management (DRM) for digital audio might show copyright protection errors, frequent playback interruptions, unexpected stops, or black screens. Streaming services are not affected. 

(Get more info about KB5070773 Out-of-band.)

KB5066791 (OS Builds 19044.6456 and 19045.6456)

Release date: October 14, 2025

This build fixes several bugs, including one that caused the print preview screen to stop responding in Chromium-based browsers.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5066791.)

KB5065789 (OS Builds 26200.6725 and 26100.6725) Preview

Release date: September 29, 2025

This build gradually rolls out a wide variety of new features, including one in which you can use AI actions in File Explorer to edit images or summarize documents. To do it, right-click (or press Shift + F10 on the keyboard) on the file and select AI actions. 

Several bugs have also been fixed, including one in which you might not have been able to connect to shared files and folders if you were using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT).

(Get more info about KB5065789 Preview.)

Windows 11 25H2

At the end of September, Microsoft upgraded Windows 11 from version 24H2 to 25H2, in a slow rollout that could take months to complete. Typically in the past, Microsoft would introduce new features in a once-a-year update like this. That’s not the case with 25H2, though.

Microsoft has been introducing new features in smaller updates all year round, so 25H2 doesn’t include any major new features. Rather, it includes all the new features that have accumulated in all those smaller updates.

As the company explains, “While this update doesn’t introduce major new features, it activates enhancements that have been gradually rolled out over the past year ensuring your device is up to date with the latest refinements.”

Here are some of the most important features in 25H2 that have been introduced for end users and IT pros since 24H2 was released last fall:

New features for users:

• File Explorer has several useful new features, notably AI actions, which can edit images or summarize documents. AI options such as Blur background, Erase objects, and Remove background are all now displayed in the context menu.
• Task Manager gets a number of minor tweaks, including performance improvements when changing the sort order of processes.
• You can now display the apps that have recently used on-device generative AI models provided by Windows. You can also choose which apps are permitted to use the generative AI technologies. To do that and more, go to Settings > Privacy & security > Text and Image Generation.

New features for IT:

• IT admins can use policy-based tools to easily remove preinstalled Microsoft Store apps from Enterprise and Education editions of Windows 11, version 25H2 and later. This can streamline device provisioning and prevent removed apps such as Microsoft Clipchamp, Media Player, and Microsoft Teams from being reinstalled. For more information, see Policy-based removal of preinstalled Microsoft Store apps and RemoveDefaultMicrosoftStorePackages in the ApplicationManagement Policy CSP.
• Enterprise access points now support Wi-Fi 7, which enables increased speeds, greater throughput, improved reliability, and enhanced security. For details, see https://aka.ms/WiFi7forEnterprise.
• Windows Backup for Organizations is now generally available.
• A new feature called Quick Machine Recovery can recover Windows devices when they encounter critical errors that prevent them from booting. Quick machine recovery searches for remediations in the cloud and recovers from widespread boot failures, reducing the burden on IT admins on cases when multiple devices are affected. For more information, see Computerworld’s Quick Machine Recovery explainer.

Updates for Windows 11 24H2 KB5068221 (OS Build 26100.6588) Out-of-band

Release date: September 22, 2025

This update fixes a bug that affected Microsoft Office applications running in Microsoft Application Virtualization (App-V) environments. The failure occurred due to a double handle closure in the AppVEntSubsystems32 or AppVEntSubsystems64 system component.

There is one issue in this build: you might fail to connect to shared files and folders using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP (NetBT). This issue can occur if either the SMB client or the SMB server has the September 2025 security update installed.

(Get more info about KB5068221 (OS Build 26100.6588) Out-of-band).

KB5065426 (OS Build 26100.6584)

Release date: September 9, 2025

This build fixes several bugs, including one that caused non-admin users to receive unexpected User Account Control (UAC) prompts when MSI installers performed certain custom actions, such as configuration or repair operations in the foreground or background during the initial installation of an application.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5065426.)

KB5064081 (OS Build 26100.5074) Preview

Release date: August 29, 2025

A wide variety of new features are being gradually rolled out in this build, including a new personalized homepage in Windows Recall that displays your recent activity and top-used apps and websites (available only in Copilot+ PCs). Among the changes rolling out to all users is a new grid view for Search from the Windows taskbar that helps you more quickly and accurately identify the desired image within your search.

Several bugs have also been fixed, including one in which some system recovery features did not work properly due to a temporary file sharing conflict. This affected certain device management tools and disrupted key functions on some devices.

(Get more info about KB5064081 Preview.)

KB5063878 (OS Build 26100.4946)

Release date: August 12, 2025

This build fixes a bug that caused delays during sign-in on new devices. The delay was due to certain preinstalled packages. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5063878.)

KB5062660 (OS Build 26100.4770) Preview

Release date: July 22, 2025

A wide variety of new features are being gradually rolled out in this build, including a new agent in Copilot+ PCs that is designed to help you find and change settings on your PC. You can describe what you need help with, such as “how to control my PC by voice” or “my mouse pointer is too small,” and the agent will suggest steps to resolve the issue. The agent uses AI on your PC to understand your request and, with your permission, can automate and complete tasks for you. It is rolling out to Snapdragon-powered Copilot+ PCs now, with support for AMD and Intel PCs coming soon. 

Several bugs have also been fixed, including one in which If you have an app pinned to your desktop and it updates, the app icon might not display correctly and instead show a white page.

(Get more info about KB5062660 Preview.)

KB5064489 (OS Build 26100.4656) Out-of-band

Release date: July 13, 2025

This update fixes a bug that prevented some virtual machines (VMs) from starting when Virtualization-Based Security (VBS) was enabled. It affected VMs using version 8.0 (a non-default version) where VBS was offered by the host. In Azure, this applies to standard (non–Trusted Launch) General Enterprise (GE) VMs running on older VM SKUs. The problem was caused by a secure kernel initialization issue.

(Get more info about KB5064489 Out-of-band.)

KB5062553 (OS Build 26100.4652)

Release date: July 8, 2025

The build fixes several bugs, including one in which notification sounds didn’t play. Affected sounds included those for on-screen alerts, volume adjustments, and sign-in. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5062553.)

KB5060829 (OS Build 26100.4484) Preview

Release date: June 26, 2025

A wide variety of new features are being gradually rolled out in this build, including a new Settings home page that includes enterprise-specific device info cards for commercial customers on PCs managed by an IT administrator. The taskbar also now resizes icons to fit more apps when space runs low.

Users in the European Economic Area will see several small changes related to default browsers, such as mapping additional file and link types to the default browser and pinning it to the taskbar and Start menu.

A variety of bugs have also been fixed, including one that prevented the automatic renewal of expiring certificates in Windows Hello for Business.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5060829 Preview.)

KB5063060 (OS Build 26100.4351) Out-of-band

Release date: June 11, 2025

This out-of-band update replaces the KB5060842 Patch Tuesday release, fixing a bug in which Windows sometimes restarted unexpectedly when users opened games that use the Easy Anti-Cheat service. Easy Anti-Cheat automatically installs with certain games to enhance security and prevent cheating in multiplayer online PC games. 

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

(Get more info about KB5063060 Out-of-band.)

KB5060842 (OS Build 26100.4349)

Release date: June 10, 2025

After installing this update, Windows will retain system restore points for 60 days only. Restore points older than 60 days are not available. This 60-day limit will also apply to future versions of Windows 11, version 24H2.

The build fixes a bug that prevented users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​ It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060842.)

KB5058499 (OS Build 26100.4202) Preview

Release date: May 27, 2025

A wide variety of new features are being gradually rolled out in this build, including one in which Click to Do gets the new Ask Copilot action. When you highlight text or an image, Click to Do offers the Ask Copilot option. Selecting it opens Microsoft Copilot with your content in the prompt box. You can send the selected text or image directly to the Copilot app to complete your prompt.

A variety of bugs have also been fixed, including one in which devices with BitLocker on removable drives could encounter a blue screen error after resuming from sleep or hybrid-booting.

(Get more info about KB5058499 Preview.)

KB5061977 (OS Build 26100.4066) 

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

(Get more info about KB5061977.)

KB5058411 (OS Build 26100.4061)

Release date: May 13, 2025

This update fixes two bugs, one in which your microphone might have muted unexpectedly, and the other in which the eye controller app didn’t launch. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058411.)

KB5055627 (OS Build 26100.3915) Preview

Release date: April 25, 2025

This build gradually rolls out several new features for Copilot+ PCs, including a preview of Windows Recall. When you opt in, Recall takes snapshots of your activity so you can quickly find and go back to what you have seen before on your PC. With it, you can use a timeline to find the content you remember seeing.

Copilot+ PCs also get a new natural-language Windows search in which you can search for anything on your PC without having to remember specific file names, exact words in file content, or settings names. Just describe what you’re looking for. On Copilot+ PCs, you can also more easily find photos stored and saved in the cloud by typing your own words (like “summer picnics”) in the search box at the upper-right corner of File Explorer. 

All PCs get a number of new features, including speech recap, in which you can keep track of what Narrator has spoken and access it for quick reference. With speech recap, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said using keyboard shortcuts.

A variety of bugs are being fixed, including one in which some devices experienced intermittent internet connections when resuming from sleep mode. Several AI components have also been updated.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows.

(Get more info about KB5055627 Preview.)

KB5055523 (OS Build 26100.3775)

Release date: April 8, 2025

This update includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. 

(Get more info about KB5055523.)