Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are.  Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.

The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates.  Like tacos, Patch Tuesday is here to stay.

In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”

Patch Tuesday will continue to be an “important part of our strategy to keep users secure,” Microsoft said, adding that it’s now an important part of the cybersecurity industry.  As a case in point, Adobe, among others, follows a similar patch cadence.

Patch Tuesday coverage has also long been a staple of Computerworld’s commitment to provide critical information to the IT industry. That’s why we’ve gathered together this collection of recent patches, a rolling list we’ll keep updated each month.

In case you missed a recent Patch Tuesday announcement, here are the latest six months of updates.

For December’s Patch Tuesday, 74 updates and a zero-day fix for Windows

Microsoft released 74 updates with this Patch Tuesday update, patching Windows, Office and Edge — but none for Microsoft Exchange Server or SQL server. One zero-day (CVE-2024-49138) affecting how Windows desktops handle error logs requires a “Patch Now” warning, but the Office, Visual Studio and Edge patches can be added to your standard release schedule. There are also several revisions this month that require attention before deployment. More info on Microsoft Security updates for December 2024.

November: This Patch Tuesday release includes 3 Windows zero-day fixes

Microsoft’s November Patch Tuesday update addresses 89 vulnerabilities in Windows, SQL Server, .NET and Microsoft Office — and three zero-day vulnerabilities in Windows that mean a patch now recommendation for Windows platforms. Unusually, there are a significant number of patch “re-releases” that might also require IT admin attention. More info on Microsoft Security updates for November 2024.

October: A haunting Patch Tuesday: 117 updates (and 5 zero-day flaws)

This month’s Patch Tuesday delivers a large set of patches from Microsoft that fix 117 flaws, including five zero-day vulnerabilities. Though there are patches affecting Windows, SQL Server, Microsoft Excel and Visual Studio, only the Windows updates require a “Patch Now” schedule — and they’ll need a significant amount of testing because they cover a lot of features: networking, kernel and core GDI components and Microsoft Hyper-V. Printing should be a core focus for enterprise testing and the SQL Server updates will require a focus on internally developed applications. More info on Microsoft Security updates for October 2024

September: Latest Patch Tuesday update fixes 4 zero-days

Addressing four zero-days flaws (CVE-2024-38014, CVE-2024-38217, CVE-2024-43491 and CVE-2024-38217), this month’s Patch Tuesday release from Microsoft includes 79 updates to the Windows platform. There are no patches to Microsoft Exchange Server or the company’s development tools (Visual Studio or .NET). And Microsoft addressed a recently exploited vulnerability in Microsoft Publisher with two critical updates and nine patches rated important for Microsoft Office. More info on Microsoft Security updates for September 2024.

August: Patch Tuesday means patch now

Microsoft pushed out 90 updates in its August Patch Tuesday release, including fixes for five Windows zero-days (CVE-2024-38178, CVE-2024-38193, CVE-2024-38213, CVE-2024-38106, CVE-2024-38107) and one zero-day affecting Office (CVE-2024-38189). This means a “Patch Now” recommendation for both Windows and Microsoft Office. Microsoft offered several (pretty useful) mitigations and recommendations to reduce the impact of these security issues. More info on Microsoft Security updates for August 2024.

July: 4 zero-day flaws

This July’s Patch Tuesday from Microsoft addressed a significant number of vulnerabilities, including four zero-day threats.  Here’s a quick rundown: Microsoft released updates for SQL Server, with patches for Windows, Office, .NET, and Visual Studio. It also released four critical updates for Windows, including patches for Hyper-V and MSHTML. There’s one critical update for Office’s SharePoint platform.
More info on Microsoft Security updates for July 2024.

Microsoft released 74 updates in its December Patch Tuesday update, with patches for Windows, Office and Edge — but none for Microsoft Exchange Server or SQL server. One zero-day (CVE-2024-49138) affecting how Windows desktops handle error logs requires a “Patch Now” warning, but the Office, Visual Studio and Edge patches can be added to your standard release schedule. There are also several revisions this month that require attention before deployment, including two (CVE-2023-36435 and CVE-2023-38171) that will need extensive testing. 

The Readiness team has provided this infographic outlining the risks associated with each of the updates this cycle. (More information about the previous six months of Patch Tuesday releases is available here.)

Known issues 

Other than the Roblox issue, Microsoft has published a reduced set of known issues for December:

• There have been reports that the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. The service fails with no detailed logging, and manual intervention is required to run the sshd.exe process. Microsoft has offered several mitigation options for those still affected.
• For those still on Windows Server 2008 you might receive warnings that Windows Update failed to complete successfully. Microsoft is working on this issue and expects a fix to be released soon. Many users will now have to move to the second stage of “Extended Support Updates) or “ESU.”

Major revisions

For the final Patch Tuesday in 2024, there are these revisions to previously released updates:

• CVE-2023-36435 and CVE-2023-38171: Microsoft QUIC Denial of Service Vulnerability. This is the third update to this two-year-old series of patches to the Microsoft .NET platform. Rather than a strictly information update, these patches will need to be added to your December release schedule.

• CVE-2024-49112 : Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This is a release for this month’s update. This does not happen often, as this patch was only released 24 hours ago. (In fact, due to an error in the documentation, this patch was duplicated in the release notes as well.)

• CVE-2023-44487: HTTP/2 Rapid Reset Attack. The update relates to a change in affected software — meaning all recent supported versions of Microsoft .NET and Visual Studio are included in the scope of the patch. Add this to your development update release schedule for the month.

• CVE-2024-43451: NTLM Hash Disclosure Spoofing Vulnerability. This late edition revision has been widely reported in the news as it affects older versions of Windows Server (2008 and 2012) and has received some generous technical support from outside Microsoft.

This is an unusual month for revisions, with several patches from 2023 updated in the final months of 2024, with increased scopes and associated testing requirements. The Readiness team advises extra caution addressing both CVE-2023-36435 and CVE-2023-38171.

Windows lifecycle and enforcement updates

There were no product or security enforcements for this update cycle. However, Microsoft has noted that:

 “There won’t be a non-security preview release for the month of December 2024. There will be a monthly security release for December 2024. Normal monthly servicing for both security and non-security preview releases will resume in January 2025.”

Each month, we analyze the latest Patch Tuesday updates from Microsoft and provide detailed, actionable testing guidance based on a large application portfolio and a detailed analysis of the patches and their potential impact on the Windows platforms and application installations.

For this cycle, we have grouped the critical updates and required testing efforts into different functional areas including:

Networking and Remote Desktop Services

This month’s update addresses key components of Microsoft’s Remote Desktop Services with the following testing guidance:

• Test RDP connections over the Microsoft Remote Desktop Gateway.
• Try RPC over HTTP/HTTPS pathways while validating Remote Desktop broker features.
• Test out DNS signing key operations for RRAS environments.
• Validate WAN port operations (try netsh commands).

Local Windows File System and Storage

Minor changes to the Windows desktop file system will require a test of the ReFS system (light CRUD testing required). Due to changes in how Windows handles non-English characters, a test of Input Method Editors (IME’s) is required for Japanese formats. 

Virtual Machines and Microsoft Hyper-V

A minor update to a key virtualization driver will require some traffic testing and monitoring for Microsoft’s Hyper-V and virtualization platforms. While these recent updates are generally low-profile patches to Windows subsystems, we feel that the primary testing this month should focus on validating remote network traffic. The file system and Hyper-V changes require light testing. The goal for most enterprises is to get these Microsoft updates deployed before change control “lock-down” arrives.

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

• Browsers (Microsoft IE and Edge) 
• Microsoft Windows (both desktop and server) 
• Microsoft Office
• Microsoft Exchange Server 
• Microsoft development platforms (ASP.NET Core, .NET Core and Chakra Core)
• Adobe (if you get this far) 

Browsers 

There were just two minor updates for Microsoft Edge this month, with CVE-2024-12053 and CVE-2024-49041 both rated as important. Add these low-profile changes to your standard release schedule.

Windows 

Though there is a strong focus on networking, this release also affects the following Windows features:

• Windows Remote Desktop and related routing servers
• Windows Kernel and Kernel Mode Drivers
• Printing
• Microsoft Hyper-V
• Microsoft LDAP and LSASS
• Windows Error Reporting

Unfortunately, there is a zero-day (CVE-2024-49138) that has been reported as publicly disclosed and exploited in the wild that affects how Windows creates error log files. Add these Windows updates your Patch Now cycle.

Microsoft Office 

Microsoft released nine patches to Office, all rated important. In addition, the company  offered some additional security measures and mitigations to the platform with the release of the advisory ADV240002, which covers the following areas:

• Perimeter Defense
• Network Security
• Endpoint Protection
• Application Security

This month’s update affects Microsoft Excel, SharePoint and core Microsoft Office libraries. Add these patches to your standard Office release schedule.

Microsoft SQL (nee Exchange) Server 

There were no updates for either Microsoft SQL or Exchange server.

Microsoft development platforms

Microsoft released a single update to the experimental AI music project Muzic with CVE-2024-49063. We’ll take this as a “win” with no further updates to Microsoft .NET or Visual Studio.

Adobe Reader (and other third-party updates)

Adobe has released a completely normal, run-of-the mill update to both Reader and Acrobat (Adobe Release notes). This is good news. This update has not been included in the Microsoft release cycle, which is as it should be. Adding to the huge, globally shared sense of relief, Adobe has chosen to modify its patching methodology to fall in line with industry best practices. Long-suffering IT admins have had to create (and maintain) “process workflow exceptions” to handle Adobe updates, usually with complex PowerShell scripts. No longer! 

Thank you, Adobe; there is no greater gift than a few less things to do (repeatedly).

For those readers who have enjoyed delving into the deeper details of all things patching, the Readiness team would like to say, “Thank you for the time and attention and we look forward to the New Year.” 

No surprises, right?

The Macy’s accounting nightmare is only getting worse, with the $24 billion retailer telling the SEC on Wednesday that both its annual report from last year and its auditor report “should no longer be relied on.”

Although the amount “hidden” was only $151 million — at the high end of Macy’s original estimate of “$132 million to $154 million” — the retailer said it exposed a massive weakness in its checks and balances procedures.

Macy’s did not get specific about the nature of the flaws, but the problem seems to be that the software charged with monitoring financial transactions was never designed to catch accountants doing what they do best: categorizing numbers in ways designed to make the company’s performance look better than it is. 

Such software is typically designed to catch true fraud, such as an employee exfiltrating money out of an enterprise into bank accounts they control, or payments to fraudulent contractors or even simple math errors. Apparently, the Macy’s system had weak safeguards that were easily sidestepped. Accounting officials say these same technology deficits likely exist in every enterprise. 

Macy’s “management identified a material weakness in its internal control over financial reporting related to the design of existing internal control activities involving manual journal entries over delivery expenses and certain other non-merchandise expenses, and the reconciliation of the related accrued liabilities,” the SEC filing said. “The Company identified that a single employee, who is no longer with the Company, intentionally made erroneous accounting entries and falsified underlying documentation, to understate delivery expenses from the fourth quarter of 2021 through the third quarter of 2024.”

When Macy’s first reported the incident, it used the word “hidden” and made no reference to “falsified underlying documentation.” Those are big clues about what likely happened. 

“The material weakness was the result of deficiencies in the design of controls over delivery expense and certain other non-merchandise expenses, and the related accrued liabilities, whereby the design of the controls did not consider the potential for employee circumvention of these controls,” the company said in its filing, adding there were “failures to obtain, or generate and use, relevant, quality information to support the functioning of these controls, including validation of the reliability of the information.”

Here’s the key “you’ve got to be kidding” point: “The design of the controls did not consider the potential for employee circumvention of these controls.” 

Really? The designers for an accounting system managing $24 billion in cash flow never considered that somebody might try to circumvent controls? Like perhaps someone engaged in naughtiness? 

The filing also showed some seeming contradictions. It stressed, for example, that this problem was done by just one employee — as though that’s a good thing. Imagine a Pentagon official explaining how 40 nuclear warheads were stolen and said, “I know this sounds bad, but this wasn’t done by a squadron on enemy fighters. This theft was just done by one guy, so all is fine.”

Macy’s also tried to say that this was not that big a deal. “The Company evaluated the errors and determined that the related impact was not material to results of operations or financial position for any historical annual or interim period.” 

But by the end of the filing, Macy’s attorneys used a lot of words to essentially say this actually was a big deal.

“As a result of the material weakness in the Company’s internal control over financial reporting described above, on December 10, 2024 the Audit Committee of the Board of the Company determined, based on the recommendation of management following its consultation with the Company’s independent registered public accounting firm KPMG LLP, that management’s report on internal control over financial reporting as of February 3, 2024…should no longer be relied upon. Additionally, KPMG LLP’s opinion as to the effectiveness of the Company’s internal control over financial reporting as of February 3, 2024 included within the Report of Independent Registered Public Accounting Firm in the Company’s Annual Report on Form 10-K for the fiscal year ended February 3, 2024, should no longer be relied upon.”

In accounting speak, declaring that their financials are not to be trusted is admitting that this is a big deal. Why? Given the lack of meaningful controls and strong safeguards in this one business unit, there is every reason to believe that the same lack of safeguards exist elsewhere in the company — and  according to accountants, in just about every enterprise.

Stefan van Duyvendijk, an industry principal with accounting software vendor FloQast, reviewed Macy’s filing and said that the retailer “is trying to distract people” by implying that the “small package delivery” unit is “the only place where Macy’s has this weakness.” 

This happened because that small package area was likely deemed low-risk, van Duyvendijk said, but Macy’s “reviews over journal entries are the same across the company.”

That means Macy’s likely knows that other similar issues could easily crop up — and that is what is tainting all of their reported financials and audits. 

The lone employee apparently reported that the small package unit owed less than it really did. “ERP is incapable of catching something like this,” van Duyvendijk said.

For other enterprises, this glaring hole in controls could be worse. The Macy’s problem appears— so far –to be one employee manipulating numbers to make the department look better.

It wasn’t outright fraud or theft. But that’s merely because the employee didn’t try to steal. But the same lax safeguards that allowed expense dollars to be underreported could have just as easily allowed actual theft.

“What will happen when someone actually has motivation to commit fraud? They could have just as easily kept the $150 million,” van Duyvendijk said. “They easily could have committed mass fraud without this company knowing. (Macy’s) people are not reviewing manual journals very carefully.”

Another accounting specialist,  JR Kunkle, an auditor and GRC specialist who runs his own consulting firm, Kunkle Consulting, agreed that the ERP and accounting systems used today can’t prevent accounting fraud in the way they should.

“If an individual is hellbent, he can change codes in the software. (Management) is going to rely on the accountant to setup the accruals,” Kunkle said. “Any kind of accounting entry requires judgment.” And today’s business software systems are incapable of reviewing and managing human judgment.

“Once you get inside (the accounting decision process) and there is a judgment factor, ERP can give you data about it, saying that it’s a shipping expense, but I don’t think systems in general can figure out what an accountant should enter,” Kunkle said. “I don’t know that you can automate that.”

Another financial specialist, Emburse CFO Adriana Carpenter, said that the software problem exists, but there areaccounting tactics that can minimize exposure.

“It’s true that most ERPs are not designed to catch erroneous accounting,” she said. “However, there are software tools that allow CFOs and CAOs to create more robust controls around accounting processes and to ensure the expenses get booked to the correct P&L designation. Initiating, approving, recording transactions, and reconciling balances are each steps that should be handled by a separate member of the team. There are software tools that can assist with this process, such as those that enable use of AI analytics to assess actual spend and compare that spend to your reported expenses. Some such tools use AI to look for overriding journal entries that reverse expense items and move those expenses to a balance sheet account.”

The specific problem Macy’s is struggling with could be minimized for others, she said. For example, someone bypassing safeguards can eventually be detected.

“In the event of management overriding accounting controls, leveraging the spend data on an end-to-end spend management platform and using AI analytics can identify this type of override by automatically comparing total spend to your P&L and identifying discrepancies,” Carpenter said. “In the case of this Macy’s accounting error, AI analytics would have identified differences in total payments versus the expense that was being reported.”

The ultimate problem here involves enterprise CIOs and their teams who trust software controls too much. Trusting software to religiously do what it is supposed to do is asking for trouble. Trusting that software to do what it was never designed to do? That is just demanding trouble.

Apple has already seized a leadership position with Apple Silicon. Now, it seeks to build a second bridgehead in networking chips so it can make the 5G chip, the Wi-Fi chip, and Bluetooth chips used inside its devices.

Why?

Cutting component costs might be part of its calculation, but improving performance, battery life, and the integration of these very different networking components might well yield a greater prize.

Apple now aims to introduce the first combined Wi-FI/Bluetooth chip in Apple TV and HomePod mini in early 2025, with the component set to appear in iPhones later next year. Macs and iPads will reportedly gain the new networking component in 2026. Current supplier Broadcom will continue to supply Apple with RF filters and is now working with it on development of AI chips for Apple’s Private Cloud Compute servers. (Broadcom and Apple also have some relationship on development of 5G modems for Apple’s devices.

To some extent, much of this was known. Apple’s silicon development teams have been working on multiple chips for use in Apple devices for some time, including M-, A-, S- and R- series chips used in Macs, iPhones, iPads, the Apple Watch and Vision Pro.

It also makes the W-series processors that manage Bluetooth and battery use on Apple Watch; the H-series chips (which are more efficient than W-family processors) inside AirPods; and the U-series family of UWB processors. There may be a handful of additional Apple-designed silicon components still in play in some older devices — it also made the T-series system management processors in late period Intel Macs. 

Apple is also a member of the Bluetooth Special Interest Group, which defines the Bluetooth standard. 

Apple’s big plan?

Development takes a lot of investment. Apple now has thousands of highly qualified engineering staffers working on silicon design for its fleet of devices. In Munich, Germany alone, the company now employs more than 2,000 people and we know it has others working on silicon development at key locations worldwide, including in the UK, where Apple CEO Tim Cook paid a visit this week. 

All this activity — and speculation Intel might try to poach Johny Srouji, Apple’s senior vice president for hardware technologies — represent the degree of investment Apple has been making in this sector.

Really, and truly, Apple has gone from zero to hero in processor design since it first invested in PA Semi. These investments mean the company now competes at the top of the silicon design industry and has the processors it needs to design and manufacture devices that just weren’t possible with other chips, opening doors for new types of hardware, wearables, and various forms of home/enterprise computing.

But while it isn’t clear how Apple can make a version of Wi-FI and Bluetooth that makes an inherent difference to its customers, the opportunities the project brings to product design seem a little clearer.

What benefits does this bring?

That’s the strategic benefit of what Apple has done so far in terms of core processor design (CPU, GPU, Neural Engine, etc). Now, Apple seems to want to achieve similar benefits in networking. What form could those benefits take?  There are some obvious possibilities:

• Lower cost components: One way to keep retail costs stable is to control manufacturing costs.
• Better integration: Think of it as the whole widget approach.
• Energy use: Better heat dissipation and energy use should make for ever slimmer designs, potentially including the rumored iPhone 17 Slim.
• Optimization: Better integration should make for improved networking stability.
• Commodification: Apple gets to augment core networking features with Apple-only additions to benefit users.
• Licensing: While unlikely, the company might want to license its networking technologies (even on a FRAND basis to improve its hand when negotiating other licenses). It may also want (or be forced) to put a “Made for Apple” licensing system in place to open up any Apple-only features to third-parties. 
• Innovation: While Apple isn’t ready to do so yet, combining networking components on a single chip — or even eventually on a single SOC — should enable new opportunities, such as improved support for satellite communications. (Satellite is evidently part of Apple’s vision for networking, as will be HomeKit and biometrically controlled digital key deployments.)
• Independence: Apple wants to reduce its reliance on third-party manufacturers for strategic components used in its devices.

Of course, these are just some of the possibilities. But to my mind, the biggest motivation will be to apply further differentiation to Apple’s hardware.

That’s not going to mean Apple will attempt to sell its devices on the merits of its own Bluetooth chip — that’s not Apple’s way. Its approach is to market its products on the basis of the features they bring. I think this means the integration of network services will form the foundation for new hardware features and services somewhere down the line, the most obvious being built-in LAN enhancements and satellite messaging.

On the latter, it is interesting just how many of the stories circulating in recent weeks seem to lead toward satellite, giving me a chance to grab my copy of Eddy Ramos’ Book of Laughs and say that when it comes to Apple’s future networking silicon adventures, you really should watch the skies. Unless you live in New Jersey or Oregon, where you may prefer to keep your eyes down to protect your sanity.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

A new premium version of Google’s NotebookLM AI assistant is now available to Google Workspace customers.

Google unveiled NotebookLM last year, initially under the name Project Tailwind, and began testing the AI-powered “notebook” with select users. NotebookLM lets users upload multiple documents and other sources — Google Docs, PDFs, audio files and web URLs, for instance — that are analyzed by Google language models. Users can then query via a generative AI (genAI) chatbot interface. 

Google has added several features since NotebookLM was first unveiled, including  Audio Overviews, which generates a podcast-style audio discussion from the contents of uploaded documents. 

A free version of the app has been available to Google Workspace customers since September, and an early access pilot for an “enhanced” business version of NotebookLM was announced in October. 

Google also announced the launch of its new NotebookLM Plus. This is available to Google Workspace users that pay for the Gemini for Workspace add-on (which starts at $20 per user each month on top of Workspace subscriptions), as well as a standalone version via Google Cloud. Google didn’t immediately respond to a request for pricing for the standalone version of the app. 

The premium version removes some of the usage limitations with the free version. That means five times more Audio Overviews, queries, notebooks, and sources per notebook. There are also customization options for style and tone of user notebooks, and shared notebooks for teams with usage analytics.

Google highlighted “enterprise-grade” protections for business customers: employee uploads and queries entered into NotebookLM Plus won’t be used to train models and are not reviewed by humans, Google said.

“Your data remains your data and any files uploaded, queries and responses are not shared outside your organization’s trust boundary,” a Google spokesperson said in a blog post. 

NotebookLM users get access to a redesigned the user interface, too. 

“From the start, we wanted NotebookLM to be a tool that would let you move effortlessly from asking questions to reading your sources to capturing your own ideas,”  Steven Johnson, editorial director forGoogle Labs, said in a blog post. “Today, we’re rolling out a new design that makes it easier than ever to switch between those different activities in a single, unified interface.” 

The interface is organized into three components: a “sources” panel that manages information related to a user’s project; a “chat” panel, where you can query the NotebookLM chatbot about the contents of uploaded documents; and the “studio” panel, where new documents such as study guides, briefing docs and audio overviews, can be created with one click,Google said. Each component can be expanded and resized to help focus on a particular part of the app. 

There’s also a new feature under development: the ability for a user to interrupt an AI-generated Audio Overview conversation mid-flow and ask questions. “Using your voice, you can ask the hosts for more details or to explain a concept differently,” said Johnson. It’s like having a personal tutor or guide who listens attentively, and then responds directly, drawing from the knowledge in your sources.”

Google noted that NotebookLM will be embedded in Agentspace, a new tool for interacting with AI agents for work tasks. 

Google has unveiled an AI agent builder tool designed to  automate repititive tasks and help workers find information held across their organization faster. 

AI agents have become a major focus for software vendors in recent months, including Atlassian, Microsoft, Salesforce, and numerous others. The “agent” concept is used in different ways, but generally refers to software systems that are able to take actions on behalf of a user, with varying degrees of autonomy. IDC analysts predict that at least 40% of Global 2000 businesses will use AI agents and agentic workflows to automate knowledge work, doubling productivity in the process — at least in cases where the technology is successfully implemented.

On Friday, Google unveiled Agentspace, its own application where workers can access and build agents. The standalone app  has three main purposes, according to Google.

One is to serve as the “launch point” for custom AI agents. These agents combine generative AI (genAI) large language models with multi-step workflows to automate repetitive tasks. Google said the application has an “intuitive interface” and intends it to serve as a space where workers can access pre-built agents created in Google’s VertexAI Agent Builder. A low-code tool is also in the works to enable a wider range of employees to set up their own agents.

Agentspace also provides an enterprise search function that Google said will help workers find information held in applications across their organization, includingboth structured and unstructured data such as documents and emails. Agentspace search is “multimodal,” Google said, meaning it should be possible to search across video and image files as well as text documents. 

Agentspace search can access data from a range of sources using connectors to third-party tools such as Confluence, Google Drive, Jira, Microsoft SharePoint, ServiceNow, and others. 

Users can interact with a conversational assistant that responds to search queries. Agentspace agents will also perform actions based on the information held in customers’ documents, Google said.

Finally, NotebookLM is also embedded in the Agentspace app. Unveiled as an “experimental” tool by Google Labs last year before a wider release in September, NotebookLM is billed as a “virtual research assistant” that provides responses grounded in documents and data supplied by a user. This includes the ability to create podcast-style voice summaries of selected documents, for example.

Agentspace is available now in early access with a 90-day free trial; it will require a monthly per user subscription fee after that period. Pricing details are yet to be announced, a Google spokesperson said. 

Google this week announced a range of AI “agent” tools, including  two research prototypes: Project Astra, which can perceive the physical world and provide assistance to users, and Project  Mariner, which understands and can take action on the contents of a computer screen. These are powered by Gemini 2.0, Google’s latest AI model which launched on Wednesday and is described by Google as its “model for the agentic era.”

For all the ways travel’s evolved over the years, one thing has remained maddeningly steadfast: Moving from one place to another is almost always a hassle. There’s endless room for inconvenience and error, and a journey rarely goes according to plan.

But while there’s not much you can do about the late departures, the surly gate attendants, or the smelly fella somehow always seated right next to you, there are some tech-centric steps you can take to make your next business trip a little less unpleasant.

Android’s travel app selection has really taken off in recent years, and the Google Play Store now boasts an impressive array of genuinely useful titles for the traveling professional. After putting numerous standout candidates to the test, these are the apps I’d recommend stowing on your smartphone and keeping at arm’s reach whenever your work next has you hitting the road or flying the (allegedly) friendly skies.

(All apps are free unless otherwise specified.)

Android travel apps, part 1: Planning and preparing

Organize your packing process

PackPoint is a travel organization genie. You simply tell it where you’re going, when, and what you’ll be doing — and the app generates a detailed checklist of suggested items for your suitcase.

You can add your own items to the list, as needed, and then use it as a guide to make sure you remember everything, every time.

PackPoint is free, with an optional one-time $3 upgrade that removes ads and gives you the ability to create your own custom packing templates. The paid version of the app also integrates with TripIt (more on that in a moment), which means it can import your travel plans automatically and create packing lists before you even ask.

Prepare for local navigation

Yeah, yeah, I know: You’re well aware of Google Maps. But what you might not realize — or maybe have just forgotten — is that with a teensy bit of planning, you can download all the data you need for a trip directly into Maps in advance. That way, you can navigate to your heart’s content, even in areas without strong mobile data signals, and you can avoid burning through mobile data unnecessarily on the road.

Here’s the trick: While you’re still in the comfort of your home or office, open up Maps on your phone and search for the city you’ll be visiting. Tap the city’s name within the search interface, then tap its name a second time when it appears in a panel at the bottom of the screen — or just swipe up on that panel to enlarge it.

From there, tap the More button in the row of options directly beneath the city’s name (and if you don’t see that button right away, try scrolling horizontally along that row to reveal it).

That’ll reveal a pop-up menu with an option to “Download offline map.” Tap that, then tap “Download” on the confirmation screen that appears. Once the download finishes, you’ll be able to access maps and directions within your destination without the need for an active connection.

Repeat as needed for any additional places on your agenda, then rest easy knowing your navigational guide will be there and waiting — no matter what sort of conditions you encounter.

Android travel apps, part 2: Flying

Manage your air travel

TripIt is an all-around air travel management companion, and it’ll make your life easier in some meaningful ways — especially if you do a fair amount of flying.

At its core, TripIt allows you to forward flight itineraries and other travel-related emails to a special address — or, if you want, to grant it direct access to your inbox so it can find and process such emails on its own — and it then extracts all the relevant details and organizes them into clean and easy-to-follow master itineraries.

Where TripIt really shines, though, is with its optional $49-a-year TripIt Pro service (which you can try out via a free 30-day trial). That service gives you real-time flight updates all throughout your trip — often beating notifications by airlines’ own apps, in my experience, as well as updates to the monitors in the terminal.

Beyond that, TripIt Pro makes it dead simple to find alternate flights at any point in your adventure. If a connection is canceled or delayed, all it takes is a couple of taps to see what other flights are available — even down to the specific open seats — on your current airline or on another. That’s helped me stay a step ahead of the gate agent on multiple occasions when late departures have put connecting flights in jeopardy.

TripIt Pro comes with a few other perks, too, such as a two-month free trial of the CLEAR expedited airport access program. But the notifications and alternate flight finder are what really make the app invaluable. And while several other services offer similar sorts of travel planning features, no other app has been as consistently helpful, reliable, and easy to use as TripIt in my real-world travel testing. It’s the gold standard of travel organization and a must-have for any frequent flier or business traveler.

Find the best flights

Forget all the clunky, upsell-infested flight-finding services and instead, open up your Chrome Android browser and navigate to Google Flights. All right — so technically, it isn’t an Android app, but Google’s flight-searching system makes it super-easy to find and book flights across all airlines. You can save or share potential itineraries, monitor flights and get notified by email as soon as a specific fare goes up or down, and then buy your tickets directly with whatever airline (or airlines) you choose.

Pro tip: If you want to make the app easier to access, tap Chrome’s three-dot menu icon while viewing the website and select “Add to home screen.” That’ll give you a more traditional mobile-app-like icon that can then pull up the tool with a single tap.

One other utility that might be worth keeping handy is Hopper — but there’s a very specific purpose and also an important asterisk involved. Hopper watches flight prices over long periods of time in order to track trends and show you how fares are likely to fluctuate based on when you fly and when you make your purchase. If you’re booking your own travel and either footing the bill yourself or trying to stay within a limited company budget, that knowledge can be incredibly helpful to have.

But Hopper’s ultimate goal is to get you to book your tickets through its service, and that doesn’t necessarily seem like the most advisable thing to do. User reviews on the Play Store mention difficulty changing itineraries once they’re booked with Hopper and challenges getting through to the company’s customer service.

So what I’d suggest is treating Hopper as a resource and not a ticket-purchasing portal: Use it to research optimal travel dates and purchasing windows, if you need to, and then take the info it gives you and plug it directly into either Google Flights or the appropriate airline’s website to buy the tickets directly from the source — and without the potentially problematic middleman.

Speed up your border entry

If you’re traveling internationally — and have a valid passport from the US or Canada, a US lawful permanent resident card, or a US Visa Waiver Program passport — the Mobile Passport Control app can save you precious time when you enter the US by letting you submit your passport info and customs declaration form ahead of time and then skip the regular line on your way through border patrol.

Despite what its name may suggest, though, the app doesn’t actually replace your passport. You’ll still need to carry that with you. It’s also currently supported only by certain airports, so you’ll want to make sure it’s available wherever you’re flying before you begin.

And not to worry: It’s created by the US Customs and Border Protections agency and 100% official and legit.

Android travel apps, part 3: Driving and public transit

Track your mileage

If you drive your own car for business, MileIQ — formerly owned by Microsoft but now back to being an independent entity — makes it as easy as can be to keep track of all your mileage for later reimbursement.

Once you set up the app on your phone and grant it the various permissions it requires, you don’t have to do a thing: It’ll just automatically detect when you’re driving and then log all your miles in the background. It even uses current IRS-mandated reimbursement rates to calculate what you’re owed.

The app has some interesting advanced options, too, such as the ability to set specific work hours and then ignore any drives that occur outside of those times.

MileIQ is free to use for up to 40 drives per month. For unlimited access, you’ll have to pony up $6 a month or $60 for a full year of service.

Pay less for gas

Why pay top dollar for top-offs when you can drive an extra minute from the highway and save yourself (or your company) some money? GasBuddy gives you the insight you need to find fuel that won’t break the bank: You just open up the app, tap the option to find gas near you, and then either look through a list of nearby gas stations and how much they’re currently charging or switch to a map view to see prices plotted out around your present location.

GasBuddy has a bunch of other features you probably won’t want to mess with, but the app’s price searching ability is worth every penny (particularly since the app is free and thus costs you precisely zero pennies to use).

Activate your highway X-ray

As anyone who’s ever taken a lengthy drive knows, fuel is only one tiny part of the highway exit decision matrix. Which exit you choose on your journey could determine if you end up with a gold mine of interesting options for dining, buying, and other delightful diversions — or if you find you’re facing a metaphorical (and maybe also literal) desert, with nothing of note anywhere around you.

An app called iExit will change the way you think about such choices.

iExit shows you a detailed breakdown of exactly what you’ll find at every exit on every interstate throughout the US, with a complete list of all restaurants, stores, parks, hotels, and other random attractions that are accessible from each exit you’re passing.

The app can use your current location to show you info as it becomes relevant, or you can manually search along any interstate to get an exit-by-exit overview. Either way, it’s completely free to use.

Find parking anywhere

When you’re traveling through a city, SpotHero will save you a substantial amount of time, money, and headaches with finding a place to park.

Just search the app for any specific location or let it scan your current location, and within a matter of seconds, you’ll see a list of available parking in the area — arranged by price, proximity, and even other drivers’ ratings.

You can often book a spot directly within the app, if you want — or you can just use it as a free and easy way to find a place to land.

Become a public transit master

If you’re ditching the car and relying on trains, buses, Ubers and Lyfts, or even bikes, scooters, and plain ol’ walking to get around your destination, Citymapper is the app you need.

In cities where it’s supported — a limited but reasonably extensive list — Citymapper lets you put in a starting and ending address and then explore the best ways to get from point A to point B using any combination of public transit options.

The app mixes and matches available methods and serves up an impressive menu of possibilities. You can pick the cheapest combo, the fastest path, or choose a specific way you prefer to travel and let Citymapper create a custom itinerary around that.

Citymapper is free with an optional $1.50-a-month or $10-a-year ad-free upgrade.

Android travel apps, part 4: At your destination

Track your travel expenses

When it comes to more general expense-tracking, Expensify is the app to have in your arsenal. Expensify lets you simply take photos of receipts with your phone — or forward invoices and receipts via email — and it then extracts the relevant details and organizes them into reports. The app is available on the web as well, and it offers direct-export integrations with QuickBooks, Xero, and other accounting services.

Expensify costs either $5 or $9 per person per month for businesses, depending on your needs. You can try the app out with a free individual plan, too, though that limits you to just 25 imports per month and lacks many of the service’s advanced expense reporting and integration options.

Find a place to stay on short notice

The next time you find yourself unexpectedly stuck somewhere — be it due to a cancelled flight or a road trip gone awry — don’t panic. Instead, snag the free and easy to use HotelTonight app. HotelTonight searches around your current location to find hotels with open and available rooms, but that’s not all: It also scores you legitimate savings on the rates, by way of an apparent deal wherein hotels let the service sell rooms at a discount in order to fill last-minute vacancies. I spot-checked a handful of the app’s recommendations, and the savings were absolutely real.

HotelTonight has handy details and ratings for all the hotels it recommends. And once you find something suitable, all it takes is a few taps within the app to book your room and be ready to roll.

Find Wi-Fi anywhere

Why waste money on mobile data when Wi-Fi is all around you and waiting for the taking? Just open WiFi Map to see an interactive map showing available Wi-Fi networks in your area (or any other area you want to search). The app lists out speed information and even provides user-submitted passwords to secured public networks in some instances.

Just note: When you first open WiFi Map, you’ll be pressed to upgrade to a $15-a-year premium subscription. That allows you to eliminate some rather aggressive ads within the app and also gives you the ability to download information in advance for offline viewing. You don’t have to make the upgrade, though (and arguably shouldn’t bother); if you want to use the app for free, just tap the little “x” in the upper-right corner of the screen when the upgrade prompt appears.

Convert and translate anything

For your next border-crossing journey, let XE Currency Converter convert currency for you without the usual headache. Once you tell the app your home country’s currency and select which foreign currencies you want to convert into, all you have to do is type in a dollar amount to get an instant glimpse at the exact equivalent based on up-to-the-minute conversion rates.

And when language translation is what you require, the aptly named Google Translate app is the tool you want. It’s jam-packed with practical features, such as the ability to translate text instantly from an image you capture with your camera and a “conversation mode” that lets you have a (somewhat awkward) back-and-forth dialog, in real time, with someone speaking a different tongue.

Stay fit wherever you go

Who says you have to stay sedentary just because you’re traveling? Skip the underwhelming hotel “exercise facility” and turn to AllTrails to find and navigate popular running, biking, and hiking trails wherever you are instead. The app is free to use, with an optional $36-a-year premium upgrade that gives you a variety of extra features like live sharing, offline-friendly downloading, and an ad-free experience.

(When you first start using the app, you’ll see a full-screen prompt to start a free trial subscription. Just note that you don’t have to do that and can skip over the offer altogether by tapping the “x” in the upper-left corner of the screen.)

If you’d rather get your heart pumping from the privacy of your own room, snag the Nike Training Club app. It’s filled with easy-to-follow workouts, ranging from the intense and Crossfit-reminiscent “Total Body Burnout” to the simple and stretch-oriented “Run Ready Flow.”

You can find workouts for practically any amount of time you want — as little as five minutes, even! — and you can browse specifically through “no-equipment workouts,” assuming you don’t carry your entire collection of kettlebells with you every time you travel. And best of all? The app is completely free to use.

The only thing you’ll be missing is an excuse.

This article was originally published in June 2018 and most recently updated in December 2024.

Microsoft has announced Phi-4 — a new AI model with 14 billion parameters — designed for complex reasoning tasks, including mathematics. Phi-4 excels in areas such as STEM question-answering and advanced problem-solving, surpassing similar models in performance.

Phi-4, part of the Phi small language models (SLMs), is currently available on Azure AI Foundry under the Microsoft Research License Agreement and will launch on Hugging Face next week, the company said in a blog.

The company emphasized that Phi-4’s design focuses on improving accuracy through enhanced training and data curation.

To put into perspective, large language models (LLMs) like ChatGPT 4 and Google Gemini Ultra operate with hundreds of billions of parameters.

“Phi-4 outperforms comparable and even larger models on tasks like mathematical reasoning, thanks to a training process that combines synthetic datasets, curated organic data, and innovative post-training techniques,” Microsoft said in its announcement.

How does it stack up against competitors?

The model leverages a new training approach that integrates multi-agent prompting workflows and data-driven innovations to enhance its reasoning efficiency. The accompanying report highlights that Phi-4 balances size and performance, challenging the industry norm of prioritizing larger models.

“The goal with Phi-4 is to explore the efficiency of smaller models while maintaining accuracy,” Microsoft researchers noted in the technical documentation.

Microsoft’s Phi-4 competes directly with models such as OpenAI’s GPT-4o Mini, Anthropic’s Claude 3 Haiku, and Google’s Gemini 1.5 Flash, each catering to specific applications in the small language model landscape.

While GPT-4o Mini is designed for cost-efficient customer support and operations requiring large context windows, Claude 3 Haiku excels in summarization and extracting insights from complex legal or unstructured documents. Meanwhile, Gemini 1.5 Flash offers better performance in multimodal applications, thanks to its ability to handle massive context windows, such as analyzing video, audio, and extensive text datasets.

Phi-4 achieved a score of 80.4 on the MATH benchmark and has surpassed other systems in problem-solving and reasoning evaluations, according to the technical report accompanying the release.

This makes it particularly appealing for domain-specific applications requiring precision, like scientific computation or advanced STEM problem-solving.

Focus on responsible AI

Microsoft emphasized its commitment to ethical AI development, integrating advanced safety measures into Phi-4. The model benefits from Azure AI Content Safety features such as prompt shields, protected material detection, and real-time application monitoring. These features, Microsoft explained, help users address risks like adversarial prompts and data security threats during AI deployment.

The company also reiterated that Azure AI Foundry, the platform hosting Phi-4, offers tools to measure and mitigate AI risks. Developers using the platform can evaluate and improve their models through built-in metrics and custom safety evaluations, Microsoft added.

Broader implications

Phi-4’s efficiency and reasoning capabilities may prompt organizations to reconsider the relationship between model size and performance. The release is expected to play a role in advancing applications requiring precise reasoning, from scientific computations to enterprise automation.

With Phi-4, Microsoft continues to evolve its AI offerings while promoting responsible use through robust safeguards. Industry watchers will observe how this approach shapes adoption in critical fields where reasoning and security are paramount.

A new class action lawsuit alleges poor working conditions and exploitive behavior by AI data processing company Scale AI, saying that workers responsible for generating much of its product were mischaracterized by the company as independent contractors, rather than full employees.

Scale A’s services include providing the human labor to label the data used in training AI models and in shaping their responses to queries. For instance, a worker might label images from a car’s LIDAR detector to help create an AI that more accurately identifies objects.

To get this kind of human input, according to a complaint filed Tuesday in the Superior Court of California, Scale AI outsources work through services like Outlier, where named plaintiff Steve McKinney worked until June. Tasks for Scale AI, the complaint alleges, were assigned algorithmically, with payments reduced or denied for projects that exceeded a designated time limit. McKinney’s suit said that this amounts to a bait-and-switch in terms of promised compensation. In addition, it noted, workers were not paid for peripheral functions such as reviewing project guidelines, seeking clarification, or attending required training webinars.

Moreover, the subject matter of many prompts, some of which involved suicidal ideation and violence, among other disturbing topics, coupled with restrictions from Scale AI around break times and outside research, created a grueling, authoritarian workplace in which workers could be terminated for complaining about working conditions, payments, or company processes, the complaint said.

Additionally, the suit says that McKinney and the many others in his position were misclassified under California law as independent contractors, rather than employees. Generally speaking, employers have fewer legal responsibilities to independent contractors than they have to full employees, who are more likely to be subject to state and federal laws about overtime payment, among other things.

California’s legal standard for deciding which workers are independent contractors and which are employees is fairly strict, and is referred to as an ABC test, for its three-pronged nature. According to the California Labor and Workforce Development Agency, workers are employees unless they are free from the control and direction of the hiring entity, are doing work outside the usual course of the hiring entity’s business, and are “customarily engaged” in an independent business of the type they’re being hired for. None of those standards, the lawsuit argues, are met in the case of McKinney and the other Scale AI workers in his position.

“Sordid underbelly”

“Scale AI is the sordid underbelly propping up the generative AI industry,” said the suit filed on McKinney’s behalf by the Clarkson Law Firm, based in Malibu, California. The firm has been at the forefront of civil litigation against the tech industry where AI is concerned, appearing for multiple plaintiffs in cases around copyright, privacy, and more.

Ryan Clarkson, the firm’s managing partner, said that the rapid growth of generative AI as a business has had corrosive effects on tech workers around the world.

“Scale AI has built its business on a model of exploitation, relying on thousands of workers from across the globe to be paid less than a living wage to train AI applications for hours on end,” he said in a statement. “These workers operate under strict company control and are being cheated out of labor code protections. It’s unlawful and unacceptable.”

Scale AI’s head of communications, Tom Channick, declined to comment on the litigation but said via email that the company is committed to ensuring it is in full compliance with all applicable laws and regulations.

“Scale takes all contributor feedback seriously and has clear processes in place to address complaints,” he said. “For contributors who work on projects containing sensitive content, we have numerous safeguards in place, including advanced notice of the sensitive nature of the work, the ability to opt out at any time, and access to health and wellness programs.”

Scale AI’s marketing materials advertise that it works with some of the biggest players in the AI space, including Microsoft, Meta, Alphabet, and Nvidia, although none of these companies had responded to requests for comment about the matter by the time this article was published. Earlier this year, Scale AI shut down its RemoteTasks subsidiary in several countries, including Nigeria, Kenya and Pakistan, without notice to its regular gig workers in those countries.

Microsoft has offered a miniscule concession to users determined to install Windows 11 on PCs that don’t meet its minimum hardware requirements: you will be able to do it, but on your own head be it should things go wrong.

The apparent moderation of its previously hardline upgrade policy appeared on a support page update which lists the numerous disadvantages of pressing ahead with a Windows 11 on an unsupported system.

These include unspecified compatibility problems, and a watermark noting a PC’s non-compliant status that will appear on the Windows 11 desktop. More significantly, it states:

“If you proceed with installing Windows 11, your PC will no longer be supported and won’t be entitled to receive updates.”

This is unambiguous – no security updates. And that’s in addition to the rather alarming warning that any “damages to your PC due to a lack of compatibility aren’t covered under the manufacturer warranty.”

Those are serious gotchas, the same ones Microsoft has been warning about for some time. Only a week ago, a blog by Microsoft senior program manager Steven Hosking described the most important element of the Windows 11 requirements, support for Trusted Platform Module (TPM) 2.0, as “non-negotiable.” That remains the case.

Not sugarcoating it

What has changed? Despite some optimistic news reporting on this issue, nothing. Microsoft doesn’t want users to upgrade to Windows 11 on unsupported hardware, but is now acknowledging that some people will push ahead regardless. That being so, it wants to tell them what might happen, so they can’t say they weren’t warned.

The date Windows 10 is due to stop receiving updates, Oct. 14, 2025, remains the same. Upgrading to Windows 11 without meeting the hardware requirements won’t change the negative consequences of this. Nor does the update explain how users can bypass the minimum requirements, should they choose to do so.

Importantly, users who regret upgrading will only have ten days to revert to Windows 10. After that, the files enabling this function will be deleted to save disk space, and the “go back” button in Recovery options will disappear.

Microsoft also doesn’t elaborate on what it means by Windows 11 “compatibility issues,” so this is a matter of guesswork. However, it’s possible to imagine that new features that assume a TPM is available could cause instability on a machine lacking this facility. It could also affect drivers for older hardware no longer supported in Windows 11, although this would be likely to be an issue over the longer term.

Meet the TPM

Microsoft’s minimum requirements for Windows 11 cover several hardware components, including having enough RAM and a powerful enough microprocessor. But the most contentious issue is whether a PC contains or supports a Trusted Platform Module (TPM), specifically version 2.0, released in 2014.

A TPM is a secure enclave for storing data such as cryptographic keys, certificates, and biometric information fundamental for the security of a PC, including those required for low level PC checks such as Secure Boot, or for the use of Microsoft’s BitLocker in its more secure mode. Having one is somewhere between a good idea and essential, as more and more software systems going forward assume one will be there at the root of trust. For a summary of the arguments in favor of upgrading to a system with TPM 2.0, Hosking’s blog is a good place to start.

When it comes to TPMs and Windows, PCs divide into three categories, the first of which supports the functionality using a TPM 2.0 chip installed on the motherboard. The second doesn’t have a TPM chip, but can either have one installed using a chip upgrade kit from the motherboard vendor or can have TPM enabled through firmware at UEFI level. The third are PCs that don’t support either option, which means they can’t be upgraded to Windows 11 without a registry hack.

Intel and AMD PCs from about 2017 onwards should support a hardware or software TPM 2.0, while earlier ones going back to Intel’s Skylake 6^th generation in 2015 might do so, depending on the specific processor and support at motherboard and UEFI level.

Extended support

For anyone who doesn’t want the risk of a Windows 11 upgrade on unsupported hardware, or just prefers Windows 10, after October 2025 the most secure option will be to pay for an Extended Security Updates (ESU) subscription at an unconfirmed cost of $30 per annum for individuals. That way, updates won’t disappear abruptly, putting the PC in peril as vulnerabilities pile up over time.

Not surprisingly, a lot of users are happy with the status quo and don’t feel they should be forced to upgrade to Windows 11 or to pay to remain on Windows 10. This, arguably, is Microsoft’s fault. It hasn’t always clearly explained the benefits of its minimum requirement. That, unfortunately, includes explaining why TPM 2.0 is a good idea, and how its software increasingly depends on it for security.

Apple has introduced significant improvements for enterprise IT admins in the newly-released iOS 18.2, including the power to manage the latest salvo of additional Apple Intelligence features and more.  Here’s a swift look at what’s new.

Giving you control of Apple Intelligence

Apple’s approach to generative AI (genAI) is all about combining convenience with privacy. That means it has built large language models (LLMs) that work on the device, supplemented by highly secure cloud-based models that use highly secure Apple servers in data centers, and partnerships with third-party services to handle tasks the company’s own models can’t accommodate.

That last thing — use of third-party services — is where some Apple customers might need reassurance. That’s because people might at times share what should be confidential data with these services, which could place companies or individuals at risk of running afoul of data protection laws. Apple has only one genAI partner at this time, OpenAI, and to help mitigate such issues the ChatGPT developer says it does not keep private information pertaining to a request. With cloud queries heavily encrypted, Apple keeps no information at all, which is part of the attraction of using its own LLM models, and users can choose not to work with ChatGPT at all, if they prefer.

But what about unauthorized use of ChatGPT? Or even Apple’s own genAI models? Is there any way a data security-conscious company can try to protect its data against unauthorized sharing?

Now, there is. Starting in iOS 18.2, Apple has, as promised, introduced tools that let Mobile Device Management (MDM) services manage all the latest Apple Intelligence integrations, including ChatGPT, which itself includes search.

What this means is that IT admins can permit use of some, none, or all of the available Apple Intelligence tools, including the capacity to generate images in Image Playground. How this control is made available will likely differ between MDM providers, but you should see tools to manage iOS 18.2’s newly-added Apple Intelligence features arrive in your management console soon. Apple introduced MDM controls for Writing tools, Mail summarization, phone call recoding, and hiding apps in iOS 18.1.

Setting a default browser

While it took time to be convinced, Apple is beginning to allow people to use more browsers than before, potentially opening up competition in the browser industry. The thing is, not all browsers are created equal and it’s possible that some companies might require employees to use a specific browser on a managed device. This has now been made possible with an MDM tool that lets admins set a default browser and prevent users from modifying that browser, or choosing an alternative. (This should help companies maintain specified browser security policies, for example.)

What else is new?

These additions supplement an earlier wave of enterprise-focused admin enhancements introduced with iOS 18.1. 

• Hardware-based MFA in Safari is now more reliable when used with security keys.
• You can disable RCS messages on managed devices — essential, given the standard doesn’t yet support encryption.
• It is possible to prevent users from deactivating VPN use on a per-app basis.
• Admins can prevent apps from being locked or hidden by users.
• Service discovery in enrollment can request well-known resources from alternative locations specified by MDM 

Tell it from the rooftops

Each time Apple makes one of these iterative enhancements for enterprise deployments of its devices, it shows the extent to which it now deeply supports enterprise markets. If I’m honest, the company should try to make more out of this, particularly as its approach toward building an ecosystem for trusted AI marries so well and so deeply with its existing reputation around security, ease-of-use, customer satisfaction, employee loyalty and TCO advantages in contrast to other platforms. 

But for most admins, the critical piece in the company’s most recent MDM updates will likely be the control it gives them over Apple Intelligence, which should reassure business users that limited deployment of these tools can be accomplished in a deliberate and responsible manner.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

In a world where technology increasingly shapes how cities manage safety and security, Kazakhstan’s Ministry of Internal Affairs is leading the way with its groundbreaking “Carpet CCTV” project. This ambitious initiative has revolutionized public safety by combining a massive surveillance network with advanced analytics and artificial intelligence, creating a system that shifts the focus from reactive responses to proactive prevention.

Over the past four years, the scope of Kazakhstan’s surveillance infrastructure has expanded dramatically. The number of cameras has grown from just 40,500 to an impressive 1.3 million, with 313,000 cameras now directly accessible to police. These cameras are strategically positioned to monitor key areas, enhancing law enforcement’s ability to detect, prevent, and respond to incidents in real time. The system has already shown its effectiveness: since early 2024, it has detected over 8,200 criminal offenses and recorded 7.1 million traffic violations, resulting in significant improvements in public safety and road management.

At the heart of this transformation is the use of artificial intelligence. By integrating cutting-edge technologies such as facial recognition, license plate detection, and crowd monitoring, the system provides actionable insights that allow authorities to address risks before they escalate. For example, facial recognition capabilities enable real-time identification of persons of interest, while AI-powered traffic monitoring contributes to improved road safety and generates public revenue through fines. These features highlight the system’s ability to go beyond passive recording, transforming it into a dynamic tool for crime prevention and urban management.

The implementation of the Carpet CCTV project, however, was not without challenges. Managing the enormous volume of data generated by over a million high-definition cameras required significant upgrades in communication networks and data storage infrastructure. The integration of public and private camera networks demanded a unified approach to data sharing and management, while privacy concerns necessitated robust regulatory frameworks to ensure citizen trust. Through a combination of strategic planning, public-private partnerships, and transparent communication, the Ministry successfully addressed these obstacles, setting a model for other nations to follow.

One of the project’s most significant achievements lies in its deterrent effect. Administrative offenses, such as public disturbances, have decreased sharply, indicating that the visible presence of surveillance cameras is influencing behavior. This demonstrates the power of technology not just to react to incidents, but to prevent them altogether. Furthermore, the use of video evidence has increased case resolution rates, further solidifying the system’s impact on law enforcement effectiveness.

Looking ahead, Kazakhstan plans to build on the success of Carpet CCTV by expanding its geographic coverage and enhancing its analytical capabilities. New developments will focus on leveraging advanced AI to improve the accuracy and scope of surveillance, while also incorporating adaptive privacy measures to protect civil liberties. This forward-thinking approach ensures the system remains at the forefront of public safety technology, balancing innovation with accountability.

Kazakhstan’s Carpet CCTV project represents more than just an investment in technology—it’s a vision for smarter, safer cities. By blending state-of-the-art solutions with thoughtful governance, the Ministry of Internal Affairs has created a system that not only addresses today’s challenges but also lays the groundwork for a secure and sustainable future.

When most businesspeople think of videoconferencing software, the first thing that comes to mind is probably Microsoft Teams or Zoom, but there are many other choices, each with its own strengths. Sometimes the choice of what tool to use comes down to what’s standard corporate issue — more often than not, that’s Teams — but it’s not uncommon for businesses to use a mix of tools.

“Some organizations don’t want to be reliant on Microsoft for everything, or sometimes an executive likes another tool better,” says Will McKeon-White, senior analyst for unified communications and conversational AI at Forrester Research.

In this buyer’s guide

• Videoconferencing software: What it is, why enterprises need it
• Current trends in videoconferencing software
• What to look for in videoconferencing software
• Before you shop: Key questions to ask yourself and your stakeholders
• Key questions to ask videoconferencing vendors
• 14 videoconferencing tools to consider
• Essential reading

Videoconferencing software: What it is, why enterprises need it

Videoconferencing services enable users to conduct online video meetings with one or more people who may join the call from their computers, phones, tablets, and room conferencing systems. They integrate with calendaring software for scheduling purposes, and usually include an audio call-in option, screen-sharing capabilities, and nonverbal communication features such as text chat, whiteboarding, and the ability to add reaction emojis.

Business-grade tools also allow for administrative controls that restrict who can join and what can be shared, and offer enhanced security features such as multifactor authentication (MFA), bring your own key (BYOK) end-to-end encryption, and single sign-on (SSO). Many videoconferencing systems integrate with conference room video hardware from the same vendor and/or third-party vendors.

Videoconferencing software has long been a useful tool for remote employees who needed to engage with their teams, and it was a nice-to-have for communicating with customers and partners when face-to-face meetings were impractical. Then, in 2020, everything changed. Videoconferencing rose to critical infrastructure status when, during the COVID-19 pandemic, nearly all office employees suddenly found themselves working from home. Licensing of videoconferencing software and services soared — Zoom nearly doubled its revenue in 2021 — and innovation increased as vendors competed for a piece of a much larger pie. The software saw rapid improvements as vendors raced to add new features, including better audio and video quality and enhanced security.

Nearly five years later, large numbers of employees have returned to the office, but many still telecommute one or more days per week. Videoconferencing software remains an essential part of business communications.

Current trends in videoconferencing software

Nowadays, videoconferencing software may seem like a well-defined, mature product space, but change is still afoot. “The weird thing about the videoconferencing software market is that it’s being subsumed into unified communications [UC],” says McKeon-White.

IDC’s term for this software category is unified communications and collaboration (UC&C), which the research firm describes as “an advanced telephony solution integrated with messaging (i.e., email, voice, and fax), instant messaging (IM) or chat, presence, and conferencing platforms for web conferencing, audioconferencing, and/or videoconferencing.” Many UC&C suites include additional collaboration features such as file sharing and virtual whiteboards. And while chat sessions in traditional, standalone videoconferencing systems typically end when the call terminates, vendor-hosted UC as a service (UCaaS) systems often include persistent chat functions that continue even after a videoconferencing session ends.

Like Forrester, IDC says most standalone videoconferencing software is being folded into larger UC&C suites. Videoconferencing apps are also found in productivity app suites such as Microsoft 365 and Google Workspace, which is one reason why Microsoft Teams has dominated the space. It has a 44.7% share of the $69 billion UC&C software market, according to IDC, while Zoom, its nearest competitor, sits at 6.4%.

That domination was also driven by the fact that, until this year, Microsoft bundled Teams with most Microsoft 365 licenses. “That got pushback from regulators,” Forrester’s McKeon-White says, so now new enterprise customers must pay $5.25 per user per month for Teams as an add-on. “But most companies already have Teams now and can purchase it through existing licenses,” he adds.

Innovative AI-based features such as real-time transcription, text insertion, and multiparty translation have also changed the user experience, according to McKeon-White. With some products, “each user can see a translation of what’s said in their native language through captioning. That’s happening now,” he says.

Another feature, image upscaling, sends lower-resolution audio and video to other participants’ devices, which can then “upscale” the quality. “It’s much easier now to have a smooth experience over poor connections,” McKeon-White says.

Finally, emerging AI features are “closing the loop between what users say in a videoconferencing session and action items,” he says. For example, if a participant needs to look up an account record in the CRM system to determine its status, “a bot says, ‘Would you like me to do that for you?’ or it identifies that it needs to be done and pulls the record right into the conversation.” It can do so by rendering the CRM interface right into a chat window or by extracting the information and presenting it.

Early experiments with AI didn’t go well because the AI didn’t comprehend exactly what people were asking in conversation, but the technology has seen “massive improvements” of late, McKeon-White says. While vendors are still experimenting with this function, you can expect to see more and better capabilities like this going forward, he says.

What to look for in videoconferencing software

Every vendor offers similar features, but the user experience can vary significantly. Consider both user familiarity with a given tool and whether the user experience is “good enough.” If it doesn’t meet expectations, some users may turn to more familiar, easy-to-use options such as Zoom.

“I see standardization on Teams,” McKeon-White says, but sometimes an exception is better for the business, such as when communicating with people in external organizations who use different software.

While a company standard is good to have, there’s no reason to force everyone to use one videoconferencing service exclusively, says Jitesh Gera, research manager for UC&C at IDC. It’s OK to opt for different tool choices that meet the needs of each kind of user, such as for sales, customer service, developers, or IT.

Consider whether a given tool is the dominant one in your industry. For example, Zoom has a big footprint in healthcare and financial services, for Cisco it’s government, GoTo is the preference for IT teams because of its advanced screen-share capabilities, and Microsoft is virtually everywhere, says McKeon-White. And some tools offer Slack integration that lets users keep an audio or video line open while working on their own screens. That “more Discord-like experience” is a plus for software development teams, he says.

Also, consider how well a product fits in with your UC&C suite, and what new and innovative AI-based features may be available or planned.

Finally, the videoconferencing software you choose needs to integrate well with your existing meeting room conferencing systems. “Companies have started to prioritize AI meeting room videoconferencing capabilities such as adaptive speaker framing [which zooms in on the participant who’s talking], multiple camera layouts, and virtual meeting zones,” which are the top three factors when choosing a UC&C system, says Gera.

Before you shop: Key questions to ask yourself and your stakeholders

• Do you already have software that you can use for videoconferencing? For example, is there a videoconferencing component in your UC&C suite?
• Are there needs that aren’t being met by your current solution? Is the tool currently in use easy to use, or do users dislike the user experience so much that they turn to other videoconferencing options?
• What types of communication needs does your organization have? Do they include internal only or also internal-to-external partners and customers? Are there specific needs for certain groups, such as sales, finance, IT, or software engineering?
• What types of room conferencing system hardware do you have and what are the compatibility options for videoconferencing software?
• What’s your budget?

Key questions to ask videoconferencing vendors

• How effective is the videoconferencing software at enhancing productivity and collaboration? Do you have any metrics?
• In what ways is the experience better than the product(s) my organization already has?
• Is the software easy to use? How many clicks does it take to start a meeting?
• Does it support screen sharing?
• Is there a whiteboard function?
• Are there browser, desktop, and mobile app options?
• Does it integrate with my organization’s calendaring system and other key systems, such as our project management software?
• Does it integrate seamlessly with our room conferencing system hardware?
• How do you secure it for enterprise use? Does it support SSO MFA? LDAP? Watermarking for shared documents? What type of encryption is offered? Does it support BYOK encryption?
• What administrative and data access controls does the software offer? For example, does it offer data sensitivity labeling, and can we restrict user or group access to specific documents?
• What regulatory compliance standards does it meet?
• What session quality enhancements does it support (image blurring, noise suppression, image upscaling, etc.)?
• Does it support session recording and retention policies?
• What is the vendor’s feature road map and plan for AI evolution? “Are they too dependent on external providers for AI? If so, they may not be very innovative,” says Gera.
• Does the software have features specifically tailored to my industry vertical?
• Where is data associated with videoconferencing sessions routed and hosted geographically? “We’ve seen instances where traffic was routed through countries that were less than desirable,” says McKeon-White.
• What are the uptime and reliability guarantees?
• Does the software support hybrid on-premises/cloud deployments for high availability? For example, Microsoft offers the Survivability Branch Appliance for Teams that can keep sessions going when the cloud-based service is unavailable.
• What are my pricing options?

14 videoconferencing tools to consider

The top four videoconferencing software products by market share are Microsoft Teams, Zoom, Cisco Webex, and Google Meet, according to IDC and Forrester. Some tools are available only as part of broader UC&C offerings. Here’s a brief summary of products from 14 vendors, listed alphabetically, that have offerings in the videoconferencing services space.

8×8 Communications Platform

8×8’s videoconferencing software is just one feature of its 8×8 Communications Platform, a UC&C offering tailored to the needs of contact centers. It includes a 99.999% service level agreement with 24×7 technical support; can live stream meetings on YouTube; includes its own mobile, desktop, and web apps; and integrates with Teams as well as major CRM and service and support applications. The 8×8 Communications Platform supports polls and virtual break-out rooms for meetings; includes an intelligent assistant; and offers administrative controls, analytics, and reporting.

Alcatel-Lucent Enterprise Rainbow

Alcatel-Lucent Enterprise, the French telecommunications hardware and software company, describes its Rainbow offering as “a secure ‘à-la-carte’ cloud-based communications and collaboration platform.” It supports meetings of up to 120 participants and 12 simultaneous video streams; is compliant with ISO 27001, GDPR, and CCPA; and can be deployed in on-premises or hybrid configurations. It offers integrations for Microsoft Teams as well as on-premises telephone systems. Other options include a system designed for use in conference rooms and another designed for virtual classrooms.

Avaya Spaces

Avaya Spaces, Avaya’s UC&C platform, includes “one-click” voice and videoconference calling as well as text chat, and supports meetings with up to 1,000 people. It’s compatible with Google, Microsoft 365, Teams, Salesforce, and Slack and offers an API for custom integrations. Spaces can record meetings, has retention policy controls, is HIPAA and GDPR compliant, and offers single sign-on and encryption for data in transit and at rest.

AI-driven features include background noise cancellation, meeting transcription, and closed captioning. Users can connect via browser, desktop, or mobile app, with user interface versions available in 26 languages.

Cisco Webex Meetings

Webex Meetings is part of Cisco’s comprehensive UC&C suite that also includes calling, event management, whiteboards, polling, messaging, webinar support, and other features. The software integrates with a wide array of general-business and vertical-specific enterprise apps.

A free version supports meeting durations of up to 40 minutes. The entry-level paid version includes an AI assistant that can translate conversations through closed captions, write messages, and summarize meetings and messages. All versions offer end-to-end encryption and HIPAA/BAA compliance; the enterprise version is FedRAMP authorized and offers bring your own key end-to-end encryption and watermarking. Cisco also sells several Webex-compatible desktop and meeting room video hardware devices.

Dialpad

Dialpad’s videoconferencing service includes enterprise, small business, and free versions, with UC&C editions designed for general business, sales, and contact centers. “Dialpad is strong in chat intelligence…business analytics…international support and real-time user insights,” according to Forrester. It integrates with Google Workspace, Microsoft 365, Microsoft Teams, and several CRM tools, and includes AI-driven meeting and call transcription, screen and meeting recording, data retention policies, and analytics and reporting functions.

Dialpad adjusts video resolution to available bandwidth for each connection to reduce video freeze-ups. It can support up to 150 participants through browser, desktop, and mobile apps. A meeting room version is also available. Session encryption and single sign-on are supported, and Dialpad is HIPAA compliant.

Google Meet

Google’s cloud-based Google Meet videoconferencing software includes a free version that supports meetings up to one hour long. The Google One Premium version includes call recording, noise cancellation, and the ability to live stream meetings on YouTube. Chat is a separate app.

The business version, bundled into the Google Workspace collaboration suite, supports longer meetings, offers higher-quality video and includes meeting recording with transcripts. It works with Google’s Gemini AI assistant (which requires a separate subscription) for real-time translation and generating meeting summaries. The enterprise version of Meet includes more advanced security features such as bring your own key end-to-end encryption.

GoTo Meeting

GoTo Meeting (formerly LogMeIn), available in business and enterprise editions, is one element in a collaboration suite of UC&C offerings that also includes GoTo Webinars and GoTo Training. The GoTo UC&C offerings fall into three categories: business communications, contact centers, and IT management and support. The vendor promotes its security and privacy features (single sign-on, end-to-end encryption, HIPAA compliance, one-time meeting passwords, meeting locking) and 99.9999% uptime SLA.

Key features include recordings and transcriptions for meetings with up to 250 participants, background noise suppression, screen sharing, drawing tools, and virtual breakout rooms. GoTo Meeting also works with H.323-enabled room conferencing systems. A14-day free trial version of GoTo Meeting Business is available.

Microsoft Teams

Microsoft’s Teams dominates in the enterprise videoconferencing space because it’s tightly integrated with Microsoft 365, the office productivity suite that many large organizations already use. Teams offers VoIP calling, webinar hosting, a whiteboard, and integration with PowerPoint, and it’s compatible with a wide range of room conferencing systems. Calls, meetings, chat sessions, and files can be encrypted.

Another element, Microsoft Mesh, creates “immersive 3D spaces” where participant avatars can interact in a virtual meeting room. The optional Microsoft 365 Copilot AI assistant can summarize, suggest action items, and provide real-time translation for videoconference and chat sessions.

Microsoft is “increasingly dictating the direction of the UCaaS market,” with many other vendors offering Teams integration, Forrester reports, although it adds that “licensing is needlessly complicated.” A basic version of Teams is available for free.

Mitel MiCollab

Videoconferencing is one element of the Mitel MiCollab UC&C suite, which includes voice, video, chat messaging, SMS messaging, web conferencing, and team collaboration tools. It can run on-site or over virtualized public or private cloud infrastructure. It integrates with the company’s business phone system offerings as well as Microsoft 365, Teams, and the Zoom Workplace Platform. MiCollab apps are available for Windows, macOS, and mobile devices.

Ooma Meetings

VoIP phone system provider Ooma offers Ooma Meetings as part of its Ooma Office Pro and Ooma Office Pro Plus collaboration and small business phone system services. It offers client software for macOS and Windows desktops as well as browser-based access. Features include a dashboard for scheduling meetings with up to 100 meeting participants, background noise cancellation, screen sharing, whiteboarding, chat, meeting recording (stored for three months), and integration with Microsoft and Google calendars.

RingCentral Video

UC&C platform vendor RingCentral offers a standalone enterprise edition of its videoconferencing offering, RingCentral Video Pro+, as well as a more limited, free version. Video Pro+ supports meetings of up to 200 participants for up to 24 hours’ duration. Features include a whiteboard, content sharing, meeting recording, a collaborative notes space, and background noise cancellation.

An AI assistant creates real-time closed captions, transcriptions, and meeting summaries. Security and administration features include end-to-end encryption, single sign-on, data retention policy controls, and usage and performance analytics. Versions for conference rooms and webinars are available as add-ons.

Vonage Meetings

Part of the Vonage Business Communications (VBC) software suite, Vonage Meetings supports meetings with up to 200 participants; includes chat, whiteboard, and recording features; integrates with both Google and Outlook calendars; and has desktop and mobile clients for macOS, Windows, iOS, and Android. Security and privacy features include support for SSO, MFA, and encryption. VBC is HIPAA and GDPR compliant.

Zoho Meeting

Zoho Meeting supports both videoconference meetings with up to 250 participants and webinars with up to 5,000 attendees for Windows, macOS, Android, and iOS devices. It integrates with the Zoho Workplace calendar and offers chat, digital whiteboards, screen sharing, session recording, virtual breakout rooms, live polls, and AI-generated meeting transcriptions and summaries.

Sessions can be streamed live on YouTube, and a version for meeting rooms is available as an add-on. It also offers session encryption and analytics for administrators. A feature-limited, free version supports up to 100 users per session for up to 60 minutes.

Zoom

Zoom, which rose to fame during the pandemic for its easy-to-use interface, remains a major player in the videoconferencing software space — Forrester says it offers a “best-in-class video experience.” Like its competitors, Zoom has expanded beyond video meetings, now offering a UC&C suite called Zoom Workplace that includes include chat, a whiteboard, meeting recording, email, a calendaring system for scheduling, and Zoom Docs, a built-in document creation tool.

While consumers may gravitate to the basic, free version, the business versions allow for longer meetings and provide an AI assistant, Zoom AI Companion, that can summarize meetings (including a catch-up summary if a user comes into a meeting late), draft messages, and provide real-time translation. Zoom Phone, the company’s VoIP telephony offering, is included with enterprise Zoom Workplace subscriptions and available as an add-on for small-business plans.

A one-year subscription to Essential Apps, a set of third-party add-ons with functions ranging from meeting summarization to gamification to virtual breakout rooms, is also included with enterprise licenses, except for organizations in government, education, and healthcare. Bring-your-own-key end-to-end encryption is a standard feature.

Essential reading

• UCaaS buyer’s guide: How to choose the right unified communications platform
• Enterprise buyer’s guide: Digital whiteboard software

The battle between WordPress owner Automattic and WP Engine seemingly struck US federal Judge Araceli Martinez-Olguin as rather one-sided, as she ruled against Automattic on Tuesday and granted WP Engine the preliminary injunction it sought.

“Judge Martinez-Olguin’s ruling clearly explains why [Automattic founder] Matt Mullenweg’s campaign against WP Engine has been so misguided,” said IDC research manager Michele Rosen. “By going to war with one vendor that is engaging in a common business practice, Mullenweg caused irreparable damage to the WordPress ecosystem.”

The ruling

Martinez-Olguin ordered Automattic to reverse many of its actions against WP Engine, and gave Automattic 72 hours to:

• Remove a list of exiting WP Engine customers that Automattic was publicizing to show how many of WP Engine’s customers were leaving.
• “Restore WP Engine’s and Related Entities’ access to wordpress.org as it existed as of September 20, 2024, including: reactivating and restoring all WP Engine employee login credentials to wordpress.org resources (including login credentials to login.wordpress.org) as they existed as of September 20, 2024.”
• Disable “any technological blocking of WP Engine’s and Related Entities’ access to wordpress.org that occurred on or around September 25, 2024, including IP address blocking or other blocking mechanisms”
• “Restore WP Engine’s and Related Entities’ access to wordpress.org in the manner that such access existed as of September 20, 2024, including:
  • functionality and development resources;
  • data resources (WordPress Plugin, Theme, and Block Directories, repositories, listings, and other password-protected resources within wordpress.org);
  • security resources (login.wordpress.org);
  • support resources (trac.wordpress.org and slack.wordpress.org);
  • removing the checkbox at login.wordpress.org that Defendants added on or about October 8, 2024 asking users to confirm that they are ‘not affiliated with WP Engine in any way, financially or otherwise.’”
• Return and restore “WP Engine’s “access to and control of its Advanced Custom Fields (“ACF”) plugin directory.”

The judge further ordered Automattic to:

• Stop “blocking, disabling, or interfering with WP Engine’s and/or its employees’, users’, customers’, or partners’ access to wordpress.org.”
• Stop “interfering with WP Engine’s control over, or access to, plugins or extensions hosted on wordpress.org that were developed, published, or maintained by WP Engine, including those that had been published, developed, or maintained by WP Engine as of September 20, 2024.”
• No longer interfere with “WP Engine’s and Related Entities’ WordPress installations (i.e., websites built with WordPress software) by using auto-migrate or auto-update commands to delete, overwrite, disable, or modify any WP Engine plugin without the express request by or consent of WP Engine and/or its users, customers, or partners.”
  However, she added, “The above does not preclude wordpress.org’s ability to ensure the security and operability of its site consistent with procedures and policies in place as of September 20, 2024.”

In her detailed decision, Martinez-Olguin reviewed every claim that WP Engine made against Automattic, and found for WP Engine in just about every instance, arguing that WP Engine “is likely to succeed on the merits.”

For example, Automattic had argued that there were no contracts between WP Engine and key customers. 

Although Automattic representatives “press WP Engine to identify specific contracts, there is no credible argument that contracts do not exist between WP Engine and its customers,” Martinez-Olguin wrote. “At a minimum, by seeking to entice WP Engine customers to move away from the company … defendants at least acknowledge that WP Engine has existing contracts with the customers Defendants are targeting.”

Additionally, she said, Automattic’s argument “that the interference WP Engine alleges consists of acts they had a right to take fares no better. They insist that Mullenweg was under no obligation to provide WP Engine access to some or all of the sources on the Website and that he had a right, under the Website’s developer guidelines, to fork the ACF plugin as he did, including to address outstanding issues.

“Mullenweg’s statement that he had the right to disable WP Engine’s account access and to make changes to the ACF plugin for the sake of public safety is belied by the declarations of WP Engine’s executives stating that the claimed vulnerability was minor, patched well before the fix-it window set by industry standard, and showing that Defendants tried to pass off the rating and reviews for the ACF plugin as those for their new purportedly forked SCF plugin.”

WP Engine ‘wins a battle but everyone continues to lose the war’

Automattic responded with a statement saying that the ruling “is a preliminary order designed to maintain the status quo. It was made without the benefit of discovery, our motion to dismiss, or the counterclaims we will be filing against WP Engine shortly. We look forward to prevailing at trial as we continue to protect the open source ecosystem during full-fact discovery and a full review of the merits.”

WP Engine also shared a statement on X (formerly Twitter), saying, “We are grateful that the court has granted our motion for a preliminary injunction that restores access to and functionality of wordpressdotorg for WP Engine, its customers, and its users. This ruling provides much-needed stability for the WordPress ecosystem. We deeply appreciate our customers for their continued trust and support. We remain committed to serving them and their sites with the performance, availability, and integrity they deserve, while collaborating to ensure a vigorous, thriving and stable WordPress community.”

The case has concerned many in the open source community, as the acrimonious war of actions and words between Automattic and WP Engine scared various open source companies, along with enterprise CIOs, who worry that these companies might become too toxic and they might need to keep their distance. 

One open source executive read the judge’s decision and said he was concerned that the ruling might have come too late to halt the damage done to the open source community.

“WP Engine wins a battle, but everyone continues to lose the war. WP Engine has had (about a) 15% increase in cancellations in the last few months, and 159 WordPress employees have quit. No doubt these distractions will negatively impact the innovation and evolution of the WordPress solution for months, if not years to come. It’s not hyperbole to say 40% of the internet is and will be losing in some way,” said Michael Sonier, general manager at ButterCMS.

“As a 20-year-old technology, WP remained ubiquitous because of its ecosystem, but now it’s turned on its own. Hard not to see this accelerating the adoption of technologies that are 20 years younger,” he noted. “More broadly, it sets back the open source movement, which was always about community, collaboration, and contribution. Now it’s going to be associated with potential legal battles, finger pointing, and volatility.”

Mozilla has announced that Do Not Track, a feature designed to prevent user tracking online, will be removed with version 135 of the company’s Firefox browser. The decision comes as more and more websites choose to ignore Do Not Track, leaving users with a false sense of security.

Privacy-conscious users are being encouraged to instead enable Global Privacy Control (GPC), a feature that tells sites your data may not be shared or resold to third parties.

Windowsreport notes that Do Not Track remains in place for the time being in other browsers, including Google Chrome and Microsoft Edge. So users who want to continue using the feature, might want to switch browsers.

Apple has released iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2, which means local language access to Apple Intelligence is now available to iPhone, Mac, and iPad users in the UK, Australia, Canada, New Zealand. (They’ve had to set their language to US English to use these features until now; users will need to update their software first, as it rolls out.)

It’s a critical release that puts direct, local language access to Apple Intelligence into the hands of tens of millions of new users. The release also introduces several additional tools to the Apple Intelligence arsenal, including new Writing Tools and integrated access to ChatGPT for some tasks. Though you aren’t obliged to use ChatGPT.

Back in the UK

The UK introduction is particularly interesting, coinciding as it does with a visit there by Apple CEO Tim Cook. During his visit, he discussed Apple’s ever-growing investments in the UK and confirmed company engineers are deeply involved in building components of those AI features, from silicon development to the company’s important work on Private Cloud Compute. It seems appropriate given his appearance in the UK to introduce Apple Intelligence at around the same time. Though I suspect if Steve Jobs had made the same journey, Apple might have run a “Meet Apple Intelligence” event to generate some media attention.

What’s coming in Apple Intelligence?

We discussed the new Apple Intelligence features you’ll find in the latest updates already. To summarize, these include:

• Improved Siri, with better natural language understanding and the capacity to handle more complex queries.
• Better contextual awareness for better results.
• Visual Intelligence — point your camera at your surroundings to learn more about them.
• Imaging tools, including custom AI-generated emoji and automated image creation.

Apple promises additional capabilities “soon.” These will include on-screen contextual awareness, AI support across third-party apps, Priority Notifications to help you stay on top of the most important tasks/messages, and more.

As it seeks to convince its customers to place their trust in its artificial intelligence, Apple remains firmly focused on privacy. It continues to repeat the message that because many of its tools work on the device, using them brings all the convenience of generative AI (genAI), but not at the cost of data leak or privacy erosion. The company also wants people to understand those tasks it cannot handle are outsourced to third-party tools that may be less private and secure, though their use is optional. 

Why does privacy matter?

So, why does Apple’s privacy message matter? Surely the convenience of AI outweighs any impact on privacy.

In fact, it’s quite the reverse. Stop to consider the extent to which your iPhone already accumulates a plethora of deeply personal data reflecting your life, health, habits, and occupations; put that through a filter of non-private AI and you might get some sense of why privacy and trust will become even more important in the months and years ahead.

Take health, for example — if Apple really does plan to introduce AI-driven health data biometric systems in future satellite-connected Apple Watch devices, you really, really won’t want that information shared with anyone but your healthcare advisor and (possibly, but not always) your closest family members.

You certainly won’t want that data shared with even the fluffiest of Big Tech companies; and you won’t want every ad you see online to be dedicated to flogging you kit connected with your condition — or weird Facebook followers appearing to bombard you with fake facts and potentially life-threatening snake oil “treatments.”

That, and a warrant-free evolution of privatized surveillance and hacker-tempting data banks, is, of course, one of the potential futures for AI implementation in the world right now. With that in mind, Apple’s underlying message around privacy and security matters a great deal.

About you

All the same, for today at least, those concerns seem a little further down the line. After all, it is not yet the case that other people will be able to find out everything the online world knows about you by simply pointing their phone in your direction (though don’t be too surprised if that eventually becomes a law enforcement tool).  But you can now do this for your local surroundings using Visual Intelligence on your iPhone.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

Entry-level workers increasingly fear job loss or significant changes to their careers due to automation made possible by generative AI (genAI). Nearly one-in-four “early career” employees (24%) believe their job could be replaced by automation, according to survey results from professional services firm Deloitte.

Early-career workers (those with five years or less on the job) are more likely than their senior colleagues to voice concerns about AI’s impact on learning opportunities, workload, and job security. The increasingly unsettled view of the workplace as AI tools advance echoes similar sentiments from other recent surveys.

Nearly four in 10 Americans, for instance, believe genAI could diminish the number of available jobs as it advances, according to a study released in October by the New York Federal Reserve Bank. And the World Economic Forum’s Jobs Initiative study found that close to half (44%) of worker skills will be disrupted in the next five years — and 40% of tasks will be affected by the use of genAI tools and the large language models (LLMs) that underpin them.

The Deloitte results highlight younger workers’ growing anxiety around AI replacing jobs — and the actions they’re taking to improve their own job security. Deloitte’s survey of 1,874 full- and part-time workers from the US, Canada, India, and Australia — roughly two-thirds of whom are early career workers — found that 34% are pursuing a professional qualification or certification courses, 32% are starting their own businesses or becoming self-employed, and 28% are even adding part-time contractor or gig work to supplement their income.

Deloitte

The tech market is already showing signs of a decline in entry-level roles, as organizations increasingly require more years of experience, even for junior positions. In fields such as cybersecurity, where AI is rapidly advancing, entry-level analyst roles often demand at least four years of experience, according to Deloitte.

Workers’ fears are not misplaced. The rapid advance of AI could lead to significant job displacement: Goldman Sachs, for example, predicts that AI could displace 300 million full-time jobs globally, affecting up to two-thirds of jobs in Europe and the US. Similarly, McKinsey Global Institute estimates that 12 million people might actually need to change professions by 2030. And a study published by the European Student Think Tank found that AI and machine learning automation, particularly in roles traditionally filled by young workers, such as data entry, could reduce job availability.

The Think Tank also found that the arrival of AI technologies could be creating a skills mismatch, as automation increases demand for non-routine analytical and interpersonal skills. Without proper training in AI-related fields, young workers might struggle to adapt, leading to unemployment and exacerbating labor market inequalities.

Despite job security fears, Deloitte found many workers remain hopeful that genAI tools can take over more mundane, repetitive tasks, allowing them to focus on more interesting and creative roles. Even as the technology promises to disrupt past patterns, 79% of younger employees are excited about AI’s potential, compared to 66% of older workers. Similarly, more early-career workers (78%) view AI skills as essential, even in non-tech fields. Just 62% of older workers felt that way.

Additionally, 75% of early-career employees believe AI will create new job opportunities in their field (compared to 58% of tenured workers), and 77% think AI will help them advance their careers (versus 56% for older employees).

“It’s difficult to generalize, but most studies show employees vacillating between fear and excitement,” said Arthur O’Connor, academic director of data science at the City University of New York School (CUNY) of Professional Studies. O’Connor, who wrote a book on AI in the workplace titled “Organizing for Generative AI and the Productivity Revolution,” disagreed with Deloitte’s findings that concern about genAI is slanted toward younger workers.

“The exposure seems to be a function of what type of job you have, not how long you’ve been doing it,” O’Connor said. “But there is evidence to suggest that jobs that are most threatened may be senior-level, as research studies show…that genAI offers disproportionate benefits [to] junior-level employees over senior-level employees.”

Anyone in knowledge work — creating, summarizing, or visualizing content such as writing, coding, analyzing, or illustrating — should explore and learn to use the many genAI tools and platforms available, O’Connor argued. “With the evolution of intelligent agents, these tools are becoming increasingly sophisticated, with very powerful analytic and integrative capabilities.”

An uneven playing field

One study on software development found that less experienced coders using Microsoft’s Copilot improved the most, completing tasks 56% faster than the control group, O’Connor said. Similarly, a study on customer service showed that AI-assisted agents increased productivity by 14%, with the greatest benefits going to novices and low-skilled workers.

The job market, often referred to as being in a “white-collar recession,” could already be reflecting that shift. A 2023 LinkedIn study showed significant declines in hiring for high-paying roles since 2018: IT jobs (down 27%), quality assurance (off 32%), product management (a drop of 23%), program/project management (down 25%), and engineering (down 26%).

There is a skills transformation occurring right now, but how fast or pervasive it will be remains to be seen, according to Peter Miscovich, global future of work leader at Jones Lang LaSalle IP (JLL), a commercial real estate and investment management services firm. “Clearly 70% of the workforce will need to be upskilled in terms of genAI and AI. Whether you’re an entry level, mid-level or senior employee, we’re seeing a lot of focus on upskilling,” Miscovich said.

Early career workers are more concerned than tenured colleagues about AI’s impact on learning opportunities, workload, and job security. By 2027, genAI will likely be well on its journey of being orchestrated across workplace processes and embedded into workflows. As that’s happening now, enterprises are also grappling with re-evaluating existing processes, such as data mining and analytics as well as employee upskilling.

At the enterprise level, Miscovich said, from 50% to 75% of enterprises are already piloting genAI tools.

Fear of job disruption from automation and reduced learning opportunities may be fueling a third anxiety: early-career workers face fewer chances to build skills but are expected to perform at higher levels due to AI advances. Among surveyed workers, 77% of early-career and 67% of tenured workers believe AI raises expectations for entry-level roles, including handling more complex and strategic tasks, according to Deloitte.

The prevailing career advice seems to be, ‘Gen AI may not replace you, but others using it will,'” O’Connor said.

Getting workers up to speed on genAI

Many workers, regardless of experience, find current AI tools challenging to use effectively. While genAI tools can reduce time spent on some tasks, workers still need to verify accuracy and quality, which remains a significant concern. Other issues flagged by survey respondents include ethical and privacy challenges, reduced collaboration, and a perceived loss of personal connection in the workplace.

One issue for companies is getting new employees involved in inclusive training and encouraging them to be mentored and sponsored by mid-level and senior level manager, according to Miscovich.

Organizational training models, where skills-focused outcomes intentionally engage younger workers through microlearning and immersive spatial computing, are increasingly crucial for onboarding and training, helping workers feel supported, included, and developed, Miscovich said.

“This is a key challenge for many organizations, especially in the wake of workforce shifts during and after the pandemic. The Great Resignation has highlighted the need for greater guidance across teams, not just in adopting generative AI,” he said. “From a personal experience, it’s vital to invest in intentional, one-on-one time with younger team members to keep them engaged and continuously learning. Programs must also evolve to keep pace with rapidly advancing technologies.”

As AI automation infiltrates workflows, basic tasks like reporting and data analysis might limit early career workers’ opportunities to build skills gradually. Without these experiences, they risk advancing to complex tasks without a supportive learning environment, leading to skill gaps, according to Deloitte.

Miscovich pointed to research from PricewaterhouseCoopers, McKinsey & Co., and the World Economic Forum that shows most workers becoming comfortable with genAI. For example, last year, accounting and consulting PricewaterhouseCoopers announced it was spending $1 billion on expanding AI products and training for its 75,000 workers.

A major obstacle to organizational adoption is that data science expertise is not sufficiently diffused — for both senior managers and among rank-and-file workers, O’Connor said. “Such expertise tends to be concentrated in IT departments, most of which still operate as secret guilds with their own mysterious language and practices that are organizationally and functionally isolated from core business units.

“The most direct way would be to teach employees how to leverage the tremendous potential, as well as manage the considerable risks, of applying current AI tools in their everyday workflows. But this is a lot easier said than done, as most organizations aren’t currently staffed or structured to do this,” he said.

The European Student Think Tank recommends companies develop inclusive education and training programs to help employees adapt to rapid AI use. In particular, the organization recommends:

• Regular training that emphasizes promoting STEM education to boost employability in AI-related areas — especially for low-income youth who often lack access to such opportunities to ensure programs are accessible and inclusive.
• Employee involvement in decisions about AI implementation so workers better understand which tasks can be effectively automated. AI-related decisions should be made inclusively and transparently to align with employees’ insights and needs.
• Investments in AI research and development to foster innovation that enhances job automation without overshadowing human contributions. Research should prioritize streamlining tasks and integrating workers’ insights to empower young employees.
• Better collaboration among governments, the private sector, and academia to address AI-related employment challenges through public-private partnerships.

For employees hoping to keep up with the evolution of AI and its affects on their careers, O’Connor said pointed to an abundance of free content and opportunities to learn about AI. The challenge lies in using those resources effectively.

“Teaching and empowering employees to move past the experimental stage to embed these technologies into core business processes requires multi-disciplinary roles, functions and organizational structures most businesses don’t currently have,” O’Connor said. “As a data scientist who studies organizational behavior, I believe the coming Productivity Revolution calls for new types of roles and functions, in which data expertise is not a distinct organizational unit but an interconnected discipline spanning almost every aspect of a business.”

Web browsers are essential for everything from business productivity to social media and online shopping. Whether you use Google Chrome, Microsoft Edge, Mozilla Firefox, Brave, or something even more exotic, there’s a good chance your web browser is your most used Windows program.

While operating-system-level Windows PC productivity tricks are certainly helpful, tab management tricks for your browser might be even more useful for day-to-day productivity. They’re a must-know for anyone who uses a browser, whether at work or at home — in other words, just about everyone!

Unless otherwise specified, the tricks here should all work in Chrome, Edge, Firefox, Brave, and others — on either Windows 11 or Windows 10.

Want more Windows PC tips and tricks? Sign up for my free Windows Intelligence newsletter — three things to try every Friday. Plus, get free Windows Field Guides as a bonus when you sign up!

Windows tab trick #1: Put a pin in it

If you’d like to always keep a tab open, right-click it on your tab bar and select “Pin.” The tab will shrink to a small button — just the website icon — at the left side of your tab bar. Your browser will also automatically reopen any pinned tabs the next time you launch it.

You can pin multiple tabs and use drag and drop to reorder them. Plus, they work with the standard Windows browser Ctrl key shortcuts: Press Ctrl+1 to switch to the pinned tab on the left, Ctrl+2 to switch to the second-from-the-left pinned tab, and so on.

It’s a great way to ensure especially important tabs — perhaps your email inbox or social media feeds — are always loaded and just a click away.

Windows tab trick #2: Search your tabs

It’s easy to forget, but modern web browsers actually let you search through all the tabs you have open at any given moment. In Chrome and other Chromium-based browsers such as Edge and Brave, just press Ctrl+Shift+A. Then, you can search the tabs you have open across your browsing windows.

You can also click the button at the left side of your tab bar to open this interface. (In Firefox, click the button at the left side of your browser’s tab bar to open the Recent browsing interface, where you can search open tabs.)

Windows tab trick #3: Turn a tab into an app

For many people, the best tip may be going beyond the simple browser tab and turning websites you frequently use into their own application windows. This is an ideal option if you use something like Gmail for your email and want continuous access to it in a single click from your taskbar.

First, open the page you want to turn into an app in your browser. Then:

• In Chrome, click menu > Cast, save, and share > Install page as app
• In Edge, click menu > Apps > Install this site as an app

Unfortunately, this option isn’t available in Firefox — and it isn’t available out of the box for many sites in Brave, either. Where it’s supported, though, the web page will get its own unique window with its own taskbar icon and shortcut, freeing it from the confines of a typical browser tab.

Windows tab trick #4: Save across sessions

If you use lots of browser tabs, you’ll usually lose them whenever your browser closes — but you don’t have to let that happen. With a quick bit of planning, you can tell your browser to remember its open tabs across sessions. To do so:

• In Chrome, click menu > Settings. Choose “On startup” at the left side of the page, and then select “Continue where you left off.”
• In Edge, click menu > Settings. Choose “Start, home, and new tabs” at the left side of the page, and then select “Open tabs from previous session” under “When Edge starts.”
• In Firefox, click menu > Settings. Choose “General” on the left, and then activate “Open previous windows and tabs” under Startup.
• In Brave, click menu > Settings. Choose “Get started” on the left, and then select “Continue where you left off” under On startup.

If you have a single browser window open and close it, your open tabs in that window will appear the next time you open your browser. If you have multiple windows with open tabs, be sure to choose the “Exit” option from your browser’s menu rather than closing windows one by one. That will ensure your browser remembers all its open tabs and opens all of them when you start back again.

Windows tab trick #5: Go for grouping

You can also create “tab groups” to better organize your browsing. Your groups will be saved to your bookmarks bar so you can come back to them later, and they’ll sync across your devices. This feature is most powerful in Chrome, but Edge and Brave have many of the same features. (Unfortunately, while Firefox had a similar feature in the past, it’s since been removed.)

To start using tab groups, right-click a tab on your browser’s tab bar and select the “Add tab to new group” option. To see how this works, take a look at everything you need to know about Tab Groups in Chrome and other Chromium-based browsers.

Windows tab trick #6: Bookmark windows as folders

While tab groups are great, I’m also a fan of the old-fashioned way of saving groups of tabs for later as a bookmark folder. To do this, right-click an empty spot in your browser’s tab bar and select “Bookmark All Tabs” or press Ctrl+Shift+D. (In Firefox, you’ll have to select all tabs from the right-click menu and then right-click a second time to bookmark them.)

Consider placing the bookmark folder somewhere easy to access, like your browser’s bookmarks bar. You can then come back later and find them right there. Right-click the folder and select “Open all” to easily reopen them. When you’re done, you can delete the folder.

Windows tab trick #7: Reopen a closed tab

Want to get a tab back? Just right-click an empty spot on your browser’s tab bar and select “Reopen closed tab” or “Reopen closed window” — whatever you closed last.

You can also press Ctrl+Shift+T to reopen your last closed tab. For more, check out this list of excellent tab-related keyboard shortcuts.

Windows tab trick #8: Try a vertical tab bar

For a more transformative tab experience, try using a browser that places your tabs in a vertical sidebar rather than the typical tab bar across the top of the window. Many PC power users swear by this — especially on wide-screen displays.

• Google Chrome doesn’t have this built-in, but you can install a browser extension such as the Vertical Tabs in Side Panel extension.
• Microsoft Edge has this built-in! Just right-click an empty spot in the tab bar and select “Turn on vertical tabs.”
• Mozilla Firefox doesn’t have this built in, either, although there are signs Mozilla might be experimenting with it. The Tree Style Tab extension is an excellent option for Firefox users.
• Brave has this feature already built in, too. Click menu > Settings, select “Appearance” in the left pane, scroll down to Tabs, and activate “Use vertical tabs.”

Of course, the Arc browser always has vertical tabs — that’s part of its whole different way of working with tabs that some people are big fans of.

And there we are: an excellent round-up of tab-related upgrades for your PC web browser of choice.

This is just the start of all the excellent Windows PC and web browser tricks for you to discover! Sign up for my free Windows Intelligence newsletter to get three new things to try every Friday and free in-depth Windows Field Guides as a special welcome bonus.

As we look ahead to a whole new year of green-tinted Googley goodness, I’m feeling both guardedly excited — and curiously like Bill Murray in the movie Groundhog Day.

Google’s got some pretty weighty pivots in the works for the Android arena right now. It’s mostly good-seeming stuff, on the surface, and cause for cautious optimism. But some of it is also cause for a familiar-feeling sense of déjà vu — a sensation those of us who have watched Google closely for a while now are all too accustomed to experiencing.

Here, specifically, are seven key themes to keep an eye on as we make our way into 2025 and think through what Google might have in store for us in the land of Android — and some important accompanying questions to consider.

[Psst: Give yourself an early holiday gift with my free Android Notification Power-Pack — six smart enhancements that’ll change how you use your phone.]

Google Android 2025 theme #1: The Android/ChromeOS combo

We’ll start with the biggest and most consequential change to contemplate in the coming months. and that’s the alleged merger of Google’s Android and ChromeOS platforms.

This is absolutely a possibility we’ve heard before — more times that I can even count at this point. But for the first time now, it actually feels like something that could make sense and potentially be a positive for us as users, if Google manages to get it right.

The current rumor suggests Google wants to “unify its operating system efforts” by “fully migrating ChromeOS over to Android” and, in some way, having future Chromebooks ship with Android.

It’s an intriguing notion that could, in theory, bring us the best of both worlds — but you’d better believe there are more questions than answers around this one right now.

For instance:

• When exactly would this happen? The latest rumors describe it as a “multi-year” project, but Google has yet to say a single peep — so we really don’t know if we’ll hear anything official about it in 2025 or not until much later.
• How would current Chromebooks be affected? Some devices out there are already promised ongoing operating system updates through as late as 2034 right now. Would they continue to receive ChromeOS all that time, or would there be some sort of switch over to Android even for existing systems?
• Would Chromebooks even be called Chromebooks if they’re actually running Android?
• How would any sort of switch over to Android affect ChromeOS-specific advantages around security, update frequency, and software consistency?

Clearly, there’s a ton still unknown here, and Google has yet to confirm or deny the possibility in any way. (Believe me, I’ve asked!) But whether anything officially happens in 2025 on this front or not, it’s absolutely gonna be a story and a subject worth watching.

Google Android 2025 theme #2: The hardware evolution

Google’s self-made hardware focus has long been a roller coaster of uncertainty.

Back in 2019, the company said it was done making tablets and intended to focus entirely on laptop-style devices. Then, three years later, it seemingly cancelled its next Pixelbook laptop and decided to focus entirely on tablets (!) while making the case that they served a completely different purpose than the Chromebooks alongside ’em. And then, earlier this year, it apparently axed its next Pixel Tablet in favor of focusing on — wait for it… — a new Pixel Laptop instead.

It’s enough to make anyone’s head spin. So in 2025, we’ve got tons of pressing questions to chew over:

• After all of that, will we ever see another Pixel Tablet? It’s possible Google’s still developing what would have been the third-generation version for release sometime next year or perhaps the year after.
• Assuming the alleged Pixel Laptop pans out and actually gets released, meanwhile, will that device be a straightforward Android computer, without any hints of ChromeOS?
• And if so, will it be a convertible or detachable device that effectively doubles as a tablet — or will it just be a traditional clamshell-style laptop?
• When will we actually see the thing?
• And will it be a lasting new line for Google or another one-off in the company’s notoriously short-attention-span pattern?

So much to chew over and watch for in this area as well.

Google Android 2025 theme #3: Updates, updates, updates

As part of a plan to get operating system updates out earlier in the year, Google’s shifting its Android release schedule to include a major Android version update in the second quarter and then a smaller Android version update in Q4 — starting in 2025.

This, too, brings a bit of déjà vu. In the platform’s earlier days, updates landed multiple times a year; it was only with 2015’s Android 6 release that Google got onto the annual cadence and laid the groundwork for the pattern we’ve grown accustomed to observing today — with just a single new major Android version coming out toward the end of each year.

The problem with that end-of-year timing is that lots of Android device-makers also like to launch their new flagship phone models around that same time, ahead of the holiday season — and so it becomes a scramble or sometimes even an impossibility for them to ship the latest and greatest Android version out of the box on those shiny new phones.

By pushing out Android 16 in the spring, companies will have much more time to get it onto their new goodies. But we’ve still got plenty of unanswered questions:

• Google describes the Q2 release as being the “major” new Android release of the year, with the Q4 follow-up being “minor” in comparison — with “feature updates, optimizations, and bug fixes.” But Google already increasingly does quarterly feature drops with similar sorts of enhancements alongside the monthly security patches, too. So what exactly will the Q4 Android update include that sets it apart from those other ongoing updates?
• Will the Q4 Android release have a whole new Android version number — like Android 17 — or will it take us back to the days of 0.1-style updates? (Or something else entirely?)
• Most device-makers outside of Google already struggle to keep up with once-a-year Android updates. How will they fare with two rollouts in the equation? Will we see some manufacturers opt to skip over the Q4 release and focus only on the Q2 version? Or will our various high-tech tortoises finally step up to the plate and start exerting some actual effort around this stuff?

And speaking of Android 16…

Google Android 2025 theme #4: Gemini’s mind-numbing march

It’s still too soon to say what, exactly, might end up being the most significant elements in Android 16, but it seems clear that Google’s next-gen Gemini assistant will play a key role in the software — in an extremely déjà-vu-inducing way.

Early reports make it look like Android 16 will allow Gemini to perform specific actions within apps on your behalf and handle all sorts of commands via simple spoken statements.

That, notably, is almost exactly what Google promised us with its “new Google Assistant” back in 2019, around the launch of the Pixel 4 phone, but never quite managed to deliver.

And so far, Gemini isn’t exactly wowing most of us with its skills and capabilities (to, erm, put it mildly).

2025 seems to be a bit of a repeat performance, at least in terms of the promise. Time will tell if this go-round ultimately ends up delivering or if we continue to feel like we’re taking baby steps back toward where we were already.

Google Android 2025 theme #5: Google Now, again

I’ve made no secret of my affection for Google’s smart new Circle to Search system. And I’ve made no qualms about the fact that everything about this system is eerily reminiscent of what we were given back in 2012, when Google launched an excellent but exceptionally short-lived Android feature called Google Now on Tap.

Circle to Search is without a doubt Now on Tap reincarnated. And while the déjà vu element of it is amusing, it’s also nice to have that once-fantastic idea back in the forefront again.

This time — so far, at least — Google seems gung-go about pushing Circle to Search forward and bringing more and more power into its terrain. Already, we’ve seen updates adding in an integrated screenshot option and QR code scanner, and all signs suggest the development will only continue charging forward while Circle to Search itself becomes more broadly available in the months ahead.

Bring it on, I say!

Google Android 2025 theme #6: Do Not Disturb redux

Another apparent priority for Google in 2025 is expanding Android’s Do Not Disturb system in a way that’ll introduce multiple customizable priority “modes” instead of just a single on/off switch.

In terms of pure function, this seems like a smart step forward — though it’s hard not to question if the complexity it introduces will create more confusion than benefit for many Android-owning animals.

And all such worries aside, it’s impossible to see what Google’s got goin’ with this new approach and not think back to the era of Android 5, when Do Not Disturb was similarly transformed into a multipronged “priority mode” system that ended up being a convoluted mess that was soon after abandoned.

With any luck, that’s a lesson Google will remember as it ventures into those waters once more.

Google Android 2025 theme #7: Bubbles floating back to the surface

Back in 2020, Google gave us a wacky-sounding new Android element called Bubbles.

Bubbles, in short, were meant to be a way to keep certain app functions readily available on your screen via a collapsible circle known as — yup — bubbles. You could tap on a bubble to expand it but then keep it out of the way (though still easily accessible) most of the time.

Bubbles ended up being relevant only for a small handful of messaging apps, where it’s generally more annoying than anything. But at the beginning, the system was supposed to have been so much more.

In its original vision for Bubbles, Google presented the system as a “new way for users to multitask and re-engage” with apps. And that was just the start:

Bubbles help users prioritize information and take action deep within another app, while maintaining their current context. They also let users carry an app’s functionality around with them as they move between activities on their device.

Bubbles are great for messaging because they let users keep important conversations within easy reach. They also provide a convenient view over ongoing tasks and updates, like phone calls or arrival times. They can provide quick access to portable UI like notes or translations and can be visual reminders of tasks, too.

So, yeah: Messaging was a small part of the picture, but Bubbles was supposed to be so much more than that. It was meant to represent a new way of getting stuff done on your phone — something that seemed, as I put it at the time, like it could be “a mobile multitasking breakthrough.”

Now, five years later, we may finally see that original vision play out. Under-development code reveals fresh progress on Android’s Bubbles system that’d let you put any app into a bubble and keep it available on demand, exactly as we’d seen teased several years ago. This could open the door to some seriously interesting new ways of multitasking and pulling up elements like notes, emails, documents, and even web pages while viewing something else at the same time — without having to resort to a much more rigid split-screen interface, which isn’t always optimal (especially on a smaller-screened device).

We don’t yet know exactly what form this could take or even if it’ll necessarily show up in Android 16, but seeing it come back to the forefront after all these years is a very welcome surprise and something well worth watching throughout 2025.

Stay tuned

If there’s one thing I’ve learned in analyzing Google all these years, it’s that you never fully know what the company might be thinking — and there’s always room for the element of surprise.

While many of the themes above may indeed be new twists on familiar concepts (as is the comically “new” capability of adding widgets onto your Android tablet’s home screen — hello, 2012!), so much has changed with Android over the past 16 years that certain things will inevitably be different with their implementation now.

And beyond those seven key themes, we’ll almost certainly see other Android-connected advancements and pivots as the year progresses.

As always, our adventure in this arena is only just beginning. And I, for one, can’t wait to experience all the twists and turns with you — every step of the way.

Why wait for 2025? Grant yourself all sorts of new superpowers this second with my free Android Notification Power-Pack — six smart enhancements for any Android device in front of you.

A Windows launch isn’t the end a process — it’s really just the beginning. Microsoft continually works on improving Windows 11 by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent version of Windows 11 — currently version 24H2. For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it. The most recent updates appear first.

The easiest way to install updates is via Windows Update. Not sure how? See “How to handle Windows 10 and 11 updates” for full instructions. Note that Windows 11 version 24H2 is being released as a phased rollout and may not be available to you in Windows Update yet.

If you’re still using Windows 10, see “Windows 10: A guide to the updates.” And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 11, see “Windows 11 Insider Previews: What’s in the latest build?”

Updates for Windows 11 24H2

KB5048667 (OS Build 26100.2605)

Release date: December 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5048667.)

KB5046740 (OS Build 26100.2454) Preview

Release date: November 21, 2024

This build adds a number of interface features are being rolled out gradually. The system tray shows a shortened date and time, and there’s a new section for touchscreen edge gestures in Settings. When you right-click an app on the Start menu, a jump list will appear (if the app has a jump list). And if you hold Ctrl + Shift down when you click a jump list item, you open the item as an admin.

A variety of bugs have been fixed in this build, including one in which the users page might have caused Task Manager to stop responding when you use the keyboard.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5046740 Preview.)

KB5046617 (OS Build 26100.2314)

Release date: November 12, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5046617.)

KB5044384 (OS Build 26100.2161) Preview

Release date: October 24, 2024

In this build, you can now configure the Copilot key on the keyboard. On new devices, the key opens the Copilot app. If you sign in to your account using a Microsoft Entra ID, the key opens the M365 app. You can make the key open a different app or open Search. To do this, go to Settings > Personalization > Text input. 

In addition, a variety of features are being rolled out gradually, including one in which you can stop the suggestions to turn off notifications from certain apps. Select the ellipsis (…) in the notification and turn it off. You can also go to Settings > System > Notifications and turn it off from there. 

A variety of bugs have also been fixed, including one in which you were unable to view some parts of the UI when you run certain apps.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5044384 Preview.)

Windows 11 24H2 KB5044284 (OS Build 26100.2033)

Release date: October 8, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2024 Security Updates.

This build also fixes one bug in which the Remote Desktop Gateway Service stopped responding when a service used remote procedure calls (RPC) over HTTP.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5044284.)

Windows 11, version 24H2

Release date: October 1, 2024

The Windows 11 24H2 update (also called Windows 11 2024 Update) is now being gradually rolled out. It may take some months before it reaches everyone, so you may not have it yet. As with previous annual Windows updates, it’s not a major upgrade, but does include a variety of minor new features.

Following are the highlights for end users:

• File Explorer gets several new features, including support for TAR and 7z compression and the ability to add metadata to PNG files, so you can add information to your images.
• New privacy settings for Wi-Fi networks give more control over which applications can access the list of nearby Wi-Fi networks. Limiting the applications that can access that list can make it more difficult for others to pinpoint your location.
• You can now join Wi-Fi networks by scanning QR codes, and create a QR code to allow others to share your mobile hotspot with others.
• A new Energy Saver mode reduces electric consumption on desktop PCs as well as laptops, helping you reduce your carbon footprint and improving laptop battery life. It reduces energy consumption from background tasks as well as those running in the foreground.
• Copilot now runs as a separate app, and is movable and resizable like any other app, rather than running in a sidebar panel.
• Copilot+ PCs get several new features, including Cocreator in Paint, which uses AI to generate images; enhancing video calls with AI-powered noise cancellation and improved lighting; and what Microsoft calls Auto Super Resolution, which gives games higher resolution and offers smoother gameplay.

For IT admins, highlights include:

• Policy improvements and automatic account management for Windows Local Administrator Password Solution (LAPS)
• Personal Data Encryption (PDE) for users’ Documents, Desktop, and Pictures folders
• App Control for Business
• Windows protected print mode
• Local Security Authority (LSA) protection
• Support for Wi-Fi 7
• SHA-3 support

See this blog post from Microsoft’s Harjit Dhaliwal for more information.

Prerelease updates for Windows 11 24H2

KB5043178 (OS Build 26100.1882) Preview

Release date: September 30, 2024

This build for Windows 11 24H2 offers a variety of new features, some of which will show up immediately and some of which are being rolled out gradually. Among the features that will roll out gradually is a new energy recommendation to turn off high dynamic range (HDR). This helps to conserve energy on devices that have HDR displays. Go to Settings > Power & battery > Energy recommendations.

Among the features available immediately is one that lets you manage your Copilot Pro subscription in Settings. Sign in to your Microsoft account and go to Settings > Accounts.

Several bugs have been fixed, including one in which Task Manager stopped responding when you switched from a high-contrast theme to a normal theme.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5043178 Preview.)

KB5043080 (OS Build 26100.1742)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043080.)

KB5041865 (OS Build 26100.1591) Preview

Release date: August 27, 2024

This build for Windows 11 24H2 offers a variety of new features that are being rolled out gradually, including one in which you can share content to your Android device from the Windows Share window.

Several bugs have been fixed, including one in which a deadlock occurred in the domain controller when it started up in the DNS client.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5041865 Preview.)

KB5041571 (OS Build 26100.1457)

Release date: August 13, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates. It also fixes several bugs, including one in which the “Use my Windows user account” checkbox was not available on the lock screen to connect to Wi-Fi.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041571.)

KB5040529 (OS Build 26100.1301) Preview

Release date: July 30, 2024

This build for Windows 11 24H2 offers a variety of new features that are being rolled out gradually, including the new account manager being on the Start menu. When you use a Microsoft account to sign in to Windows, you will get a glance at your account benefits. This feature also makes it easy to manage your account settings.

One feature is being rolled out immediately, in which Widgets icons on the taskbar are no longer pixelated or fuzzy. You also get a larger set of animated icons.

Several bugs have been fixed, including one in which devices that use certain WLAN cards stopped responding.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5040529 Preview.)

KB5040435 (OS Build 26100.1150)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates. It also This update adds PCR 4 to PCR 7 and 11 for the default Secure Boot validation profile.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5040435.)

KB50439304 (OS Build 26100.1000) Preview

Release date: June 28, 2024

This build fixes a variety of bugs, including one in which Windows Defender Application Control (WDAC) failed to verify the policies of some apps.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5041865 Preview.)

KB5039239 (OS Build 26100.863)

Release date: June 15, 2024

This build pins Copilot to the taskbar and makes it behave like a traditional app that can be resized and moved. The build also fixes several bugs, including one in which the volume of Bluetooth devices were automatically set to maximum when you connected to them.

There is one known issue in this build, in which Arm devices are unable to download and play Roblox via the Microsoft Store on Windows.

(Get more info about KB5039239.)

Updates to Windows 11 version 23H2

KB5043145 (OS Builds 22621.4249 and 22631.4249) Preview

Release date: September 24, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately, and some of which are being rolled out gradually. Among the features that will roll out gradually is the ability to share local files directly from the search results that appear in the Search box on the taskbar. Among the bug fixes that roll out immediately are one that addresses an issue in which Task Manager stopped responding when you switched from a high contrast theme to a normal theme.

(Get more info about KB5043145 Preview.)

KB5043076 (OS Builds 22621.4169 and 22631.4169)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, in which you might face issues with booting Linux if you have enabled the dual-boot setup for Windows and Linux in your device. Your device might fail to boot Linux and show the error message “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”

(Get more info about KB5043076.)

KB5041587 (OS Builds 22621.4112 and 22631.4112) Preview

Release date: August 27, 2024

This build, for both Windows 11 22H2 and 23H2, includes the ability to share content to your Android device from the Windows Share window. To do it, must pair your Android device to your Windows PC and use the Link to Windows app on your Android device and Phone Link on your PC.

In Voice Access, you can also now dictate the characters that you spell at a faster speed, and you have more editing options for the commands that select, delete, and move within text. The build also fixes several bugs, including one in which when you pressed Ctrl + F, sometimes the search did not start.

The new features and bug fixes will roll out to users gradually.

(Get more info about KB5041587 Preview.)

KB5041585 (OS Builds 22621.4037 and 22631.4037)

Release date: August 13, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041585.)

KB5040527 (OS Builds 22621.3958 and 22631.3958) Preview

Release date: July 25, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately and some of which are being rolled out gradually. Among the features that will roll out gradually is pinning apps to the taskbar by dragging them from the Pinned section of the Start menu, and right-clicking a tab in File Explorer to duplicate it. Among the bug fixes that will roll out gradually is a memory leak that occurred when you interacted with archive folders.

Among the bugs fixed immediately is one in which in Group Policy Preferences you could not choose a group from the target domain for ILT or choose an account from Local Users and Groups.

(Get more info about KB5040527 Preview.)

KB5040442 (OS Builds 22621.3880 and 22631.3880)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which enterprise users may face issues while upgrading from Windows Pro to a valid Windows Enterprise subscription. OS upgrade operations may fail, and this might be shown in the LicenseAcquisition scheduled task in Task Scheduler > Task Scheduler Library > Microsoft > Windows > Subscription as ‘Access denied error (error code 0x80070005)’ under ‘Last Run Result.’

(Get more info about KB5040442.)

KB5039302 (OS Builds 22621.3810 and 22631.3810) Preview

Release date: June 25, 2024

This build, for both Windows 11 22H2 and 23H2, offers a variety of new features and bug fixes, some of which will show up immediately and some of which are being rolled out gradually. Among the bug fixes that will show up immediately is one that addresses an issue in which ejecting USB devices using the Safely Remove Hardware option failed when Task Manager was open.

Among the features that will roll out gradually is a new account manager on the Start menu that makes it easier to manage your account settings and lets you see your account benefits. Also being rolled out gradually is support for Emoji 15.1.

(Get more info about KB5039302 Preview.)

KB5039212 (OS Builds 22621.3737 and 22631.3737)

Release date: June 11, 2024

This update fixes a variety of bugs, including one in which the taskbar might briefly glitch, not respond, or disappear and reappear.

In addition, it has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5039212.)

KB5037853 (OS Builds 22621.3672 and 22631.3672) Preview

Release date: May 29, 2024

This build introduces a variety of minor feature updates, including one that lets you use your mouse to drag files between breadcrumbs in the File Explorer address bar and another that lets you create QR codes for webpage URLs and cloud files from the Windows share window.

The build also fixes a variety of bugs, including one in which File Explorer stopped responding when you swiped from a screen edge after turning off edge swiping, and another in which handwriting panels and touch keyboards did not appear when you used a pen.

(Get more info about KB5037853 Preview.)

KB5037771 (OS Builds 22621.3593 and 22631.3593)

Release date: May 14, 2024

This update fixes a bug that caused VPN connections to fail, and another in which Server Message Block (SMB) clients failed to make SMB Multichannel connections, making file transfers are slow.

In addition, it has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5037771.)

KB506980 (OS Builds 22621.3527 and 22631.3527) Preview

Release date: April 23, 2024

In this build, the Recommended section of the Start menu will show some Microsoft Store apps. In addition, widgets icons on the taskbar are no longer pixelated or fuzzy, and Windows widgets on the lockscreen are more reliable.

The build also fixes a variety of bugs, including one in which Windows Local Administrator Password Solution’s Post Authentication Actions (PAAs) did not occur at the end of the grace period. Instead, they occurred at restart.

There is one known issue in this build, in which you might be unable to change your user account profile picture.

(Get more info about KB5036980 Preview.)

KB5036893 (OS Builds 22621.3447 and 22631.3447)

Release date: April 9, 2024

This build offers a wide variety of minor new features, including dedicated mode for Windows 365 Boot. When you sign in on your company-owned device, you also are signed into to your Windows 365 Cloud PC. This uses passwordless authentication, like Windows Hello for Business.

The update also adds suggestions to Snap Layouts. When you hover over the minimize or maximize button of an app to open the layout box, app icons will display various layout options. Use them to help you to choose the best layout option.

In addition, the update changes the apps that appear in the Windows share window. The account you use to sign in affects the apps that are in “Share using.” For example, if you use a Microsoft account (MSA) to sign in, you will see Microsoft Teams (free). When you use a Microsoft Entra ID account (formerly Azure Active Directory) to sign in, your Microsoft Teams (work or school) contacts show instead.

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5036893.)

Windows 11 KB5035942 (OS Builds 22621.3374 and 22631.3374) Preview

Release date: March 26, 2024

In addition, in Windows Hello for Business admins can now use mobile device management to turn off the prompt that appears when users sign in to an Entra-joined machine. To do it, turn on the “DisablePostLogonProvisioning” policy setting. After a user signs in, provisioning is off for Windows 10 and Windows 11 devices.

There is one known issue in this build, in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows.

(Get more info about KB5035942 Preview.)

KB5035853 (OS Builds 22621.3296 and 22631.3296)

Release date: March 12, 2024

This build fixes a bug that affected the February 2024 security and preview updates. They might not have installed, and your device might shave stopped responding at 96% with the error code “0x800F0922” and the error message, “Something did not go as planned. No need to worry – undoing changes. Please keep your computer on.”

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5035853.)

KB5034848 (OS Builds 22621.3235 and 22631.3235) Preview

Release date: February 29, 2024

In this build, you can now use the Snipping Tool on your PC to edit the most recent photos and screenshots from your Android device. You will get an instant notification on your PC when your Android device captures a new photo or screenshot. To turn this on, go to Settings > Bluetooth & devices > Mobile devices. Choose Manage devices and allow your PC to access your Android device.

The build also adds support for the USB 80Gbps standard, the next generation of USB4 that has twice the bandwidth of USB 40Gbps. To use USB 80Gbps, you must have a compatible PC and USB4 or Thunderbolt peripheral.

The build also fixes several bugs, including one in which the Windows Settings Home page randomly stopped responding when you went to the page, and another in which devices failed to make the automatic switch from cellular to Wi-Fi when they could use Wi-Fi.

There is one known issue in this build, in which Windows 11 devices attempting to install the February 2024 security update, released February 13, 2024 (KB5034765), might face installation failures and the system might stop responding at 96%.

(Get more info about KB5034848 Preview.)

KB5034765 (OS Builds 22621.3155 and 22631.3155)

Release date: February 13, 2023

In this build, the Copilot in Windows icon now appears on the right side of the system tray on the taskbar. Also, the display of “Show desktop” at the rightmost corner of the taskbar will be off by default. To turn it back on, go to Settings > Personalization > Taskbar. You can also right-click the taskbar and choose Taskbar settings. These changes will be gradually rolled out.

This build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5034765.)

KB5034204 (OS Builds 22621.3085 and 22631.3085) Preview

Release date: January 23, 2024

This build fixes a variety of bugs, including one that stopped search from working on the Start menu for some users because of a deadlock, and another that that caused devices to intermittently stop responding after you installed a print support app.

There is one known issue in this build, in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview).

(Get more info about KB5034204 Preview.)

KB5034123 (OS Builds 22621.3007 and 22631.3007)

Release date: January 9, 2024

This build fixes several bugs, including one in which devices shut down after 60 seconds when you used a smart card to authenticate on a remote system, and another in which some Wi-Fi adapters could not connect to some networks, particularly those that use 802.1x to authenticate.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one affecting ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5034123.)

KB5033375 (OS Builds 22621.2861 and 22631.2861)

Release date: December 12, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are four known issues in this build, including one which affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5033375.)

KB5032288 (OS Builds 22621.2792 and 22631.2792) Preview

Release date: December 4, 2023

In this update, Copilot in Windows (in preview) can be used across multiple displays, and it can be used with Alt+Tab. When you press Alt+Tab, the thumbnail preview for Copilot in Windows appears among other thumbnail previews of open windows. You can switch between them using the Tab keystroke. This is available to a small audience initially and will deploy more broadly in the months that follow.

The update also fixes a wide range of bugs, including one in which the Copilot icon did not show as being as active when it’s open on the taskbar.

There are four known issues in this update, one applicable to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5032288 Preview.)

KB5032190 (OS Builds 22621.2715 and 22631.2715)

Release date: November 14, 2023

This build introduces a preview of the Copilot for Windows AI assistant and a File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also introduces the Windows Backup app that can be used to quickly get your current PC backed up and ready to move to a new PC. In addition, there are many other new features and interface changes throughout Windows, including for Settings, Windows Spotlight, security graphics, voice access, Narrator, and others.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one that affects ID admins in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5032190.)

KB5031455 (OS Builds 22621.2506 and 22631.2506) Preview

Release date: Oct. 31, 2023

This update introduces a preview of the Copilot for Windows AI assistant and File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also includes minor interface changes to many parts of the operating system, including taskbar, system tray, security notifications, and more.

There is one known issue, which applies to IT admins: using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5031455 Preview.)

KB5031455 (OS Build 22621.2506) Preview

Release date: Oct. 26, 2023

This build introduces a preview of the Copilot for Windows AI assistant and a File Explorer with a new interface that includes new files displayed as a carousel, and that recognizes local and cloud folders. It also introduces the Windows Backup app that can be used to quickly get your current PC backed up and ready to move to a new PC.

There is one known issue in this build that applies to IT admins: using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5031455 Preview.)

KB5031354 (OS Build 22621.2428)

Release date: October 10, 2023

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5031354.)

KB5030310 (OS Build 22621.2361) Preview

Release date: September 26, 2023

This update adds websites to the Recommended section of the Start menu. These websites come from your browsing history. You can remove any website URL from the Recommended section using the shortcut menu. To turn off the feature, go to Settings > Personalization > Start.

It also fixes a variety of bugs, including one in which the search box tooltip did not appear in the correct position, and another in which the search button disappeared when you interacted with the search flyout box.

In addition, if you want to use a variety of new features, such as the AI-driven Copilot for Windows and improvements to File Manager, Paint, and other apps, go to Settings > Windows Update, toggle on “Get the latest updates as soon as they’re available,” and then restart your PC. For more details, see Microsoft’s blog post.

(Get more info about KB5030310 Preview.)

KB5030219 (OS Build 22621.2283)

Release date: September 12, 2023

This build removes a blank menu item from the Sticky Keys menu and includes a variety of security updates. For details, see Microsoft’s Security Update Guide and September 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5030219.)