Kategorie

K trendům v kyberbezpečnosti loni patřila falešná technická podpora. Ani nejlepší technologie nás neochrání před sociálním inženýrstvím. Díky AI ale odhalíme nízkoprahové útoky, které bychom jinak nezaznamenali.

Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates. [...]

**Microsoft ve svých produktech v březnu opravil 83 zranitelných míst. **Windows 11 přináší pár uživatelských vylepšení jako tapety ve WEBP. **Vývojový tým se ale primárně soustředí na opravy a optimalizace.

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted autonomous artificial intelligence (AI) agent. In a post shared on WeChat, CNCERT noted that the platform's "inherently weak default security configurations," coupled with its Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. [...]

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of requiring every malicious listing to embed the loader directly, the threat actor is now abusing extensionPack and extensionDependencies to turn initially standalone-looking extensions into transitiveRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft is undergoing a regime change that could have a direct impact on its core business.

Rajesh Jha, EVP for experiences and devices, which covers Microsoft 365 and Windows, has announced his retirement, and a succession plan.

Jha will “transition out” on July 1 but remain in an advisory capacity. Interestingly, the company is appointing four EVPs to take over his duties: Longtime Microsoft alums Perry Clarke, Charles Lamanna, and Pavan Davuluri, and LinkedIn head Ryan Roslansky. They will all report directly to CEO Satya Nadella.

The move comes as Redmond has been actively repositioning itself as AI-first, and pushing hard into AI assistants, notably Microsoft Copilot. Recognizing the fervor around Claude Cowork, which stoked fears of a ‘SaaSpocalypse’ after it was rolled out in January, Microsoft recently intorduced an optional Copilot Cowork AI, based on Anthropic’s wildly-popular AI agent.

Coalescing around AI

“Rajesh Jha retiring gives Microsoft the chance to reshape and refocus its leadership over internal products while fulfilling an established roadmap,” said Scott Bickley, advisory fellow at Info-Tech Research Group.

Jha has been a mainstay at the company for more than 35 years, during which time it has rolled out Azure, Microsoft 365, and Microsoft Copilot, all of which are now cornerstones of the tech giant’s portfolio.

In a blog post about his retirement, Jha emphasized Microsoft’s “great momentum,” and said that over the next few months, his team will work together to “finalize the full cascade of details” required with this kind of transition. “This includes aligning operating rhythms, decision ownership, and details on the future org structure, all so we’ll be fully aligned and ready to run at the start of FY27,” he said.

The new guard

Jha’s four replacements have significant experience within Microsoft, and with its expanding suite of AI-powered products. Here’s a quick breakdown.

Pavan Davuluri

Davuluri has been with Microsoft for 25 years, working across PC hardware, Surface, Windows, and silicon. Most recently, he served as president of Windows + Devices, where he led teams responsible for the strategy, design, and delivery of Windows commercial and consumer products, including cloud, platform, OS, apps, silicon, devices, and security. The division also oversees the supply chain and manufacturing of Microsoft hardware.

On his LinkedIn profile, Davuluri outlines some takeaways from his decades as a “product maker,” notably the value of end-to-end thinking and product differentiation.

“Windows is evolving into an agentic OS, connecting devices, cloud, and AI to unlock intelligent productivity and secure work anywhere,” he wrote in a recent X post. He later responded to subsequent criticism from developers on the company’s “weird direction” and their calls for reliability, performance, and ease of use.

“We care deeply about developers,” he insisted, adding that his team takes in “a ton of feedback.” However, he acknowledged, “we know we have work to do on the experience, both on the everyday usability, from inconsistent dialogs to power user experiences.”

Charles Lamanna

Lamanna has spent 13 years at Microsoft, joining when the tech giant acquired his cloud monitoring startup, MetricsHub, in 2013. Prior to being promoted to EVP, he served as president of the business and industry Copilot division.

Lamanna has been behind Microsoft’s agentic AI push from the beginning, helping evolve Microsoft Copilot and development tool Copilot Studio, with which users can create custom AI agents. He has overseen the design, development, and engineering of AI-powered apps, autonomous agents, and low-code platforms, including Dynamics 365 and Power Platform.

According to Microsoft, under Lamanna’s leadership, Power Apps has become a “market leader” used by 25 million monthly users. Dynamics 365 is also “one of the largest public cloud-hosted SaaS solutions globally,” used by more than 400,000 organizations worldwide.

He also helped develop Microsoft Azure.

Ryan Roslansky

Roslansky has been with LinkedIn for nearly 17 years, roughly six of those as CEO. In June 2025, he was tapped by Microsoft for a dual role leading Microsoft Office and M365 Copilot. He also still serves as head of LinkedIn, which Microsoft bought for $27 billion in 2016.

Roslansky has been reporting to Jha and Nadella, and is responsible for Outlook, Word, Excel, PowerPoint, and M365 Copilot apps. Under his leadership at LinkedIn, he more than doubled the company’s annual revenue and its membership (which is now around 1.2 billion). Under his leadership, M365 Copilot continues to “scale rapidly,” now with more than 100 million active monthly users, according to Microsoft.

“Roslansky‘s success in building LinkedIn as a platform demonstrates the potential to have similar success with M365,” Hyuon Park, CEO and chief analyst at Amalgam Insights, commented when his Microsoft appointment was announced last year.

Perry Clarke

Clarke has spent more than two decades at Microsoft, according to his LinkedIn profile, most recently serving as president of M365 Core. He has worked on M365 for nearly 10 years, and previously helped run Exchange Mailbox Server.

Unlike his colleagues, Clarke doesn’t have much of an online or social presence.

Four heads to replace one?

It’s unclear what responsibilities will be doled out to each of Jha’s four successors. Having so many cooks in the proverbial tech kitchen could cause some directional confusion, but some industry watchers say it may be a necessary move.

The ecosystem surrounding Copilot, Windows, Office, and Microsoft 365 has expanded so much in terms of size and complexity that it’s “debatable” whether one person can run all of them successfully, noted Info-Tech’s Bickley. “Distributing leadership among multiple experienced leaders should help Microsoft move faster to execute and keep focus on those primary platforms,” he said.

And for enterprise IT buyers, the change will probably be seen more as a change in internal operational leadership rather than an “overall change in Microsoft’s product strategy,” Bickley noted.

Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications. [...]

The retirement of old server equipment from data center facilities could become an opportunity for enterprises to generate revenue, instead of being an often costly recycling expense.

Last year Western Digital announced it was experimenting with new ways to extract valuable rare earth elements and metals from obsolete servers from Microsoft’s US data centers, as part of a collaboration with Critical Materials Recycling and PedalPoint Recycling.

And on Thursday, Reuters reported that Korea Zinc, which it described as one of the world’s largest smelters, is in “talks with major US technology firms to recycle data center waste and extract rare earth.”

The move comes almost one year to the day after China announced immediate export controls on seven more rare earth elements critical to enterprise IT hardware manufacturing. The new controls issued by China’s State Council required export licenses for samarium, gadolinium, terbium, dysprosium, lutetium, scandium, and yttrium, along with their alloys, oxides, and compounds. All those materials are deemed essential components in data center storage systems, networking equipment and semiconductors.

According to Reuters, the Korea Zinc initiative will give the US another rare earth source beyond its main supplier, China, which produces about 90% of the world’s rare earths, and the single US-based mine run by MP Materials,

Sanchit Vir Gogia, chief analyst at Greyhound Research, said that the Korea Zinc initiative reflects a structural shift that is beginning to take shape inside the global technology infrastructure economy.

For decades, he said, “the retirement of data center equipment was treated almost entirely as a compliance and disposal issue. Enterprises focused on secure decommissioning, certified recycling, and documented destruction of sensitive hardware. Once equipment left production environments, its economic life was assumed to be largely finished.”

That assumption, he pointed out, “is beginning to change, because the hardware inside modern data centres contains a wide range of strategically important materials. Servers, storage systems, networking equipment, and power components contain copper, aluminum, silver, gold, and increasingly small but significant quantities of rare earth elements and other critical minerals.”

These materials play a vital role in the manufacturing of semiconductors, energy systems, defense electronics, and advanced computing infrastructure, he explained, noting, “as global demand for digital infrastructure continues to expand, the volume of retired hardware entering disposal channels is rising quickly.”

Electronic waste has already become one of the fastest growing waste streams in the world. “Global volumes now exceed 60 million tonnes annually and are projected to move toward eighty million tonnes by the end of the decade if current trends continue,” he said. “Data center infrastructure represents only a portion of that total, but it is a particularly important portion because it is concentrated, professionally managed, and replaced in structured cycles.”

For a metals producer, he said, data center infrastructure represents a highly attractive feedstock, because unlike consumer electronics, enterprise hardware is replaced in large batches and flows through professional asset management channels.

That predictability, said Gogia, “allows recyclers to design specialized processes that target specific components and materials. Over time, this creates the foundation for an industrial scale circular supply chain in which retired electronics feed back into the production of new materials.”

For enterprises themselves, he added, “the implications are primarily economic and operational rather than geopolitical. The ability to capture value from retired hardware depends heavily on how organizations manage the end of life phase of their infrastructure lifecycle. Many companies still treat hardware retirement as a simple disposal exercise. Mixed equipment is often shipped to recyclers with little separation between different component types. In those scenarios most of the recoverable value disappears.”

Organizations that approach decommissioning more strategically can improve outcomes significantly, said Gogia, pointing out that separating storage devices, circuit boards, and power components allows recyclers to process materials more efficiently, and maintaining detailed chain of custody records ensures that the hardware is tracked securely, which is often a compliance requirement, while still enabling recovery of valuable materials.

Data centers have traditionally been viewed as energy intensive facilities that consume enormous resources, but, he said, “what is becoming visible now is that they also generate a growing stream of recoverable materials when equipment reaches the end of its operational life. As computing infrastructure continues to expand globally, those retirement streams will begin to resemble industrial resource flows rather than simple waste.”

This article originally appeared on NetworkWorld.

The team at Readiness each month analyzes the latest Patch Tuesday updates from Microsoft and provides detailed, actionable testing guidance. The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET — a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in the wild.)

Six additional vulnerabilities spanning the Windows Kernel, Graphics Component, SMB Server, Accessibility Infrastructure, and Winlogon are flagged as “Exploitation More Likely.”

The most significant change this month is the introduction of Common Log File System (CLFS) hardening with signature verification, which will affect how Windows handles log files across the operating system. 

To help navigate these changes, the Readiness team has created a useful infographic detailing the risks of deploying the updates.

Known issues

March is another clean month for known issues. All three desktop KB articles — KB5079473 (Windows 11 25H2/24H2), KB5078883 (Windows 11 23H2), and KB5078885 (Windows 10 22H2) — explicitly say Microsoft is not currently aware of any issues. 

• CVE-2025-59287 — Windows Server Update Services (WSUS) — Synchronization error reporting remains intentionally disabled since October 2025 to mitigate this critical CVSS 9.8 unauthenticated RCE. Error details continue to be suppressed in the WSUS console with no timeline for restoration. Server 2016 through Server 2025 are affected. Action: There’s no workaround available; monitor Windows Server release health for updates.
• Windows Update Standalone Installer (WUSA) — Continues to fail with ERROR_BAD_PATHNAME when installing .msu packages from network shares containing multiple .msu files. Originated May 2025, it affects Windows 11 24H2/25H2 and Server 2025. Action: This can be mitigated via Known Issue Rollback; copy .msu files to a local directory before installation.

Separately, Microsoft issued an out-of-band update on March 2 (KB5082314) for Windows Server 2022, addressing an issue with Windows Hello for Business certificate renewal in ADFS-based deployments. 

Issues resolved

The March release resolves a small number of issues from previous updates, including:

• A known issue where Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled were unable to shut down or enter hibernation — instead the device restarted. It has been fixed in KB5078885 for Windows 10 22H2. This had been affecting devices since the January 2026 security update.
• A Windows Defender Application Control (WDAC) issue where COM objects were incorrectly blocked despite being covered by allowlisting policies has been resolved in KB5079473 for Windows 11 24H2/25H2. COM objects are now allowed as expected when matching policy rules are configured.

Major revisions and mitigations

March is a quiet month for inter-cycle revisions. No previously published CVEs received severity upgrades, expanded affected-product lists, or new action requirements. The most notable inter-patch-cycle action was the KB5082314 out-of-band update.

Windows lifecycle and enforcement updates

Two enforcement deadlines covered in our January and February posts are now less than a month away:

• Kerberos RC4 deprecation — Next month, the default encryption for service account ticket issuance changes from RC4 to AES-SHA1 for accounts without an explicit msds-SupportedEncryptionTypes attribute. The July 2026 enforcement phase removes the RC4DefaultDisablementPhase registry override entirely.
• Windows Deployment Services (WDS) hardening — Also in April, hands-free deployment will be disabled by default with a secure-by-default posture.

CLFS hardening

The headline change with this release is the new hardening feature for the CLFS, delivered in KB5079473 for Windows 11 24H2. CLFS is a general-purpose logging subsystem used by transactional NTFS, failover clustering, Windows Update, and many line-of-business applications. The update introduces signature verification for CLFS log files and operates in two modes. Learning Mode (the initial phase) automatically signs existing unsigned log files when they are first opened and audits events without blocking access. Enforcement Mode actively blocks log files that are unsigned or have mismatched signatures. This is a phased rollout — machines begin in Learning Mode, and administrators must manually switch to Enforcement Mode via registry configuration when satisfied that all log files have been properly signed.

• In Learning Mode, run a Windows Update check and install any available updates to verify update flows complete without errors.
• Test backup and restore scenarios, as these rely heavily on CLFS-based transaction logging.
• If your environment uses failover clustering or shared storage, validate that shared log files accessed from multiple machines are correctly signed and accessible.
• Verify that line-of-business applications that use transactional logging start and operate normally in Learning Mode.
• Switch to Enforcement Mode, restart, and repeat the above tests; confirm that any unsigned log files created before the update are now blocked and that the system logs appropriate events.
• Monitor Event Viewer for CLFS-related audit entries and errors throughout testing, particularly during Windows upgrade flows and application startup.

File Systems

Four file system drivers got updates: exFAT (CVE-2026-25174, 7.8), NTFS (CVE-2026-25175, 7.8), ReFS (CVE-2026-23673, 7.8), and UDF (CVE-2026-23672, 7.8). All four are elevation-of-privilege vulnerabilities. This month’s Windows file system test guidance calls for validation of end-of-file handling, file allocation, and offset operations across all four file systems.

• Test file operations on exFAT-formatted USB drives and SD cards: create, copy, move, and delete files of varying sizes, including files that fill the volume near capacity.
• Validate NTFS operations including large file copies, sparse files, and files with extended attributes.
• On servers using ReFS, verify volume integrity, file copy operations, and Storage Spaces Direct workloads.
• Mount UDF-formatted optical media or ISO images and verify files can be read and browsed without errors.

Networking and bluetooth

The Ancillary Function Driver for WinSock (afd.sys) received four patches (CVE-2026-24293, CVE-2026-25176, CVE-2026-25178, CVE-2026-25179), making it the most heavily patched component. The Device Association Service (das.dll) and Bluetooth RFCOMM driver (CVE-2026-23671, 7.0) were also updated, along with core network components including NDIS and MUP (Multiple UNC Provider).

• Test messaging applications such as Microsoft Teams and web browsing to exercise WinSock connectivity paths.
• Pair and use Bluetooth devices including audio headsets, keyboards, and file transfer via RFCOMM.
• Verify SMB, WebDAV, DFS, and NFS access through the Multiple UNC Provider — open files on remote shares using UNC paths and confirm reads and writes succeed.

Graphics, GDI and accessibility

The Graphics Component received a vulnerability flagged as Exploitation More Likely (CVE-2026-23668, 7.0), alongside updates to GDI (CVE-2026-25190, 7.8) and GDI+ (CVE-2026-25181, 7.5). The Accessibility Infrastructure (ATBroker.exe) also has an Exploitation More Likely vulnerability (CVE-2026-24291, 7.8) and an information disclosure issue (CVE-2026-25186, 5.5). The Windows Shell link processing component (CVE-2026-25185) and the DWM Core Library (CVE-2026-25189, 7.8) were also patched.

• Open and render EMF and WMF metafiles in applications that rely on GDI/GDI+ — verify images display correctly without crashes or rendering artifacts.
• Test applications that use the GDI+ library for image processing, including printing workflows.
• Verify that On-Screen Keyboard, Magnifier, and Narrator launch and function correctly after applying the update.
• Test creation and use of shortcut (.lnk) files — create shortcuts to applications, documents, and network locations, then verify they resolve and open correctly.

SMB and file sharing

The Windows SMB Server has an Exploitation More Likely vulnerability (CVE-2026-24294, 7.8) alongside a second SMB issue (CVE-2026-26128, 7.8). The Windows File Server component also received a high-scoring patch (CVE-2026-24283, 8.8). Updates to srv.sys, srv2.sys, and srvnet.sys affect all editions from Windows 10 1607 through Windows Server 2025.

• Access files on SMB remote shares with SMB signing enabled — perform read, write, copy, and delete operations.
• Repeat the above tests with SMB signing disabled to validate both paths.
• Perform sustained file I/O to network shares under load, verifying that connections remain stable and data integrity is maintained.
• Test access to SMB shares from different client OS versions to validate cross-version compatibility.

Kernel and Winlogon

The Windows Kernel received two Exploitation More Likely vulnerabilities (CVE-2026-24289 and CVE-2026-26132, both 7.8), plus a third kernel issue (CVE-2026-24287, 7.8). Winlogon also has an Exploitation More Likely vulnerability (CVE-2026-25187, 7.8). Testing should include:

• Test Winlogon scenarios: interactive logon, logoff, workstation lock and unlock, fast user switching, and Ctrl+Alt+Delete secure attention sequence.
• If using Windows Projected File System (e.g. Scalar for large Git repos), verify that projected files materialize correctly on access.

Routing, VPN and remote access

The Routing and Remote Access Service (RRAS) received three patches this month: CVE-2026-25172 (8.8), CVE-2026-25173 (8.0), and CVE-2026-26111 (8.8). These affect the RRAS management snap-in, packet filtering, and SSTP VPN connectivity. Organizations running Windows Server with the RRAS role should prioritize testing.

• Open the RRAS management snap-in and verify that routing tables and interface configurations display correctly.
• Test packet filter rules — create, modify, and delete filters, then verify traffic is correctly permitted or blocked.
• Establish and disconnect SSTP VPN connections, verifying that data flows correctly and the tunnel remains stable under sustained use.
• Verify static routes and ensure that RIP routing configuration persists across service restarts.

SQL Server

SQL Server had three vulnerabilities, all scored at 8.8, one of which — CVE-2026-21262, an elevation-of-privilege issue — is a publicly disclosed zero-day. The other two (CVE-2026-26115 and CVE-2026-26116) are also elevation-of-privilege vulnerabilities. GDR patches span SQL Server 2016 SP3 through SQL Server 2025, with 10 separate KB articles covering both RTM and cumulative update baselines across all supported versions. Given the public disclosure, SQL Server patching should be prioritized.

• Install the appropriate GDR patch on top of the correct baseline (RTM or latest CU) for your SQL Server version.
• Verify that the SQL Server service starts, accepts connections, and executes queries normally after patching.
• Test database backup and restore operations to ensure transactional integrity.

Office & SharePoint

Microsoft Excel had five vulnerabilities (CVE-2026-26107, CVE-2026-26108, CVE-2026-26109, CVE-2026-26112, CVE-2026-26144), with CVE-2026-26109 scoring 8.4. SharePoint Server had three vulnerabilities, including CVE-2026-26106 (8.8) and CVE-2026-26114 (8.8) as did the Microsoft Office platform; the latter included two scored at 8.4 (CVE-2026-26110, CVE-2026-26113).

• Open and edit complex Excel workbooks with formulas, macros, and external data connections.
• Validate SharePoint document library operations, co-authoring, and workflow execution.
• Test Office add-ins and verify that line-of-business applications integrating with Office operate correctly.
• Open documents containing embedded objects and verify they render and activate without errors.

.NET & ASP.NET Core

The March patches for .NET and ASP.NET Core include a publicly disclosed zero-day: CVE-2026-26127, a denial-of-service vulnerability scored at 7.5 that affects the .NET runtime. A second .NET vulnerability (CVE-2026-26131, EoP, 7.8) and an ASP.NET Core denial-of-service issue (CVE-2026-26130, 7.5) round out the .NET updates. These affect runtime and SDK packages. No application rebuilds or configuration changes are expected, but the public disclosure warrants prompt patching.

• Test runtime functionality including file I/O, networking, cryptography, and threading.
• Validate ASP.NET Core workloads, particularly those exposed to untrusted input that could trigger the denial-of-service conditions patched this month.

The six “Exploitation More Likely” rated vulnerabilities — spanning the Windows Kernel, Winlogon, SMB Server, Graphics Component, and Accessibility Infrastructure — affect core operating system stability and need immediate attention. Organizations using RRAS for VPN or routing should give priority to the three high-scoring flaws. 

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

• Browsers (Microsoft IE and Edge) 
• Microsoft Windows (both desktop and server) 
• Microsoft Office
• Microsoft Exchange and SQL Server 
• Microsoft Developer Tools (Visual Studio and .NET)
• Adobe (if you get this far) 

Microsoft Edge (and Chromium)

Microsoft republished 10 Chromium security fixes for Microsoft Edge this cycle, alongside one Edge-specific vulnerability. None are actively exploited or publicly disclosed.

• CVE-2026-26133 — M365 Copilot — Information disclosure (CVSS 7.1, Important); surfaces through Edge for Android and iOS. Customer action required.

The Chromium update addresses issues across several components covering CVE-2026-3536 (integer overflow in ANGLE), CVE-2026-3538 (integer overflow in Skia), and CVE-2026-3544 (heap buffer overflow in WebCodecs). Organizations should refer to the Chrome Releases blog for Google’s severity assessments. Add these low-impact browser updates to your standard release schedule.

Microsoft Windows

Windows accounts for 48 of this month’s CVEs, all rated Important. There are no actively exploited or publicly disclosed vulnerabilities in the Windows category. Microsoft flagged six CVEs as “Exploitation More Likely,” all elevation-of-privilege vulnerabilities that include:

• CVE-2026-24289, CVE-2026-26132 — Windows Kernel — Elevation of privilege (CVSS 7.8); memory corruption and use-after-free conditions enabling SYSTEM escalation from a local authenticated session.
• CVE-2026-25187 — Winlogon — Elevation of privilege (CVSS 7.8); discovered by Google Project Zero. Given Winlogon’s position in the authentication path, this is a high-value target for post-exploitation.
• CVE-2026-24294 — Windows SMB Server — Elevation of privilege (CVSS 7.8); authentication flaw allowing privilege escalation on systems with SMB enabled.
• CVE-2026-24291 — Windows Accessibility Infrastructure (ATBroker.exe) — Elevation of privilege (CVSS 7.8).
• CVE-2026-23668 — Windows Graphics Component — Elevation of privilege (CVSS 7.0); race condition.

With no actively exploited vulnerabilities, no critical ratings, and no publicly disclosed issues, this is the quietest Windows month of the year so far. Add these updates to your standard deployment schedule. (Kind of amazing, eh?)

Microsoft Office

Microsoft Office got 12 security fixes, including three of them critical. None are actively exploited or publicly disclosed, and none are flagged as “Exploitation More Likely” — but the attack surface warrants attention.

• CVE-2026-26113, CVE-2026-26110 — Microsoft Office — Remote code execution (CVSS 8.4, critical). Both confirm the Preview Pane as an attack vector — simply previewing a malicious file in Outlook or File Explorer is sufficient to trigger execution without further user interaction. 
• CVE-2026-26144 — Microsoft Excel — Information disclosure (CVSS 7.5, critical). This is a novel vulnerability: a network-accessible, zero-click data exfiltration path through Copilot Agent mode. No user interaction is required. It is unusual to see an information disclosure rated critical, reflecting the sensitivity of the data exposed. 

The two Preview Pane RCEs (CVE-2026-26113, CVE-2026-26110) make this a “Patch Now” release for Office. Organizations that cannot deploy immediately should consider temporarily disabling the Preview Pane in Outlook and File Explorer.

Microsoft SQL Server and Exchange

SQL Server has three elevation-of-privilege vulnerabilities, all CVSS 8.8, all enabling authenticated users to escalate to sysadmin over the network:

• CVE-2026-21262 — Improper access control. Publicly disclosed (zero-day). Affects SQL Server 2016 SP3 through 2025.
• CVE-2026-26115 — Improper input validation. Affects SQL Server 2016 SP3 through 2025.
• CVE-2026-26116 — SQL injection. Affects SQL Server 2025 only.

CVE-2026-21262 is one of this month’s two zero-days. While rated “Exploitation Less Likely,” the public disclosure and broad version coverage (every supported edition) warrant priority patching for SQL Server environments. Exchange Server has not received any security updates this month. Add these SQL Server updates to your Patch Now schedule.

Developer tools

For March, Microsoft addresses four vulnerabilities across .NET, ASP.NET Core, and Microsoft Semantic Kernel, all rated Important, covering the following:

• CVE-2026-26127 — .NET — Denial of service (CVSS 7.5). Publicly disclosed (zero-day). An unauthenticated out-of-bounds read affecting .NET 9.0 and 10.0 across Windows, macOS, and Linux.
• CVE-2026-26130 — ASP.NET Core — Denial of service (CVSS 7.5). Unauthenticated resource exhaustion across ASP.NET Core 8.0, 9.0, and 10.0.
• CVE-2026-26030 — Semantic Kernel Python SDK — Remote code execution (CVSS 9.9). Filter bypass in InMemoryVectorStore; exploitation requires untrusted input to the filter path. Rated “Exploitation Unlikely.”
• CVE-2026-26131 — .NET 10.0 — Elevation of privilege (CVSS 7.8). Incorrect default permissions on Windows.

The two unauthenticated DoS vulnerabilities are the priority for internet-facing .NET and ASP.NET Core services. CVE-2026-26127 is the second of this month’s two zero-days. Add these updates to your “Patch Now” deployment schedule.

Adobe (and third-party updates)

Adobe (but not Microsoft) has released a single update (APSB26-26) that affects Adobe Reader and Acrobat. Since you made it this far, one item worth flagging for its novelty: CVE-2026-21536 (CVSS 9.8), a critical unauthenticated remote code execution vulnerability in the Microsoft Devices Pricing Program, was discovered by XBOW, an autonomous AI-powered penetration testing agent. This marks one of the first critical-severity CVEs in a Microsoft product publicly attributed to an AI security researcher. 

The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform. [...]

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to detect such threats.

The researchers, from firm Aikido Security, said Friday that they found 151 malicious packages that were uploaded to GitHub from March 3 to March 9. Such supply-chain attacks have been common for nearly a decade. They usually work by uploading malicious packages with code and names that closely resemble those of widely used code libraries, with the objective of tricking developers into mistakenly incorporating the former into their software. In some cases, these malicious packages are downloaded thousands of times.

Defenses see nothing. Decoders see executable code

The packages Aikido found this month have adopted a newer technique: selective use of code that isn’t visible when loaded into virtually all editors, terminals, and code review interfaces. While most of the code appears in normal, readable form, malicious functions and payloads—the usual telltale signs of malice—are rendered in unicode characters that are invisible to the human eye. The tactic, which Aikido said it first spotted last year, makes manual code reviews and other traditional defenses nearly useless. Other repositories hit in these attacks include NPM and Open VSX.

Read full article

Comments

Threat actors are exploiting two high severity zero day vulnerabilities in the Chrome browser that experts say IT teams must patch immediately.

Google has issued emergency patches for the two holes, CVE-2026-3909 and CVE-2026-3910. This comes just days after the release of 29 fixes for holes as part of March Patch Tuesday, and a zero day patch released in February. Affected are browsers before version 146.0.7680.75.

These exploits provide yet another reason why infosec leaders need to ensure there’s a corporate patching strategy in place for all authorized browsers and plugins.

“If you’re not managing browser patches, your odds of getting pwned are increasing daily,” said David Shipley of Canadian-based security awareness training provider Beauceron Security. 

CVE-2026-3910 allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, because of an inappropriate implementation within Chrome’s V8 JavaScript and WebAssembly engine. CVE-2026-3909 allows a remote attacker to perform out of bounds memory access via a crafted HTML page; the cause is an out of bounds write in Chrome’s Skia graphics library. Accessing browser memory could result in the loss of sensitive corporate information, noted Shipley.

Following company policy, Google isn’t releasing details about the bugs until a majority of users are updated with a fix.

Browsers a prime target

Browsers are a prime target for threat actors because they are a tool everyone online uses. A 2025 report by Omdia for Palo Alto Networks estimated that, in a 12 month period, 95% of organizations suffered a security incident originating from an employee’s browser.

Because of this, one expert has noted that adversaries now target the browser directly, with attacks like cross-site scripting (XSS), session hijacking via stolen tokens, and advanced phishing that bypasses traditional MFA. A browser-centric zero trust framework is the necessary response, he argued.

[Related content: Picking a secure enterprise browser]

These new flaws underscore the reason why browser engines remain among the most attractive targets for attackers, noted Jack Bicer, director of vulnerability research at Action1. “With active exploitation already confirmed, organizations that delay updates risk exposing users to drive-by attacks delivered through compromised or malicious websites.”

Chromium and all Chromium-based browsers, including Chrome, Edge, and others, must be updated to the latest security versions as soon as possible, he said. Admins should also ensure that automatic updates are enabled across enterprise endpoints, monitor for outdated browser versions, and consider browser isolation technologies to reduce exposure to web-based attacks.

Scott Caveza, senior staff research engineer at Tenable, agreed that the latest two zero days should be on the radar of any organization where Chrome is actively installed. While Google hasn’t provided details on the abuse of these flaws, he noted that most browser-related exploits do require a victim to visit a crafted website, making attacks more likely to be targeted. 

Fortunately, he added, updating Chrome is fast and easy, and many installations leave automatic updates enabled.

“We know attackers are opportunistic, and when they set their sights on one of the most widely installed browsers in the market, it’s imperative that teams are taking action now to ensure updates are applied as soon as possible,” he said.

This article originally appeared on CSOonline.

Several European companies are warning that the EU’s increased focus on technological sovereignty could hurt both profitability and competitiveness and argue it will be difficult to quickly reduce dependence on US tech firms, the Financial Times reports.

The European Commission is currently working on a new package for technological sovereignty aimed at reducing Europe’s dependence on US players in areas such as cloud services, software, and AI. The initiative has gained increased political momentum following concerns that geopolitical conflicts or sudden shifts in US policy could affect European companies’ access to critical technology.

However, companies across sectors ranging from banking to manufacturing warned that a rapid technological shift risks being both costly and complicated. For decades, many organizations have built their systems around platforms from companies like Microsoft and Google and many believe US providers still lead European alternatives in several areas.

Business concerns about digital sovereignty efforts also came up at the World Economic Forum in Davos in January.

Windows 11 25H2 has been released, but behind the scenes, Microsoft is constantly working to improve the newest version of Windows. The company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out — and help shape — upcoming features.

Skip to the latest builds

The Windows Insider program is divided into four channels:

• The Canary Channel is where platform changes (such as major updates to the Windows kernel and new APIs) are previewed. These changes are not tied to a particular Windows release and may never ship at all. Little documentation is provided, and builds are likely to be very unstable. This channel is best for highly technical users.
• The Dev Channel is where new features are introduced for initial testing, regardless of which Windows release they’ll eventually end up in. This channel is best for technical users and developers and builds in it may be unstable and buggy.
• In the Beta Channel, you’ll get more polished features that will be deployed in the next major Windows release. This channel is best for early adopters, and Microsoft says your feedback in this channel will have the most impact.
• The Release Preview Channel typically doesn’t see action until shortly before a new feature update is rolled out. It’s meant for final testing of an upcoming release and is best for those who want the most stable builds.

The Beta and Release Preview Channels also receive bug-fix builds for the currently shipping version of Windows 11. See “How to preview and deploy Windows 10 and 11 updates” for more details about the four channels and how to switch to a different channel.

Not everyone can participate in the Windows 11 Insider program, because the new operating system has more stringent system requirements than Windows 10. If your PC fails to meet the minimum hardware requirements for Windows 11, you cannot join the Windows 11 Insider Program. (See “How to check if your PC can run Windows 11.”)

Below you’ll find information about the Windows 11 preview builds that have been announced by Microsoft in the past six months. (For the Release Preview Channel, we cover builds released for the current version of Windows 11, not for earlier versions.) For each build, we’ve included the date of its release, which Insider channel it was released to, a summary of what’s in the build, and a link to Microsoft’s announcement about it.

Note: If you’re looking for information about updates being rolled out to all Windows 11 users, not previews for Windows Insiders, see “Windows 11: A guide to the updates.”

The latest Windows 11 Insider preview builds Windows 11 Insider Preview Build 26220.8062

Release date: March 13, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build includes numerous changes and refinements, including an update to the “Remove Default Microsoft Store packages” policy for Windows Enterprise and Education SKUs that allows IT administrators to remove MSIX/APPX apps by adding their app package family name (PFNs) to a dynamic list.

Starting with this update, the Windows kernel will enforce a new policy removing default trust for cross-signed drivers. The policy allows third-party drivers from the WHCP program by default, with an allow list of trustworthy publishers and drivers from the cross-signing program.

(Get more info about Windows 11 Insider Preview Build 26220.8062.)

Windows 11 Insider Preview Build 26300.8068

Release date: March 13, 2026

Released to: Dev Channel

For those who have turned the toggle on to receive the latest updates, this build includes numerous changes and refinements, including an update to the “Remove Default Microsoft Store packages” policy for Windows Enterprise and Education SKUs that allows IT administrators to remove MSIX/APPX apps by adding their app package family name (PFNs) to a dynamic list.

Starting with this update, the Windows kernel will enforce a new policy removing default trust for cross-signed drivers. The policy allows third-party drivers from the WHCP program by default, with an allow list of trustworthy publishers and drivers from the cross-signing program.

(Get more info about  Windows 11 Insider Preview Build 26300.8068.)

Windows 11 Insider Preview Build 28020.1737

Release date: March 13, 2026

Released to: Canary Channel

For those who have turned the toggle on to receive the latest updates, this build makes refinements to the Pen settings page, including small changes to the options for the pen tail button. A new option, “Same as Copilot key,” enables the pen tail button to launch the same app as the Copilot key.

(Get more info about Windows 11 Insider Preview Build 28020.1737.)

Windows 11 Insider Preview Build 29550.1000

Release date: March 13, 2026

Released to: Canary Channel (29500 build series)

For those  who have turned the toggle on to receive the latest updates in the Canary Channel’s optional 29500 build series, this build has a variety of minor changes, including one in which changes to global power settings (for example, Display, Sleep, Hibernate timeouts, Power/Sleep button, and lid close actions) from Settings are now applied to all power plans. This should help improve persistence of chosen settings.

(Get more info about Windows 11 Insider Preview Build 29550.1000.)

Windows 11 Insider Preview Builds 26100.8106 and 26200.8106

Release date: March 12, 2026

Released to: Release Preview Channel

This build introduces a wide range of minor features being rolled out gradually, including the ability to turn Smart App Control (SAC) on or off without needing a clean install. To make changes, go to Settings > Windows Security > App & Browser Control > Smart App Control settings. When turned on, SAC helps block untrusted or potentially harmful apps.

The update also improves stability in Windows Recovery Environment (Windows RE) when you run x64 apps on ARM64 devices. These apps run more smoothly and respond as expected.

(Get more info about Windows 11 Insider Preview Builds 26100.8106 and 26200.8106.)

Windows 11 Insider Preview Build 26220.7961

Release date: March 6, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build re-enables Administrator protection, which aims to protect free-floating admin rights for administrator users, allowing them to still perform all admin functions with just-in-time admin privileges. This feature is off by default and can be enabled via OMA-URI in Intune or via group policy.

Other changes and improvements being gradually rolled out to the same group include the ability to use voice typing (Windows key + H) when renaming files in File Explorer, as well as a smaller peek view in the drag tray.

(Get more info about Windows 11 Insider Build 26220.7961.)

Windows 11 Insider Preview Build 26300.7965

Release date: March 6, 2026

Released to: Dev Channel

For those who have turned the toggle on to receive the latest updates, this build re-enables Administrator protection, which aims to protect free-floating admin rights for administrator users, allowing them to still perform all admin functions with just-in-time admin privileges. This feature is off by default and can be enabled via OMA-URI in Intune or via group policy.

Other changes and improvements being gradually rolled out to the same group include the ability to use voice typing when renaming files in File Explorer, as well as a smaller peek view in the drag tray.

(Get more info about Windows 11 Insider Preview Build 26300.7965.)

Windows 11 Insider Preview Build 28020.1685

Release date: March 6, 2026

Released to: Canary Channel

For those who have turned the toggle on to receive the latest updates, this build lets you use voice typing (Windows key + H) when renaming files in File Explorer. The build also improves the reliability of removing Windows Update files and windows.old files via Settings > System > Storage.

(Get more info about Windows 11 Insider Preview Build 28020.1685.)

Windows 11 Insider Preview Build 26220.7934

Release date: Feb. 27, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build gives administrators and Application Control for Business policy authors additional controls over the processing of batch files and CMD scripts. Starting with this release, admins can enable a more secure mode for processing batch files that ensures they do not change during execution by adding a value to the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor named LockBatchFilesWhenInUse (DWORD, value 0 or 1). Policy authors can also use the LockBatchFilesWhenInUse application manifest control documented here to enable this mode.

There are a variety of other improvements being rolled out gradually, including one in which a new taskbar indicator displays while you’re sharing, giving a quick reminder that audio is still being shared. Clicking the indicator is a fast path to open sharing settings to change volume or stop sharing.

(Get more info about Windows 11 Insider Preview Build 26220.7934.)

Windows 11 Insider Preview Build 26300.7939

Release date: Feb. 27, 2026

Released to: Dev Channel

For those who opted to receive the latest updates, this build gives administrators and Application Control for Business policy authors additional controls over the processing of batch files and CMD scripts. Starting with this release, admins can enable a more secure mode for processing batch files that ensures they do not change during execution by adding a value to the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor named LockBatchFilesWhenInUse (DWORD, value 0 or 1). Policy authors can also use the LockBatchFilesWhenInUse application manifest control documented here to enable this mode.

There are a variety of other improvements being rolled out gradually, including one in which a new taskbar indicator displays while you’re sharing, offering a quick reminder that audio is still being shared. Clicking the indicator is a fast path to open sharing settings to change volume or stop sharing.

(Get more info about Windows 11 Insider Preview Build 26300.7939.)

Windows 11 Insider Preview Build 28020.1673

Release date: Feb. 27, 2026

Released to: Canary Channel

For those who have opted to receive the latest updates, this build gets a variety of new features being rolled out gradually, including one in which Quick Machine Recovery (QMR) now turns on automatically for enterprise managed Windows Professional devices, as well as Windows Professional devices that are not domain-joined. These devices receive the same recovery features available to Windows Home users. For domain-joined devices, QMR stays off unless it is enabled by the organization.

(Get more info about Windows 11 Insider Preview Build 28020.1673.)

Windows 11 Insider Preview Build 26220.7872

Release date: February 20, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build offers a variety of new features, including simplified specifications on the ‘Device info’ Card on the Settings Home page and improved mouseover animations for app groups on the taskbar.

(Get more info about Windows 11 Insider Preview Build 26220.7872.)

Windows 11 Insider Preview Build 26300.7877

Release date: February 20, 2026

Released to: Dev Channel

For those who have turned the toggle on to receive the latest updates, this build offers a variety of new features, including simplified specifications on the ‘Device info’ Card on the Settings Home page and improved mouseover animations for app groups on the taskbar.

Several bugs have also been fixed, including one in which all File Explorer open windows and tabs unexpectedly jumped to Desktop or Home.

Get more info about Windows 11 Insider Preview Build 26300.7877.)

Windows 11 Insider Preview Build 28020.1619

Release date: February 20, 2026

Released to: Canary Channel

For those who have turned the toggle on to receive the latest updates, this build offers a variety of new features, including one in which Windows Hello Enhanced Sign-in Security (ESS) supports peripheral fingerprint sensors. Previously, ESS was only available on PCs with built-in biometric sensors, but now it can be used when you plug in a supported ESS fingerprint reader.

(Get more info about Windows 11 Insider Preview Build 28020.1619.)

Optional Windows 11 Insider Preview Build 29531.1000

Release date: February 18, 2026

Released to: Canary Channel

This build is the first in a new Canary Channel optional path with a focus on platform development, which will introduce new features before the existing 28000 Canary Channel series. Microsoft recommends that most people remain on the 28000 build path, but adds that those who want to get the newest platform changes as early as possible may want to switch to this new 29500 path. Note, though, that if you switch to the 29500 path by installing this build, you won’t be able to go back to the 28000 Canary Channel series.

The build itself, in Microsoft’s words, “includes platform changes in moving to a new active development build.”

Microsoft warns, “because of the focus on platform development for this path, you may notice a temporary loss in some features that you have today. These features will return to this new active development build.”

(Get more info about Windows 11 Insider Preview Build 29531.1000.)

Windows 11 Insider Preview Build 26220.7859

Release date: February 17, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build displays an option to upgrade to a different Microsoft 365 plan on the Accounts page within the Settings app. It also rolls out fixes for several bugs, including one in which all File Explorer open windows and tabs unexpectedly jumped to Desktop or Home.

(Get more info about Windows 11 Preview Build 26220.7859.)

Windows 11 Insider Preview Builds 26100.7918 and 26200.7918

Release date: February 17, 2026

Released to: Release Preview Channel

This build gradually rolls out a variety of new features, including one in which Quick Machine Recovery (QMR) now turns on automatically for Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management. These devices receive the same recovery features available to Windows Home users. For domain‑joined or enterprise managed devices, QMR stays off unless it is enabled by the organization. The build also improves login screen reliability.

(Get more info about Windows 11 Insider Preview Builds 26100.7918 and 26200.7918.)

Windows 11 Insider Preview Build 28020.1611

Release date: February 12, 2026

Released to: Canary Channel

This build brings Sysmon functionality natively to Windows. Sysmon functionality allows you to capture system events that can help with threat detection, and you can use custom configuration files to filter the events you want to monitor. The captured events are written on the Windows event log, enabling them to be used with security applications and in a wide range of use cases.

(Get more info about Windows 11 Insider Preview Build 28020.1611.)

Windows 11 Insider Preview Build 26220.7755

Release date: February 9, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out several new features, including Emoji 16.0, which contains a new set of emojis, and the ability to directly control pan and tilt for supported cameras in the Settings app.

(Get more info about Windows 11 Insider Preview Build 226220.7755.)

Windows 11 Insider Preview Build 26300.7760

Release date: February 9, 2026

Released to: Dev Channel

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out several new features, including Emoji 16.0, which contains a new set of emojis, and the ability to directly control pan and tilt for supported cameras in the Settings app.

(Get more info about Windows 11 Insider Preview Build 26300.7760.)

Windows 11 Insider Preview Build 28020.1546

Release date: February 4, 2026

Released to: Canary Channel

This update, in the words of Microsoft, “includes a small set of general improvements and fixes that improve the overall experience for Insiders” running Windows.

It also fixes one bug that affected apps working with files stored on OneDrive or Dropbox.

(Get more info about Windows 11 Insider Preview Build 28020.1546.)

Windows 11 Insider Preview Build 26220.7752

Release date: February 3, 2026

Released to: Beta Channel

Those who have turned the toggle on to receive the latest updates get Sysmon functionality natively in Windows. Sysmon functionality allows you to capture system events that can help with threat detection, and you can use custom configuration files to filter the events you want to monitor. The captured events are written on the Windows event log, enabling them to be used with security applications and a wide range of use cases. (This feature is being gradually rolled out.)

The same group also gets a number of bug fixes being gradually rolled out, including for a File Explorer bug in which icons/tooltips for “Add to favorites” were missing.

(Get more info about Insider Preview Build 26220.7752.)

Windows 11 Insider Preview Build 26300.7733

Release date: February 3, 2026

Released to: Dev Channel

Those who have turned the toggle on to receive the latest updates get Sysmon functionality natively in Windows. Sysmon functionality allows you to capture system events that can help with threat detection, and you can use custom configuration files to filter the events you want to monitor. The captured events are written on the Windows event log, enabling them to be used with security applications and a wide range of use cases. (This feature is being gradually rolled out.)

The same group also gets a number of bug fixes being gradually rolled out, including for a File Explorer bug in which icons/tooltips for “Add to favorites” were missing.

(Get more info about Insider Preview Build 26300.7733.)

Windows 11 Insider Preview Build 28020.1495

Release date: January 28, 2025

Released to: Canary Channel

This build, in Microsoft’s words, “includes a small set of general improvements and fixes that improve the overall experience [of Windows 11].” It also fixes a variety of bugs, including one that led to the Windows Update settings page hanging when loading.

The build has two known issues, one that sometimes causes all open File Explorer windows and tabs to unexpectedly jump to Desktop or Home in File Explorer, and another in which the desktop watermark is showing the wrong build number.

(Get more info about Insider Preview Build 28020.1495.)

Windows 11 Insider Preview Builds 26100.7701 and 26200.7701

Release date: January 27, 2026

Released to: Release Preview Channel

This build gradually rolls out a variety of new features for Copilot+ PCs, including one in which Narrator gives you more control over how it announces on‑screen controls. You can choose which details are spoken and adjust their order to match how you navigate apps. These settings apply throughout the app to help reduce extra speech and make Narrator easier to follow.

The build also immediately rolls out a variety of new features for all PCs, including one in Data Protection Application Programming Interface (DPAPI) domain backup key management. Administrators can now set how often keys rotate automatically. This strengthens cryptographic security and reduces reliance on older encryption algorithms.

(Get more info about Insider Preview Builds 26100.7701 and 26200.7701.)

Windows 11 Insider Preview Build 26220.7670

Release date: January 27, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out several bug fixes, including for an issue in which the Search process was showing an icon with an X instead of a magnifying glass.

The build has five known issues, including one in which some Insiders’ apps aren’t showing in the system tray when they should be.

(Get more info about Insider Preview Build 26220.7670.)

Windows 11 Insider Preview Build 26300.7674

Release date: January 27, 2026

Released to: Dev Channel

In this build, the Dev Channel jumps ahead to receive 26300 series builds. This means that the window to switch from the Dev Channel to the Beta Channel is closed once Build 26300.7674is installed on your PC. This build for the Dev Channel is identical to the Windows 11 Build 26220.7653 release (see below).

(Get more info about Insider Preview Build 26300.7674.)

Windows 11 Insider Preview Build 26220.7653

Release date: January 21, 2026

Released to: Dev Channel

This build for the Dev Channel is identical to the January 16th Windows 11 Insider Preview Build 26220.7653 released to the Beta Channel. See the writeup below for details.

(Get more info about Windows 11 Insider Preview Build 26220.7653.)

Windows 11 Insider Preview Build 26220.7653

Release date: January 16, 2026

Released to: Beta Channel

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out several changes, including one in which you can now set .webp images for your desktop background in Settings > Personalization > Desktop Background.

The same group also gets a number of bug fixes being gradually rolled out, including for a bug in which Settings crashed when interacting with audio devices.

The build has four known issues, including one in which some Insiders’ apps aren’t showing in the system tray when they should be.

(Get more info about Windows 11 Insider Preview Build 26220.7653.)

Windows 11 Insider Preview Build 28020.1371 

Release date: January 14, 2026

Released to: Canary Channel

This build gradually rolls out a variety of bug fixes for those who have turned the toggle on to receive the latest updates, including a bug in which File Explorer showed a white flash when navigating between pages.

There is one known issue in this build: The desktop watermark shows the wrong build number.

(Get more info about Windows 11 Insider Preview Build 28020.1371.)

Windows 11 Insider Preview Build 26220.7535

Release date: January 9, 2026

Released to: Dev & Beta Channels

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out Copilot-powered image descriptions to Narrator on Copilot+ PCs, making it possible for blind and low-vision users to hear detailed, AI-generated descriptions of images, charts, and graphs.

The same group also gets a number of bug fixes being gradually rolled out, including for an issue in which File Explorer was causing explorer.exe to crash for some Insiders when invoking the context menu on the desktop.

The build has seven known issues, including one in which Settings crashes when interacting with audio devices.

(Get more info about Windows 11 Insider Preview Build 26220.7535.)

Windows 11 Insider Preview Build 26220.7523

Release date: December 19, 2025

Released to: Dev & Beta Channels

For those who have turned the toggle on to receive the latest updates, this build gradually rolls out a version of Copilot on the taskbar tailored for commercial customers. It uses Work IQ as contextual information that they can reference in their Copilot chats and with Microsoft 365 AI agents. In addition, the build introduces Agent Launchers, a new framework that enables Windows apps to register AI agents and make them discoverable across the system.

The same group also gets a number of bug fixes being gradually rolled out, including one that addresses an issue in which File Explorer showed a white flash when navigating between pages.

The build has nine known issues, including one in which opening the context menu is causing explorer.exe to crash for some Insiders.

(Get more info about Windows 11 Insider Preview Build 26220.7523.)

Windows 11 Insider Preview Build 28020.1362

Release date: December 15, 2025

Released to: Canary Channel

This build gradually rolls out several new features for Copilot+ PCs, including a streamlined design for the Click to Do context menu that makes frequently used actions like Copy, Save, Share, and Open easier to access. It also rolls out new features for all PCs, including improvements to the dark mode experience in File Explorer.

A variety of bug fixes are being gradually rolled out, including one for an issue in which Settings became unresponsive when attempting to navigate to the Network & Internet section.

(Get more info about Windows 11 Insider Preview Build 28020.1362.)

Windows 11 Insider Preview Build 28000.1340 

Release date: December 9, 2025

Released to: Canary Channel

This build has, in Microsoft’s words, a “small set of general improvements and fixes” that improve Windows. It also enables more of the new features and improvements originally released with the October non-security preview update for Windows 11.

In addition, the build fixes a bug that caused some Storage Spaces to become inaccessible or Storage Spaces Direct to fail when creating a storage cluster.

(Get more info about Windows 11 Insider Preview Build 28000.1340.)

Windows 11 Insider Preview Build 26220.7344

Release date: December 5, 2025

Released to: Dev & Beta Channels

For those who have turned the toggle on to receive the latest updates, this build offers native support for the Model Context Protocol (MCP), an open standard that gives AI agents a universal way to connect with apps, tools, and services. Agents can discover and connect to these tools and other agents via a secure, manageable Windows on-device registry (ODR). By default, all agent connectors in the Windows ODR will be contained in a secure environment with their own identity and audit trail.

In addition, Quick machine recovery (QMR) will now be turned on automatically for Windows Professional devices that are not domain joined. These devices will get the same recovery features as Windows Home users. For enterprise computers that are domain joined, nothing changes — QMR will stay off unless your organization turns it on.

Those who have turned the toggle on to receive the latest updates also get a number of bug fixes, including addressing a bug in which the search window to unexpectedly started floating above the taskbar.

The build has seven known issues, including one in which File Explorer shows a white flash when navigating between pages.

(Get more info about Windows 11 Insider Preview Build 26220.7344.)

Windows 11 Insider Preview Build 26220.7271

Release date: November 21, 2025

Released to:  Dev & Beta Channels

This build introduces several features being rolled out gradually for those who have turned the toggle on to receive the latest updates. These include point-in-time restore for Windows, which lets you to quickly roll your device back to a previous state to minimize downtime and simplify troubleshooting, and (on NPU devices) fluid dictation in voice typing, which automatically corrects grammar, punctuation, and filler words as you speak.

The build also expands the availability of the Xbox full-screen experience to additional Windows 11 PCs. You can add a controller to your PC for task switching and streamlined gaming on your desktop, laptop, or tablet.

Those who have turned the toggle on to receive the latest updates also get several bug fixes, including one that resolves a hung taskbar after receiving certain notifications.

The build has seven known issues, including one in which File Explorer shows a white flash when navigating between pages.

(Get more info about Windows 11 Insider Preview Build 26220.7271.)

Windows 11 Insider Preview Build 28000.1199

Release date: November 18, 2025

Released to: Canary Channel

This build has, in Microsoft’s words, a “small set of general improvements and fixes” that improve Windows.

(Get more info about Windows 11 Insider Preview Build 28000.1199.)

Windows 11 Insider Preview Builds 26100.7296 and 26200.7296

Release date: November 17, 2025

Released to: Release Preview Channel

This update introduces a wide range of features being rolled out gradually, including several for Copilot+ PCs, such as Windows Studio Effects, which provide AI-powered camera enhancements on an additional, alternative camera such as a USB webcam or your laptop’s built-in rear camera.

All Windows 11 PCs get a variety of new features being gradually rolled out, including Windows Hello Enhanced Sign-in Security (ESS), now supporting peripheral fingerprint sensors. Also, on PCs with the settings “quick machine recovery” and “automatically check for solutions” both enabled, Quick Machine Recovery now runs a one‑time scan by default instead of repeating scans in a loop. If a fix isn’t available right away, QMR will quickly point you to the most appropriate recovery options to get you back up and running.

A bug fix is being immediately rolled out to all PCs to address an issue that affects Local Security Authority Subsystem Service (LSASS), when LSASS could become unstable due to an access violation.

(Get more info about Windows 11 Insider Preview Builds 26100.7296 and 26200.7296.)

Windows 11 Insider Preview Build 26220.7262

Release date: November 17, 2025

Released to: Beta and Dev Channels

In this build, those who have turned the toggle on to receive the latest updates get a variety of features being gradually rolled out, including using high-definition voices for English (US) in Narrator and Magnifier that use generative AI to adjust tone and pacing for more natural, expressive speech. Also rolling out is a new “Experimental agentic features” toggle in the Settings app that enables the creation of AI agent accounts and an agent workspace, and grants agentic apps access to your Documents, Downloads, Desktop, Music, Pictures, and Videos folders. (Find out more about experimental agentic features.)

The same group also gets a variety of bug fixes rolled out gradually, including for a bug in which the Task Manager process wasn’t stopping correctly after Task Manager was closed. As a result, Task Manager might have been unexpectedly open on boot.

There are four known issues in this build, including one in which the scrollbar and footer are missing in File Explorer and when text is scaled in the dark mode version of the copy dialog.

(Get more info about Windows 11 Insider Preview Build 26220.7262.)

Windows 11 Insider Preview Build 26220.7070

Release date: November 7, 2025

Released to: Beta and Dev Channels

In this build, those who have turned the toggle on to receive the latest updates get a variety of features being gradually rolled out, including the ability to choose your default dashboard in an updated Widget Board Settings.

Everyone gets an updated Quick Machine Recovery in Windows, which makes it easier and quicker to get back to a working PC. The experience in both Windows Settings and the Windows Recovery Environment (WinRE) has been streamlined.

A variety of bug fixes are being rolled out gradually to those who have opted to receive the latest updates, including one that fixes a bug in which the “Automatically hide the taskbar” setting unexpectedly turned off after displaying a message saying, “a toolbar is already hidden on this side of your screen.”

There are five known issues in this build, including one in which the scrollbar and footer are missing in File Explorer when text is scaled in the dark mode version of the copy dialog.

(Get more info about Windows 11 Insider Preview Build 26220.7070.)

Windows 11 Insider Preview Build 28000

Release date: November 7, 2025

Released to: Canary Channel

This build has, in Microsoft’s words, a “small set of general improvements and fixes.” There are also a variety of bug fixes, including for a bug in which the credentials window was not accessible when trying to log in to Outlook.

There are two known issues in this build, one in which sleep and shutdown aren’t working correctly for some Insiders, and the other in which the new Start menu unexpectedly scrolls to the top.

(Get more info about Windows 11 Insider Preview Build 28000.)

Windows 11 Insider Preview Build 27982

Release date: November 4, 2025

Released to: Canary Channel

This build gradually rolls out several new features, including one in which you can add, remove, and rearrange lock screen widgets such as Weather, Watchlist, and Sports on the lock screen. Windows also provides suggested widgets on the lock screen. To customize your lock screen widgets, go to Settings > Personalization > Lock screen.

Also new is a “drag tray” that appears at the top of your screen when you drag a local file from File Explorer or your desktop. You can drop the file into one of the displayed apps or select More to open the Windows share window.

A variety of bugs have been fixed, including one in which if you used your PC for a while without rebooting, explorer.exe might start crashing repeatedly.

There are two known issues in this build, one in which sleep and shutdown aren’t working correctly for some Insiders, and the other in which the new Start menu unexpectedly scrolls to the top.

(Get more info about Windows 11 Insider Preview Build 27982.)

Windows 11 Insider Preview Build 26220.7051

Release date: October 31, 2025

Released to: Beta and Dev Channels

In this build, those have turned the toggle on to receive the latest updates get a variety of features being gradually rolled out, including Ask Copilot in the taskbar, which gives  you one-click access to Copilot Vision and Voice, so you can search via Copilot using text, voice, or guided support with Copilot Vision. As you type, results appear and update instantly. Turn it on by going to Settings > Personalization > Taskbar > Ask Copilot.  You can also manage whether the Copilot app launches automatically at sign-in using the “Auto start on log in” toggle in the Copilot app settings.

The same group gets a variety of bug fixes being rolled out gradually, including one to address an issue in which  interacting with a folder or its contents in Start menu could result in the folder becoming invisible.

There are four known issues in this build, including one in which the scrollbar and footer are missing in File Explorer when text is scaled in the dark mode version of the copy dialog.

(Get more info about Windows 11 Insider Preview Build 26220.7051.)

Windows 11 Insider Preview Build 26220.6982

Release date: October 24, 2025

Released to: Dev Channel

In this build, those have turned the toggle on to receive the latest updates get a variety of changes being gradually rolled out, including Copy & Search, which allows you to search the text in your clipboard with a single click. When you copy text anywhere in Windows, a paste gleam will appear in your search box. Click on this gleam and your copied text will appear in the search field, allowing you to search instantly.

The same group gets a variety of bug fixes, including one for a bug in which the search icon in File Explorer sometimes infinitely looped in an animation.

There are five known issues in this build, including one in which the scrollbar and footer are missing in File Explorer when text is scaled in dark mode version of the copy dialog.

(Get more info about Windows 11 Insider Preview Build 26220.6982.)

Windows 11 Insider Preview Build 27975 

Release date: October 23, 2025

Released to: Canary Channel

This build has, in Microsoft’s words, a “small set of general improvements and fixes” that improve Windows.

A variety of bugs have also been fixed, including one in which Settings crashed when accessing drive information under Settings > System > Storage. This also impacted accessing the drive information from the properties when you right-clicked a drive in File Explorer.

There are two known issues in this build, one in which sleep and shutdown aren’t working correctly for some Insiders, and the other in which the new Start menu unexpectedly scrolled to the top.

(Get more info about Windows 11 Insider Preview Build 27975.)

Windows 11 Builds 26100.7015 and 26200.7015

Release date: October 21, 2025

Released to: Release Preview Channel

This update includes a wide variety of new features being rolled out gradually, including a redesigned Start menu that includes a scrollable All section, has new category and grid views, and which adapts to your screen size. The build also includes new features for Click to Do, which can now translate text into other languages. File Explorer now has a recommended files feature that shows content such as files you frequently use, have recently downloaded, or have added to your File Explorer Gallery.

Two bugs are fixed in this build: one that caused an ACCESS_DENIED error when users attempted to change passwords remotely on member servers or workgroup devices, even when they had the required permissions, and another in which protected content playback failed on some machines after installing KB506408.

(Get more info about Windows 11 Insider Preview Builds 26100.7015 and 26200.7015.)

Windows 11 Insider Preview Build 26220.6972

Release date: October 17, 2025

Released to: Dev Channel

In this build, those who have turned the toggle on to receive the latest updates get a new feature being rolled out slowly, which lets you add and manage your mobile devices from Settings by navigating to “Mobile Devices” under the Bluetooth & Devices section. The page allows you to view your mobile devices, add new mobile devices, and manage features such as using your device as a connected camera or accessing your device’s files in File Explorer.

Those who have turned the toggle on to receive the latest updates get two bug fixes being rolled out slowly, one for a bug that caused File Explorer to show a Catastrophic Error (0x8000FFFF) when extracting large (1.5GB+) archive files, and another that sometimes caused an old white toolbar to randomly appear in File Explorer.

There are five known issues in this build, including one in which the scrollbar and footer are missing in File Explorer when text is scaled in the copy dialog in dark mode.

(Get more info about Windows 11 Insider Preview Build 26220.6972.)

Windows 11 Insider Preview Build 27971 

Release date: October 16, 2025

Released to: Canary Channel

In this build, the Notification Center can be used on secondary monitors. You’ll be able to see your calendar on any of your monitors and open Notification Center on any of them by clicking the date and time in the system tray of your taskbar. Note that this functionality will be rolled out gradually.

A variety of bugs have been fixed, including one in which File Explorer crashed when transferring files to a network drive.

There are three known issues in this build, including one in which sleep and shutdown aren’t working correctly for some Insiders.

(Get more info about Windows 11 Insider Preview Build 27971.)

Windows 11 Insider Preview Build 26120.6780 

Release date: October 10, 2025

Released to: Beta Channel

In this build, those with Copilot+ PCs who have turned the toggle on to receive the latest updates get a handful of changes and new features, including one in Settings in which more results appear in the search flyout and let you quickly modify the settings you’re searching for.

Those with any PCs who have turned the toggle on get several changes, including a new OneDrive icon in Accounts and Homepages in Settings, and the return of the ability to enable Administrator Protection via Windows Security under Account protection.

The same group gets a variety of bug fixes, including one for an issue in the previous flight in which File Explorer frequently crashed, and another that was causing the Start menu to unexpectedly scroll to the top when interacting with it.

There are four known issues in this build, including one in which the scrollbar and footer are missing in File Explorer when text is scaled in the copy dialog in dark mode.

(Get more info about Windows 11 Insider Preview Build 26120.6780.)

Windows 11 Insider Preview Build 26220.6780 

Release date: October 10, 2025

Released to: Dev Channel

This update is identical to Build 26120.6780 for the Beta Channel, detailed above.

(Get more info about Windows 11 Insider Preview Build 26220.6780.)

Windows 11 Insider Preview Build 27965

Release date: October 8, 2025

Released to: Canary Channel

This update introduces a new scrollable Start menu, with “All” on the top level, so apps are accessible without having to navigate to a secondary page. There are also new category and grid views to browse and launch your installed apps in the “All” section. The new menu adapts its size based on your device’s screen size.

There are also several bug fixes, including one in which the taskbar was not autohiding correctly.

There are four known issues in this build, including one in which Settings may crash when accessing drive information under Settings > System > Storage. This also impacts accessing the drive information from the properties when you right-click a drive in File Explorer.

(Get more info about Windows 11 Insider Preview Build 27965.)

Windows 11 Insider Preview Build 27959

Release date: October 6, 2025

Released to: Canary Channel

This update introduces the option to move the hardware indicators for brightness, volume, airplane mode, and virtual desktops to different positions on your screen, including the current bottom position and new top-left and top-center positions.

There are also a variety of bug fixes, including for one in which icons and text sometimes overlapped on the desktop when using increased text scaling.

There is one known issue in this build, in which sleep and shutdown aren’t working correctly for some Insiders.

(Get more info about Windows 11 Insider Preview Build 27959.)

Windows 11 Insider Preview Build 26120.6772

Release date: October 6, 2025

Released to: Beta Channel

In this build, those who have turned the toggle on to receive the latest updates get a variety of new features, including Image Object select for Click to Do in Copilot+ PCs, in which you can   hover over your image to preview selectable areas. Once selected, you can copy and paste your object into other apps or use it to kick off a chat with Copilot. Also included are improvements to dark mode for File Explorer for all PCs and the ability to use peripheral fingerprint sensors with Windows Hello. These changes are rolling out gradually.

The same group gets a variety of bugs fixed, including one in which Encrypted File System (EFS) related dialogs in File Explorer weren’t responding to increased text scaling. The bug fixes are rolling out gradually.

There are five known issues in this build, including one in which some searches may show unexpected text instead of the expected results and images.

(Get more info about Windows 11 Insider Preview Build 26120.6772.)

Windows 11 Insider Preview Build 26120.6772 

Release date: October 6, 2025

Released to: Dev Channel

This update is identical to Build 26120.6772, detailed above.

(Get more info about Windows 11 Insider Preview Build 26120.6772.)

Windows 11 Insider Preview Build 26120.6760

Release date: September 29, 2025

Released to: Beta Channel

In this build, those who have turned the toggle on to receive the latest updates get a variety of new features, including the ability to do a network speed test straight from the taskbar. You can launch it via the Wi-Fi and Cellular Quick Settings pages or by right-clicking the network icon in the system tray. The tool opens in your default browser and supports testing Ethernet, Wi-Fi, and cellular connections. It helps in assessing network performance and troubleshooting.

The same group gets a variety of bug fixes, including for an issue in which the battery icon got out of sync with the actual charging state — for example, it would show that you weren’t plugged in when you were.

Everyone in the Beta Channel gets a variety of bug fixes, including one for developers that addresses an issue in which PIX on Windows was unable to play back GPU captures. 

There are six known issues in this build, including one in which some searches may show unexpected text instead of the expected results and images.

(Get more info about Windows 11 Insider Preview Build 26120.6760.)

Windows 11 Insider Preview Build 26220.6760 

Release date: September 29, 2025

Released to: Dev Channel

This build is for those who have already upgraded to Windows 11 version 25H2.

In this build, those who have turned the toggle on to receive the latest updates get a variety of new features, including the ability to do a network speed test straight from the taskbar. You can launch it via the Wi-Fi and Cellular Quick Settings pages or by right-clicking the network icon in the system tray. The tool opens in your default browser and supports testing Ethernet, Wi-Fi, and cellular connections. It helps in assessing network performance and troubleshooting.

The same group gets a variety of bug fixes, including for an issue in which the battery icon got out of sync with the actual charging state — for example, it would show that you weren’t plugged in when you were.

Everyone in the Dev Channel gets a variety of bug fixes, including one for developers that addresses an issue in which PIX on Windows was unable to play back GPU captures. 

There are six known issues in this build, including one in which some searches may show unexpected text instead of the expected results and images.

(Get more info about Windows 11 Insider Preview Build 26220.6760.)

Windows 11 Insider Preview Build 27954

Release date: September 25, 2025

Released to: Canary Channel

This build includes, in Microsoft’s words, “a small set of general improvements and fixes that improve the overall experience for Insiders running” Windows. It also includes fixes one bug in which you might not be able to connect to shared files and folders if you were using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT) after the latest updates.

There is one known issue in this build, in which PIX on Windows is unable to play back GPU captures on this OS version. This will be addressed by a new PIX release, estimated to arrive by the end of September. In the meantime, if you are affected, you can use the “Send Feedback” button in PIX or contact Microsoft on the DirectX Discord server and get help via private builds.

(Get more info about Windows 11 Insider Preview Build 27954.)

Windows 11 Insider Preview Build 26120.6690

Release date: September 19, 2025

Released to: Beta Channel

For those who have Copilot+ PCs and have turned on a toggle to receive the latest update, this build gradually rolls out several new features, including one in which Click to Do can let users translate on-screen text with just a few clicks. 

All PCs that have turned a toggle on to receive the latest updates get a variety of bug fixes rolled out gradually, including one in which File Explorer became unresponsive if a UNC server name was directly typed into address bar. There are 10 known issues in this build, including one in which the placeholder text in the Settings search box may appear vertically misaligned.

(Get more info about Windows 11 Insider Preview Build 26120.6690.)

Windows 11 Insider Preview Build 26220.6690

Release date: September 19, 2025

Released to: Dev Channel

This build is for those who have already upgraded to Windows 11 version 25H2. 

For those who have Copilot+ PCs and have turned on a toggle to receive the latest update, this build gradually rolls out several new features, including one in which Click to Do can let you translate on-screen text with just a few clicks. 

All PCs which have turned a toggle on to receive the latest updates get a variety of bug fixes rolled out gradually, including one in which File Explorer became unresponsive if a UNC server name was directly typed into address bar. There are 10 known issues in this build, including one in which the placeholder text in the Settings search box may appear vertically misaligned.

(Get more info about Windows 11 Insider Preview Build 26220.6690.)

Windows 11 Insider Preview Build 27950

Release date: September 19, 2025

Released to: Canary Channel

This build includes, in Microsoft’s words, “a small set of general improvements and fixes that improve the overall experience for Insiders running” Windows. In addition, Advanced Settings will revert to the previous “For Developers” experience after updating to this build. 

There are also a number of bug fixes, including one in which the app preview windows in the taskbar became misaligned (away from the app icon you’d clicked / hovered over) after a display resolution change. 

There are two known issues in this build, including one for developers in which PIX on Windows is unable to play back GPU captures. This will be addressed by a new PIX release, estimated to arrive by the end of September. In the meantime, anyone impacted can use the “Send Feedback” button in PIX or contact Microsoft on the DirectX Discord server and Microsoft can help provide private builds.

(Get more info about Windows 11 Insider Preview Build 27950.)

Windows 11 Insider Preview Builds 26100.6713 and 26200.6713

Release date: September 12, 2025

Released to: Release Preview Channel

Build 26100.6713 is for those on Windows 11 24H2, and 26200.6713 is for those on Windows 25H2.

These builds gradually roll out a large number of new features, including AI actions in File Explorer for editing images or summarizing documents, and the ability to pin favorite apps in the Windows share window to quickly access them when you need them.

The builds fix several bugs immediately, including one that disrupted Windows Update for those using Windows Server Update Services (WSUS). Additionally, several bug fixes are being gradually rolled out, including for a bug in which when Windows Sandbox was enabled, the VmmemCmFirstBoot process may have consumed large amounts of CPU after login, causing your PC to become unresponsive.

(Get more info about Windows 11 Insider Preview Builds 26100.6713 and 26200.6713.)

Windows 11 Insider Preview Build 26120.6682

Release date: September 12, 2025

Released to: Beta Channel

For those who have Copilot+ PCs and have turned the toggle on to receive the latest update, this build gradually rolls out a new Copilot prompt box in Click to Do designed to streamline interaction with Microsoft Copilot.

New emoji from Emoji 16.0 are being gradually rolled out in the emoji panel for those who have turned the toggle on to receive the latest updates.

The same group also gets a variety of bug fixes rolled out gradually, including for one that caused some PCs to bug check (green screen) while hibernating, and another in which the Shared section in File Explorer Home was visible even if there was no content to display.

There are seven known issues in this build, including one in which the placeholder text in the Settings search box may appear vertically misaligned.

(Get more info about Windows 11 Insider Preview Build 26120.6682.)

Windows 11 Insider Preview Build 26220.6682

Release date: September 12, 2025

Released to: Dev Channel

This build is for those who have already upgraded to Windows 11 version 25H2.

For those who have Copilot+ PCs and have turned the toggle on to receive the latest updates, this build gradually rolls out a new Copilot prompt box in Click to Do designed to streamline interaction with Microsoft Copilot. New emoji from Emoji 16.0 are also being gradually rolled out to the same group.

The same group also gets a variety of bug fixes rolled out gradually, including for one that caused some PCs to bug check (green screen) while hibernating, and another in which the Shared section in File Explorer Home was visible even if there was no content to display.

There are seven known issues in this build, including one in which the placeholder text in the Settings search box may appear vertically misaligned.

(Get more info about Windows 11 Insider Preview Build 26220.6682.)

Windows 11 Insider Preview Build 27943

Release date: September 11, 2025

Released to: Canary Channel

This build includes, in Microsoft’s words, “a small set of general improvements and fixes that improve the overall experience for Insiders running” Windows.

There are also a number of bug fixes, including for a bug that caused Settings > System > Storage > Temporary files to get stuck when scanning files. This issue also caused the entry to clean up previous Windows Installations to not show in Storage Settings.

There are five known issues in this build, including one in which audio stops working and Device Manager shows one or more devices with a yellow exclamation mark, including “ACPI Audio Compositor” and others. Selecting Properties on these devices will show “Windows cannot load the device driver for this hardware. The driver may be corrupted or missing.”

(Get more info about Windows 11 Insider Preview Build 27943.)

Windows 11 Insider Preview Build 27938

Release date: September 8, 2025

Released to: Canary Channel

This build introduces AI actions into File Explorer. These offer new capabilities when you right-click a file, such as editing a graphic or summarizing a Word document. For now, there are four of them, all related to image files. You can perform a Bing search based on an image file, blur the background in an image, erase objects in an image, and remove the background in an image.

A number of bugs have been fixed, including one that caused Task Manager to freeze when going to the performance section, and another in which the red color used for a low space drive in This PC was unexpectedly light colored.

The build has five known issues, including one in which audio stops working and Device Manager shows one or more devices with a yellow exclamation mark.

(Get more info about Windows 11 Insider Preview Build 27938.)

Windows 11 Insider Preview Build 26120.5790 

Release date: September 5, 2025

Released to: Beta Channel

For those who have Copilot+ PCs, this build introduces fluid dictation, which makes voice-based dictation easier. It automatically corrects grammar, punctuation, and filler words as you speak, reducing the need for manual editing. In addition, being rolled out on supported Copilot+ PCs is the ability to use Studio Effect’s AI-powered camera enhancements with an additional, alternative camera — such as a USB webcam or your laptop’s built-in rear camera.

Those in the Beta Channel who have turned the toggle on to receive the latest updates get new on-hover actions in File Manager Home for faster file management.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which the right-click context menu in File Explorer sometimes unexpectedly switched back and forth between the normal initial view and “Show more options” with each right-click when certain apps were installed.

There are five known issues in this build, including one in which for some users, the Shared section in File Explorer Home may be visible even if there is no content to display.

(Get more info about Windows 11 Insider Preview Build 26120.5790.)

Windows 11 Insider Preview Build 26220.5790 

Release date: September 5, 2025

Released to: Dev Channel

This build appears to be identical to Build 26120.5790 for the Beta Channel, detailed above.

(Get more info about Windows 11 Insider Preview Build 26220.5790.)

Windows 11 version 25H2

Release date: August 29, 2025

Released to: Release Preview Channel

This is an early preview of next major Windows 11 release, version 25H2. Among its improvements is allowing IT admins to remove select pre-installed Microsoft Store apps via Group Policy/MDM CSP on Enterprise/EDU devices. Version 25H2 also removes PowerShell 2.0 and Windows Management Instrumentation command-line (WMIC) from Windows 11. 

Commercial customers enrolled in the Windows Insider Program for Business can use the release to begin validating Windows 11 25H2 on PCs in their organizations. For these customers, Windows 11 25H2 is available through Windows Update for Business (WUfB) and Windows Server Update Service (WSUS).  You can get more information about deploying prerelease feature updates using these deployment methods. 

Get more info about Windows 11 version 25H2.

Windows 11 Insider Preview Build 26120.5770

Release date: August 29, 2025

Released to: Beta Channel

For those who have Copilot+ PCs, this build introduces a new text action in Click to Do that lets you highlight any simple table from a source and immediately send it to Excel, copy, or share it, without retyping a single cell. You can do this from any document with an embedded table, such as a school calendar from a photo, a table shared over Teams in a meeting, and others.

Those in the Beta Channel who have turned the toggle on to receive the latest updates get several new features and improvements, including one in Narrator called Braille viewer that allows you to see on-screen textual and Braille representation of the output shown on a refreshable Braille display.

The same group also gets a variety of bug fixes rolled out gradually, including for a bug that caused explorer.exe to crash when using Alt + Tab for some Insiders.

There are four known issues in this build, including one in which for some users, the Shared section in File Explorer Home may be visible even if there is no content to display.

(Get more info about Windows 11 Insider Preview Build 26120.5770.)

Windows 11 Insider Preview Build 26200.5770

Release date: August 29, 2025

Released to: Dev Channel

For those who have Copilot+ PCs, this build introduces a new text action in Click to Do that lets you highlight any simple table from a source and immediately send it to Excel, copy, or share it, without retyping a single cell. You can do this from any document with an embedded table, such as a school calendar from a photo, a table shared over Teams in a meeting, and others.

Those in the Dev Channel who have turned the toggle on to receive the latest updates get several new features and improvements, including one in Narrator called Braille viewer that allows you to see on-screen textual and Braille representation of the output shown on a refreshable Braille display.

The same group also gets a variety of bug fixes rolled out gradually, including for a bug that caused explorer.exe to crash when using Alt + Tab for some Insiders.

There are four known issues in this build, including one in which for some users, the Shared section in File Explorer Home may be visible even if there is no content to display.

(Get more info about Windows 11 Insider Preview Build 26200.5770.)

Windows 11 Insider Preview Build 27934

Release date: August 29, 2025

Released to: Canary Channel

This build includes, in Microsoft’s words, “a small set of general improvements and fixes that improve the overall experience” on Windows.

There are also a number of bug fixes, including one for a bug that caused an increase in DWM crashes in the previous build (which could lead to you seeing a black flash).

There are three known issues in this build, including one in which the red color used for a low space drive in This PC may be unexpectedly light colored. Some of the other colors may also be incorrect, including that black instead of a more visible color is used for space remaining.

(Get more info about Windows 11 Insider Preview Build 27934.)

Windows 11 Insider Preview Build 26120.5761

Release date: August 22, 2025

Released to: Beta Channel

Those in the Beta Channel who have turned the toggle on to receive the latest updates get several new features rolled out gradually, including one that will let you seamlessly resume using apps from your Android phone on your Windows 11 PC, starting with the Spotify app.

The same group also gets a variety of bug fixes rolled out gradually, including one that addresses an issue in which the new “Copy current user settings to the welcome screen and system accounts” setting under Time & Language > Language & Region crashed Settings for some Insiders.

There are four known issues in this build, including one in which for some users, the Shared section in File Explorer Home may be visible even if there is no content to display.

(Get more info about Windows 11 Insider Preview Build 26120.5761.)

Windows 11 Insider Preview Build 26200.5761

Release date: August 22, 2025

Released to: Dev Channel

Those in the Dev Channel who have turned the toggle on to receive the latest updates get several new features rolled out gradually, including one that will let you seamlessly resume using apps from your Android phone on your Windows 11 PC, starting with the Spotify app.

The same group also gets a variety of bug fixes rolled out gradually, including one that addresses an issue in which the new “Copy current user settings to the welcome screen and system accounts” setting under Time & Language > Language & Region crashed Settings for some Insiders.

There are four known issues in this build, including one in which for some users, the Shared section in File Explorer Home may be visible even if there is no content to display.

(Get more info about Windows 11 Insider Preview Build 26200.5761.)

Windows 11 Insider Preview Build 27928

Release date: August 20, 2025

Released to: Canary Channel

This build includes a variety of minor changes, including moving time and language settings from Control Panel to Settings. For instance, you can change your time server in Settings > Time & language > Date & time under “Additional settings.”

A number of bugs have also been fixed, including one in which File Explorer preview windows sometimes appeared when hovering over unrelated app icons in the taskbar.

There are four known issues in this build, including one in which launching cmd non-elevated from the Run dialog may open in Windows Console Host rather than Windows Terminal, even if Windows Terminal is your default terminal app. If you’re experiencing this, you can type wt into Run to launch Windows Terminal directly.

(Get more info about Windows 11 Insider Preview Build 27928.)

Windows 11 Insider Preview Build 26120.5751

Release date: August 15, 2025

Released to: Beta Channel

This build introduces new selection modes in Click to Do for those with Copilot+ PCs. The new modes allow you to select multiple different entity types in a single gesture.

Those in the Beta Channel who have turned the toggle on to receive the latest updates get a variety of new features rolled out gradually, including one that updates the “Open with” section of the File Explorer context menu when right-clicking a file to remove the accent colored backplate behind packaged app icons in the list (for example, for Snipping Tool). The icons should now be bigger and easier to see.

The same group gets a variety of bug fixes rolled out gradually, including one for an issue in which the “Hide this pane” option for the mobile device companion for the Start menu was difficult to see if a custom accent color had been enabled.

There are five known issues in this build, including one in which some Windows Insiders may experience a rollback trying to install this update with a 0x80070005 in Windows Update.

(Get more info about Windows 11 Insider Preview Build 26120.5751.)

Windows 11 Insider Preview Build 26200.5751

Release date: August 15, 2025

Released to: Dev Channel

This build introduces new selection modes in Click to Do for those with Copilot+ PCs. The new modes allow you to select multiple different entity types in a single gesture.

Those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of new features rolled out gradually, including one that updates the “Open with” section of the File Explorer context menu when right-clicking a file to remove the accent colored backplate behind packaged app icons in the list (for example, for Snipping Tool). The icons should now be bigger and easier to see.

The same group gets a variety of bug fixes rolled out gradually, including one for an issue in which the “Hide this pane” option for the mobile device companion for the Start menu was difficult to see if a custom accent color had been enabled.

There are six known issues in this build, including one in which some Windows Insiders may experience a rollback trying to install this update with a 0x80070005 in Windows Update. 

(Get more info about Windows 11 Insider Preview Build 26200.5751.)

Windows 11 Insider Preview Build 27924

Release date: August 14, 2025

Released to: Canary Channel

This build includes a variety of new features for Copilot+ PCs being rolled out gradually, including previews of Recall and Click-to-Do, as well as an improved Windows Search, agents to make it easier to make changes in Settings, and live captions with real-time translation.

In addition, all PCs get new advanced settings available via Settings > System > Advanced. Notable among the additions are a new Advanced page for fine-grained control.

There are also several bug fixes, including for a bug in which Remote Desktop only used your primary monitor even if it was configured to use multiple monitors.

There are six known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27924.)

Windows 11 Insider Preview Build 26100.5061 (KB5064081)

Release date: August 14, 2025

Released to: Release Preview Channel

This build gradually rolls out a large number of new features, including one for Copilot+ PCs in which Windows Recall opens to a personalized homepage that shows you your recent activity and top-used apps and websites, making it easy to pick up where you left off.

The build also fixes several bugs, including one that prevented some system recovery features from working properly due to a temporary file sharing conflict. This affected certain device management tools and disrupted key functions on some devices.

(Get more info about Windows 11 Insider Preview Build 26100.5061.)

Windows 11 Insider Preview Build 27919

Release date: August 8, 2025

Released to: Canary Channel

This build brings several Windows Search settings into a single page, via Settings > Privacy & security > Search. It also fixes a variety of bugs, including one in which File Explorer sometimes crashed when trying to view the digital signatures tab in the properties for a file.

There are six known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27919.)

Windows 11 Insider Preview Build 26200.5742

Release date: August 8, 2025

Released to: Dev Channel

Those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of changes being gradually rolled out, including one in which the mobile device companion gets an updated layout that lets you access more information from Start. You can now scroll to access more recent activity items, including messages, calls, photos, mobile app updates and more.

In addition, the same group gets a variety of bug fixes rolled out gradually, including for a bug in which the tooltips in File Explorer unexpectedly stayed visible.

There are nine known issues in this build, including one in which in dark mode, the colors for certain items may be incorrect — for example, the red color used for a low-space drive in This PC may be unexpectedly light colored.

(Get more info about Windows 11 Insider Preview Build 26200.5742.)

Windows 11 Insider Preview Build 26120.5742

Release date: August 8, 2025

Released to: Beta Channel

Those in the Beta Channel who have turned the toggle on to receive the latest updates get a variety of new features rolled out gradually, including one in which six time and language settings are being moved from Control Panel to Settings.

The same group also gets a variety of bug fixes rolled out gradually, including for a bug in which the tooltips in File Explorer sometimes unexpectedly stayed visible.

There are seven known issues in this build, including one in which live captions sometimes crash when you attempt to use live translation on a Copilot+ PC.

(Get more info about Windows 11 Insider Preview Build 26120.5742.)

Windows 11 Insider Preview Build 26120.5733 

Release date: August 1, 2025

Released to: Beta Channel

For Insiders in the Beta Channel who are signed in with a work or school account (Entra ID) and have turned the toggle on to receive the latest updates, File Explorer will begin showing people icons under the “Activity” column on File Explorer Home and on “Recommended” at the top of File Explorer Home. When you hover or click over a people icon, it will display the Live Persona Card for that person from Microsoft 365.

Those in the Beta Channel who have turned the toggle on to receive the latest updates also get a variety of bug fixes rolled out gradually, including one that addresses an issue that caused the Start menu to crash for some Insiders.

There are seven known issues in this build, including one in which live captions sometimes crash when you attempt to use live translation on a Copilot+ PC.

(Get more info about Windows 11 Insider Preview Build 26120.5733.)

Windows 11 Insider Preview Build 26200.5733

Release date: August 1, 2025

Released to: Dev Channel

For Insiders in the Dev Channel who are signed in with a work or school account (Entra ID) and have turned the toggle on to receive the latest updates, File Explorer will begin showing people icons under the “Activity” column on File Explorer Home and on “Recommended” at the top of File Explorer Home. When you hover or click over a people icon, it will display the Live Persona Card for that person from Microsoft 365.

In addition, those in the Dev Channel who have opted to receive the latest updates get a variety of bug fixes rolled out gradually, including one that addresses an issue that caused the Start menu to crash for some Insiders.

There are nine known issues in this build, including one in which in dark mode, the colors for certain items may be incorrect — for example, the red color used for a low-space drive in This PC may be unexpectedly light colored.

(Get more info about Windows 11 Insider Preview Build 26200.5733.)

Windows 11 Insider Preview Build 27913

Release date: July 30, 2025

Released to: Canary Channel

This build, according to Microsoft, “includes a small set of general improvements and fixes that improve the overall experience for Insiders running this build on their PCs.”

It also fixes a variety of bugs, including one in Settings in which the Windows Vista boot sound was unexpectedly being used instead of the Windows 11 boot sound.

There are two known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27913.)

Windows 11 Insider Preview Build 26120.5722 

Release date: July 28, 2025

Released to: Beta Channel

In this build, AMD- and Intel-powered Copilot+ PCs get a new AI-based agent that will change your settings when you ask it to customize your PC in some way. You can describe what you need help with, such as “how to control my PC by voice” or “my mouse pointer is too small,” and the agent will recommend the right steps you can take to address the issue. The agent uses AI to understand your intent, and with your permission, it automates and executes tasks on your behalf. It works only if your primary display language is set to English.

In addition, those in the Beta Channel who have turned the toggle on to receive the latest updates get several new features rolled out gradually, including one in which Windows can apply enterprise pins more quickly to the taskbar when initiated by the IT admins. It reduces the gap between an IT admin applying the pinning policy and when their users see a pin on their taskbar. Today, the policy only applies when Explorer restarts. With this change, the gap is only up to ~8 hours (policy refresh interval) and sidesteps the Explorer restart requirement.

The same group also gets a variety of bug fixes rolled out gradually, including one that addresses problems (such as not supporting the swipe-up gesture) with using touch to navigate the new Start menu.

Everyone in the Beta Channel gets a single fix for a bug in which external graphics cards connected over Thunderbolt were unexpectedly not discoverable in some cases.

There are four known issues in this build, including one in which live captions sometimes crash when you attempt to use live translation on a Copilot+ PC.

(Get more info about Windows 11 Insider Preview Build 26120.5722.)

Windows 11 Insider Preview Build 26200.5722 

Release date: July 28, 2025

Released to: Dev Channel

This build is identical to Build 26120.5722 for the Beta Channel. See the listing above for details.

(Get more info about Windows 11 Insider Preview Build 26200.5722.)

Windows 11 Insider Preview Build 27909

Release date: July 25, 2025

Released to: Canary Channel

This build, according to Microsoft, “includes a small set of general improvements and fixes that improve the overall experience for Insiders running this build on their PCs.”

It also fixes a variety of bugs, including one in Settings in which the the battery percentage was missing from the top of System > Power & Battery.

There are five known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27909.)

Windows 11 Insider Preview Build 26120.4741

Release date: July 18, 2025

Released to: Beta Channel

In this build, AMD- and Intel-powered Copilot+ PCs get a new “describe image” action in Click to Do that shows detailed descriptions of images, charts, and graphs, offering a quick overview of the visual content. Snapdragon-powered Copilot+ PCs received the feature previously.

In addition, those in the Beta Channel who have turned the toggle on to receive the latest updates get several new features rolled out gradually, including one in which you can more easily find and use lock screen widgets. The feature can be enabled or disabled with the Discover widgets toggle under Settings > Personalization > Lock screen.

The same group also gets two bug fixes rolled out gradually, including for a bug in which Notification Center content sometimes got clipped if you’d enabled the clock in Notification Center.

There are eight known issues in this build, including one in which using touch to navigate the new Start menu may not work reliably. For example, it currently does not support the swipe-up gesture.

(Get more info about Windows 11 Insider Preview Build 26120.4741.)

Windows 11 Insider Preview Build 26200.5710

Release date: July 18, 2025

Released to: Dev Channel

In this build, AMD- and Intel-powered Copilot+ PCs get a new “describe image” action in Click to Do that shows detailed descriptions of images, charts, and graphs, offering a quick overview of the visual content. Snapdragon-powered Copilot+ PCs have already received the feature.

Those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of new features rolled out gradually, including one that offers suggestions to help you discover new widgets. The feature can be enabled or disabled using the Discover widgets toggle under Settings > Personalization > Lock screen.

In addition, a variety of bug fixes are being rolled out gradually to the same group, including one that fixes an underlying issue with dbgcore.dll, which led to explorer.exe and some other apps crashing.

There are eight known issues in this build, including one in which multiple error pop-ups about unexpected elements may appear when opening Group Policy Editor.

(Get more info about Windows 11 Insider Preview Build 26200.5710.)

Windows 11 Insider Preview Build 27902

Release date: July 17, 2025

Released to: Canary Channel

This build, according to Microsoft, “includes a small set of general improvements and fixes that improve the overall experience for Insiders running this build on their PCs.”

It also fixes two bugs, including one in which the Camera app got stuck on some PCs after switching between front and back camera.

There are six known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27902.)

Windows 11 Insider Preview Build 26200.5702

Release date: July 14, 2025

Released to: Dev Channel

In this build, Snapdragon-powered Copilot+ PCs get a new “describe image” action in Click to Do, which shows detailed descriptions of images, charts and graphs, offering a quick overview of the visual content. Support for AMD and Intel-powered Copilot+ PCs will be coming soon.

In addition, those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of bug fixes rolled out gradually, including Administrator protection, a security feature that aims to protect free floating admin rights for administrator users allowing them to still perform all admin functions with just-in-time admin privileges. This feature is off by default and needs to be enabled via Windows Security under Account protection or via group policy.

The same group gets a variety of bug fixes rolled out gradually, including one for a bug that caused random File Explorer preview windows to appear when hovering over unrelated app icons in the taskbar.

There are eight known issues in this build, including one in which multiple error pop-ups about unexpected elements may appear when opening Group Policy Editor.

(Get more info about Windows 11 Insider Preview Build 26200.5702.)

Windows 11 Insider Preview Build 26120.4733

Release date: July 14, 2025

Released to: Beta Channel

In this build, Snapdragon-powered Copilot+ PCs get a new “describe image” action in Click to Do, which shows detailed descriptions of images, charts, and graphs, offering a quick overview of the visual content. Support for AMD and Intel-powered Copilot+ PCs will be coming soon.

In addition, those in the Beta Channel who have turned the toggle on to receive the latest updates get a variety of bug fixes rolled out gradually, including Administrator protection, a security feature that aims to protect free floating admin rights for administrator users, allowing them to still perform all admin functions with just-in-time admin privileges. This feature is off by default and needs to be enabled via Windows Security under Account protection or via group policy.

A variety of bug fixes are being rolled out gradually to the same group, including one that addresses an issue in which app updates sometimes caused the icons for app shortcuts pinned to the desktop to become white pages rather than proper thumbnail images.

There are eight known issues in this build, including one in which using touch to navigate the new Start menu may not work reliably. For example, it currently does not support the swipe-up gesture.

(Get more info about Windows 11 Insider Preview Build 26120.4733.)

Windows 11 Insider Preview Build 27898

Release date: July 11, 2025

Released to: Canary Channel

This build introduces Quick machine recovery, a feature introduced as part of the Windows Resiliency Initiative at Ignite 2024. When enabled, it automatically detects and fixes widespread issues on Windows 11 devices using the Windows Recovery Environment (WinRE). This reduces downtime and avoids the need for manual fixes. If a device experiences a widespread boot issue, it enters WinRE, connects to the internet, and Microsoft can deliver a targeted fix through Windows Update. IT admins can enable or customize this experience for their organization through the Intune Settings Catalog UI using the RemoteRemediation CSP.

There are five known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27898.)

Windows 11 Insider Preview Build 26100.4762 (KB5062660)

Release date: July 10, 2025

Released to: Release Preview Channel

This build gradually rolls out a number of new features, including one for admins in which the Configure Start Pins policy now includes an option to apply Start menu pins only once. This means users will receive the admin Start menu pins on their first sign-in (day 0), but afterward can personalize their pinned layout, and those changes will be retained. This policy can also be applied through group policy, in addition to the existing Configuration Service Provider (CSP).

In addition, several bug fixes are being immediately rolled out, including one that addresses an issue in which File Explorer Home unexpectedly displayed only a single folder (for example, Desktop), rather than the expected content with recent files.

(Get more info about Windows 11 Insider Preview Build 26100.4762.)

Windows 11 Insider Preview Build 27891 

Release date: July 3, 2025

Released to: Canary Channel

In this build, Windows PowerShell 2.0 has been removed. A number of bugs have also been fixed, including one in which the “Reset this PC” option under Settings > System > Recovery did not work.

There are three known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27891.)

Windows 11 Insider Preview Build 26120.4520

Release date: June 27, 2025

Released to: Beta Channel

Those in the Beta Channel who have turned the toggle on to receive the latest updates get new features being rolled out gradually, including 1Password passkey integration in beta.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which File Explorer Home crashed, potentially also making File Explorer crash on launch, since Home is the default section for File Explorer.

There are seven known issues in this build, including one in which using touch to navigate the new Start menu may not work reliably. For example, it currently does not support the swipe-up gesture.

(Get more info about Windows 11 Insider Preview Build 26120.4520.)

Windows 11 Insider Preview Build 26200.5670

Release date: June 27, 2025

Released to: Dev Channel

Those in the Dev Channel who have turned the toggle on to receive the latest updates get new features being rolled out gradually, including 1Password passkey integration in beta.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which File Explorer Home crashed, potentially also making File Explorer crash on launch, since Home is the default section for File Explorer.

Everyone in the Dev Channel gets two bug fixes, including one that addresses the Windows Vista boot sound playing instead of the Windows 11 boot sound.

There are seven known issues in this build, including one in which using touch to navigate the new Start menu may not work reliably. For example, it currently does not support the swipe-up gesture.

(Get more info about Windows 11 Insider Preview Build 26200.5670.)

Windows 11 Insider Preview Build 26120.4452

Release date: June 23, 2025

Released to: Beta Channel

In this build, Copilot+ PCs get a new Windows Recall homepage, which shows you your most recent snapshots so you can quickly return to what you were previously doing, and also displays the top three apps and websites you have spent the most time on in the past 24 hours.

In addition, those in the Beta Channel who have turned the toggle on to receive the latest updates get new features being rolled out gradually, including the option to move the hardware indicators for brightness, volume, airplane mode, and virtual desktops to different positions on your screen.

Some additional improvements are being gradually rolled out to the same group, including the addition of a Boolean to the Configure Start Pins policy to allow admins to apply Start menu pins once. This means that a user will receive admin pins on day 0 but can then make any changes to their Start pinned layout and have those safeguarded. These changes can be optionally applied through the existing configuration service provider (CSP).

A handful of bug fixes are rolling out to the same group, including one that addresses an issue in which File Explorer Home only showed a single folder (like Desktop) and nothing else for some people.

Several bugs have been fixed for everyone in the Beta Channel, including one in which the Windows Vista boot sound played instead of the Windows 11 boot sound.

There are 10 known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26120. This will not prevent you from getting future Beta Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26120.4452.)

Windows 11 Insider Preview Build 26200.5661

Release date: June 23, 2025

Released to: Dev Channel

In this build, Copilot+ PCs get a new Windows Recall homepage, which shows you your most recent snapshots so you can quickly return to what you were previously doing, and also displays the top three apps and websites you have spent the most time on in the past 24 hours.

In addition, those in the Dev Channel who have turned the toggle on to receive the latest updates get new features being rolled out gradually, including the option to move the hardware indicators for brightness, volume, airplane mode, and virtual desktops to different positions on your screen.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which the File Explorer Home only showed a single folder (like Desktop) and nothing else for some people.

Everyone in the Dev Channel gets several bug fixes, including for one in which the Windows Vista boot sound played instead of the Windows 11 boot sound.

There are 10 known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26200. This will not prevent you from getting future Dev Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26200.5661.)

Windows 11 Insider Preview Build 27881 

Release date: June 19, 2025

Released to: Canary Channel

This build introduces speech recapto Narrator. It lets you keep track of what Narrator has said and offers access to it for quick reference. With it, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said, using keyboard shortcuts.

A number of bugs have also been fixed, including one in which File Explorer crashed when the user tapped the View button using touch.

There are four known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27881.)

Windows 11 Insider Preview Build 26100.4482 (KB5060829)

Release date: June 19, 2025

Released to: Release Preview Channel

This build gradually rolls out a number of new features, including automatic icon resizing in the taskbar to fit more apps, and a new Screen Curtain feature that blacks out the screen while Narrator reads content aloud. Also new is the ability add custom words to the dictionary in voice access.

In addition, several bug fixes are being immediately rolled out, including one that improves the Copilot key’s reliability and resolves an issue that prevented users from restarting Copilot after using the key.

(Get more info about Windows 11 Insider Preview Build 26100.4482.)

Windows 11 Insider Preview Build 26120.4441

Release date: June 13, 2025

Released to: Beta Channel

In this build, those with Copilot+ PCs in the European Economic area get the option to export their Recall snapshots to be shared with third-party apps and websites. When they open Recall for the first time and opt into saving snapshots, they will be shown their unique Recall export code. The Recall export code will be needed if they ever choose to export their Recall snapshots to share with a trusted app or website in the future.

Those in the Beta Channel who have turned the toggle on to receive the latest updates get a variety of new features being gradually rolled out, including a bigger clock with seconds in the notification center.

The same group also gets a variety of bug fixes rolled out gradually, including one for an issue in which folders opened outside of File Explorer would open it in a new File Explorer tab, but the tab wasn’t put in focus.

There are nine known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26120. This will not prevent you from getting future Beta Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26120.4441.)

Windows 11 Insider Preview Build 26200.5651

Release date: June 13, 2025

Released to: Dev Channel

In this build, Copilot+ PCs get agents that can help make it easier to find and change settings on PCs. Rather than dig through settings, you’ll be able to simply describe what you need help with like, “how to control my PC by voice” or “my mouse pointer is too small” and an agent will recommend the right steps you can take to address the issue.

In addition, those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of new features being gradually rolled out, including a bigger clock with seconds in the notification center.

The same group also gets a variety of bug fixes rolled out gradually, including one for an issue in which folders opened outside of File Explorer would open it in a new File Explorer tab, but the tab wasn’t put in focus.

There are 13 known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26200. This will not prevent you from getting future Dev Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26200.5651.)

Windows 11 Insider Preview Build 26120.4250 

Release date: June 9, 2025

Released to: Beta Channel

Those in the Beta Channel who have turned the toggle on to receive the latest updates get a variety of new features being gradually rolled out, including a larger scrollable Start menu. The menu automatically resizes itself according to the size of your screen, and offers two views, category and grid. In addition, the “Search permissions” and “Searching Windows” settings pages have been combined so you can access all the Windows Search settings under a single page via Settings > Privacy & security > Search.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which input did not work for some Insiders, including when typing into Search, and with the Chinese pinyin IME candidate window, clipboard history, and the emoji panel.

For everyone in the Beta Channel, the build fixes a bug in which some people might have seen severe discoloration when connecting their PC to some older Dolby Vision displays.

There are nine known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26120. This will not prevent you from getting future Beta Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26120.4250.)

Windows 11 Insider Preview Build 26200.5641

Release date: June 9, 2025

Released to: Dev Channel

Those in the Dev Channel who have turned the toggle on to receive the latest updates get a variety of new features being gradually rolled out, including a larger scrollable Start menu. The menu automatically resizes itself according to the size of your screen, and offers two views, category and grid. In addition, the “Search permissions” and “Searching Windows” settings pages have been combined so you can access all the Windows Search settings under a single page via Settings > Privacy & security > Search.

The same group also gets a variety of bug fixes rolled out gradually, including one for a bug in which input did not work for some Insiders, including when typing into Search, and with the Chinese pinyin IME candidate window, clipboard history, and the emoji panel.

For everyone in the Dev Channel, the build fixes a bug in which some people might have seen severe discoloration when connecting their PC to some older Dolby Vision displays.

There are 12 known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26200. This will not prevent you from getting future Dev Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26200.5641.)

Windows 11 Insider Preview Build 27871 

Release date: June 4, 2025

Released to: Canary Channel

In this build, IT administrators can use Microsoft Intune to control the energy saver settings on Windows 11 PCs through group policies and MDM configurations.

A number of bugs have also been fixed, including one in which when Virtualization Based Security was enabled, applications dependent on virtualization, such as VMware Workstation, lost the ability to run unless the “Windows Hypervisor Platform” Windows optional component was installed on the system.

There are two known issues in this build, including one in which if you are joining the Canary Channel on a new Copilot+ PC from the Dev Channel, Release Preview Channel, or retail, you will lose Windows Hello PIN and biometrics to sign into your PC. You should be able to re-create your PIN by clicking Set up my PIN.

(Get more info about Windows 11 Insider Preview Build 27871.)

Windows 11 Insider Preview Build 26120.4230 

Release date: June 2, 2025

Released to: Beta Channel

Those in the Beta Channel who have turned the toggle on to receive the latest updates get a new dedicated settings page for quick machine recovery, which can be found under System > Recovery > Quick machine recovery. This makes it easier to manage recovery options directly from Settings. This is being gradually rolled out.

A variety of bug fixes are being rolled out gradually to the same group, including one addressing a bug that caused File Explorer to crash performing various actions, such as when deleting files. 

For everyone in the Beta Channel, a bug is fixed in which when Virtualization Based Security was enabled, applications dependent on virtualization, such as VMware Workstation, would lose the ability to run unless the “Windows Hypervisor Platform” Windows optional component is installed on the system.

There are nine known issues in this build, including one in which after you do a PC reset under Settings > System > Recovery, your build version may incorrectly show as Build 26100 instead of Build 26120. This will not prevent you from getting future Beta Channel updates, which will resolve this issue.

(Get more info about Windows 11 Insider Preview Build 26120.4230.)

Windows 11 Insider Preview Build 26200.5622 

Release date: June 2, 2025

Released to: Dev Channel

In this build, those with Copilot+ PCs get a new action in Click to Do, Draft with Copilot in Word. Select text, press the Windows key and click simultaneously, and choose Draft with Copilot in Word. Copilot will create an initial draft based on the text.

Those in the Dev Channel who have turned the toggle on to receive the latest updates get new features being rolled out gradually, including quick machine recovery, designed to help Windows 11 devices recover from widespread boot issues by applying remediations through the Windows Recovery Environment (WinRE).

The same group also gets several bug fixes, including for an issue in which File Explorer crashed when performing various actions, such as deleting files.

There are eight known issues in this build, including one in which taskbar icons may appear small even though the setting to show smaller taskbar buttons is configured as “never.”

(Get more info about Windows 11 Insider Preview Build 26200.5622.)

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 is tracking the threat activity under the moniker CL-STA-1087, where CL refers to cluster, and STA stands for state-backed motivation. "The activity demonstrated strategic operational patience and Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Poland's National Centre for Nuclear Research (NCBJ) says hackers targeted its IT infrastructure, but the attack was detected and blocked before causing any impact. [...]

Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. "If you have chats that are impacted by this change, you will see instructions on how you can download any media or messages you may want to keep," the social media giant said in a help document. "If you're on an older version of Instagram, you may also need to update the Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

It’s all change at the top for Adobe as CEO Shantanu Narayen is stepping down after 18 years. He will relinquish the role as soon as a successor has been found, although he will continue to serve as Chairman

Narayen left as the company posted record revenue of $6.4 billion in its first quarter, with the company highlighting its AI capabilities. 

Adobe’s lead independent board director, Frank Calderoni, thanked Narayen in a written statement.

“On behalf of the Board, I want to recognize Shantanu’s contributions as CEO and architect of Adobe’s transformation over the past 18 years, and for positioning Adobe for success in the AI-driven era,” he said.

Success in the AI-driven era is not a given, though, and there are concerns whether Adobe can maintain its position in the light of advances in AI according to analysts quoted in a Bloomberg report on Adobe’s results. Grace Harmon of Emarketer told Bloomberg, “Investors will likely focus on whether incoming leadership maintains a balance between disciplined execution and aggressive AI investment, especially as competition in creative and enterprise AI intensifies.”