Kategorie

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]

Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. [...]

The US government will take equity stakes worth a total of $2 billion in a slew of quantum computing companies, including a startup backed by a firm with links to the Trump family and one taken public by a Pentagon official.

The announcement by the commerce department that it had signed letters of intent with nine companies—including GlobalFoundries and IBM—sent shares in quantum specialists soaring on Thursday.

Both IBM, which is set to get $1 billion, and GlobalFoundries, which will receive $375 million, were up more than 6 percent in pre-market trading. D-Wave Quantum, an awardee that was taken public in 2022 by Emil Michael—now a top Pentagon official—was up more than 20 percent.

Read full article

Comments

A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]

Microsoft this week refreshed its Surface for Business range of devices, adding features designed to appeal to enterprises. But high prices for the devices might be hard for IT buyers to swallow.

Microsoft announced a new Surface Pro for Business on Tuesday, alongside two variants of its Surface Laptop for Business devices – a premium model available in 13.8- and 15-in. versions and a lower-cost 13-in. option that Microsoft describes as its “entry-premium tier.”  

“The new Surface products use the latest Intel Core Ultra Series 3 processors and are very focused on features that business users will appreciate,” said Tom Mainelli, group vice president for IDC’s device and consumer research. He noted that an optional integrated privacy screen with anti-glare on the 13.8-in. model would likely appeal to frequent travelers, for instance. 

“I’m also happy to see a 5G option on the Surface Pro for Business,” Mainelli said. “Overall, the specs on offer here are compelling.”

Microsoft plans to add the option for Snapdragon X2 processors “later this year.”

The 13-in. Surface Laptop for Business is available with 16GB and 24GB of RAM and starts at $1,499 — with an 8GB option available later this year for $1,299. It includes a removable “Gen4 SSD “designed for enterprise serviceability,” Microsoft said.

The 13.8- and 15-in. Surface Laptop for Business devices start at $1,949 and also feature a haptic touch pad. 

“From window snapping and resizing to dragging, dropping and navigating content, haptics reinforce intent across the operating system and through select third-party apps [deliver] a more precise, responsive and confidence inspiring experience,” Nancie Gaskill, vice president, Surface Business at Microsoft, blog post.

The launch of the business-focused devices follows a recent price hike for the rest of the Surface line-up, likely due to the ongoing memory chip shortage; the price tag for the Surface for Business also reflects the challenge PC manufacturers face in keeping costs down. 

“Skyrocketing memory costs mean higher system prices, and that’s reflected in this Surface lineup,” said Mainelli. “I don’t see it as a strategic move by Microsoft to move further upmarket, but a simple reflection of the bill of materials.” 

Rising prices could create uncertainty for IT buyers when upgrading corporate fleets. 

“Enterprise buyers are facing difficult choices as they try to stay ahead of their refresh cycles amid rising costs and static hardware budgets,” said Mainelli. “Some may consider pausing purchases in hopes that prices will fall back, but we see no evidence that this will happen any time soon.

“We continue to recommend that companies buy what they can, as extending hardware lifetimes too far can lead to productivity and security headaches.” 

This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust. That is what makes it worrying. The danger is in normal things now - updates, apps, cloud buttons, support chats, trusted accounts. AI Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges. "Improper link resolution before file access ('link following') in Microsoft Defender

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges. "Improper link resolution before file access ('link following') in Microsoft Defender Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have opened a path to some 98% of entities in the company's cloud

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have opened a path to some 98% of entities in the company's cloud [email protected]

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case of improper privilege management that could permit an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Google has only one way to measure the phenomenal AI growth it’s seen: in tokens.

The company processes 3.2 quadrillion tokens per month, Google CEO Sundar Pichai said during this week’s I/O keynote, adding, “never imagined I’d say quadrillion…, but here we are.”

Basically, tokens are a unit of measure used by large language models (LLMs) to process data.

Tokens, which have been called the “new oil” fueling the AI revolution, are also a way AI vendors can meter usage and price their services. Enterprises are lusting for tokens, and spending billions of them to grab compute time.

As with oil, the demand for tokens is seemingly insatiable — and it is straining an already short GPU supply, which in turn is increasing the cost of running AI tools.

What exactly is a token?

Similar to the way humans think, LLMs grasp the meaning of a sentence by breaking words down into tokens. Pichai described them as “the fundamental units of data our models process, many representing a problem being solved.”

The fundamental unit could be in the form of a word, a sub-word, or a string of letters, symbols, or phrases. Compound words can be split into multiple tokens.

For example, the prompt “I am running after a car” could generate “run” as one token and “ing” as the second token because it changes the meaning of the sentence. “Car” would be its own token.

“On average, one token is about three-quarters of a word, so 100 words works out to roughly 135 tokens,” said Deepak Seth, senior director analyst at Gartner.

Token prices can vary

Not all tokens are priced the same. An uploaded token to an AI system is cheaper, while downloaded tokens are more expensive. A user, for instance, might pay to upload a resume, then pay even more to download the resume polished by an LLM.

“The upload cost is less expensive than the download cost because the AI has done some work,” explained Max Leaming, head of data science and AI solutions at ManpowerGroup.

Token-based pricing is mainly used for enterprises and power users such as coders. Anthropic’s Claude Code and OpenAI’s Codex are priced in tokens, and Microsoft’s GitHub is adopting a form of token-based pricing starting June 1.

The final AI bill includes the costs of tokens and computing expenses (such as GPU time).

ManpowerGroup pays the token cost to the model provider, Leaming said, while compute costs ring up in parallel. (The company uses Microsoft Azure, which offers multiple LLMs, with Snowflake as its database.)

Some LLMs can be smarter and token friendly

Some AI models give better responses, which might represent a more efficient use of a token budget. Pichai said Google’s new Gemini 3.5 Flash — which is priced in tokens — delivers “frontier-level capabilities at less than half the price of comparable frontier models.

“We’ve heard that many companies are already blowing through their annual token budgets…,” Pichai said. “If companies use a mix of [Gemini 3.5] Flash and other frontier models, they could save a lot of money.”

Prompt efficiency matters

Using tokens inefficiently is wasteful spending, Gartner’s Seth said. One coder might use up 10,000 tokens to get his or her work done, while another might use only 1,000. But there’s no tool to measure efficiency, Seth said.

“Some companies are moving towards outcome-based pricing because when people start realizing the real cost of tokens, companies will start looking at token efficiency,” Seth said.

With that in mind, ManpowerGroup developed a dashboard that cuts the steps for clients to get data, Leaming said. New users to an internal labor-market data tool initially needed 10 follow-up questions to drill into a query. A year later, those same users averaged four follow-ups.

“They’re using fewer tokens and they’re simply more efficient,” he said. “And that, in large part, has to do with your ability to prompt efficiently.”

But there’s a flip side. AI tools such as Anthropic’s controversial Mythos LLM — which isn’t available publicly yet — might be priced astronomically high, though its superior reasoning could make it more efficient.

“Even though the per-token costs may go up, we may see overall costs go down,” Leaming said.

AI vendors and the ‘drug dealer strategy’

Top AI vendors are spending trillions to build out AI infrastructures, but they’re not charging enough on tokens, Seth said. “I feel like the OpenAIs, the Googles and the Anthropics of the world are following a drug dealer strategy: Get people addicted to AI, and then raise the price of a token,” he said.

AI vendors could also use free tokens as a way to lock in customers, Leaming said. Free tokens from AI vendors could incentivize companies to build processes and workflows around proprietary LLMs and agents. And as if to reinforce the effort, major AI vendors are now sending out engineers to deploy AI models at customer sites.

The engineers, better known as forward-deployed engineers, or FDEs, are more or less hired guns for AI deployments. They focus on helping customers roll out AI projects successfully.

FDEs can study and help set strategies, put battle plans in place, build agentic frameworks, and roll out AI in conjunction with customers’ own domain experts and engineers. They also evaluate AI models, resolve context and reasoning problems, and handle security issues.  

OpenAI, Google, and Microsoft are moving away from LLMs as the product. “Now they want to get inside of the firm and build your infrastructure for you,” Leaming said.

Free tokens, the next worker perk

Tokens are now sometimes offered as a job perk to engineers, Nvidia CEO Jensen Huang has said. Experts compare that to when companies cover cell phone bills for their workers.

Leaming, who said he hasn’t seen instances of that yet, found the idea odd. But if it is happening, much depends on who is offering free tokens.

Employers offering free OpenAI or Microsoft tokens could represent an indirect form of vendor lock-in, he said. “Then I’m incentivized. The more I’m familiar with the product, the more I’m gonna use it.”

Free tokens are also a way to spur the adoption of emerging AI technologies that are not yet safe for work. Many top tech leaders, for example, are exploring the possibilities of OpenClaw — considered a breakthrough AI technology — on their own dime because the technology is considered risky for enterprise environments.

Alex Spinelli, ARM’s senior vice president for AI and developer platforms, is one such person experimenting with OpenClaw at his own cost.

“In my OpenClaw, when I had it configured wrong, I got a bill for $500 in one weekend, and I was like, what the hell happened here? There’s no free lunch. Tokens are expensive,” Spinelli said.

Gartner’s Seth compared the free-token tactic to a cigarette company in India that once gave employees boxes of cigarettes alongside their salaries. “In addition to their salaries, they used to get a couple of boxes of cigarettes. The whole intent was they will…distribute them out and just make them more popular,” he said.

“If you give it to them, they will use it, because now it’s in lieu of money.”

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack. [...]

Microsoft 365 (and Office 365) subscribers get more frequent software updates than those who have purchased Office without a subscription, which means subscribers have access to the latest features, security patches, and bug fixes. But it can be hard to keep track of the changes in each update and know when they’re available. We’re doing this for you, so you don’t have to.

Following are summaries of the updates to Microsoft 365/Office 365 for Windows over the past year, with the latest releases shown first. We’ll add info about new updates as they’re rolled out.

Note: This story covers updates released to the Current Channel for Microsoft 365/Office 365 subscriptions. If you’re a member of Microsoft’s Office Insider preview program or want to get a sneak peek at upcoming features, see the Microsoft 365 Insider blog.

Version 2605 (Build 20026.20076)

Release date: May 20, 2026

This build fixes several bugs, including one in which Excel or PowerPoint closed unexpectedly in rare cases while the user was actively co-authoring, particularly when opening a document for the first time.

Get more info about Version 2605 (Build 20026.20076).

Version 2604 (Build 19929.20172)

Release date: May 14, 2026

This build fixes a bug in Outlook in which sending mail failed when multiple Exchange accounts were configured.

Get more info about Version 2604 (Build 19929.20172).

Version 2604 (Build 19929.20164)

Release date: May 12, 2026

The build plugs a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2604 (Build 19929.20164).

Version 2604 (Build 19929.20136)

Release date: May 5, 2026

This build fixes a bug in which Outlook closed unexpectedly after replying to a mail item with labels.

Get more info about  Version 2604 (Build 19929.20136).

Version 2604 (Build 19929.20106)

Release date: April 29, 2026

This build includes “various fixes to functionality and performance,” according to Microsoft.

Get more info about Version 2604 (Build 19929.20106).

Version 2604 (Build 19929.20090)

Release date: April 21, 2026

This build includes “various fixes to functionality and performance,” according to Microsoft.

Get more info about Version 2604 (Build 19929.20090).

Version 2603 (Build 19822.20182)

Release date: April 14, 2026

In this build, Copilot can now edit your PowerPoint documents. Copilot can start a new presentation or build on an existing one, generate slides, update content, improve layouts, and polish design, while preserving formatting, structure, and branding. 

The build also plugs a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2603 (Build 19822.20182).

Version 2603 (Build 19822.20168)

Release date: April 9, 2026

This build fixes several bugs, including one in Outlook in which users could not close the Copilot chat pane using a keyboard. Users can now close the pane by navigating to the Close button using a keyboard or by using the assigned keyboard shortcut.

Get more info about Version 2603 (Build 19822.20168).

Version 2603 (Build 19822.20142)

Release date: March 31, 2026

This build includes “various fixes to functionality and performance,” according to Microsoft.

Get more info about Version 2603 (Build 19822.20142).

Version 2603 (Build 19822.20114)

Release date: March 24, 2026

This build fixes a single bug in which PowerPoint sometimes closed unexpectedly when opening a newly created empty file from the OneDrive folder.

Get more info about Version 2603 (Build 19822.20114).

Version 2602 (Build 19725.20190)

Release date: March 18, 2026

This build fixes an Outlook bug in which updating a single instance of a recurring meeting in a Microsoft 365 group calendar updated the entire series.

Get more info about Version 2602 (Build 19725.20190).

Version 2602 (Build 19725.20172)

Release date: March 10, 2026

This build introduces agent mode in Word, which adds a conversational chat experience that helps create, edit, and refine document content as you work. In addition, the build fixes a bug that impacted the rendering of extended characters in calendar items, causing certain characters to appear as question marks.

The build also plugs a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2602 (Build 19725.20172).

Version 2602 (Build 19725.20152)

Release date: March 3, 2026

This build fixes a bug in which closing a document sometimes remained in progress indefinitely after the Office app resumed from sleep or hibernation.

Get more info about Version 2602 (Build 19725.20152).

Version 2602 (Build 19725.20126)

Release date: February 24, 2025

This build fixes several bugs, including one that caused OneNote to close unexpectedly upon startup.

Get more info about Version 2602 (Build 19725.20126).

Version 2601 (Build 19628.20214)

Release date: February 17, 2025

This build includes, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2601 (Build 19628.20214).

Version 2601 (Build 19628.20204)

Release date: February 10, 2026

This build fixes a bug that sometimes prevented users from opening emails with the Encrypt Only label in Outlook.

It also plugs a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2601 (Build 19628.20204).

Version 2601 (Build 19628.20166)

Release date: February 3, 2026

This build includes, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2601 (Build 19628.20166).

Version 2601 (Build 19628.20150)

Release date: January 27, 2025

In this build, OneNote applies your chosen proofing language more consistently, so you don’t have to reset it for every paragraph when writing in multiple languages. In addition, the build fixes several bugs, including one that caused Office applications to become unresponsive when profile card-related activities were performed.

Get more info about Version 2601 (Build 19628.20150).

Version 2512 (Build 19530.20184)

Release date: January 21, 2025

This build includes, in Microsoft’s words, “Various fixes to functionality and performance.”

Get more info about Version 2512 (Build 19530.20184).

Version 2512 (Build 19530.20144)

Release date: January 13, 2026

This build fixes a number of bugs, including one that caused Excel, PowerPoint, and Word to become unresponsive when profile card-related activities were performed.

It also plugs a number of security holes. For details, see Release notes for Microsoft Office security updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2512 (Build 19530.20144).

Version 2512 (Build 19530.20138)

Release date: January 8, 2025

This build offers, in Microsoft’s words, “Various fixes to functionality and performance.”

Get more info about Version 2512 (Build 19530.20138).

Version 2511 (Build 19426.20218)

Release date: December 16, 2025

This build offers, in Microsoft’s words, “Various fixes to functionality and performance.”

Get more info about Version 2511 (Build 19426.20218).

Version 2511 (Build 19426.20186)

Release date: December 9, 2025

This Patch Tuesday build offers, in Microsoft’s words, “Various fixes to functionality and performance.” The build also has a variety of security updates (see details).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2511 (Build 19426.20186).

Version 2511 (Build 19426.20170)

Release date: December 3, 2025

This build includes, in Microsoft’s words, “Various fixes to functionality and performance.”

Get more info about Version 2511 (Build 19426.20170).

Version 2510 (Build 19328.20244)

Release date: November 20, 2025

This build fixes a bug in Outlook that caused users to see “Contacting the server for information” repeatedly when loading some emails.

Get more info about Version 2510 (Build 19328.20244).

Version 2510 (Build 19328.20232)

Release date: November 18, 2025

This build includes, in the words of Microsoft, “various fixes to functionality and performance.”

Get more info about Version 2510 (Build 19328.20232).

Version 2510 (Build 19328.20190)

Release date: November 11, 2025

This Patch Tuesday build fixes a bug in Outlook that caused some recipients to be unable to access OneDrive links shared with them via email. The build also has a variety of security updates (see details).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2510 (Build 19328.20190).

Version 2510 (Build 19328.20178)

Release date: November 4, 2025

This build fixes a single bug, in which @mention searches produced no results in Office apps.

Get more info about Version 2510 (Build 19328.20178).

Version 2510 (Build 19328.20158)

Release date: October 30, 2025

This build introduces a new Get Data dialog in Windows that simplifies finding and using external data, and adds Analyze Data to the Data tab.

The build also fixed an bug in Outlook that prevented users from downloading web add-ins in some virtualized environments.

Get more info about Version 2510 (Build 19328.20158).

Version 2509 (Build 19231.20216)

Release date: October 21, 2025

This build has, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2509 (Build 19231.20216).

Version 2509 (Build 19231.20194)

Release date: October 14, 2025

This build has a variety of security updates (see details), along with various fixes to functionality and performance.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2509 (Build 19231.20194).

Version 2509 (Build 19231.20172)

Release date: October 7, 2025

This build has, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2509 (Build 19231.20172).

Version 2509 (Build 19231.20156)

Release date: October 1, 2025

This build fixes two bugs, one in Excel in which ribbon controls were not rendered when rejoining Office sessions in a virtual machine, Azure Virtual Desktop, or remote desktop environment, and another that caused Outlook to terminate unexpectedly when starting.

Get more info about Version 2509 (Build 19231.20156).

Version 2508 (Build 19127.20264)

Release date: September 23, 2025

This build has, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2508 (Build 19127.20264).

Version 2508 (Build 19127.20240)

Release date: September 16, 2025

This build has, in Microsoft’s words, “various fixes to functionality and performance.”

Get more info about Version 2508 (Build 19127.20240).

Version 2508 (Build 19127.20222)

Release date: September 9, 2025

This build has multiple security updates (see details), along with various fixes to functionality and performance.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2508 (Build 19127.20222).

Version 2508 (Build 19127.20192)

Release date: September 3, 2025

This build fixes a bug in which some Outlook add-ins were getting “Office.auth.getAccessToken is not a function” errors.

Get more info about Version 2508 (Build 19127.20192).

Version 2508 (Build 19127.20154)

Release date: August 26, 2025

This build fixes a bug that caused Outlook to terminate unexpectedly when sending a meeting invite with an encryption label. It also adds support for pixelated rendering of embedded images in SVG assets for the entire Office suite.

Get more info about Version 2508 (Build 19127.20154).

Version 2507 (Build 19029.20208)

Release date: August 19, 2025

This build fixes a variety of bugs.

Get more info about Version 2507 (Build 19029.20208).

Version 2507 (Build 19029.20184)

Release date: August 12, 2025

This build fixes a bug which required users to restart Outlook to open a .msg file after initially accessing it once. The build also includes a variety of security updates (see details).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2507 (Build 19029.20184).

Version 2507 (Build 19029.20156)

Release date: August 5, 2025

This build fixes a single bug, in which users had to restart Outlook to open a .msg file after initially accessing it once.

Get more info about Version 2507 (Build 19029.20156).

Version 2507 (Build 19029.20136)

Release date: July 30, 2025

This build fixes a wide variety of bugs, including in which Outlook closed unexpectedly shortly after launch, and another in Word in which the word count sometimes displayed incorrectly.

Get more info about Version 2507 (Build 19029.20136).

Version 2506 (Build 18925.20184)

Release date: July 22, 2025

This build fixes two bugs, one that caused the Copilot Command Center to continue to be visible after disabling the Copilot user interface, and another in which when creating handouts in PowerPoint, certain characters (full-width numbers) couldn’t be properly transferred to the handout.

Get more info about Version 2506 (Build 18925.20184).

Version 2506 (Build 18925.20168)

Release date: July 15, 2025

This build fixes two bugs, one that caused Visio 32-bit to close unexpectedly when using the Drawing control, particularly in setups involving COM components or .NET integrations, and another in Word in which copying and pasting content between documents sometimes changed the applied style unexpectedly.

Get more info about Version 2506 (Build 18925.20168).

Version 2506 (Build 18925.20158)

Release date: July 8, 2025

This Patch Tuesday build fixes several bugs in Outlook, PowerPoint, Word, and the whole Office suite, including one that caused the Copilot icon to unexpectedly display in Outlook when Copilot had been disabled by the admin in government cloud.

The release also includes a variety of security updates (see details).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2506 (Build 18925.20158).

Version 2506 (Build 18827.20176)

Release date: July 1, 2025

This build fixes a wide variety of bugs, including one in Word in which print preview sometimes stopped working when printing long emails.

Get more info about Version 2506 (Build 18827.20176).

Version 2505 (Build 18827.20176)

Release date: June 26, 2025

This build introduces several new features, including one in Excel in which the PivotTables dialog box interface has been replaced by a redesigned panel, making it easier to view all of your options and simpler to change your data selection before inserting a recommended PivotTable.

Get more info about Version 2505 (Build 18827.20176).

Version 2505 (Build 18827.20164)

Release date: June 17, 2025

This build fixes a bug that caused the “Try the new Outlook” toggle to be enabled when working in Classic Outlook side by side with the new Outlook.

Get more info about Version 2505 (Build 18827.20164).

Version 2505 (Build 18827.20150)

Release date: June 10, 2025

This build fixes several bugs, including one for the entire Office suite in which a Save As attempt on an existing file didn’t complete successfully, and subsequent attempts continued to encounter issues when trying to save to a file that no longer existed.

This Patch Tuesday release also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about  Version 2505 (Build 18827.20150).

Version 2505 (Build 18827.20140)

Release date: June 3, 2025

This build offers a variety of bug and performance fixes.

Read about Version 2505 (Build 18827.20140).

Version 2504 (Build 18730.20186)

Release date: May 20, 2025

This build introduces a new PowerPoint feature: Notification emails for mentions, tasks, comments, and replies will now contain context previews even when the source document is encrypted, and the email will inherit the document’s security policies.

Get more info about Version 2504 (Build 18730.20186).

Version 2504 (Build 18730.20168)

Release date: May 13, 2025

This build fixes a bug in which users were seeing high CPU usage when typing in Outlook. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2504 (Build 18730.20168).

Version 2504 (Build 18730.20142)

Release date: May 6, 2025

This build includes various bug and performance fixes.

Get more info about Version 2504 (Build 18730.20142).

Version 2504 (Build 18730.20122)

Release date: April 29, 2025

This build fixes a wide variety of bugs, including one in which PowerPoint was unable to open a file from a network mapped drive from File Explore, another in which Word closed unexpectedly when opening .doc files, and another for the entire Office suite in which large 3D files couldn’t be inserted.

Get more info about Version 2504 (Build 18730.20122).

Version 2503 (Build 18623.20208)

Release date: April 17, 2025

This build fixes a bug that could cause Excel to stop responding.

Get more info about Version 2503 (Build 18623.20208).

Version 2503 (Build 18623.20178)

Release date: April 8, 2025

This build fixes a single bug in Word in which users may have encountered an issue with saving, seeing the message “saving…” in the title bar. It  also includes a variety of security updates. Go here for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2503 (Build 18623.20178).

Version 2503 (Build 18623.20156)

Release date: April 2, 2025

This build lets you use Dark Mode in Excel, which darkens your entire sheet, including cells, and may reduce eye strain. It also fixes several bugs, including one in Word in which opening specific files that contain many tracked changes and comments resulted in poor performance, and one in PowerPoint in which the app was not displaying the icon for an inserted PDF object.

Get more info about Version 2503 (Build 18623.20156).

Version 2502 (Build 18526.20168)

Release date: March 11, 2025

This build fixes several bugs, including one in which some Word files with numerous tracked changes and comments were slow. It also includes a variety of security updates: see details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2502 (Build 18526.20168).

Version 2502 (Build 18526.20144)

Release date: March 5, 2025

This build fixes a wide variety of bugs, including one in Word in which the default font size may not be 12pt as expected, and another in which PowerPoint automatically closed when the system went into hibernate or sleep mode.

Get more info about Version 2502 (Build 18526.20144).

Version 2501 (Build 18429.20158)

Release date: February 11, 2025

This build removes the option to display Track Changes balloons in left margin in Word. It also includes a variety of security updates. See “Release notes for Microsoft Office security updates” for details.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Get more info about Version 2501 (Build 18429.20158).

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.  The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers' systems was hacked in the

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.  The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers' systems was hacked in theRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information disclosure. The vulnerability, now tracked as CVE-2026-9082, carries a CVSS score of 6.5 out of 10.0, per CVE.org. Drupal said the vulnerability resides in a database abstraction API that is