Kategorie

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Google’s dominance in the search arena has given rise to two major antitrust lawsuits from the US government alleging the company has manipulated the market to maintain that dominance, to the exclusion of competitors and the detriment of the public at large.

The first lawsuit, targeting Google’s search business, kicked off in mid-September 2023 and drew to a close in May 2024; US District Judge Amit Mehta ruled against the tech giant in August 2024 and is now considering remedies. The second trial against the tech giant, focused on advertising, took place over 15 days in September 2024, with US District Judge Leonie Brinkema ruling against Google in April 2025. Google plans to appeal both decisions.

The cases heavily echo the turn-of-the-century Microsoft antitrust case in several respects, not least of which is the fact that Google faces the possibility of being broken up by regulators if it is unsuccessful in its legal battles.

Here’s our condensed timeline of the two lawsuits and their progress through the court system.

April 21, 2025: The remedy phase of Google’s search antitrust trial begins with Judge Mehta presiding. Federal prosecutors warn that Google might leverage artificial intelligence to entrench its search monopoly, demanding “strong measures” to prevent the tech giant from extending its market control into the AI era. These include requiring Google to divest Chrome, end exclusive default search agreements, license its search data to competitors, and potentially sell its Android operating system if other remedies fail.

April 17, 2025: In a second landmark defeat for Google, Judge Brinkema rules that Google illegally monopolized the ad tech market. The company’s “exclusionary conduct substantially harmed Google’s publisher customers, the competitive process, and, ultimately, consumers of information on the open web,” she wrote in the ruling. Remedies, which could include the breakup of Google’s advertising products and/or changes to its business practices, will be imposed at a future date.

Oct. 8, 2024: The US Department of Justice submits a court filing proposing that the Chrome browser and Android operating system be split off from Google as part of sweeping remedies aimed at curbing the tech giant’s monopoly in online search and advertising.

Sept. 20, 2024: The US Department of Justice is set to wrap its case in the Google antitrust trial after an eventful two weeks. The tech giant is accused of engaging in monopolistic behavior by strategically acquiring certain companies and controlling the adtech industry’s most widely-used tools and exchanges,  beginning with its acquisition of advertising company DoubleClick in 2008.

Sept. 9, 2024: The second major case against Google begins with the company defending itself against claims it engaged in illegal behavior to maintain control of the ad tech market. The US government is accusing Google of purposefully manipulating that market, snuffing out competitors and gobbling up key technologies through acquisitions. If the DoJ successfully makes its case, Google risks being broken up by regulators.

Aug. 5, 2024: In a major defeat for Google, Judge Amit Mehta rules that the company had engaged in anticompetitive behavior in an effort to protect its search business. In the 277-page decision, Mehta was blunt: “After having carefully considered and weighed the witness testimony and evidence, the court reaches the following conclusion: Google is a monopolist, and it has acted as one to maintain its monopoly. It has violated Section 2 of the Sherman Act.” Mehta’s ruling did not include remedies for the anticompetitive behavior; those will be decided later.

May 3, 2024: Over two days of closing arguments, the DoJ revisits its case for Google having a monopoly on search advertising, and Judge Mehta quizzes both parties about whether other platforms could be viewed as substitutes for Google’s search advertising business. He hasn’t said how long he expects to take to reach a decision, but if he rules against Google, a second hearing will take place to decide on any remedies.

Nov. 16, 2023: The evidentiary phase of the trial finishes, as Judge Mehta issues instructions for post-trial submissions. Despite considerable amounts of redaction and closed-door testimony, the case revealed some unprecedented details about the relationships between the largest tech companies in the world, including the fact that Apple apparently keeps 36% of the search revenue from Google searches in Safari, and Apple once considered buying Microsoft’s Bing search engine as leverage against Google. Judge Mehta has scheduled closing arguments in the case for May 1, 2024.

Oct. 31, 2023: Google CEO Sundai Pichai takes the stand, for long-awaited testimony about the relationship between his company and Apple. He gave some details about Google’s negotiations with Apple over a contract that made Google the default search engine on Apple’s iPhones, iPads, and Macs. Google has paid billions for the privilege of being the default search on Apple products, and the relationship is a key part of the case – which was underlined by the Justice Department’s cross-examination of Pichai, during which he admitted that default search status is a major driver of market share.

Oct. 18, 2023: Google begins its defense, calling Paul Nayak, a vice president of search, to the stand as its first witness. Nayak downplays the importance of scale in his testimony, stressing that machine intelligence, compute infrastructure, and a team of 16,000 staff that checks on search results are crucial to maintaining quality of service. DOJ witnesses including DuckDuckGo CEO Gabriel Weinberg and Microsoft CEO Satya Nadella had testified that Google keeps an edge over competitors via an ever-increasing trove of data — the result of its default search engine status, maintained through exclusive contracts and billions of dollars in payments to Apple, Samsung and other companies. This data gives Google an advantage in refining search engine results, they said. 

Oct. 3, 2023: As a witness for the prosecution in the Google antitrust trial, Microsoft CEO Satya Nadella warns that Google’s monopoly profits could lock in publishers as AI-enabled search arrives. Nadella argued that it’s almost impossible to compete with Google, given the search leader’s massive competitive edge in collecting and analyzing user data. He also warned that Google, with its vast profits and lock on the search market, stands poised to extend its monopoly power in a new era where artificial intelligence technologies will turbocharge the search business.

Sept. 26, 2023: Apple’s Eddy Cue testifies behind closed doors in the Google search case, as critics slam presiding Judge Amit Mehta’s decision to hold much of the trial’s testimony from witnesses secret, allow documents to be heavily redacted, and block some documents from public view — mainly at the insistence of Google, but also at the request of other companies, including Apple. By the end of Cue’s testimony — and after a wek of wrangling by all parties — Judge Mehta rules that documents used during the trial can be published online at the end of each day, but still allows time Google and third parties to object to exhibits being shown publicly before the DOJ presents them in court. 

Sept. 21, 2023: Judge Mehta rules that public access to court exhibits, which have been mostly internal Google documents thus far, should be removed, after Google challenged the Justice Department’s regular publication of them. The company said that it was concerned for its employees’ privacy.

Sept. 12, 2023: The default search trial begins with opening statements, and the government begins its case.

Aug. 2023: Judge Mehta grants partial summary judgment for Google in the search case, saying that the government had failed to raise a genuine dispute of material fact on antitrust charges relating to contracts around the use of the Android operating system, as well as Google Assistant and IoT devices. The claims relating to Google’s exclusive “default search” contracts, however, are allowed to proceed to trial.

July/Aug. 2023: Google and the plaintiffs in the search case argue various motions in limine, designed to control what evidence should be included or excluded in the actual trial. Discovery and motion practice over evidence continues in the advertising case.

June 2023: Judge Mehta schedules a trial date of September 12, 2023 for the search case.

April 2023: Judge Leonie M. Brinkema denies Google’s motion to dismiss in the advertising case.

March 2023: Google’s motion to transfer the advertising case to New York is denied by Judge Brinkema, who orders the parties to propose discovery schedules within two weeks of the order. Two weeks later, Google moves to dismiss the case for failure to state a claim, arguing that the plaintiffs have simply produced legal conclusions, and not specific facts, that could support their claims. Judge Brinkema schedules pre-trial conferences for January 2024.

Feb. 2023: The plaintiffs in the default search case case move for sanctions against Google, accusing it of spoliation, which refers to the destruction, alteration or failure to preserve relevant evidence in a case. Elsewhere, in the advertising case, Google moves to transfer the case from the Eastern District of Virginia to the Southern District of New York, which is seen as an attempt to consolidate the case with related digital advertising antitrust litigation.

Jan. 2023: A second antitrust action, pushed by eight states and the DoJ, is filed in federal district court in eastern Virginia. The plaintiffs, who call for Google’s advertising business to be split up, accuse Google of manipulating its dominant position in the online advertising world to squeeze out rivals and control both the supply and demand side of the advertising market. Google, according to the complaint, thwarted fair competition by manipulating fees, punished advertisers for using alternative platforms and ad exchanges, and engaged in a host of further anti-competitive behavior in the interest of monopolizing the marketplace. (This is case that began in September 2024.)

Dec. 2022: Google moves for summary judgment against the separate Colorado case and the larger, DoJ-led case. A summary judgement motion is essentially a request by one of the parties in a lawsuit that the judge rule in their favor and end the case, arguing that, based on the undisputed facts, they are entitled to win the case as a matter of law.

May 2022: A deadline of June 17 is set for the production of all discovery materials. Further documents – for example, those whose is existence is first disclosed in late in the discovery window – can be produced until June 30.

May 2022: Judge Mehta denies a government motion to sanction Google for inaccurately classifying documents as attorney-client privileged. The plaintiffs had argued that emails on which Google’s lawyers were listed as recipients or CCed, but that the lawyers never responded to, constituted a misuse of the attorney-client privilege rules.

Dec. 2021: Judge Mehta conditionally splits Colorado’s claims from the case at large, ordering that separate trials on that state’s issues of liability and remedies will be “more convenient for the Court and the Parties, and will expedite and economize this litigation.”

Aug.-Oct. 2021: Discovery-related motions and orders continue, as Yelp and Samsung join the fray. (Those companies, like Microsoft and Apple, are relevant to the case even if they aren’t parties themselves, as their internal records are potentially relevant to Google’s liability.)

June/July 2021: The discovery process continues, and the U.S. and Google both file several documents with the court under seal. (Microsoft files two sealed documents, as well, in response to Google’s subpoenas for company records, and Apple becomes involved after the government requests access to some of its internal information.)

March 2021: Meetings between Google and the various governmental plaintiffs continue, with periodic status reports on the discovery process.

Jan. 2021: Google files a response to the complaint, admitting to many of the facts alleged by the Justice Department and associated attorneys general, but categorically denying the substance of the government’s claims of illegality. Further responses to separate but related claims, generally to specific state attorneys general, follow in the subsequent weeks and months.

Dec. 2020: Judge Amit Mehta approves the joinder of Michigan, Wisconsin and California to the suit.

Oct. 2020: The Department of Justice, along with the attorneys general of 11 states, sues Google in DC federal district court for unlawfully maintaining a monopoly, in violation of Section 2 of the Sherman Act. The case centers on Google’s use of exclusive contracts that mandate its use as the default search engine in a host of different hardware and software applications, with the government alleging that this represents an artificial constraint on any possible competition for the search giant.

Federal prosecutors warned that Google might leverage artificial intelligence to entrench its search monopoly, demanding “strong measures” to prevent the tech giant from extending its market control into the AI era.

In the latest phase of the major antitrust trial that began on Monday, government lawyer David Dahlquist argued that Google has built a system where its control of search helps improve its AI products, which then send more users back to Google search, creating a cycle that keeps competitors locked out of both markets.

“Now is the time to tell Google and all other monopolists who are out there listening, and they are listening, that there are consequences when you break the antitrust laws,” Department of Justice attorney David Dahlquist told the court Monday, as the remedies phase of the landmark antitrust case against Google began, reported Reuters.

[ Google US antitrust trials: A timeline ]

The trial, which follows Judge Amit Mehta’s August 2024 ruling that Google illegally maintained a search monopoly, has evolved into a showdown over how deeply the government can intervene in tech markets—particularly as the industry rapidly shifts toward AI-powered services.

The AI expansion strategy

Evidence presented in court revealed that Google is employing familiar tactics to dominate the emerging AI landscape. The company has negotiated deals paying Samsung to preinstall its Gemini AI app on smartphones, with options to extend the arrangement through 2028.

The Justice Department contended that this mirrors the exclusive agreements with device makers that Judge Mehta previously ruled helped Google maintain its search monopoly. The government’s case portrays a self-reinforcing cycle: Google’s search dominance improves its AI products, which in turn drive users back to its search engine.

“This court’s remedy should be forward-looking and not ignore what is on the horizon,” Dahlquist emphasized, as per the report.

To underscore its focus on AI competition, the DOJ called OpenAI’s product head for ChatGPT, Nick Turley, to testify—signaling the government’s concern about how search and generative AI are converging.

“If Google’s conduct is not remedied, it will control much of the internet for the next decade and not just in internet search, but in new technologies like artificial intelligence,” DoJ Assistant Attorney General Gail Slater said in a statement.

Remedies that reshape markets

The Justice Department is pushing for interventions that would fundamentally alter Google’s business model. Their proposals include requiring Google to divest Chrome, end exclusive default search agreements, and license its search data to competitors. As a last resort, they’ve suggested Google might need to sell its Android operating system if other remedies fail.

However, industry analysts question whether some of these remedies align with market realities. Neil Shah, VP for research and partner at Counterpoint Research, believes the Chrome divestiture may miss the bigger picture.

“Chrome separation doesn’t impact Google much in the long run as we are moving from browser and app-centric to an Agentic world where search and content access will happen inside the agent app and browser becomes redundant property,” Shah said. “The AI agent itself becomes the search engine.”

Sanchit Vir Gogia, chief analyst and CEO of Greyhound Research, expressed similar concerns about focusing too narrowly on Chrome: “Separating Chrome from Google risks destabilizing a global platform that underpins not just web access, but AI discovery itself.”

Both analysts said that more attention should be directed toward Google’s control of the Android ecosystem, where default settings and bundled services most effectively limit competition.

The DOJ’s proposal for Google to license its search data to competitors faces significant practical challenges, according to experts.

“Mandating Google to license its search data may sound like fair market correction, but risks cascading privacy and compliance fallout,” Gogia noted. “Google’s behavioral query logs are rich and sensitive, anonymizing them without destroying contextual utility is technically tenuous.”

Shah was more direct: “DOJ’s remedy of Google sharing search results data turns its advertising-led business model as well as tech stack upside down and won’t be practically feasible.”

Google’s defense: national security and innovation

Google has framed the government’s proposals as threats to the US technological leadership in the global AI race with China — an argument that has gained traction among some industry observers.

“We’re in a fiercely competitive global race with China for the next generation of technology leadership, and Google is at the forefront of American companies making scientific and technological breakthroughs,” Lee-Anne Mulholland, Google’s vice president of regulatory affairs, wrote in a blog post.

“With new services like ChatGPT (and foreign competitors like DeepSeek) thriving, DOJ’s sweeping remedy proposals are both unnecessary and harmful,” Mulholland added in the post.

Gogia acknowledged the complexity of this argument, “Google’s concerns about national security aren’t misplaced. Fragmenting Google’s ecosystem may slow down America’s cohesive AI response to China. But a strong counter opinion to this is that it is a long-overdue correction to embedded defaults that restrict platform access.”

Competitors seek a middle ground

As the case unfolds, emerging AI search competitors are advocating for more nuanced solutions. Perplexity, an AI-powered search engine, published a blog post arguing that “the remedy isn’t breakup,” but rather increased consumer choice.

“When we think about a search product that’s 10X better than 10 blue links, we also think about being a company that works better with OEMs, carriers, and partners of all kinds,” Perplexity wrote in the blog.  “That’s because the only way we (or anyone else) can compete after all the hard work of building a superior product, is to be chosen.”

The company has been asked by both the DOJ and Google to share its opinion.

This approach aligns with Shah’s analysis: “Maximum DOJ would end up focusing on the exclusive agreements with OEMs and other ecosystem players to make it a somewhat level playing field where users have the choice of the agent.” The remedies trial is expected to conclude May 9, with Judge Mehta’s ruling anticipated in August. Google has already indicated it plans to appeal.

As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Aware’s recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their work.

As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Aware’s recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their [email protected]

Generative artificial intelligence (genAI) capabilities and features are coming to unified endpoint management (UEM) platforms — in fact, some are already here — and technology and business leaders need to be prepared for the challenges they might face.

Some of the leading UEM vendors are weaving AI and genAI features into their platforms. Here are a few examples:

ManageEngine has made its in-house AI-based assistant, Zia, an integral part of its UEM solution, Endpoint Central. Through natural-language interactions with the “Ask Zia” chatbot, IT teams can tap into AI-powered insights, intelligent report generation, and AI-enabled remote support.

Upcoming features for the platform include genAI-powered management and security automation. GenAI capabilities will be integrated through Ask Zia, and additional features will be aimed at enhancing device performance optimization and security incident management.

Microsoft offers Copilot for Windows Autopatch in its Intune UEM product, which enables AI-driven guidance through every update management stage, from planning and deployment tracking to issue identification and remediation. The genAI tool provides actionable insights so teams can keep endpoints secure and up to date with minimal disruption, according to the company. Other available or upcoming Intune features include Copilot assistance for multiple device queries, endpoint privilege management, and policy management.

BlackBerry’s mobile threat defense capability for UEM uses AI and machine learning models for scoring apps and URLs to check for malware and malicious sites and phishing incidents. The company says it is evaluating genAI use cases across both servers and apps for inclusion in future releases, with an emphasis on maintaining customer data privacy. A spokesperson declined further comments on these roadmap features or the approximate timeframe of release.

Industry watchers also point to improved script generation, natural-language data extraction and analysis, and end-user support as likely applications for genAI in UEM tools.

In a large enterprise, a UEM platform might be managing thousands of user devices and other endpoints and tightly tied to security systems, digital employee experience tools, and other enterprise software. Clearly there’s a potential for challenges around security, user experience, and operational efficiency when genAI is embedded in UEM. Preparation is important for success.

Computerworld asked three enterprise mobility analysts for their advice on how businesses can take advantage of genAI in UEM tools while still protecting their users, systems, and data.

Ask vendors for key information

“The most important first step that organizations can take is to fully understand the vendor’s roadmap for genAI features, along with the architecture that will be used to deliver the capabilities,” said Tom Cipolla, senior director and analyst at research firm Gartner.

“Surprise releases of genAI are indicative of a failure to prepare and a potentially weak vendor relationship,” Cipolla said.

Technology costs are a common concern of organizations, so executives need to keep tabs on how much genAI features cost and whether the added expense is worth it.

“Today, most of these capabilities are beta and offered at no cost,” said Andrew Hewitt, principal analyst at Forrester Research. “However, that may not last, as the cost of genAI is high.” Customers should ask vendors for specifics on what they intend to charge for various genAI features in their UEM platforms — and when, he said.

Other big issues include cybersecurity and the privacy of corporate data.

“GenAI may be utilizing data that is proprietary to the organization, and sending that to a third-party cloud” could be risky, Hewitt said. It’s a good practice to verify with the UEM vendor that data is being processed locally and protected, he said.

To that end, UEM customers need to get guarantees from their vendor about security and privacy protections, Hewitt said. It should be stated in the contract that customers’ proprietary data, including their employees’ private data, is encrypted and will not be used in training genAI models.

Gartner’s Cipolla also urged IT leaders to ensure that their UEM vendors are making security a priority with genAI. Ideally, genAI features should be provided in a secure way that isolates personal employee and customer data.

“Organizations should carefully review the data privacy protection documentation provided by the vendor, specifically looking for cases where the genAI capabilities of the platform use public large language models to fulfill requests,” Cipolla said.

Create guardrails

Before deploying any forthcoming genAI capabilities in their UEM platforms, companies should take steps to protect their systems and data. For example, they need to put guardrails in place to make sure proprietary data, such as personally identifiable information for employees, is protected.

“Organizations need to build AI governance not just for UEM platforms, but also across the digital workplace stack,” Hewitt said. “They should be doing an inventory of where their data currently resides, what protections they have in place for secure authorization, and doing their due diligence around personal or other sensitive information.”

IT organizations should start to think about their automation process, Hewitt added. “What types of approvals and authorizations will be necessary to execute automation in the endpoint management stack?” he said. “How will they plan to gain trust and confidence in AI and automation? How should they measure this? Taking an inventory of existing automation processes could help here, as well as doing some testing of genAI on basic use cases.”

Testing genAI features should be done in a safe environment prior to rolling them out. “As with any AI solution, organizations should proceed carefully and employ a ‘block, walk, run’ strategy while they gain comfort with the solution and its security,” Cipolla said.

Verify, test, and monitor — with humans in charge

As genAI features begin to appear in UEM tools, “organizations should ensure that endpoint device management tasks or functions enabled or assisted by AI have similar or better outcomes” than approaches used previously, said Phil Hochmuth, program vice president, enterprise mobility, at research firm IDC.

That means keeping a close eye on AI recommendations and actions. “Teams using AI in IT operations for endpoints must be watchful for AI system misinterpretation, partial or incorrect completion of tasks, and other bad outcomes that affect end-user productivity,” Hochmuth said.

Enterprises need to be especially mindful of false or inaccurate recommendations from AI, Hewitt said. Administrators need to conduct a “sanity check” on these recommendations before implementing them in their environment. For example, it’s important to confirm that the recommendations are based on recent or real-time data, he said.

Cipolla concurred. “Information delivered via genAI can contain inaccuracies and hallucinations — statements that sound factual but are not accurate — resulting from the large language model used to train the AI,” he said.

If genAI results are not verified prior to usage, that could result in significant operational impacts, including loss of data, a brand credibility hit, and a degraded digital employee experience, Cipolla said.

“For this reason, genAI must be combined with human expertise to validate generated results,” he said. “Prior to implementation of genAI recommendations, ensure that at least one expert human validates the accuracy of the information. Do not use genAI to validate genAI, as different models could share hallucinations.” 

To reduce the risk of inaccurate results, Cipolla recommended using a framework similar to common approaches based on the IT Infrastructure Library (ITIL), where proper vetting of IT changes is performed.

“Also, prior to implementing any script in a production environment, ensure that testing is performed to validate that there are no unintended side effects. After implementation, carefully monitor the operation of the system for delayed impacts,” Cipolla said.

Share what works and build on success

Organizations should not fall into the trap of thinking genAI can replace tech employees.

“The accuracy of genAI-produced information within tailored use cases, such as digital workplace management tools, will improve quickly. However, genAI will never be able to replace human intuition, empathy, curiosity, experience, and expertise within the digital workplace,” Cipolla said.

To prevent potentially catastrophic results, “genAI must be positioned to augment humans and not be seen as an opportunity to replace humans,” Cipolla said. “Human creativity and expertise combined with genAI is a force multiplier that has the potential to yield significant breakthroughs.”

To share and collectively improve on positive results, Cipolla recommended that organizations create wiki-style, easily searchable libraries of prompts (and sample result sets) that can be used to identify common successful prompts.

“This can be as simple as a shared spreadsheet, a channel in a collaboration tool, or a basic wiki-style website. Enable all employees to contribute, and recognize those employees who exhibit extraordinary creativity in their prompts,” Cipolla said.

“Prompt libraries also can be purchased from vendors as a service,” he noted.

Here, too, communication with the UEM vendor is important. Most genAI capabilities will have built-in feedback collection mechanisms, where feedback is routed to the vendor for integration into the program, Cipolla said. In this way, genAI successes (and failures) can be used to improve the features in the future.

In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to note is that this is a valid, signed email – it really was sent from [email protected]," Nick Johnson

In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to note is that this is a valid, signed email – it really was sent from [email protected]," Nick JohnsonRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Huawei is reportedly preparing to ramp up shipments of its new 910C AI chip to Chinese customers as early as next month, a move that could accelerate the fragmentation of global AI infrastructure and challenge US chip dominance in enterprise workloads.

Some of the chips have already been shipped, according to a Reuters report, as Chinese AI companies scramble for domestic alternatives to Nvidia’s H20 – a chip that had, until recently, been freely available in the region.

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 22H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.” If you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”

Updates to Windows 10 versions 21H2 and 22H2 KB5055612 (OS Build 19045.5796) Preview

Release date: April 22, 2025

This build fixes two bugs, including one in which the check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2). This issue might have potentially caused GPU paravirtualization support to fail.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5055612 Preview.)

KB5055518 (OS Builds 19044.5737 and 19045.5737)

Release date: April 8, 2025

The update has a broad variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5055518.)

KB5053643 (OS Build 19045.5679) Preview

Release date: March 25, 2025

This build fixes several bugs, including one in which USB-connected dual-mode printers that support both US Print and IPP Over USB protocols unexpectedly output incorrect or unwanted text, and another in which thumbnails in File Explorer crashed, resulting in white pages appearing instead of the actual thumbnails.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5053643 Preview.)

KB5053606 (OS Builds 19044.5608 and 19045.5608)

Release date: March 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5053606.)

KB5052077 (OS Build 19045.5555) Preview

Release date: February 25, 2025

This build fixes several bugs, including one in which the OpenSSH (Open Secure Shell) service failed to start, preventing SSH connections.

There are two known issues in this build, including one in which certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update. This issue was observed on devices with Citrix Session Recording Agent (SRA) version 2411.

(Get more info about KB5052077 Preview.)

KB5051974 (OS Builds 19044.5487 and 19045.5487)

Release date: February 11, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5051974.)

KB5050081 (OS Build 19045.5440) Preview

Release date: January 28, 2025

This build includes the new version of the Outlook app. IT admins can learn how to manage the new version at the Microsoft Learn page “Control the installation and use of new Outlook.”

The build also fixes a variety of bugs, including one in which the Capture Service and Snipping Tool stopped responding when you pressed Windows logo key + Shift + S several times while Narrator was on.

There are two known issues in this build, including one in which the OpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. In the other one, PCs that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5050081 Preview.)

KB5049981 (OS Builds 19044.5371 and 19045.5371)

Release date: January 14, 2025

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which devices that have certain Citrix components installed might be unable to complete installation of the January 2025 Windows security update.

(Get more info about KB5049981.)

KB5048652 (OS Builds 19044.5247 and 19045.5247)

Release date: December 10, 2024

The update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5048652.)

KB5046714 (OS Build 19045.5198) Preview

Release date: November 21, 2024

This build fixes a variety of bugs, including one in which Win32 shortcuts did not back up to the cloud. 

(Get more info about KB5046714 Preview.)

KB5046613 (OS Builds 19044.5131 and 19045.5131)

Release date: November 12, 2024

This update fixes a bug in which some games did not start or stopped responding after you installed KB5044384. This occurred because some games use a third-party DRM component that are not compatible with that update. This update makes changes to support those games while the game developers address the DRM issue.

The update also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5046613.)

KB5045594 (OS Build 19045.5073) Preview

Release date: October 22, 2024

This build starts the rollout of the new account manager on the Start menu that makes it easy to view your account and access account settings. To change to a different user, select the ellipsis (…) next to “Sign out.” Not everyone will see this change yet, because it’s rolling out gradually.

The build also fixes a variety of bugs, including one in which a vmswitch triggers a stop error. This occurs when you use Load Balancing and Failover (LBFO) teaming with two virtual switches on a virtual machine (VM). In this case, one virtual switch uses single root Input/Output virtualization (SR-IOV).

(Get more info about KB5045594 Preview.)

KB5044273 (OS Builds 19044.5011 and 19045.5011)

Release date: October 8, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5044273.)

KB5043131 (OS Build 19045.4957) Preview

Release date: September 24, 2024

This build fixes several bugs, including one in which playback of some media might have stopped when you use certain surround sound technology, and another in which Windows server stopped responding when you used apps like File Explorer and the taskbar.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about Windows 10 22H2 KB5043131 Preview).

KB5043064 (OS Builds 19044.4894 and 19045.4894)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043064.)

KB5041582 (OS Build 19045.4842) Preview

Release date: August 29, 2024

This build fixes several bugs, including one in which when a combo box had input focus, a memory leak could occur when you closed that window.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5041582 Preview.)

KB5041580 (OS Builds 19044.4780 and 19045.4780)

Release date: August 13, 2024

This release has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041580.)

KB5040525 (OS Build 19045.4717) Preview

Release date: July 23, 2024

This build fixes a variety of bugs, including one in which the Transmission Control Protocol (TCP) send code caused systems to stop responding during routine tasks, such as file transfers. This issue led to an extended send loop.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5040525 Preview.)

KB5040427 (OS Builds 19044.4651 and 19045.4651)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which you might be unable to change your user account profile picture.

(Get more info about KB5040427.)

Windows 10 2022 Update (version 22H2)

Release date: October 18, 2022

The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.

Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.

To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.

(Get more info about the Windows 10 2022 Update.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

• Wi-Fi security has been enhanced with WPA3 H2E standards support.
• GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

• Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
• For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
• Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
• The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
• An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
• Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

• Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
• Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
• Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

• The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
• The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
• The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
• When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
• When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
• When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
• The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

• IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
• Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
• Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
• Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
• Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”

Windows 10 May 2020 Update (version 2004)

Release date: May 27, 2020

Version 2004, called the Windows 10 May 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a variety of new features for both users and system administrators. For more details, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”

Here’s a quick summary of what’s new in 2004:

• Cortana now runs as a standalone app in a resizable window. It also loses a variety of capabilities, such as playing music, controlling home devices, and working on the lock screen.
• Task Manager now displays new information, including the temperature of your GPU and your disk type.
• Settings gets many small tweaks, including adding a header with account information, and a redone network status page that combines information that used to be found on multiple pages, such as your IP address, current connection properties and data usage.
• The Windows Subsystem for Linux (WSL) gets more features. It now uses a real Linux kernel, and is faster than previously.
• IT can now take advantage of Windows Hello biometrics logins rather than passwords, by setting that up as the default on enterprise devices.
• Installing and setting up Windows for others has been made easier thanks to new controls added to Dynamic Update, which can lead to less downtime during installation for users.
• A variety of new commands have been given to PowerShell for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing the work of downloading update and upgrade packages among multiple devices in business deployments.
• The security of the Chromium version of Edge has been improved, thanks to porting Application Guard to it.

Windows 10 November 2019 Update (version 1909)

Release date: Nov. 12, 2019

Version 1909, called the Windows 10 November 2019 Update, is the most recent update to Windows 10. There are very few new features in this update, making it more like a service pack of old than a feature update. At this point it’s not clear whether in the future there will be one full-featured update and one service-pack-like update per year or whether Microsoft will go back to its two-feature-updates-a-year schedule. For more details, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”

Here’s a quick summary of what’s new for users in 1909.

• It lets you create calendar events straight from the taskbar. To do it, click the time on the taskbar and you’ll open the Calendar view. Now click a date and time, then type the event’s name into the text box. You’ll also be able to choose the date, time and location.
• When you type a search into the search box, it will now search through files in your OneDrive account as well as on your PC. Also, as you type, a drop-down menu with suggested files appears. Click a file to open it.
• Voice assistants in addition to Cortana, including Amazon’s Alexa, will be able to run on Windows 10’s lock screen.
• Under-the-hood improvements should speed up the performance of some PCs, as well as increase the battery life in some laptops.
• The Start Menu has gotten minor tweaks. When you hover over items in the navigation pane on the left side of the menu, the items clearly show what you’re about to click.

What IT needs to know: The following features in 1909 are of note for IT staff.

• Windows containers no longer need to have their host and container versions match. That requirement restricted Windows from supporting mixed-version container pod scenarios. Previously, containers from older versions of Windows 10 couldn’t be run on newer versions of Windows 10. In this update, it’s possible, so that a container made using 1903, for example, can be run on 1909.
• Windows Defender Credential Guard, which protects enterprise users’ logins and credentials against theft, is now available for ARM64 devices. Some Windows 10 convertible PCs use ARM64.
• Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow devices running Windows 10 in S mode to install and run Win32 (desktop) apps. Before this, S Mode only allowed devices to run apps from the Microsoft Store. Microsoft Store apps don’t run on the desktop.
• The security of BitLocker encryption has been improved. Whenever BitLocker is used to encrypt a device, a recovery key is created, but before this security improvement, it was possible for an unauthorized user to get access to the recovery key and decrypt the device. Now, PCs have additional security if a key is exposed. Here’s how Microsoft explains the change: “Key-rolling or Key-rotation feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on demand request from Microsoft Intune/MDM tools or upon every time recovery password is used to unlock the BitLocker protected drive.”

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
• A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
• Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
• The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
• The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
• Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
• Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
• The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
• The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
• Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
• The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
• You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

• Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
• There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
• Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
• Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
• There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
• The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
• Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For  more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

• OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
• The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
• You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
• Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
• Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
• Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
• New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
• The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

• The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
• Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
• ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
• Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
• Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
• Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,”  “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

• It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
• Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
• The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
• Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
• System settings that previously were in multiple locations have been consolidated into the Settings app.
• There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
• New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
• The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

• Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
• Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
• New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
• The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
• Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
• If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company," the Symantec Threat Hunter Team said in a new report

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company," the Symantec Threat Hunter Team said in a new report Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

As PC vendors continue to launch multiple variations of AI PCs, the promises of Microsoft Copilot and Copilot+ PCs have demonstrated little relevance to enterprises, who have yet to see enough use cases to justify the purchase. However, Lenovo is trying to change that with its own AI assistant, AI Now.

Based on Meta’s Llama 3.0, Lenovo AI Now is a small language model that focuses on a limited number of tasks such as document organization and device management, but does it locally, so users don’t have to worry about exposing their data to the outside world and tasks such as document summaries can be done even on an airplane, without an internet connection.

[ Related: More AI PC news and insights ]

The inspiration for AI Now comes from Copilot’s limited success as a PC assistant. “I think at the launch of Copilot in June last year, there was a promise of more, and they had to pull back. I think it’s going to take some time for us to see wide-scale deployment, especially for some of the features like Recall, which they [Microsoft] showed and then came back off of,” said Tom Butler, VP for worldwide commercial portfolio and product management at Lenovo.

“For AI Now, we have used a very focused local model experience. We’re not trying to be cloud. We’re demonstrating just really two things. One is the knowledge assistant, which uses your personal knowledge base; you put specific sets of files, documents into that knowledge base. Then you can run queries, comparisons, summarizations, and work through just that set of documents,” Butler said.

The other aspect is that of a PC assistant that the user can instruct to change their PC settings without having to navigate the Settings app, by simply telling it, for example, “turn on dark mode.”

Challenges with Copilot+ PCs

Privacy issues related to Microsoft Recall, which was touted as one of the key use cases for a Microsoft Copilot+ PC over a typical AI PC, have put a dent in Microsoft’s positioning, said Udit Singh, vice president, Everest Group.

“As such, the business case for Microsoft Copilot+ is weak today. However, this is not uncommon with Microsoft, as it has a tendency to start with a weak business case initially, but then beef up its offering over time,” Singh said.

Other experts also struggle to see why enterprises would want to buy an AI PC. “At this stage, AI PCs do not offer enough compelling value to justify large-scale investment, particularly for enterprises with existing AI capabilities in cloud or data center environments,” said Eric Helmer, CTO at Rimini Street. “Many AI workloads can already be effectively managed without requiring a dedicated neural processing unit (NPU) on every employee’s device.”

As many enterprises are already cautious with IT spending, initiatives that provide immediate and measurable ROI will remain their priority. Helmer pointed out that investing in AI PCs today could mean paying a premium for capabilities that may soon become accessible through standard hardware and software advancements. “Instead of reacting to vendor-driven cycles, CIOs should assess whether AI PCs align with their broader IT modernization strategies and whether the investment makes sense given their organization’s specific needs,” he said.

PC vendors like Lenovo are moving in the right direction by developing on-device AI solutions, arguably the most secure form of genAI, said Himani Reddy, PC research manager at Canalys.

“This approach addresses enterprises’ top concern: data privacy,” Reddy argued. “At this stage, the market has limited options, and consumers must choose to either adopt the available solutions or wait for future developments. Unless vendors develop their own personal AI for PCs, like Lenovo’s aggressive push in AI with applications like ‘AI Now’ and HP’s ‘AI Companion,’ Copilot+ PC remains the primary option. Although there are privacy concerns associated with Copilot, it remains a more secure option compared to publicly available generative AI models, which enterprises may be hesitant to adopt.”

Move to agentic AI

While Lenovo’s entry into the AI PC world has started with a localized AI assistant, the company plans to transform this into a platform that will allow enterprises to choose from multiple LLMs and agentic AI offerings from vendors such as OpenAI, Meta, or even DeepSeek.

“When you think of the North Star vision that we have as a company, we have two statements. One is smarter AI for all; we want to deliver this at every price point,” Butler said.

The other thing that Lenovo is trying to achieve is to turn the PC into the digital twin of the user. “If each of these devices is operating as our bespoke, unique voice, our digital twin, and I can go ask AI Now, ‘plan my flight to the US,’ and it just goes off and does that for me, that time saving can be immense,” Butler said.

To create the digital twin, Lenovo plans to take the agentic AI path. With agentic AI, Butler said, AI Now will move from being merely a personal assistant to a digital twin that can extract the maximum value out of the hardware.

Butler said that Lenovo is working with multiple software vendors to integrate more LLMs and AI agents to make the digital twin a reality.

Changes to Intel’s executive management team by its new CEO, after just over a month on the job, is proof of the sense of urgency in the company to act quickly to compete with rivals Nvidia, AMD, and TSMC, an industry analyst said Monday.

Mario Morales, group vice president, enabling technologies and semiconductors at IDC, was responding to a recent Reuters report in which, according to a memo it quoted from by new Intel CEO Lip-Bu Tan, “networking chip chief” Sachin Katti has been promoted to the role of “chief technology officer and artificial intelligence chief.”

In the memo, Tan stated that the company’s data center and AI chip group, and its personal computer chip group, would report to him directly, not as before to Michelle Johnson Holthaus, who will take on new responsibilities.

Reuters reported that Tan wrote, “I want to roll up my sleeves with the engineering and product teams so I can learn what’s needed to strengthen our solutions. As Michelle and I drive this work, we plan to evolve and expand her role, with more details to come in the future.”

Morales said the appointment of Katti, who previously was vice president and general manager of the Network and Edge Group (NEX) at Intel, is a good move, because “it tells us that that Intel needs to really rebalance and focus on AI, because that’s where we’re seeing the most rapid growth for the semiconductor market as a whole. That’s probably the area that has the biggest gap in terms of Intel versus its competition.”

Scott Bickley, advisory fellow at Info-Tech Research Group,added, “Intel is facing a monumental uphill battle. After completely opting out of the mobile and AI chip design innovation waves, they are now faced with a slumping x86 legacy CPU business coupled with their high-risk strategy to move to a sub-2nm design produced in their fabs.”

He pointed out that this “includes new process technologies such as Gate All Around [GAA] processing and backside power delivery that have yet to be proven at scale. It would be somewhat of a miracle to expect Intel to leapfrog both Nvidia and their fab partner, TSMC, in the AI space. Even if these new chips are successful in terms of design and performance, they may be a product in search of a market.”

It is possible, said Bickley, that “Intel could seek to be the fab of choice for the hyperscalers if they can bend the cost-for-performance curve, but that is a longshot and likely to only garner a fraction of this market. Intel’s best hope is a paradigm shift to whatever is post-AI chip architecture … they are not in an enviable position.”

Morales added that giving more power to Intel engineers is important, since the company has “lost its way,” and the move should help the organization start making the changes that it needs to make.

Now, he said, there is a need for Intel to act more quickly, adding that when Tan spoke at the recent Intel Vision conference in Las Vegas, he presented with a “humbleness and integrity that I think resonated with a lot of partners and developers there, but you can see that he needs to make these moves very quickly. He is basically a month into the role and already making management changes, and I think you are going to see more announcements later this week when they announce their earnings.”

Morales said he would be not surprised to see more employee attrition, because when it comes to revenue per employee, “it is not as good as the competition.”

Alvin Nguyen, senior analyst at Forrester, said that while having a dedicated person in charge of AI development is a “good move,” the proof will come in what Katti is able to deliver as the new CTO.

While the fab partnership with TSMC is a “nice cash infusion” for Intel, he said, it is still unclear what Intel will get out of the arrangement, and investors are “not going to be happy until those details come out.”

According to Nguyen, the longer this takes, the less latitude the new CEO will be given. “The problem is that they are nowhere near the top of their game in terms of products or fab technology,” he said. “They are behind Nvidia, they are behind AMD in terms of AI, in terms of data center CPUs and in some cases the workplace CPU markets.”

He said that the move by Tan to streamline the organization “gives him the ability to see more of what is going on, but the question at this point is, is he overwhelming himself, or does it give him the ability to provide better guidance?”

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). "In some systems, initial access was gained through

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). "In some systems, initial access was gained through Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. [...]