Agregátor RSS

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws and five publicly disclosed zero-day vulnerabilities. [...]

Apple podruhé odložil AI pro uživatele v EU. Vinu svaluje na evropské nařízení DMA. • Google, OpenAI i další přitom AI v Evropě běžně provozují. • Komise tvrdí, že DMA snížení ochrany soukromí nevyžaduje.

Microsoft has released Windows 11 KB5094126 and KB5093998 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]

Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence (AI) chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data - like games you play

Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence (AI) chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data - like games you play Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

macOS 27 se zaměřuje hlavně na AI, která uvidí do všech aplikací. • Apple věnuje velkou pozornost rodičovské kontrole. • Po kritice designu Liquid Glass se dočkáme spousty úprav a optimalizací.

Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It

Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem," a Microsoft spokesperson told The Hacker News via email. "We temporarily removed some

Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem," a Microsoft spokesperson told The Hacker News via email. "We temporarily removed some Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code. XBOW explores how the model performed across exploit discovery, reverse engineering, and live-site validation. [...]

Apple says that its next-gen operating system will allow users to update their weak and compromised passwords with a single tap. Upgrades coming to iOS 27, announced at Tim Cook’s last Worldwide Developers Conference (WWDC) this week, introduce a significant change to the way users manage their passwords. “Building on its ability to alert users about weak and compromised passwords, Passwords can now automatically fix these for users with just a tap,” Apple said on Monday. “Using Apple Intelligence and Safari to agentically take action on a user’s behalf, Passwords securely navigates through websites to sign in and upgrade their accounts to strong passwords.” The iGadget-maker’s existing password manager already flags passwords that are known to be included in prior data breaches, checking whether they appear in known data leaks. However, current Passwords still requires users to update affected accounts themselves and does not offer a way to change multiple compromised credentials at once. Selecting one of those alerts typically takes users to the relevant account page, where they must complete the password change manually. The new update is designed to remove much of that legwork, with iOS 27 automatically navigating supported websites and updating eligible accounts to stronger passwords after user approval. Of course, in the very brief section of the video in which the new capability was announced, the feature worked flawlessly. In practice, however, it remains to be seen how effective Passwords is at agentically navigating different websites’ login processes on behalf of users, especially if MFA is also set up on the account. And for those of you who remember a story The Register covered earlier this year about the (in)security of AI-generated passwords, fret not. Apple’s Passwords app generates solid passwords by default – strings that, according to NordPass’ online password checker, are “strong” and would take centuries to crack. Security company Irregular’s research from February looked at scenarios where users were querying LLM chatbots for password ideas, rather than looking at those generated by purpose-built password managers. Siri state of affairs As predicted by many, this year’s WWDC put Siri, now known as Siri AI, front and center as Apple looks to deliver on its promises made two years ago. It announced Apple Intelligence in 2024, but the offering has underdelivered on pretty much every count. Analysts who spoke to The Register after the event on Monday were optimistic about what they saw on the AI front, but described Apple’s ability to deliver value for developers and users on its second roll of the dice as a credibility test. The company announced a wide range of small AI-enabled upgrades coming soon to iOS 27, powered by Apple's Foundation Models, developed in collaboration with Google and its Gemini technology, in addition to the agentic password-fixing tease. Individually, these features, such as enabling users to create shortcuts or Safari extensions by prompting Apple Intelligence using natural language, and Safari’s Notify Me, which allows users to monitor specific web pages for updates, are not revolutionary. They’re also not the type of features that are poised to set the AI industry alight. But for some, winning the AI race is less about being first to market with the biggest, baddest model; it’s about using AI in the most useful way. "Rebuilt from the ground up, Apple is trying to make AI feel native, useful, and invisible across the devices people already use every day," said Francisco Jeronimo, IDC VP of client devices. "This matters because the winning AI experience for consumers will not be the loudest or most technically complex. It will be the one that understands context, respects privacy, works reliably across apps, and reduces friction without forcing users to change behaviour." Apple’s iOS 27 will launch to the wider public in the fall, while devs can get their hands on the beta version now. This won’t come with the new dedicated Siri AI app, though. You’ll have to join a waiting list for that one. ®

WWDC26 felt like a defining platform moment. Apple is no longer simply promising that AI will arrive eventually; it is arguing that Apple Intelligence and Siri AI should become central to the future of its ecosystem. If that works, the company will have turned AI from a perceived weakness into a new reason to stay inside Apple’s world.

Still, the bigger question is execution. Apple did not present AI as a lab experiment; it presented a polished, consumer-ready experience. That raises expectations. 

Apple must deliver this time

Users will not judge Apple Intelligence by model architecture or parameter counts. They will judge it by whether Siri understands them, whether actions work reliably, whether personal context feels useful rather than intrusive, and whether the experience is consistent across devices.

Since Monday’s announcements, we’ve learned that some features will not work on all devices — and there’s speculation Siri AI may not fully escape beta until 2027. “Until Apple puts a stake in the ground and says when the new Siri features will be available, the debate remains: Does Apple actually have the chops in personalized AI? The demo suggests yes. The lack of timing suggests maybe,” wrote analyst Gene Munster.

Optimists argue that Apple has regained momentum by presenting a coherent AI story, one built around privacy, integration and everyday utility rather than spectacle. Skeptics counter that many of the features resemble capabilities already available elsewhere, and say the company still needs to prove it can ship them at scale and make them a meaningful reason for consumers to upgrade.

What the analysts say

That balance is visible in analyst reaction. In a client note seen by Computerworld, Erik Woodring of Morgan Stanley described the keynote as clear progress on Apple’s AI roadmap and said it suggested monetization opportunities could arrive earlier than expected — even if the overall journey will be “a marathon, not a sprint.”

UBS, in contrast, said the privacy-focused AI additions are useful but unlikely to be a material driver of iPhone demand in the near term, while Barclays called the changes interesting but incremental, and not enough to drive an upgrade cycle.

Ben Wood, chief analyst at CCS Insight, argued that Apple had to answer concerns about its AI shortcomings and now has to prove that its privacy-led, integration-first approach translates into a meaningfully better everyday experience. “Consumers will not judge Apple Intelligence by model sizes, partnerships or technical architecture,” Wood told me. “They will judge it by whether Siri understands them, whether actions work, whether personal context feels useful rather than intrusive, and whether the experience is consistent across devices.”

Dipanjan Chatterjee, vice president principal analyst at Forrester, said Apple’s strength lies in shifting the focus from the underlying technology to outcomes such as usefulness, simplicity and trust, while warning that the company still has skeptics to win over after its stop-start AI rollout. “The lesson for brands is clear: market the value, not the ingredients,” said Chatterjee. “After stumbling with the Apple Intelligence roll-out, Apple’s success will hinge on delivering the new Siri experience quickly, and ensuring it works as promised for iPhone users at scale.”

What about Apple developers?

While many are infuriated about Europe’s inability to build compromise, Apple’s developer army otherwise seems positive about what the company has accomplished. 

“On the AI front, it never made sense to me for Apple to develop their own LLM, so focusing on powerful, fast and private for implementation of Apple Intelligence seems to be an effort that is progressing rather nicely.  In all, a pretty good Keynote, I’d say,” Rich Siegel, founder and CEO of Bare Bones Software, said in an interview.

“It’s great to see Apple continue to pursue a vision of AI that leverages local systems, preserves privacy, and integrates with third party tools,” said Ken Case, CEO of the Omni Group. “A lot of our work around the Apple Foundation Models and automation, App Intents, and adopting Swift look to be fruitful investments, but it’s clear there’s more to do starting this summer. It’s also welcome to see them refine Liquid Glass, giving customers more control and listening to feedback they’ve heard over the past year.”

“I expected that this year’s Siri revamp would be the biggest personal assistant update Apple has ever done, and that’s exactly what we got,” said Sergii Kryvoblotskyi, director of AI and research at MacPaw. “Since Apple acquired Siri back in 2010, it has lacked one thing: real intelligence. Behind the great speech recognition service it provided, the tech was not ready to provide real value to users.”

“Most notable for me was Siri AI and the push towards on-device and more capable models that can do more with user context,” Matt Vlasach, Jamf senior vice president, enterprise products and solutions engineering,” said in an interview. “While obvious for consumer use cases, as illustrated in the keynote, the opportunity to evolve this to the work context using a more advanced Apple Intelligence framework is an exciting evolution.”

“OS 27 feels like a deliberate reset, less about new features and more about polish and quality-of-life improvements, which most users will welcome,” said John Richards, general manager, IT products, at Iru. “The new capabilities are focused entirely on Apple Intelligence and Siri AI, and what’s encouraging is how much Apple leaned into privacy with the Gemini partnership. That combination of capability and privacy-first design is the right instinct.”

“The single biggest request I made at Apple’s Foundation Models workshop in Madrid was opening Private Cloud Compute to third-party developers,” said Serhii Popov, senior software Eengineer at CleanMyMac. “It’s here and free for apps under 2 million users. That’s a real breakthrough and a huge opportunity for a lot of great apps.”

How will integrated AI change things?

Joel Rennich, senior vice president for product management at JumpCloud, looked ay how on-device AI will transform other paradigms. For starters, it shifts identity from simple authentication to governing what actions an AI agent is allowed to take.v“Enterprises will need identity frameworks that govern both human and non-human actors consistently,” he said.

“iOS 27 and Apple Intelligence point toward an operating system that does not just launch apps, it executes intent,” Rennich said. “Instead of users navigating between tools, the OS increasingly mediates outcomes directly through AI. This changes how work is initiated and completed on devices.

“With Apple Intelligence integrated across core experiences like Siri, Safari, and system services, AI is no longer an overlay but infrastructure. The separation between where data lives and where it is used becomes increasingly invisible to the user. Intent becomes the primary input, not app selection.”

I also spoke with Hexnode CEO Apu Pavithran, who pointed to some of the concerns enterprise users might have following WWDC: “The keynote didn’t speak much to admins,” he said. “The features that matter most at the management layer, such as how Apple exposes Siri AI through MDM APIs, whether IT gets granular per-app controls for Apple Intelligence, how shared device deployments handle the new assistant — these will be answered in the developer documentation. This week, that’s where IT teams should be looking.”

“Admins should dig in immediately and see what’s changed. Watch the developer docs, audit how Apple Intelligence interacts with existing device policies, and remember that the keynote is only a part of the story for enterprises,” he said.

Making AI great again

“Rebuilt from the ground up, Apple is trying to make AI feel native, useful and invisible across the devices people already use every day,” Francisco Jeronimo, vice president for client devices at IDC, said in an interview. “This matters, because the winning AI experience for consumers will not be the loudest or most technically complex. It will be the one that understands context, respects privacy, works reliably across apps, and reduces friction without forcing users to change behavior.”

“[Apple] is also clearly seeking to differentiate through its privacy promises,” said CCS Insight’s Wood. “This looks like a step in the right direction, but there is no room for complacency, and Apple still has a long AI journey ahead.”

Pavithran reflected on something more. “Overall, it’s hard not to think of this year as a deliberately measured keynote, one that’s intentionally playing it safe and seeking to rewrite the AI narrative,” he said. “I won’t be surprised if this ends up setting the stage for a much bigger installment next year with incoming CEO John Ternus hitting the ground running with some ‘wow’ features like new hardware or agentic AI at scale.”

That we can now seriously consider that possibility shows the extent to which Apple has regained momentum in AI on its platforms.

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon and The Core.

Levných alternativ k drahým komerčním aplikacím není nikdy dost, zvláště když nabízejí kompatibilitu a neobtěžují reklamami. PhotoQuill slibuje, že je přesně takovou aplikací, která dokáže aspoň částečně nahradit Adobe Photoshop. Jde skutečně o použitelnou alternativu?

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. [...]

For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift.

Researchers have analyzed a high-severity vulnerability in Linux that’s able to escalate untrusted users to root by exploiting a bug you don't often see: a single errant character inside the kernel.

The vulnerability, tracked as CVE-2026-23111, is located in nf_tables, a subsystem of the Linux kernel that provides packet filtering capabilities. It’s used to manage firewall rules and replaces older subsystems such as iptables, ip6tables, arptables, and ebtables.

!!!WTF!!!

The presence of a single mis-issued exclamation point in code implementing nf_tables introduced a use-after-free, a class of vulnerability that corrupts memory by placing malicious code at memory addresses that haven’t been properly freed of their previous contents. CVE-2026-23111 can be exploited by an unprivileged user or process to elevate system rights to root.

Read full article

Comments

Researchers recently identified another wave of malicious packages on PyPI linked to the broader Mini Shai-Hulud campaign, a worm-like supply chain attack that spread through trusted software packages. On the surface, the packages looked no different from thousands of others published to the repository each week.

A Windows launch isn’t the end a process — it’s really just the beginning. Microsoft continually works on improving Windows 11 by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent mainstream version of Windows 11 — currently version 25H2 — over the past year. (We also cover updates for Windows 11 26H1, a targeted release of Windows for devices with specific chips.) For each build, we’ve included the date of its release and a link to Microsoft’s announcement about it. The most recent updates appear first.

The easiest way to install updates is via Windows Update. Not sure how? See “How to handle Windows 10 and 11 updates” for full instructions. Note that Windows 11 version 25H2 is being released as a phased rollout and may not be available to you in Windows Update yet.

If you’re still using Windows 10, see “Windows 10: A guide to the updates.” And if you’re looking for information about Insider Program previews for upcoming feature releases of Windows 11, see “Windows 11 Insider Previews: What’s in the latest build?”

Updates for Windows 11 24H2, 25H2, and 26H1 Windows 11 KB5094126 (OS Builds 26200.8655 and 26100.8655)

Release date: June 9, 2026

In this build, for devices running Windows 24H2 and 25H2, Windows quality updates now include additional high-confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

(For more about Secure Boot certificate upgrades, see the Computerworld story “FAQ: What you need to know about expiring Windows Secure Boot certificates.”)

The build also fixes one bug that could have resulted in Stop errors HYPERVISOR_ERROR (0x20001) and KMODE_EXCEPTION_NOT_HANDLED (0x1E) after installing KB5089573 on some devices during system restarts, virtual machine operations, or while running some gaming applications.

The build has one known issue, in which devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5094126.)

Windows 11 26H1 KB5095051 (OS Build 28000.2269)

Release date: June 9, 2026

This update, for devices on Windows 11 version 26H1, improves the reliability of BitLocker Drive Encryption testing by ensuring that all required files are available for the USB BIOS logo test.

It also has a wide variety of security updates. For details, see June 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5095051.)

KB5089573 (OS Builds 26200.8524 and 26100.8524) Preview

Release date: May 26, 2026

With this update, Windows quality updates include additional high-confidence device targeting data, making more devices eligible to receive new Secure Boot certificates. The old certificates expire at the end of June: see Computerworld’s FAQ for details. The build also adds Group Policy and MDM settings that IT admins can enable to limit the Secure Boot service data sent to Microsoft. (See Microsoft documentation.)

This update also includes a wide variety of new features being rolled out gradually, including Shared Audio, which enables two Bluetooth audio devices to connect to a single Windows 11 PC at the same time; Multi-App Camera, which allows multiple applications to access the camera stream simultaneously; improved visibility into NPU usage in Task Manager; and several performance and behavior improvements for Windows Hello.

There is one known issue in the update, in which after you install update KB5089549, some devices might fail to complete installation with error code 0x800f0922. This issue occurs on devices that have limited free space on the EFI System Partition (ESP), especially if it has 10MB or less available.

(Get more info about KB5089573 Preview, including workarounds for the issue described above.)

KB5089549 (OS Builds 26200.8457 and 26100.8457)

Release date: May 12, 2026

This build enables dynamic status reporting for Secure Boot states in the Windows Security app. It also fixes a bug in which the Remote Desktop Connection security warning dialog sometimes rendered incorrectly in multi-monitor configurations with different display scaling settings.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2026 Security Updates.

The build has one known issue: devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5089549.)

KB5083631 (OS Builds 26200.8328 and 26100.8328) Preview

Release date: April 30, 2026

This update includes a large number of new features being rolled out gradually, including File Explorer’s ability to handle new archive formats including uu, cpio, xar, and NuGet Packages (nupkg). Windows also gets a new way to monitor agents from the taskbar. It supports agents across first- and third-party apps, with Researcher in the Microsoft 365 Copilot app as the first adopter. 

Also being rolled out gradually is a security improvement that changes how the Windows kernel trusts third‑party drivers. Default trust for cross‑signed drivers is removed, while drivers from the Windows Hardware Compatibility Program (WHCP) and an allow list of trusted legacy drivers remain allowed. 

The update also includes several changes available immediately, including one that increases coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout. For more information, see Windows Secure Boot certificate expiration and CA updates.

A bug in the Remote Desktop Connection security warning dialog is being fixed immediately. Previously, the dialog could have rendered incorrectly in a multi-monitor scenario when the monitors had different scaling settings.

(Get more info about KB5083631 Preview.)

KB5083769 (OS Builds 26200.8246 and 26100.8246)

Release date: April 14, 2026

This update fixes several bugs, including one that caused device reset to fail when using the “Keep my files” or “Remove everything” options. It also improves protection against phishing attacks that use Remote Desktop (.rdp) files. For more information, see Understanding security warnings when opening Remote Desktop (RDP) files.

It also enables dynamic status reporting for Secure Boot states in Settings > Update & Security > Windows Security, with a green, yellow, or red badge indicating your current Secure Boot status. See Secure Boot certificate update status in the Windows Security app for more information.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

Update, April 15: Microsoft has confirmed an issue with this release: “Devices with an unrecommended BitLocker Group Policy configuration might be required to enter their BitLocker recovery key.” See Microsoft’s KB5083769 information page for details and workarounds.

(Get more info about KB5083769.)

KB5086672 (OS Builds 26200.8117 and 26100.8117) Out-of-band

Release date: March 31, 2026

This update fixes a bug in which some devices running Windows 11 version 25H2 or 24H2 encountered the following error while installing the Windows preview update KB5079391 (listed below): “Some update files are missing or have problems. We’ll try to download the update again later. Error code: (0x80073712).”

(Get more info about Windows 11 KB5086672 Out-of-band.)

KB5079391 (OS Builds 26200.8116 and 26100.8116) Preview

Release date: March 26, 2026

This update includes a variety of new features being rolled out gradually, including one that allows you to turn Smart App Control (SAC) on or off without needing a clean install. To make changes, go to Settings > Windows Security > App & Browser Control > Smart App Control settings. When turned on, SAC helps block untrusted or potentially harmful apps. To learn more, see App & Browser Control in the Windows Security App.

The build also includes several improvements and bug fixes, including one that improves Application ID tagging in Application Control for Business policies. With this update, the system identifies which apps should receive tags more accurately and behaves more reliably, Microsoft says.

(Get more info about Windows 11 KB5079391 Preview.)

KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band

Release date: March 21, 2026

This update fixes a bug some users experienced when signing in to apps with a Microsoft account. Even when the device had a working internet connection, a “no Internet” error appeared during sign-in and prevented access to Microsoft services and apps such as Microsoft Teams Free and OneDrive.

(Get more info about KB5085516 Out-of-band.)

KB5079473 (OS Builds 26200.8037 and 26100.8037)

Release date: March 10, 2026

This build improves how Windows Defender Application Control (WDAC) handles COM objects allowlisting policies. COM objects were blocked when the endpoint security policy was set higher than the allowlisting policy. With this update, COM objects are allowed as expected.​ The build also introduces additional high confidence device targeting data to Windows quality updates, increasing coverage of devices eligible to automatically receive new Secure Boot certificates.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5079473.)

KB5077241 (OS Builds 26200.7922 and 26100.7922) Preview

Release date: February 24, 2026

This update includes a variety of new features being rolled out gradually, including one in which Quick Machine Recovery (QMR) turns on automatically for Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management. For domain‑joined or enterprise managed devices, QMR stays off unless it is enabled by the organization.

It also includes several features available immediately, including one in which Windows quality updates include additional high-confidence device-targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Devices receive the new certificates only after demonstrating sufficient successful update signals, maintaining a controlled and phased rollout.

(Get more info about KB5077241 Preview.)

KB5077181 (OS Builds 26200.7840 and 26100.7840)

Release date: February 10, 2025

This Patch Tuesday build fixes several bugs, including one that prevented some devices from connecting to certain WPA3‑Personal Wi‑Fi networks. It also includes a broad set of targeting data that identifies devices and their ability to receive new Secure Boot certificates. Devices will receive the new certificates only after they show sufficient successful update signals, which helps ensure a safe and phased rollout.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2026 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5077181.)

KB5074105 (OS Builds 26200.7705 and 26100.7705) Preview

Release date: January 29, 2025

In this build, several new features are immediately available, including one for Data Protection Application Programming Interface (DPAPI) domain backup key management. Administrators can now set how often keys rotate automatically. This strengthens cryptographic security and reduces reliance on older encryption algorithms.

One new feature is being gradually rolled out: The Settings Agent now supports more languages, with expanded support for German, Portuguese, Spanish, Korean, Japanese, Hindi, Italian, and Chinese (Simplified).

A variety of bugs have been fixed, including one that caused some systems to stop responding during startup when Windows Boot Manager debugging was enabled.

Get more info about KB5074105 Preview.)

KB5078127 (OS Builds 26200.7628 and 26100.7628) Out-of-band

Release date: January 24, 2026

This update fixes a bug in which some applications were unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage, such as OneDrive or Dropbox. In certain Outlook configurations that store PST files on OneDrive, Outlook sometimes hung and failed to reopen unless the process was terminated or the system was restarted. Users may have also experienced missing sent items or previously downloaded emails.

(Get more info about KB5078127 Out-of-band.)

KB5077744 (OS Builds 26200.7627 and 26100.7627) Out-of-band

Release date: January 17, 2026

This update fixes a bug in which some users experienced sign-in failures during Remote Desktop connections. This issue affected authentication steps for different Remote Desktop applications on Windows such as the Windows App.

There is one known issue in this build, in which the password icon might be missing or invisible in the lock screen sign-in options.

Get more info about KB5077744 Out-of-band.)

KB5074109 (OS Builds 26200.7623 and 26100.7623)

Release date: January 13, 2026

This build fixes several bugs, including one in which you might experience RemoteApp ​​​​​​​connection failures in Azure Virtual Desktop (AVD) environments. This might occur after installing KB5070311. It also updates the Windows core component, WinSqlite3.dll. Previously, some security software might have detected this component as vulnerable. 

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2026 Security Updates.

It has one known issue, in which you might notice that the password icon is not visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue. This issue primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5074109.)

KB5072033 (OS Builds 26200.7462 and 26100.7462)

Release date: December 9, 2025

This build fixes several bugs, including one in which File Explorer briefly flashed white when you navigated between pages.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2025 Security Updates.

It has one known issue, in which the password icon might not be visible in the sign-in options on the lock screen. If you hover over the space where the icon should appear, you’ll see that the password button is still available. Select this placeholder to open the password text box and enter your password. After entering your password, you can sign in normally. People using Windows Home or Pro editions on personal devices are very unlikely to experience this issue — it primarily affects enterprise or managed IT environments.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5072033.)

KB5070311 (OS Builds 26200.7309 and 26100.7309) Preview

Release date: December 1, 2025

A variety of new features are being gradually rolled out in this build, including several for Copilot+ PCs. The Click to Do context menu in Copilot+ PCs now has a streamlined design that makes it easier to access frequently used actions such as Copy, Save, Share, and Open. In Copilot+ PCs you can now also use Windows Studio Effects, which provide AI-powered camera enhancements, on an additional camera such as a USB webcam or your laptop’s built-in rear camera.

New features being rolled out gradually to all Windows 11 PCs include a simplified File Explorer context menu for easier navigation. Common actions like Share, Copy, and Move now appear in a single organized menu.

A variety of bugs have been fixed for all PCs, including one in which the Local Security Authority Subsystem Service (LSASS) could become unstable due to an access violation.

There are two known issues in this build, one in which when opening File Explorer in dark mode, the window might briefly display a blank white screen before loading files and folders. In addition, the password icon is missing or invisible in the lockscreen sign-in options on some PCs. (Here’s a workaround for the latter bug.)

Get more info about KB5070311 Preview.)

KB5068861 (OS Builds 26200.7171 and 26100.7171)

Release date: November 11, 2025

This Patch Tuesday build fixes several bugs, including one in which closing Task Manager with the Close button didn’t fully end the process, leaving background instances that could slow performance over time.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5068861.)

KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

Release date: October 28, 2025

A variety of new features are being gradually rolled out in this build, including several for Click to Do on Copilot+ PCs — notably a streamlined interaction between Click to Do and Copilot. You can now type a custom prompt directly into the text box, which sends your prompt and selected on-screen content to Copilot. Suggested prompts appear below the text box and are available for text selections in English, Spanish, and French. 

New features are being gradually rolled out for all Windows 11 PCs as well, including a redesigned Start menu, which includes scrollable “All” section and category and grid views. The menu now adapts to your screen size.

A variety of bugs have been fixed, including one in which text sometimes didn’t render correctly when editing content within a multiline text box in certain apps.

Get more info about KB5067036 Preview.)

KB5070773 (OS Builds 26200.6901 and 26100.6901) Out-of-band

Release date: October 20, 2025

This build fixes one bug, in which USB devices, such as keyboards and mice, did not function in the Windows Recovery Environment (WinRE). This issue prevented navigation of any of the recovery options within WinRE.

This build has one known issue: some digital TV and Blu-ray/DVD apps might not play protected content as expected after installing the August 29, 2025, Windows non-security preview update (KB5064081) or later updates. Apps that use Enhanced Video Renderer with HDCP enforcement or Digital Rights Management (DRM) for digital audio might show copyright protection errors, frequent playback interruptions, unexpected stops, or black screens. Streaming services are not affected. 

(Get more info about KB5070773 Out-of-band.)

KB5066791 (OS Builds 19044.6456 and 19045.6456)

Release date: October 14, 2025

This build fixes several bugs, including one that caused the print preview screen to stop responding in Chromium-based browsers.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5066791.)

KB5065789 (OS Builds 26200.6725 and 26100.6725) Preview

Release date: September 29, 2025

This build gradually rolls out a wide variety of new features, including one in which you can use AI actions in File Explorer to edit images or summarize documents. To do it, right-click (or press Shift + F10 on the keyboard) on the file and select AI actions. 

Several bugs have also been fixed, including one in which you might not have been able to connect to shared files and folders if you were using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT).

(Get more info about KB5065789 Preview.)

Windows 11 25H2

At the end of September, Microsoft upgraded Windows 11 from version 24H2 to 25H2, in a slow rollout that could take months to complete. Typically in the past, Microsoft would introduce new features in a once-a-year update like this. That’s not the case with 25H2, though.

Microsoft has been introducing new features in smaller updates all year round, so 25H2 doesn’t include any major new features. Rather, it includes all the new features that have accumulated in all those smaller updates.

As the company explains, “While this update doesn’t introduce major new features, it activates enhancements that have been gradually rolled out over the past year ensuring your device is up to date with the latest refinements.”

Here are some of the most important features in 25H2 that have been introduced for end users and IT pros since 24H2 was released last fall:

New features for users:

• File Explorer has several useful new features, notably AI actions, which can edit images or summarize documents. AI options such as Blur background, Erase objects, and Remove background are all now displayed in the context menu.
• Task Manager gets a number of minor tweaks, including performance improvements when changing the sort order of processes.
• You can now display the apps that have recently used on-device generative AI models provided by Windows. You can also choose which apps are permitted to use the generative AI technologies. To do that and more, go to Settings > Privacy & security > Text and Image Generation.

New features for IT:

• IT admins can use policy-based tools to easily remove preinstalled Microsoft Store apps from Enterprise and Education editions of Windows 11, version 25H2 and later. This can streamline device provisioning and prevent removed apps such as Microsoft Clipchamp, Media Player, and Microsoft Teams from being reinstalled. For more information, see Policy-based removal of preinstalled Microsoft Store apps and RemoveDefaultMicrosoftStorePackages in the ApplicationManagement Policy CSP.
• Enterprise access points now support Wi-Fi 7, which enables increased speeds, greater throughput, improved reliability, and enhanced security. For details, see https://aka.ms/WiFi7forEnterprise.
• Windows Backup for Organizations is now generally available.
• A new feature called Quick Machine Recovery can recover Windows devices when they encounter critical errors that prevent them from booting. Quick machine recovery searches for remediations in the cloud and recovers from widespread boot failures, reducing the burden on IT admins on cases when multiple devices are affected. For more information, see Computerworld’s Quick Machine Recovery explainer.

Updates for Windows 11 24H2 KB5068221 (OS Build 26100.6588) Out-of-band

Release date: September 22, 2025

This update fixes a bug that affected Microsoft Office applications running in Microsoft Application Virtualization (App-V) environments. The failure occurred due to a double handle closure in the AppVEntSubsystems32 or AppVEntSubsystems64 system component.

There is one issue in this build: you might fail to connect to shared files and folders using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP (NetBT). This issue can occur if either the SMB client or the SMB server has the September 2025 security update installed.

(Get more info about KB5068221 (OS Build 26100.6588) Out-of-band).

KB5065426 (OS Build 26100.6584)

Release date: September 9, 2025

This build fixes several bugs, including one that caused non-admin users to receive unexpected User Account Control (UAC) prompts when MSI installers performed certain custom actions, such as configuration or repair operations in the foreground or background during the initial installation of an application.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5065426.)

KB5064081 (OS Build 26100.5074) Preview

Release date: August 29, 2025

A wide variety of new features are being gradually rolled out in this build, including a new personalized homepage in Windows Recall that displays your recent activity and top-used apps and websites (available only in Copilot+ PCs). Among the changes rolling out to all users is a new grid view for Search from the Windows taskbar that helps you more quickly and accurately identify the desired image within your search.

Several bugs have also been fixed, including one in which some system recovery features did not work properly due to a temporary file sharing conflict. This affected certain device management tools and disrupted key functions on some devices.

(Get more info about KB5064081 Preview.)

KB5063878 (OS Build 26100.4946)

Release date: August 12, 2025

This build fixes a bug that caused delays during sign-in on new devices. The delay was due to certain preinstalled packages. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5063878.)

KB5062660 (OS Build 26100.4770) Preview

Release date: July 22, 2025

A wide variety of new features are being gradually rolled out in this build, including a new agent in Copilot+ PCs that is designed to help you find and change settings on your PC. You can describe what you need help with, such as “how to control my PC by voice” or “my mouse pointer is too small,” and the agent will suggest steps to resolve the issue. The agent uses AI on your PC to understand your request and, with your permission, can automate and complete tasks for you. It is rolling out to Snapdragon-powered Copilot+ PCs now, with support for AMD and Intel PCs coming soon. 

Several bugs have also been fixed, including one in which If you have an app pinned to your desktop and it updates, the app icon might not display correctly and instead show a white page.

(Get more info about KB5062660 Preview.)

KB5064489 (OS Build 26100.4656) Out-of-band

Release date: July 13, 2025

This update fixes a bug that prevented some virtual machines (VMs) from starting when Virtualization-Based Security (VBS) was enabled. It affected VMs using version 8.0 (a non-default version) where VBS was offered by the host. In Azure, this applies to standard (non–Trusted Launch) General Enterprise (GE) VMs running on older VM SKUs. The problem was caused by a secure kernel initialization issue.

(Get more info about KB5064489 Out-of-band.)

KB5062553 (OS Build 26100.4652)

Release date: July 8, 2025

The build fixes several bugs, including one in which notification sounds didn’t play. Affected sounds included those for on-screen alerts, volume adjustments, and sign-in. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5062553.)

KB5060829 (OS Build 26100.4484) Preview

Release date: June 26, 2025

A wide variety of new features are being gradually rolled out in this build, including a new Settings home page that includes enterprise-specific device info cards for commercial customers on PCs managed by an IT administrator. The taskbar also now resizes icons to fit more apps when space runs low.

Users in the European Economic Area will see several small changes related to default browsers, such as mapping additional file and link types to the default browser and pinning it to the taskbar and Start menu.

A variety of bugs have also been fixed, including one that prevented the automatic renewal of expiring certificates in Windows Hello for Business.

There is one known issue in this build, in which blurry or unclear CJK (Chinese, Japanese, Korean) text appears when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. 

(Get more info about KB5060829 Preview.)

KB5063060 (OS Build 26100.4351) Out-of-band

Release date: June 11, 2025

This out-of-band update replaces the KB5060842 Patch Tuesday release, fixing a bug in which Windows sometimes restarted unexpectedly when users opened games that use the Easy Anti-Cheat service. Easy Anti-Cheat automatically installs with certain games to enhance security and prevent cheating in multiplayer online PC games. 

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

(Get more info about KB5063060 Out-of-band.)

KB5060842 (OS Build 26100.4349)

Release date: June 10, 2025

After installing this update, Windows will retain system restore points for 60 days only. Restore points older than 60 days are not available. This 60-day limit will also apply to future versions of Windows 11, version 24H2.

The build fixes a bug that prevented users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​ It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2025 Security Updates.

Note: In this build there are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue is due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5060842.)

KB5058499 (OS Build 26100.4202) Preview

Release date: May 27, 2025

A wide variety of new features are being gradually rolled out in this build, including one in which Click to Do gets the new Ask Copilot action. When you highlight text or an image, Click to Do offers the Ask Copilot option. Selecting it opens Microsoft Copilot with your content in the prompt box. You can send the selected text or image directly to the Copilot app to complete your prompt.

A variety of bugs have also been fixed, including one in which devices with BitLocker on removable drives could encounter a blue screen error after resuming from sleep or hybrid-booting.

(Get more info about KB5058499 Preview.)

KB5061977 (OS Build 26100.4066) 

Release date: May 27, 2025

This out-of-band update fixes a bug in the direct send path for a guest physical address (GPA). This issue caused confidential virtual machines running on Hyper-V with Windows Server 2022 to intermittently stop responding or restart unexpectedly. As a result, service availability was affected, and manual intervention was required. This problem primarily impacted Azure confidential VMs.

(Get more info about KB5061977.)

KB5058411 (OS Build 26100.4061)

Release date: May 13, 2025

This update fixes two bugs, one in which your microphone might have muted unexpectedly, and the other in which the eye controller app didn’t launch. It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2025 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5058411.)

KB5055627 (OS Build 26100.3915) Preview

Release date: April 25, 2025

This build gradually rolls out several new features for Copilot+ PCs, including a preview of Windows Recall. When you opt in, Recall takes snapshots of your activity so you can quickly find and go back to what you have seen before on your PC. With it, you can use a timeline to find the content you remember seeing.

Copilot+ PCs also get a new natural-language Windows search in which you can search for anything on your PC without having to remember specific file names, exact words in file content, or settings names. Just describe what you’re looking for. On Copilot+ PCs, you can also more easily find photos stored and saved in the cloud by typing your own words (like “summer picnics”) in the search box at the upper-right corner of File Explorer. 

All PCs get a number of new features, including speech recap, in which you can keep track of what Narrator has spoken and access it for quick reference. With speech recap, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said using keyboard shortcuts.

A variety of bugs are being fixed, including one in which some devices experienced intermittent internet connections when resuming from sleep mode. Several AI components have also been updated.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox from the Microsoft Store on Windows.

(Get more info about KB5055627 Preview.)

KB5055523 (OS Build 26100.3775)

Release date: April 8, 2025

This update includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2025 Security Updates. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which players on Arm devices are unable to download and play Roblox via the Microsoft Store on Windows. 

(Get more info about KB5055523.)

Základní předplatné Google AI Plus nově stojí 150 Kč místo 220 Kč. • Má také větší cloudový disk, Google zvýšil kapacitu z 200 na 400 GB. • Vedle toho uvedl vyšší tarif s 2TB úložištěm.