Month: August 2024

Salesforce might start charging for each AI chat

August 30, 2024 /

Salesforce, which offers cloud-based customer relationship management (CRM) software, is eyeing a new pricing model that would require customers to pay per AI chat every time Salesforce’s AI-based services are used for a conversation, According to The Register.

Speaking to investors, Salesforce CEO Marc Benioff has said that his goal is for the company to introduce 1 billion AI agents into the user environment through the Agentforce AI platform by the end of fiscal year 2026. And thinks the price per call will be around $2.

The pricing model is designed to reflect the value Salesforce believes its AI services offer and to give customers greater flexibility.

Apple might take a stake in OpenAI as it gets intelligent on AI

August 30, 2024 /

Apple isn’t paying OpenAI to carry support for the generativeAI (genAI) firm’s Chat GPT within Apple Intelligence, but it might instead invest in the Microsoft-backed company.

The Wall Street Journal reports that Apple is in talks to take part in a new funding round for OpenAI. If it follows suit, it will join Microsoft, Nvidia, and Thrive Capital in making an investment in the company, which would have a value of more than $100 billion.

A growing sense of union?

Such an investment would strengthen Apple’s existing partnership with OpenAI, announced at WWDC with the news that Apple Intelligence will integrate with ChatGPT, which will provide services Apple does not. 

The relationship meant Apple Fellow Phil Schiller briefly (almost) joined Microsoft on the OpenAI board, though in the end both Cupertino and Redmond stepped down from those seats.

Microsoft has allegedly invested $13 billion to acquire a 49% stake in OpenAI since 2019 and uses ChatGPT within its Copilot software. ChatGPT itself now has more than 200 million weekly users, a number that’s expected to swell once Apple ships iOS 18 this fall.

Apple is smart about intelligence

Word of Apple’s potential investment comes as the company prepares to introduce its next iPhone and new operating systems on Sept. 9. 

iOS 18 is expected to deliver Apple Intelligence (beta) support to US English users a few weeks after the iPhone launch, with Apple introducing additional AI features over time. With Apple Intelligence, Apple’s partnership means users can access ChatGPT from its devices, with the added security of no user requests or IP addresses being stored. 

(It is interesting that OpenAI chose to release its ChatGPT desktop app first on Macs shortly after the iOS integration was announced.)

That compromise between utility and privacy will protect average users, while for business users Apple will introduce MDM support that lets access to such features be disabled on managed devices; that’s something many in IT felt necessary in some data protection scenarios. 

Talking heads…

Reaction to Apple’s potential investment is interesting. Bank of America pointed out that, “a large direct investment by Apple into OpenAI could raise concerns on a potential AI partnership as a long-term alternative to Google search.”

The bigger picture is even more interesting. Apple Intelligence will be made available across all Apple’s big computing platforms: iPhones, including iPhone 15 and iPhone 16, and also M-series iPads and Macs. This wide array of supporting devices means the feature will be available to tens of millions of systems from day one, which also means ChatGPT will be natively supported on them.

This has led to a series of highly positive predictions from analysts. Wedbush Securities analyst Daniel Ives predicts a historic AI-driven iPhone upgrade cycle, arguing that 25% of the world (based on his estimates) will be engaged in AI requests using Apple devices.

Morgan Stanley analyst Erik Woodring also sees Apple Intelligence unleashing pent-up demand and estimated the potential upgrade market is around 40% larger than it was prior to the last hugely successful iPhone release, when 5G was added to the system. This also follows some relative weakness in recent iPhone sales as consumers await the new AI phone. 

Will it still be US-only?

Of course, one wildcard to these events is availability.

At present, Apple Intelligence is limited to the US, or to users outside the US willing to set their devices to US English. That means iPhone shoppers outside the US will not gain access to this integrated AI, which will limit the upgrade frenzy. Apple may already have a plan for this, perhaps extending the service to other English-speaking nations. 

However, the regulatory environment around these tools remains in flux, with new regulations emerging from nations worldwide; that state of uncertainty has already prompted Cupertino to announce \ it won’t ship these features into the EU until clarity over regulations is in place.

One more thing

The biggest takeaway remains this: Within a matter of weeks, Apple will be unique in offering a fully integrated AI experience across a range of platforms, from smartphones to computers and tablets. Serendipitously, these tools will be available at the same time Windows upgrades intensify, which allows Apple to work to switch PC users to its fully integrated, multi-device, multi-platform ecosystem.

It’s quite possible, if Apple gets this right, that its platforms could end up providing the privacy and security users and business need to fully exploit the potential of AI across every viable computing platform. With such a prize in sight, don’t be too surprised to see activity — and M&A — intensify in the coming months.

More from Jonny Evans

Please follow me on LinkedInMastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

Meta’s Llama models get 350 million downloads

August 30, 2024 /

Meta’s open weights Llama family of large language models (LLMs) has seen a ten-fold rise in downloads year-on-year, showcasing the popularity of the models since it was first launched 18 months ago, the company announced in a blog post.

“Llama models are approaching 350 million downloads to date (more than 10x the downloads compared to this time last year), and they were downloaded more than 20 million times in the last month alone, making Llama the leading open source model family,” Ahmad Al-Dahle, vice president of generative AI at Meta, wrote in a blog post.

The downloads number was taken from Hugging Face — a company that provides or lists various LLMs for enterprises to use across multiple use cases.

Llama models are referred to as open or open weights as there is no true definition of what an open source LLM should mean, and Meta doesn’t allow free commercial use of its models.

Also, Meta is providing the number of downloads as a figure for showcasing the popularity of its models because they don’t have any other metric, such as monthly or weekly active users, to keep track.

The rationale here is that open source or open models can’t keep of track of users as they are providing the datasets and model weights for enterprises and users to download in contrast to rival closed or proprietary model providers such as OpenAI.

OpenAI, also, reportedly has dropped its latest user figures. According to a report filed by The Information, the OpenAI has 200 million weekly active users of ChatGPT.

The surge in the number of model downloads can be attributed to a variety of factors, including the newer releases of the model and the company’s efforts to increase partners or distributors of the model.

Since launch, Meta has released at least three new versions of Llama with Llama 2 releasing in July last year, followed by the launch of Llama 3 in April this year, and finally the release of Llama 3.1 this July.

The recent 20 million downloads could be seen as an effect of the company’s Llama 3.1 update that included a 405 billion parameter model as well as 70 billion parameter and 8 billion parameter variants — all of which performed better on various benchmarking tests, such as MATH and HumanEval.

“Hosted Llama usage by token volume across our major cloud service provider partners more than doubled May through July 2024 when we released Llama 3.1,” Al-Dahle wrote, adding that the company’s largest variant of LLM, the 405 billion parameter variant, was also gaining traction.

Separately, Meta has been actively trying to increase the number of partners that either host or distribute the Llama family of models. These partners include the likes of AWS, Azure, Google Cloud Platform, Databricks, Dell, Google Cloud, Groq, NVIDIA, IBM watsonx, Scale AI, and Snowflake among others.

“We’ve grown the number of partners in our Llama early access program by 5x with Llama 3.1 and will do more to meet the surging demand from partners,” Al-Dahle wrote, adding that new partners, such as Wipro, Cerebras, and Lambda would be added soon. Additionally, Meta’s vice president said that companies such as Accenture, DoorDash, Goldman Sachs, Shopify, and Zoom were actively using Llama models for their generative AI use cases.

How to protect your privacy in Windows 10

August 30, 2024 /

There has been some concern that Windows 10 gathers too much private information from users. Whether you think Microsoft’s operating system crosses the privacy line or just want to make sure you safeguard as much of your personal life as possible, we’re here to help. Here’s how to protect your privacy in just a few minutes.

Note: This story has been updated for Windows 10 version 22H2. If you have an earlier release of Windows 10, some things may be different. If you have Windows 11, see “How to protect your privacy in Windows 11.”

In this article:

  • Turn off add tracking
  • Turn off location tracking
  • Turn off Timeline
  • Curb Copilot
  • Ditch a Microsoft account for a local account
  • Change your app permissions
  • Control and delete diagnostic data
  • Use Microsoft’s Privacy Dashboard
  • Get granular in the Settings app
  • Tips for the truly paranoid

Turn off ad tracking

At the top of many people’s privacy concerns is what data is being gathered about them as they browse the web. That information creates a profile of a person’s interests that is used by a variety of companies to target ads.

Windows 10 does this with the use of an advertising ID. The ID doesn’t just gather information about you when you browse the web, but also when you use Windows 10 apps. Your advertising ID isn’t synced to other computers, and it operates independently of your Microsoft account, if you’re using one.

You can turn that advertising ID off if you want. Launch the Windows 10 Settings app (by clicking on the Start button at the lower left corner of your screen and then clicking the Settings icon, which looks like a gear) and go to Privacy. Click General on the left. On the General pane in the main window, you’ll see a list of choices under the title “Change privacy options.” The first controls the advertising ID.

windows 10 settings privacy general screen with advertising id slider off

You can turn off Windows 10’s advertising ID if you want.

IDG

Move the slider from On to Off. You’ll still get ads delivered to you, but they’ll be generic ones rather than targeted ones, and your interests won’t be tracked.

To make absolutely sure you’re not tracked online when you use Windows 10, and to turn off any other ways Microsoft will use information about you to target ads, head to the Ad Settings section of Microsoft’s Privacy Dashboard. Sign into your Microsoft account at the top right of the page.

Then go to the “See ads that interest you” section at the top of the page and move the slider from On to Off.

Turn off location tracking

Wherever you go, Windows 10 knows you’re there. Some people don’t mind this, because it helps the operating system give you relevant information, such as your local weather, what restaurants are nearby and so on. But if you don’t want Windows 10 to track your location, you can tell it to stop.

Launch the Settings app and go to Privacy > Location. Underneath “Allow access to location on this device,” click Change and, on the screen that appears, move the slider from On to Off. Doing that turns off all location tracking for every user on the PC.

win10 privacy location 21h1

Clicking the Change button lets you turn location tracking on or off for every user on the Windows 10 device.

IDG

This doesn’t have to be all-or-nothing affair — you can turn off location tracking on an app-by-app basis. If you want your location to be used only for some apps and not others, make sure location tracking is turned on, then scroll down to the “Choose which apps can use your precise location” section. You’ll see a list of every Windows 10 app that can use your location. Move the slider to On for the apps you want to allow to use your location — for example, Weather or Maps — and to Off for the apps you don’t.

That doesn’t cover desktop apps, though. So after you turn on location tracking, go to “Allow desktop apps to access your location” and turn the slider to On. When you do that, a list of desktop apps that use location tracking appears. Move the slider to On for each of the apps you want to use your location and Off for each app you don’t.

When you turn off location tracking, Windows 10 will still keep a record of your past location history. To clear your location history, go to the Privacy Dashboard, sign in, scroll down to the Location setting, and click it. You’ll see a list of your most recent location data; to see all of it, click Show all activities. You can click Clear all activities to delete all the data, or delete any individual entry by clicking the trash can icon at its far right.

There’s a lot more you can do to protect your privacy when you’re there. For details, see “Use Microsoft’s Privacy Dashboard” below.

Turn off Timeline

Timeline is a Windows 10 feature that lets you review and then resume activities and open files you’ve started on your Windows 10 PC, as well as any other Windows PCs and devices you have.(Although Timeline has been removed from Windows 11, it still lives in Windows 10.) So, for example, you can switch between a desktop and a laptop, and from each machine resume activities you’ve started on either PC.

In order to do that, Windows needs to gather information about all your activities on each of your machines. If that worries you, it’s easy to turn Timeline off. To do it, go to Settings > Privacy > Activity history and uncheck the box next to Store my activity history on this device.

win10 privacy activity history 22h2

Here’s how to turn off Timeline so that Microsoft doesn’t gather information about your activities on your PC.

IDG

At that point, Windows 10 no longer gathers information about your activities. However, it still keeps information about your old activities and shows them in your Timeline on all your PCs. To get rid of that old information, go down to the “Clear activity history” section of the screen and click Clear.

Note that you’ll have to take these steps on all of your PCs to turn off the tracking of your activities.

Curb Copilot

Microsoft’s generative AI chatbot Copilot is the most powerful new feature Windows 10 has seen in recent years. Some people believe it can also be a privacy invader. That’s because your chat requests and responses are sent to the cloud, where they are processed — and they’re kept there as well.

If this worries you, there are things you can do about it. Start with the most basic. If you’re extremely worried about your privacy and don’t think Copilot offers anything for you, simply don’t use it. Keep in mind, though, that you’ll be losing out on its benefits, including the ability to get detailed information fast.

There is a middle ground between doing nothing to protect your privacy in Copilot and not using Copilot at all. First, don’t share your personal data when interacting with Copilot — things like specific financial information, your place of work, and so on.

Next, delete your Copilot chat activity on a regular basis. You can delete individual chats or all of them en masse. To delete individual chats, go to https://copilot.microsoft.com/ and log into your Microsoft account. On the right-hand side of the page, you’ll see your most recent chats. Move your mouse over any you want to delete, then click the trash icon next to it. To see more chats, click See all recent chats.

If you instead want to delete all your Copilot chats, go to the Microsoft Privacy Dashboard, log in, click Browsing and search, and scroll down to the bottom of the page, to the “Copilot activity history” section. Click Clear all Copilot activity history and search history. You’ll have to do this on a regular basis if you want to keep your activity as private as possible.

deleting copilot activity history in microsoft privacy dashboard

Here’s how to delete all your Copilot activity at once.

class="close-button" data-wp-on--click="actions.core.image.hideLightbox">
deleting copilot activity history in microsoft privacy dashboard

Here’s how to delete all your Copilot activity at once.

IDG

deleting copilot activity history in microsoft privacy dashboard

Here’s how to delete all your Copilot activity at once.

IDG

aria-hidden="true">

IDG

Ditch a Microsoft account for a local account

When you use your Microsoft account to log into Windows 10, you’re able to sync your settings with all Windows devices. So, for example, when you make changes to your settings on a desktop PC, those changes will also be made on your laptop the next time you log in.

But maybe you don’t want Microsoft to store that information about you. And maybe you want to cut your ties as much as possible to anything Microsoft stores about you. If that’s the case, your best bet is to stop using your Microsoft account and instead use a local account.

To do it, go to Settings > Accounts > Family & other users. Then click Add someone else to this PC. From the screen that appears, select I don’t have this person’s sign-in information. On the next page, select Add a user without a Microsoft account and follow the instructions to create and use a local account.

Keep in mind that when you do this, you won’t be able to use Microsoft’s OneDrive storage or download and install for-pay apps from the Microsoft Store. You can, however, download and install free apps from the Microsoft Store.

Change your app permissions

Windows apps have the potential to invade your privacy — they can have access to your camera, microphone, location, pictures and videos.

But you can decide, in a very granular way, what kind of access each app can have.

To do this, go to Settings > Apps. Below “Apps & features” you’ll see a list of your installed apps. Click the app whose permissions you want to control, then click Advanced options and set the app’s permissions by toggling them either on or off.

win10 privacy app permissions 21h1

Setting permissions for Microsoft’s 3D Viewer app.

IDG

Note, though, that not all apps have an “Advanced options” link. And of those that do, not all let you customize your app permissions.

However, there’s another way to change app permissions. To do it, go to Settings > Privacy and look under the “App permissions” section on the left-hand side of the page. You’ll see a list of all of Windows’ hardware, capabilities and features that apps can access if they’re given permission — location, camera, microphone, notifications, account info, contacts and so on.

Click any of the listed items — for example, Microphone. At the top of the page that appears, you can turn off access to the microphone for all apps. Below that you’ll see a listing of all the apps with access to the microphone, where you can control access on an app-by-app basis. Any app with access has a slider that is set to On. To stop any app from having access, move the slider to Off.

Control and delete diagnostic data

As you use Windows 10, data is gathered about your hardware and what you do when you use Windows. Microsoft says that it collects this data as a way to continually improve Windows and to offer you customized advice on how to best use Windows.

That makes plenty of people uncomfortable. If you’re one of them, you can to a certain extent control what kind of diagnostic data is gathered about you. To do it, head to Settings > Privacy > Diagnostics & Feedback. In the “Diagnostic data” section, you can choose between two levels of diagnostic data to be gathered. Note that there’s no way to stop Microsoft from gathering diagnostic data entirely. Here are your two choices:

  • Required diagnostic data: This sends information to Microsoft “about your device, its settings and capabilities, and whether it is performing properly.” If you’re worried about your privacy, this is the setting to choose.
  • Optional diagnostic data: This sends the whole nine yards to Microsoft: It will “send info about the websites you browse and how you use apps and features, plus additional info about device health, device usage, and enhanced error reporting.” It also sends along required diagnostic data. If you’re worried about your privacy, don’t make this choice.
win10 privacy diagnostic data 21h1

Go here to control what diagnostic data Windows 10 gathers.

IDG

Next, scroll down to the “Tailored experiences” section and move the slider to Off. This won’t affect the data Microsoft gathers, but it will turn off targeted ads and tips that are based on that information. So while it won’t enhance your privacy, you’ll at least cut down on the annoyance factor.

Now scroll a bit further down and in the “Delete diagnostic data” section, click Delete. That will delete all the diagnostic data Microsoft has gathered about you. However, after you delete it, Microsoft will start gathering the data again.

Finally on this screen, consider scrolling up to the “Improve inking and typing” section and moving the slider to Off. That will stop Windows 10 from sending to Microsoft the words you input using the keyboard and inking.

One final note about diagnostic data. You may have heard about a tool Microsoft has been hyping, called the Diagnostic Data Viewer, which you can download from the Microsoft Store. Microsoft claims it lets you see exactly what kind of diagnostic data Microsoft gathers about you. Don’t believe it. It’s something only a programmer could love — or understand. You won’t be able to use it to clearly see the diagnostic data Microsoft collects. Instead, you’ll scroll or search through incomprehensible headings such as “TelClientSynthetic.PdcNetworkActivation_4” and “Microsoft.Windows.App.Browser.IEFrameProcessAttached” with no explanation of what it means. Click any heading, and you’ll find even more incomprehensible data.

Use Microsoft’s Privacy Dashboard

Microsoft has built an excellent, little-known web tool called the Privacy Dashboard that lets you track and delete a lot of information Microsoft gathers about you. As covered earlier in this story, here you can turn off ad targeting and delete your location and Copilot history. You can also view and delete your browsing history, search history, voice activity, media activity, and more.

(Note that for your browsing and search history, it only tracks your activity when you use Microsoft Edge or Internet Explorer. It doesn’t track data when you use other browsers, like Chrome or Firefox. And it only tracks your location history when you’re using Microsoft devices, not those that use iOS or Android.)

microsoft privacy dashboard main screen

Microsoft’s little-known Privacy Dashboard is a great place to delete much of the information Microsoft gathers about you.

IDG

To use it, head to the information you want to view and clear, then click the appropriate link — for example, to view and delete your browser history in Microsoft Edge. Note that in some instances, you won’t have full control over deleting and managing data.

In the dashboard you can also customize privacy settings for other Microsoft products, including Xbox and Microsoft 365.

Get granular in the Settings app

All this shouldn’t take that long and will do a great deal to protect your privacy. If you want to dig even deeper into privacy protections, launch the Settings app and click Privacy. You’ll see the same General pane that we covered in the first tip in this story. (If for some reason you’re in a different section of Privacy, click General on the left-hand side of the screen.)

Below the switch to turn off your advertising ID are three more privacy settings you can disable:

  • Language list: The list of languages you have enabled on your machine is your own business.
  • App launches: This is used to build the “Most used” list on the Start menu and influences search result order — likely not a must-have for the privacy minded.
  • Suggested content: This is used, in Microsoft’s words, to “suggest new content and apps you might find interesting.” Trust me, it’s unlikely you’ll find them interesting.

Turn all three of these off to further protect your privacy.

And there’s a lot more beyond the General pane. On the left-hand side of the screen, you’ll see additional areas where you can get even more granular about privacy — for example, in the “Inking & typing personalization” section you can change your global privacy options for inking and your typing history.

Tips for the truly paranoid

If you want to take privacy even further, there are a few more things you can do.

Stop using OneDrive

If you don’t like the idea of syncing your data to Microsoft’s OneDrive cloud storage service, you can stop using it. (There’s no way to uninstall it.) Right-click the OneDrive icon on the notification tray at the bottom right of the Windows desktop and select Settings from the menu that pops open. In the OneDrive Settings window, go to the Account tab, then click the Unlink this PC button. Next, click the Sync and backup tab and uncheck Start OneDrive when I sign in to Windows.

unlinking onedrive account to stop syncing

Unlinking OneDrive so it no longer syncs.

IDG

Don’t sync Windows settings across devices

In addition, you can say no to syncing your Windows settings among different devices. When you sync your settings, the way you’ve customized and set up Windows 10 will be synced to Microsoft’s servers. If you want to turn it off, go to Settings > Windows Backup and move the slider from On to Off in “Remember my preferences” and “Remember my apps.”

Turn off app diagnostics

Changing this setting isn’t a particularly big privacy-enhancer, but if you’re a real privacy fiend, every bit helps. It doesn’t affect desktop apps like Word or Excel, and instead targets built-in Windows apps and the apps you download from the Microsoft Store. Turning off app diagnostics stops any of those apps from getting details about other apps — things such as their internal names, package names, the user name of the person running the app, and techie details such as memory usage. Developers use this information all the time, but your garden-variety apps shouldn’t need any of it.

To turn it off, select Settings > Privacy > App diagnostics, and in the “Allow access to app diagnostic info on this device” section, click Change. When a slider appears, move it to Off.

windows 10 app diagnostics screen

Turn off app diagnostics to prevent built-in Windows apps and Microsoft Store apps from getting details about other apps.

IDG

Don’t share Windows updates

Finally, you can change the way Windows updates. In Settings > Update & Security > Delivery Optimization, turn off the switch next to Allow downloads from other PCs. When turned on, this function lets your Windows 10 system share its update files with other Windows 10 computers on the internet through peer-to-peer distribution.

These steps can take you a long way towards making sure that Windows 10 doesn’t cross the line into gathering data you’d prefer remain private.

This article was originally published in January 2016 and most recently updated in August 2024.

OpenAI, Anthropic agree to get their models tested for safety before making them public

August 30, 2024 /

Large language model (LLM) providers OpenAI and Anthropic have signed individual agreements with the US AI Safety Institute under the Department of Commerce’s National Institute of Standards and Technology (NIST) in order to collaborate on AI safety research that includes testing and evaluation.

As part of the agreements, both Anthropic and OpenAI will share their new models with the institute before they are released to the public for safety checks.

“With these agreements in place, we look forward to beginning our technical collaborations with Anthropic and OpenAI to advance the science of AI safety,” Elizabeth Kelly, director of the US AI Safety Institute, said in a statement.

The agreements also include the entities engaging in collaborative research on how to evaluate capabilities and safety risks, as well as methods to mitigate those risks. 

The agreements come almost a year after US President Joe Biden passed an executive order to set up a comprehensive series of standards, safety and privacy protections, and oversight measures for the development and use of artificial intelligence.

Earlier in July, the NIST released a new open source software package named Dioptra that allows developers to determine what type of attacks would make an AI model perform less effectively.

Along with Dioptra, the NIST had also released several documents promoting AI safety and standards in line with the executive order.

These documents included the initial draft of its guidelines for developing foundation models, dubbed Managing Misuse Risk for Dual-Use Foundation Models, and two guidance documents that will serve as companion resources to the NIST’s AI Risk Management Framework (AI RMF) and Secure Software Development Framework (SSDF), targeted at helping developers manage the risks of generative AI.

Agreements support collaboration with the UK’s AI Safety Institute

The agreements with the LLM providers also include a clause, which will allow the US Safety Institute to provide feedback to both companies on potential safety improvements to their models in collaboration with their partners at the UK AI Safety Institute.

Earlier in April, the US and the UK signed an agreement to test the safety LLMs that underpin AI systems.

The agreement or memorandum of understanding (MoU) —  was signed in Washington by US Commerce Secretary Gina Raimondo and UK Technology Secretary Michelle Donelan and the collaboration between the AI Safety Institutes is a direct result of this agreement.

Other US measures around AI safety

The agreements signed by OpenAI and Anthropic come just as the California AI safety bill goes into its final stages of turning into a law. The bill could establish the nation’s most stringent regulations on AI and may pave the way for similar regulations across the country.

The legislation, known as the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (SB 1047), proposes rigorous testing and accountability measures for AI developers, particularly those creating large and complex models.

The bill, if enacted into law, would require AI companies to test their systems for safety before releasing them to the public.

Earlier this month, OpenAI opposed the bill for at least five days before pledging support for it last week.

The NIST has also taken other measures, including the formation of an AI safety advisory group in February this year that encompassed AI creators, users, and academics, to put some guardrails on AI use and development.

The advisory group named the US AI Safety Institute Consortium (AISIC) has been tasked with coming up with guidelines for red-teaming AI systems, evaluating AI capacity, managing risk, ensuring safety and security, and watermarking AI-generated content. Several major technology firms, including OpenAI, Meta, Google, Microsoft, Amazon, Intel, and Nvidia, joined the consortium to ensure the safe development of AI.

How to bring Google’s remarkable Pixel 9 reminder system to any Android device

August 30, 2024 /

If there’s one envy-worthy feature in Google’s new Pixel 9 devices, it isn’t any of the AI-oozing mumbo-jumbo Google desperately wants you to desire.

Nope — it’s a touch so small and simple, Google hasn’t so much as even mentioned it in any of its Pixel 9 promotions. Hardly anyone else has talked about it, either. Heck, you might not even notice it when using the phones.

But goodness gracious, is it ever worth your while to chew over. The feature of which we speak is a new device-wide reminders system that makes it impossibly easy to capture a reminder around anything you’re doing, anywhere on your phone, and then have it come back to demand your attention at exactly the right time.

It’s hands-down my favorite new Pixel feature and something that might just inspire me to make the leap to a shiny new Pixel 9 model, despite the fact that my current personal Pixel 8 Pro phone is perfectly fine and otherwise quite similar.

I’ve found this feature so forkin’ helpful during my time with a Pixel 9 review unit, in fact, that I decided I had to find a way to recreate it in a way that everyone could appreciate and benefit from — no matter what type of Android device you might be using at the moment.

And man, lemme tell ya: It wasn’t easy. Like most creative workarounds along these lines (hello, Pixel 9 Call Notes!), the solution for emulating a feature like this in an external environment is inevitably a little less seamless and native-feeling than the original — and also considerably more complicated to cook up.

But oh, does it ever get the job done and bring that same sort of universal reminder goodness onto whatever Android phone you’re caressing these days. And if you value organization and brain-aiding reminders as much as I do, you’ll absolutely appreciate the addition.

[Psst: Want even more advanced Android knowledge? Check out my free Android Shortcut Supercourse to learn tons of time-saving tricks for your phone!]

Google’s Pixel 9 reminder brilliance

Before we get into the specifics, let me give you a quick reminder about what the Pixel 9 system we’re emulating actually accomplishes and how it works.

The Pixel 9 reminders system is tied directly into the Android screenshot function: Anytime you see anything you want to be reminded of later — a message you need to reply to at some specific future point, an email you want to revisit at the end of the day, or anything else you encounter anywhere on your phone and don’t want to forget — you simply snag a screenshot (by pressing the phone’s power and volume-down buttons at the same time or using any other Android screenshot shortcut).

As part of its standard screenshot confirmation pop-up, the Pixel 9 presents you with a new bell-shaped icon. Tapping that icon reveals a special new panel that lets you set a reminder around that screenshot for any specific future day and time you want.

Google Pixel 9 screenshot reminders
Google’s Pixel 9 screenshot reminder icon, at left, and subsequent pop-up, at right.

JR Raphael, IDG

When that time arrives, the Pixel 9 serves up a notification that shows you the screenshot along with some added context about what the image contains.

Google Pixel 9 screenshot reminder: Notification
The notification you see when a reminder arrives via the new screenshot-centric Pixel 9 system.

JR Raphael, IDG

Handy, no? So now, let’s look at how we can create something similar in concept on any non-Pixel-9 Android device you might be using.

You’ve got two possible paths to pick — the easy, minimal-setup route that works reasonably well and the slightly-complex-to-configure pure awesomeness option that automates everything and makes the ongoing reminder creation process almost as powerful as what’s present on the Pixel 9.

Choose your own adventure…

Pixel 9 screenshot reminder recreation: The easy path

First up is the easy-to-implement, minimal-hassle-requiring path that’ll be the right approach for most Android phone-owners.

For a super-simple, almost-effortless way to emulate the Pixel 9’s universal reminder system on any Android device, you need just one ingredient: the free and readily available Microsoft To Do app for Android.

We want to use this app, specifically, because of the way it integrates with Android’s system-level sharing system and makes it especially easy to pass over info from a freshly captured screenshot and then create a reminder around it. Most other similar apps, including Google’s own generally excellent Keep Android note-taking service, don’t handle this particular feat quite as well. Microsoft To Do is the tool for the job.

So, to start:

  • Download Microsoft To Do from the Play Store, if you don’t already have it.
  • Open up the app once and follow its prompts to sign in.
  • Approve any pertinent permissions, including the ability for the app to show you notifications and create reminders/alarms.

Got it? Good. Now, when you’re ready to capture a reminder of anything you see anywhere on your device:

  • Create a screenshot — again, by pressing your phone’s power and volume-down buttons at the same time or by using any other Android screenshot shortcut.
  • When you see the screenshot confirmation pop up, tap the share icon within it.
  • You should see “To Do,” with a blue checkmark icon, within the panel of sharing options that appears next. Press and hold your finger onto that icon and then tap the line that says “Pin Add to new task.”
  • That’ll cause the shortcut to show up at the very top of your system-level sharing list from that moment forward, for especially easy ongoing access.
Google Pixel 9 screenshot reminder system: Microsoft To-Do
Long-pressing the To-Do icon allows you to pin it — which then causes it to always show up at the top of the standard Android sharing menu.

JR Raphael, IDG

From there on out, whenever you want to capture a reminder about anything in the style of the Pixel 9 reminders system, you can simply take a screenshot — then tap the share button followed by the “To Do” icon.

That’ll summon a special little pop-up that looks a little somethin’ like this:

Google Pixel 9 screenshot reminder: Microsoft To-Do pop-up
The Microsoft To-Do pop-up for creating a new screenshot-centric reminder.

JR Raphael, IDG

All that’s left is to tap the “Remind me” option within the horizontally scrolling line at the bottom of that pop-up and select whatever date and time you want the reminder to fire. You’ll need to type something into the “Add a task” text field, too. You could use a word or two to act as a title for the reminder or even just type in a single period or random character to fill the space.

Whatever you choose, your contextual reminder will then be set — and you’ll receive a notification with the info and the screenshot attached when the date and time you selected arrives.

Google Pixel 9 screenshot reminder notification
A reminder created from a screenshot — just like what Google’s Pixel 9 reminders system offers.

JR Raphael, IDG

Like I said, it’s not quite as streamlined of a process as what the Pixel 9 gives you, and it takes a teensy bit of ongoing effort. But it gets the job done and gives you a super-simple framework for accomplishing the same sort of anywhere-on-Android, context-containing, screenshot-centric reminders.

If you want to make it even easier on yourself and don’t mind a more complex initial setup, keep reading.

Pixel 9 screenshot reminder recreation: The advanced option

The most satisfying way to give yourself a truly Pixel-9-like screenshot reminders setup is with a touch of crafty Android automation.

Now, fair warning: This path is really appropriate only for more advanced Android device-owners who don’t mind a little ambitious tinkering. Most people would be better off with the “lite” version of this setup that we just went over. But while the initial setup here isn’t exactly simple, you’ll only have to do it once, if you’re up for it — from that point onward, your screenshot reminders will be almost as easy and effortless as what the Pixel 9 provides.

For this path, you’ll need two core ingredients:

  1. The same Microsoft To Do Android app we went over in the previous section. If you don’t already have it, download it, open it once, and follow the prompts to sign in and grant it all the pertinent permissions.
  2. A brilliant Android automation app called MacroDroid. It’s free with an optional $5 upgrade to eliminate ads throughout its setup interface and to enable some extra features (which aren’t required for anything we’ll tackle today).

To set this up — and again, remember, you’ll only have to do this once:

  • Open up MacroDroid and make your way through the app’s welcome screens and basic permission prompts.
  • On the main MacroDroid screen, tap the big “Add Macro” button in the upper-left corner.
  • Within the “Triggers” box, tap the plus icon, then select “User Input” followed by “Volume Button Pressed.”
  • Select “Use Accessibility Service” and tap “OK.”
  • Select “Volume Up + Volume Down (Long Press)” and tap “OK.”
  • Select “Retain Previous Volume” and tap “OK.”

At this point, MacroDroid will likely send you a notification informing you that it requires an additional permission in order to handle this part of the process. Swipe down twice from the top of your screen to find the notification, then tap it and follow the prompts to enable Android accessibility access for “MacroDroid Volume Button Monitor.” You’ll want to be sure to activate the top toggle for that option and not the “shortcut” option lower down on the same screen.

You’ll probably see a scary-sounding warning confirming that you want to grant the app this access. It sounds like a lot, but this is genuinely what’s required for MacroDroid — or any app — to be able to monitor your volume button presses and react to them in real-time. MacroDroid is a known and trusted app that’s been around forever, and its developer is adamant about the fact that no user data is ever shared or sold in any way.

Cool? Cool. Now, next:

  • Head back to MacroDroid and the setup screen we were just working on. It should now look a little somethin’ like this:
Google Pixel 9 screenshot reminder system: MacroDroid Trigger
The MacroDroid reminder setup in its first-step state.

JR Raphael, IDG

  • This time, tap the plus icon within the “Actions” box, then tap “Screen” followed by “Read Screenshot Contents.” You’ll be prompted to enable Android accessibility access once more, this time for “MacroDroid UI Interaction.” Follow the same process as before to do this.
  • Once you’ve granted the necessary permission, you’ll probably have to tap that “Read Screenshot Contents” box once more to select it. Do that, then select “[New Variable]” and tap “OK.”
  • When prompted, type in md-screenshot for the variable name and tap “OK.”
Google Pixel 9 screenshot reminder system: MacroDroid Variable
It may look like a bunch of gobbledegook, but this setup will lead us somewhere spectacular.

JR Raphael, IDG

  • On the next three prompts that pop up, leave the default options selected and simply tap “OK.”
  • You should then see the main MacroDroid creation screen again with your newly added line present within the “Actions” area.
Google Pixel 9 screenshot reminder system: MacroDroid Action
The Pixel-9-esque MacroDroid screenshot reminder setup — almost finished.

JR Raphael, IDG

  • One last time — almost done! — tap the plus icon within the “Actions” box, and this time, select “Device Actions” followed by “Share Text.”
  • In the pop-up that appears next, tap the first “…” button —  alongside the “Enter text” field — then tap “OK” once, select “Local Variable” and tap “OK,” and select “md-screenshot” and tap “OK.”
  • Tap “OK” once more on the next prompt that shows up.
  • And last but not least, tap the second “…” button, under “Application Name,” then select “Add new task” and tap “OK.”

That should leave you with a box that looks like this:

Google Pixel 9 screenshot reminder system: MacroDroid Share Text
The engine that makes our Pixel 9 reminder recreation work.

JR Raphael, IDG

Finally, tap “OK” — then tap the field where you see “Enter macro name,” type in Screenshot reminder, and tap the left-facing arrow in the corner of the screen and select “Save.”

Google Pixel 9 screenshot reminder system: MacroDroid Actions
The final MacroDroid configuration for Pixel-9-style reminder paradise.

JR Raphael, IDG

Aaaand, take a deep breath: Our initial setup for this is now officially finished — and that means you’re ready to test out your fancy new Pixel-9-inspired Android screenshot reminder system!

This is where the true beauty of this approach becomes apparent. Anytime you want to snag a new screenshot reminder, all you’ve gotta do is press and hold your volume-up and volume-down keys together for a second or so — no matter what’s on your screen or what else you’re doing on your device.

And, hey — wouldya look at that?!

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=288%2C300&quality=50&strip=all 288w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=669%2C697&quality=50&strip=all 669w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=161%2C168&quality=50&strip=all 161w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=81%2C84&quality=50&strip=all 81w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=461%2C480&quality=50&strip=all 461w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=346%2C360&quality=50&strip=all 346w, https://b2b-contenthub.com/wp-content/uploads/2024/08/google-pixel-9-screenshot-reminder-automation.webp?resize=240%2C250&quality=50&strip=all 240w" width="700" height="729" sizes="(max-width: 700px) 100vw, 700px">
Instant and automatic reminders, à la the Pixel 9’s screenshot reminder system — achieved!

JR Raphael, IDG

That special key combo — volume-up and volume-down together — is now your custom shortcut for snagging a screenshot and setting a reminder from it, from anywhere on your phone. Pressing those buttons together will automatically capture the screenshot, pull out the pertinent text from the screenshot, and share it into a new reminder within Microsoft To-Do.

(The text interpretation can be slightly hit and miss sometimes, depending on the context, but it’ll usually get enough of the gist to make it work. And you can always add in extra info on your own, too, if you want to expand or adjust it.)

All that’s left is tap that “Remind me” option to set the reminder date and time for whenever you want, then tap the up-facing arrow to save it.

And when whatever time you selected arrives — boom: Your reminder appears.

Google Pixel 9 screenshot reminder notification
The final reminder, delivered at exactly the right time.

JR Raphael, IDG

A pretty powerful new productivity perk, wouldn’t ya say?

It may not be quite as simple, seamless, or elegant as what the Pixel 9 pulls off in this area — but if you aren’t getting a Pixel 9 series phone, it’s your next best option for a similar sort of universal contextual reminder system.

And it’ll absolutely get the job done and let you create easy and effective reminders around anything, anytime — with nothing but a fast press and tap from anywhere within Android.

Get even more advanced shortcut knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks for your phone!

Windows 10: A guide to the updates

August 30, 2024 /

The launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s feature updates (such as Windows 10 version 22H2) is released, the company quickly gets to work on improving it by fixing bugs, releasing security patches, and occasionally adding new features.

In this story we summarize what you need to know about each update released to the public for the most recent versions of Windows 10 — versions 22H2 and 21H2. (Microsoft releases updates for those two versions together.) For each build, we’ve included the date of its initial release and a link to Microsoft’s announcement about it. The most recent updates appear first.

For details about how to install and manage Windows updates, see “How to handle Windows 10 and 11 updates.” If you’re looking for information about Insider Program previews for upcoming feature releases of Windows 10, see “Windows 10 Insider Previews: A guide to the builds.”

Updates to Windows 10 versions 21H2 and 22H2

KB5043064 (OS Builds 19044.4894 and 19045.4894)

Release date: September 10, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5043064.)

KB5041582 (OS Build 19045.4842) Preview

Release date: August 29, 2024

This build fixes several bugs, including one in which when a combo box had input focus, a memory leak could occur when you closed that window.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5041582 Preview.)

KB5041580 (OS Builds 19044.4780 and 19045.4780)

Release date: August 13, 2024

This release has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5041580.)

KB5040525 (OS Build 19045.4717) Preview

Release date: July 23, 2024

This build fixes a variety of bugs, including one in which the Transmission Control Protocol (TCP) send code caused systems to stop responding during routine tasks, such as file transfers. This issue led to an extended send loop.

There is one known issue in this update, in which you might be unable to change your user account profile picture.

(Get more info about KB5040525 Preview.)

KB5040427 (OS Builds 19044.4651 and 19045.4651)

Release date: July 9, 2024

This update has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which you might be unable to change your user account profile picture.

(Get more info about KB5040427.)

KB5039299 (OS Build 19045.4598) Preview

Release date: June 25, 2024

This build fixes a variety of bugs, including one in which apps’ jump lists on the taskbar sometimes failed, and another in which systems didn’t resume from hibernation after BitLocker was turned off.

There are four known issues in this update, including one in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or have other icon alignment issues when attempting to use Copilot in Windows.

(Get more info about KB5039299 Preview.)

KB5039211 (OS Builds 19044.4529 and 19045.4529)

Release date: June 11, 2024

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which Copilot in Windows is not currently supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5039211.)

KB5037849 (OS Build 19045.4474) Preview

Release date: May 29, 2024

This build fixes a variety of bugs, including one in which devices could not authenticate a second Microsoft Entra ID account, and another in which TWAIN drivers stopped responding when used in a virtual environment.

There are four known issues in this update, including one in which Windows devices using more than one monitor might experience desktop icons moving unexpectedly between monitors or have other icon alignment issues when attempting to use Copilot in Windows.

(Get more info about KB5037849 Preview.)

KB5037768 (OS Builds 19044.4412 and 19045.4412)

Release date: May 14, 2024

This update fixes a bug that caused VPN connections to fail. In addition, it has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are four known issues in this build, including one in which Copilot in Windows is not currently supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5037768.)

KB5036979 (OS Build 19045.4355) Preview

Release date: April 23, 2024

With this build, you will start getting account-related notifications for Microsoft accounts in Settings > Home. The account also backs up all your account-related data and helps you to manage your subscriptions. The update also makes the Widgets on the lock screen more reliable.

A number of bugs have also been fixed, including one in which Windows Local Administrator Password Solution’s Post Authentication Actions (PAAs) did not occur at the end of the grace period. Instead, they occurred at restart.

(Get more info about KB5036979 Preview.)

KB5036892 (OS Builds 19044.4291 and 19045.4291)

Release date: April 9, 2024

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which Copilot in Windows is not currently supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5036892.)

KB5035941 (OS Build 19045.4239) Preview

Release date: March 26, 2024

In this build, Windows Hello for Business admins can now use mobile device management to turn off the prompt that appears when users sign in to an Entra-joined machine. To do it, turn on the “DisablePostLogonProvisioning” policy setting. After a user signs in, provisioning is off for Windows 10 and Windows 11 devices.

The update also update improves the Remote Desktop Session Host. You can now set up its “clipboard redirection” policy to work in a single direction from the local computer to the remote computer. You can also reverse that order.

A number of bugs have also been fixed, including one in which a network resource could not be accessed from a Remote Desktop session when the Remote Credential Guard feature was turned on, and another that affected the time service, in which the Windows Settings app did not match what IT admins configured using MDM or a Group Policy Object.

(Get more info about KB5035941 Preview.)

KB5035845 (OS Builds 19044.4170 and 19045.4170)

Release date: March 12, 2024

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which Copilot in Windows is not currently supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5035845.)

KB5034843 (OS Build 19045.4123) Preview

Release date: February 29, 2024

In this update, using Windows share, you can now directly share URLs to apps like WhatsApp, Gmail, Facebook, and LinkedIn. Sharing to X (formerly Twitter) is coming soon.

The update also fixes a variety of bugs, including one in which Azure Virtual Desktop virtual machines restarted randomly because of an access violation in lsass.exe, and another in Remote Desktop Web Authentication in which you might not have been able to connect to sovereign cloud endpoints.

There are two known issues in this build, including one in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows. In the second issue, Copilot in Windows is not supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5034843 Preview.)

KB5034763 (OS Builds 19044.4046 and 19045.4046)

Release date: February 13, 2023

This build fixes several bugs, including one in which explorer.exe stopped responding when you restarted or shut down a PC that had a controller accessory attached to it.

It also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this build, including one in which Copilot in Windows (in preview) is not currently supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5034763.)

KB5034203 (OS Build 19045.3996) Preview

Release date: January 23, 2024

The update fixes a variety of bugs, including one that affected BitLocker data-only encryption. A mobile device management (MDM) service, such as Microsoft Intune, might not get the right data when you use the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node.

It also fixed a bug that affected Group Policy Folder Redirection in a multi-forest deployment. The issue stopped you from choosing a group account from the target domain. And it addresses an issue that caused some single-function printers to be installed as scanners.

There are two known issues in this build, including one in which Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows. In the second issue, Copilot in Windows is not supported when your taskbar is located vertically on the right or left of your screen.

(Get more info about KB5034203 Preview.)

KB5034122 (OS Builds 19044.3930 and 19045.3930)

Release date: January 9, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2024 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, affecting ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5034122.)

KB5032189 (OS Builds 19044.3693 and 19045.3693)

Release date: December 12, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and December 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build, which affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5033372.)

Windows 10 22H2 KB5032278 (OS Build 19045.3758) Preview

Release date: November 30, 2023

The update adds the Copilot in Windows (in preview) button to the right side of the taskbar. This only applies to devices that run Home or Pro editions (non-managed business devices). When you select it, the AI-powered Copilot in Windows appears at the right on your screen. It will not overlap with desktop content or block open app windows. The update also adds Windows Update opt-in notifications to the screen when you sign in.

The update also fixes a variety of bugs, including one that affected non-admin processes. It also fixes a leak in volatile notifications, which might have stopped you from signing into your computer.

There is one known issue in this build that applies to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about Windows 10 22H2 KB5032278 Preview.)

KB5032189 (OS Builds 19044.3693 and 19045.3693)

Release date: November 14, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and November 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build that affects ID admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in MDM apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment. To mitigate the issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or “Enforce drive encryption on fixed drives” policies to not configured.

(Get more info about KB5032189.)

KB5031445 (OS Build 19045.3636) Preview

Release date: October 26, 2023

The update fixes a variety of bugs, including one in which touchscreens did not work properly when you used more than one display, and another in which there was a memory leak in ctfmon.exe.

There is one known issue in this build, which applies to IT admins, in which using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the “Require Device Encryption” setting for some devices in your environment.

(Get more info about KB5031445 Preview.)

KB5031356 (OS Builds 19044.3570 and 19045.3570)

Release date: October 10, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5031356.)

KB5030300 (OS Build 19045.3516) Preview

Release date: September 26, 2023

This update brings back a search box design for accessing apps, files, settings, and more from Windows and the web. If you have a top, bottom, regular, or small icons taskbar, the search box appears.

The build also fixes a variety of bugs, including one in which Microsoft Defender stopped some USB printers from printing, and another in which in Windows Defender Application Control (WDAC) AppID Tagging policies could have greatly increased device startup time.

(Get more info about KB5030300 Preview.)

KB5030211 (OS Builds 19044.3448 and 19045.3448)

Release date: September 12, 2023

This build fixes a bug that affected authentication in which using a smart card to join or rejoin a computer to an Active Directory domain could have failed.

The build also has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and September 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5030211.)

KB5029331 (OS Build 19045.3393) Preview

Release date: August 22, 2023

This update improves how Windows detects your location to help give you better weather, news, and traffic information. It also expands the rollout of notification badging for Microsoft accounts on the Start menu, which gives you quick access to important account-related notifications. In addition, it adds Windows Backup to your device.

The update also fixes a wide variety of bugs, including one in which print jobs sent to a virtual print queue failed without an error, and another in which Remote Desktop (RD) sessions disconnected when multiple apps were in use.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5029331 Preview.)

KB5029244 (OS Builds 19044.3324 and 19045.3324)

Release date: August 8, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and August 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5029244.)

KB5028244 (OS Build 19045.3271) Preview

Release date: July 25, 2023

This update fixes a wide variety of bugs, including one in which Timeout Detection and Recovery (TDR) errors might have occurred when you played a game, another in which some display and audio devices were missing when your system resumed from sleep, and another in which some VPN clients could not establish connections.

There is one issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5028244 Preview.)

KB5028166 (OS Builds 19044.3208 and 19045.3208)

Release date: July 11, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and July 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5028166.)

KB5027293 (OS Build 19045.3155) Preview

Release date: June 27, 2023

This update adds new features and improvements to Microsoft Defender for Endpoint. For more information, see Microsoft Defender for Endpoint. It also lets you authenticate across Microsoft clouds. This feature also satisfies Conditional Access checks if they are needed.

A variety of bugs have been fixed, including one in which scheduled monthly tasks might not have run on time if the next occurrence happened when daylight savings time occured, and another in which all the registry settings under the Policies paths could have been deleted when you did not rename the local temporary user policy file during Group Policy processing.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5027293 Preview.)

KB5027215 (OS Builds 19044.3086 and 19045.3086)

Release date: June 13, 2023

This build has a wide variety of security updates. For details, see Microsoft’s Security Update Guide and June 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5027215.)

KB5026435 (OS Build 19045.3031) Preview

Release date: May 23, 2023

This update revamps the search box; Microsoft claims it will let you “easily access apps, files, settings, and more from Windows and the web. You will also have access to the latest search updates, such as search highlights.” If you don’t like the design, you can revert to the existing search box via taskbar context menu or by responding to a dialog that appears when you use search.

A variety of bugs have been fixed, including one that did not let you access the Server Message Block (SMB) shared folder and another in which the Windows Firewall dropped all connections to the IP address of a captive portal when you chose the Captive Portal Addresses option.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5026435 Preview.)

Updates to Windows 10 versions 20H2, 21H1, 21H2, and 22H2

KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)

Release date: May 9, 2023

The update fixes a race condition in the Windows Local Administrator Password Solution (LAPS) in which the Local Security Authority Subsystem Service (LSASS) stopped responding when the system processed multiple local account operations at the same time.

This build also includes the quality updates from the April 25 KB5025297 Preview (detailed below), along with a wide variety of security updates. For details, see Microsoft’s Security Update Guide and May 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5026361.)

KB5025297 (OS Build 19045.2913) Preview

Release date: April 25, 2023

This update adds the ability to sync language and region settings when you change your Microsoft account display language or regional format. Windows saves those settings to your account if you have turned on Language preferences sync in your Windows backup settings. It also lets you configure application group rules for firewall settings.

A variety of bugs have been fixed, including one that stopped mobile device management (MDM) customers from printing, and another in which the Tab Window Manager stopped responding in IE mode.

There is one known issue in this update: devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5025297 Preview.)

KB5025221 (OS Builds 19042.2846, 19044.2846, and 19045.2846)

Release date: April 11, 2023

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and April 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5025221.)

KB5023773 (OS Builds 19042.2788, 19044.2788, and 19045.2788) Preview

Release date: March 21, 2023

This build fixes a variety of bugs, including one in which Windows classifies USB printers as multimedia devices even though they are not, and another in which lsass.exe might stop responding when it sends a Lightweight Directory Access Protocol (LDAP) query to a domain controller that has a very large LDAP filter.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5023773 Preview.)

KB5023696 (OS Builds 19042.2728, 19044.2728, and 19045.2728)

Release date: March 14, 2023

This build implements phase three of Distributed Component Object Model (DCOM) hardening. After you install this update, you cannot turn off the changes using the registry key. See KB5004442 for details. It also fixes a bug in which joining an Active Directory domain failed when you reused an existing computer account. See KB5020276 for details.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and March 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5023696.)

KB5022906 (OS Builds 19042.2673, 19044.2673, and 19045.2673) Preview

Release date: February 21, 2023

In this build, informational links open faster when you use Windows Spotlight on the lock screen. Several bugs were also fixed, including one that that stopped hyperlinks from working in Microsoft Excel, and another in IE mode in which the text on the status bar was not always visible.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5022906 Preview.)

KB5022834 (OS Builds 19042.2604, 19044.2604, and 19045.2604)

Release date: February 14, 2023

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and February 2023 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5022834.)

KB5019275 (OS Builds 19042.2546, 19044.2546, and 19045.2546) Preview

Release date: January 19, 2023

This build displays storage alerts for Microsoft OneDrive subscribers on the Systems page in the Settings app. Alerts appear when you are close to your storage limit. You can also manage your storage and purchase additional storage.

The build also fixes a number of bugs, including one that affected searchindexer.exe and randomly stopped you from signing in or signing out.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5019275 Preview.)

KB5022282 (OS Builds 19042.2486, 19044.2486, and 19045.2486)

Release date: January 10, 2023

This build fixes Local Session Manager (LSM) bugs that allowed users who did not have admin rights to perform admin actions.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and January 2023 Security Updates. It also fixes a bug in the Camera app, which stopped responding when memory is low.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5022282.)

KB5021233 (OS Builds 19042.2364, 19043.2364, 19044.2364, and 19045.2364)

Release date: December 13, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the December 2022 Security Updates. It also fixes a bug in the Camera app, which stopped responding when memory was low.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5019959.)

KB5020030 (OS Builds 19042.2311, 19043.2311, 19044.2311, and 19045.2311) Preview

Release date: November 15, 2022

In this build, the search box now appears, by default, on the taskbar when the taskbar is at the top of your screen or when you turn on small taskbar button mode. In addition, Cortana is no longer pre-pinned to your taskbar by default.

The build also fixes a variety of bugs, including one in which print outputs were misaligned on some printers and another in Microsoft Defender for Endpoint in which automated investigation blocked live response investigations. The build also addresses some persistent update failures for the Microsoft Store.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.

(Get more info about KB5020030 Preview.)

KB5019959 (OS Builds 19042.2251, 19043.2251, 19044.2251, and 19045.2251)

Release date: November 8, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this update, in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5019959.)

KB5020953 (OS Builds 19042.2194, 19043.2194, 19044.2194, and 19045.2194)

Release date: October 28, 2022

This build fixes a single bug that caused Microsoft OneDrive to stop working. It happened after you unlinked your device, stopped syncing, or signed out of your account.

This build has one known issue, in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5020953.)

Windows 10 2022 Update (version 22H2)

Release date: October 18, 2022

The Windows 10 2022 Update is, in Microsoft’s words, “a scoped release focused on quality improvements to the overall Windows experience in existing feature areas such as quality, productivity and security.” In other words, there’s not much new here, although Computerworld blogger Susan Bradley did uncover a handful of new group policies in the release.

Home and Pro editions of the 2022 Update will receive 18 months of servicing, and Enterprise and Education editions will have 30 months of servicing.

To install the update, go to Settings > Update & Security > Windows Update and select Check for updates. If the update appears, select Download to install it.

(Get more info about the Windows 10 2022 Update.)

Updates to Windows 10 versions 20H2, 21H1, and 21H2

KB5018482 (OS Builds 19042.2193, 19043.2193, and 19044.2193)

Release date: October 25, 2022

This build fixes a variety of bugs, including one that that caused an OS upgrade to stop responding, and then fail, and another in Microsoft Direct3D 9 games in which the graphics hardware stopped working if it didn’t have a native Direct3D 9 driver.

This build has one known issue, in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5018482.)

KB5020435 (OS Builds 19042.2132, 19043.2132, and 19044.2132)

Release date: October 17, 2022

This build fixes an issue that affected some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections, in which there were handshake failures. For developers, the affected connections are likely to receive one or more records followed by a partial record with a size of less than 5 bytes within a single input buffer. If the connection fails, your app will receive the error, “SEC_E_ILLEGAL_MESSAGE”.

This build has two known issues, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5020435 (OS Builds 19042.2132, 19043.2132, and 19044.2132)

KB5018410 (OS Builds 19042.2130, 19043.2130, and 19044.2130)

Release date: October 11, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and October 2022 Security Updates.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5018410.)

KB5017380 (OS Builds 19042.2075, 19043.2075, and 19044.2075) Preview

Release date: September 20, 2022

This build lets you search for the controls for news and interests on the taskbar and modify them using the Settings app. To change your settings, navigate to Settings > Personalization > Taskbar > News and interests. You can also right-click the taskbar and select Taskbar settings.

The build also fixes a variety of bugs, including one that required you to reinstall an app if you didn’t get the app from the Microsoft Store. This occurs after you upgrade to Windows 10. It also fixes a bug that forced the IE mode tabs in a session to reload.

There are three known issues in this update, including one which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.

(Get more info about KB5017380 Preview.)

KB5017308 (OS Builds 19042.2006, 19043.2006, and 19044.2006)

Release date: September 13, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5017308.)

KB5016688 (OS Builds 19042.1949, 19043.1949, and 19044.1949) Preview

Release date: August 26, 2022

This build fixes a variety of bugs, including one in which Microsoft Edge stopped responding when you use IE mode. This issue also prevented you from interacting with a dialog. It also fixes a bug that caused error 0x1E when a device was shut down or restarted.

There are three known issues in this update, including one which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed, but not automatically replaced by the new Microsoft Edge. In another bug, after installing this update, the audio on some Windows devices might not work.

(Get more info about KB5016688 Preview.)

KB5016616 (OS Builds 19042.1889, 19043.1889, and 19044.1889)

Release date: August 9, 2022

This build fixes several bugs, including one that can prevent the Input Indicator and Language Bar from displaying in the notification area. This issue affects devices that have more than one language installed.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

KB5015807 (OS Builds 19042.1826, 19043.1826, and 19044.1826)

Date: July 12, 2022

This build addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any output of the command. That means the decrypted password is lost. The build also includes improvements made in the KB5014666 update.

This build has three known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5015807.)

KB5014666 (OS Builds 19042.1806, 19043.1806, and 19044.1806) Preview

Release Date: June 28, 2022

This build adds IP address auditing for incoming Windows Remote Management (WinRM) connections in security event 4262 and WinRM event 91. This addresses an issue that fails to log the source IP address and machine name for a remote PowerShell connection. The build also includes several new Print and Scan features.

The build also fixes a number of bugs, including one that prevented the Snip & Sketch app from capturing a screenshot or from opening using the keyboard shortcut (Windows logo key + Shift + S).

This build has three known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5014666 Preview.)

KB5016139 (OS Builds 19042.1767, 19043.1767, and 19044.1767)

Release date: June 20, 2022

This out-of-band build, which is only available for Windows devices that use Arm processors, fixes a bug that prevented Windows Arm-based devices from signing in using Azure Active Directory (AAD). Apps and services that use AAD to sign in, such as VPN connections, Microsoft Teams, and Microsoft Outlook, might also be affected.

This build has four known issues, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. In another, Windows devices might be unable use the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the internet after a client device connects.

(Get more info about KB5016139.)

KB5014699 (OS Builds 19042.1766, 19043.1766, and 19044.1766)

Release date: June 14, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5014699.)

KB5014023 (OS Builds 19042.1741, 19043.1741, and 19044.1741) Preview

Release date: June 2, 2022

This build fixes several bugs, including one that prevented Excel or Outlook from opening, one that slowed down file copying, and one that prevented internet shortcuts from updating.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info KB5014023 Preview.)

KB5015020 (OS Build 19042.1708)

Release date: May 19, 2022

This out-of-band build fixes two bugs: one that could cause authentication failures for some services on a server or client after you install the May 10, 2022 update on domain controllers, and another that could prevent the installation of Microsoft Store apps when you enable Control-flow Enforcement.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5015020.)

KB5013942 (OS Builds 19042.1706, 19043.1706, and 19044.1706)

Release date: May 10, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the May 2022 Security Updates notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5013942).

KB5011831 (OS Builds 19042.1682, 19043.1682, and 19044.1682) Preview

Release date: April 25, 2022

This build fixes a wide variety of bugs, including one that caused a remote desktop session to close or a reconnection to stop responding while waiting on the accessibility shortcut handler (sethc.exe), another that that displayed a black screen for some users when they sign in or sign out, and another that prevented you from changing a password that has expired when you sign in to a Windows device.

(Get more info about KB5011831 Preview.)

KB5012599 (OS Builds 19042.1645, 19043.1645, and 19044.1645)

Release date: April 12, 2022

This build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the April 2022 Security Updates notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5012599.)

KB5011543 (OS Builds 19042.1620, 19043.1620, and 19044.1620) Preview

Release date: March 22, 2022

This build introduces Search highlights, which display notable moments about each day, including holidays, anniversaries, and other events globally and in your region. To see more details at a glance, hover or click on the illustration in the search box.

There are also a variety of small new features, including a new policy that expands an app’s top three notifications by default in the Action Center for apps that send Windows notifications. It displays multiple notifications that you can interact with simultaneously.

In addition, there are a wide variety of bug fixes, including for a bug that stopped Microsoft Outlook’s offline search from returning recent emails, and another that prevented the User Account Control (UAC) dialog from correctly showing the application that is requesting elevated privileges.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5011543 Preview.)

KB5011487 (OS Builds 19042.1586, 19043.1586, and 19044.1586)

Release date: March 8, 2022

This build fixes a bug that occurs when you attempt to reset a Windows device and its apps have folders that contain reparse data, such as Microsoft OneDrive or OneDrive for Business. When you select Remove everything, files that have been downloaded or synced locally from Microsoft OneDrive might not be deleted.

It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the March 2022 Security Updates notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5011487.)

KB5010415 (OS Builds 19042.1566, 19043.1566, and 19044.1566) Preview

Release date: February 15, 2022

The build lets you share cookies between Microsoft Edge Internet Explorer mode and Microsoft Edge, and adds support for hot adding and the removal of non-volatile memory (NVMe) namespaces.

It also fixes a wide variety of bugs, including one that affected the Windows search service and occurred when you queried using the proximity operator, and one that caused the Remote Desktop Service (RDS) server to become unstable when the number of signed in users exceeds 100. This prevented you from accessing published applications using RDS on Windows Server 2019.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5010415 Preview.)

KB5010342 (OS Builds 19042.1526, 19043.1526, and 19044.1526)

Release date: February 8, 2022

The build fixes a bug that causes a Lightweight Directory Access Protocol (LDAP) modify operation to fail if the operation contains the SamAccountName and UserAccountControl attribute. It also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the February 2022 Security Updates notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5010342.)

KB5009596 (OS Builds 19042.1503, 19043.1503, and 19044.1503) Preview

Release date: January 25, 2022

The build fixes a variety of bugs, including one that stops printing or prints the wrong output when you print using USB on Windows 10 version 2004 or later, and another that causes functioning Bluetooth devices to stop working when you attempt to connect to a non-functioning Bluetooth device. It also adds a reminder to Internet Explorer 11 that notifies you about its upcoming retirement.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5009596.)

KB5010793 (OS Builds 19042.1469, 19043.1469, and 19044.1469)

Release date: January 17, 2022

This out-of-band build fixes several bugs, including one that caused IP Security (IPSEC) connections that contain a Vendor ID to fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) could have also been affected. It also fixed a bug that could cause Windows Servers to restart unexpectedly after installing the January 11, 2022 update on domain controllers (DCs).

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5010793.)

KB5009543 (OS Builds 19042.1466, 19043.1466, and 19044.1466)

Release date: January 11, 2022

The build fixes a bug in the Japanese Input Method Editors (IME) and includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the January 2022 Security Update notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5009543.)

Updates to Windows 10 versions 2004, 20H2, 21H1, and 21H2

KB5008212 (OS Builds 19041.1415, 19042.1415, 19043.1415, and 19044.1415)

Release date: December 14, 2021

The build includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the December 2021 Security Update notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5008212.)

KB5007253 (OS Builds 19041.1387, 19042.1387, 19043.1387, and 19044.1387) Preview

Release date: November 22, 2021

This optional update can be downloaded from the Microsoft Update Catalog or by going to Settings > Update & Security > Windows Update > Optional updates available.

The build fixes a variety of bugs, including one that caused the 32-bit version of Microsoft Excel to stop working on certain devices when you exported to PDF, and another that caused the Settings page to unexpectedly close after you uninstalled a font.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5007253 Preview.)

Windows 10 November 2021 Update (version 21H2)

Release date: November 16, 2021

Version 21H2, called the Windows 10 November 2021 Update, is the second feature update to Windows 10 released in 2021. Here’s a quick summary of what’s new:

  • Wi-Fi security has been enhanced with WPA3 H2E standards support.
  • GPU compute support has been added in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute-intensive workflows.

There are also a number of features designed for IT and business:

  • Windows Hello for Business has a new deployment method called cloud trust that simplifies passwordless deployments.
  • For increased security, there have been changes to the Universal Windows Platform (UWP) VPN APIs, which includes the ability to implement common web-based authentication schemes and to reuse existing protocols.
  • Apps can now be provisioned from Azure Virtual Desktop. This allows those apps to run just like local apps, including the ability to copy and paste between remote and local apps.
  • The release closes the gap between Group Policy and mobile device management (MDM) settings. The device configuration settings catalog has been updated to list more than 1,400 settings previously not available for configuration via MDM. The new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler.
  • An upgrade to Windows 10 Enterprise includes Universal Print, which now supports print jobs of up to 1GB or a series of print jobs from an individual user that add up to 1GB within any 15-minute period.
  • Universal Print integrates with OneDrive for web and Excel for web. This allows users of any browser or device connected to the internet to print documents hosted in OneDrive for web to a printer in their organization without installing printer drivers on their devices.

Microsoft has also announced that starting with this release, Windows 10 will get feature updates only once a year.

Updates to Windows 10 versions 2004, 20H2, and 21H1

KB5007186 (OS Builds 19041.1348, 19042.1348, and 19043.1348)

Release date: November 9, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the November 2021 Security Update notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5007186.)

KB5006738 (OS Builds 19041.1320, 19042.1320, and 19043.1320)

Release date: October 26, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a wide variety of bugs, including one that prevented subtitles from displaying for some video apps and streaming video sites, and another that sometimes caused lock screen backgrounds to appear black if they were set up to have a slideshow of pictures as the lock screen background.

There are three known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5006738.)

KB5006670 (OS Builds 19041.1288, 19042.1288, and 19043.1288)

Release date: October 12, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that prevented some applications, such as Microsoft Office and Adobe Reader, from opening or caused them to stop responding.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide and the October 2021 Security Update notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5006670.)

KB5005611 (OS Builds 19041.1266, 19042.1266, and 19043.1266) Preview

Release date: September 30, 2021

This build fixes a small number of bugs, including one in which applications such as Microsoft Outlook suddenly stopped working during normal use, and another that caused blurry News and Interests icons with certain screen resolutions.

(Get more info about KB5005611.)

KB5005565 (OS Builds 19041.1237, 19042.1237, and 19043.1237)

Release date: September 14, 2021

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also fixes a bug that caused PowerShell to create an infinite number of child directories. The issue occurred when you used the PowerShell Move-Item command to move a directory to one of its children. As a result, the volume filled up and the system stopped responding.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are two known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5005565.)

KB5005101 (OS Builds 19041.1202, 19042.1202, and 19043.1202)

Release date: September 1, 2021

This build fixes a wide variety of bugs, including one that reset syncing for Microsoft OneDrive to “Known folders only” after you installed a Windows update, and another in which flickering and residual line artifacts appeared when resizing images.

The build also includes more than 1,400 new mobile device management (MDM) policies. With them, you can configure policies that Group Policies also support. These new MDM policies include administrative template (ADMX) policies, such as App Compat, Event Forwarding, Servicing, and Task Scheduler. Starting in September 2021, you can use the Microsoft Endpoint Manager (MEM) Settings Catalog to configure these new MDM policies.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5005101.)

KB5005033 (OS Builds 19041.1165, 19042.1165, and 19043.1165)

Release date: August 10, 2021

This build changes the default privilege requirement for installing drivers when using Point and Print. After installing this update, you must have administrative privileges to install drivers. See KB5005652, Point and Print Default Behavior Change, and CVE-2021-34481 for more information. The build also makes quality improvements to the servicing stack, which is the component that installs Windows updates.

The build also includes a wide variety of security updates. For details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5005033.)

KB5004296 (OS Builds 19041.1151, 19042.1151, and 19043.1151)

Release date: July 29, 2021

This build fixes a wide variety of bugs, including one that caused the File Explorer window to lose focus when mapping a network drive, another that failed to detect internet connectivity when connected to a VPN, and another that caused System Integrity to leak memory.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or a custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5004296.)

KB5004237 (OS Builds 19041.1110, 19042.1110, and 19043.1110)

Release date: July 13, 2021

This build fixes several bugs, including one that made it difficult to print to a variety of printers, primarily USB receipt or label printers. It also removes support for the PerformTicketSignature setting and permanently enables Enforcement mode for CVE-2020-17049.

It also has a variety of security updates for Windows Apps, Windows Management, Windows Fundamentals, Windows Authentication, Windows User Account Control (UAC), Operating System Security, Windows Virtualization, Windows Linux, the Windows Kernel, the Microsoft Scripting Engine, the Windows HTML Platforms, the Windows MSHTML Platform, and Windows Graphics.

For more details, see Microsoft’s Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There are several known issues in this update, including one in which devices with Windows installations created from custom offline media or custom ISO images might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5004237.)

KB5004945 (OS Builds 19041.1083, 19042.1083, and 19043.1083)

Release date: July 6, 2021

This build closes a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare,” as documented in CVE-2021-34527.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

 (Get more info about KB5004945.)

KB5004760 (OS Builds 19041.1082, 19042.1082, and 19043.1082)

Release date: June 29, 2021

This out-of-band build fixes a bug that may prevent you from opening PDFs using Internet Explorer 11 or apps that use the 64-bit version of the WebBrowser control.

Among the build’s known issues are one in which when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the characters manually.

(Get more info about KB5004760.)

KB5003690 (OS Builds 19041.1081, 19042.1081, and 19043.1081)

Release date: June 21, 2021

This build addresses about three dozen bugs, including one in which signing in using a PIN fails, and another that might cause a VPN to fail after renewing a user auto-enrolled certificate. It also removes Adobe Flash from your PC and makes improvements to the servicing stack, the component that installs Windows updates.

Among the build’s known issues are one in which when using the Microsoft Japanese Input Method Editor (IME) to enter Kanji characters in an app that automatically allows the input of Furigana characters, you might not get the correct Furigana characters. You might need to enter the characters manually.

(Get more info about KB5003690.)

KB5004476 (OS Builds 19041.1055, 19042.1055, and 19043.1055)

Release date: June 11, 2021

This out-of-band build fixes a bug that might redirect you to the Microsoft Store page for Gaming Services when you try to install or start an Xbox Game Pass game on your Windows 10 device. Additionally, you might receive error 0x80073D26 or 0x8007139F. For more information, see KB5004327.

In addition, the build makes improvements to the servicing stack, the component that installs Windows updates.

(Get more info about KB5004476.)

KB5003637 (OS Builds 19041.1052, 19042.1052, and 19043.1052)

Release date: June 8, 2021

This build includes improvements to the servicing stack, which is the component that installs Windows updates. It also includes changes for verifying user names and passwords and for storing and managing files.

It also has a variety of security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform, and Windows Storage and Filesystems.

For more details, see Microsoft’s Security Update Guide.

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5003637.)

KB5003214 (OS Builds 19041.1023, 19042.1023, and 19043.1023) Preview

Release date: May 25, 2021

This build adds the Open on hover option (which is checked by default) to the News and interests menu. To access it, right-click a blank space on the Windows taskbar and open the News and interests menu.

In addition, it makes quality improvements to the servicing stack, which is the component that installs Windows updates. It also includes a wide variety of small bug fixes, including one that displayed items on the desktop after they have been deleted from the desktop, and another that caused configuration problems with devices that were configured using mobile device management (MDM) RestrictedGroups, LocalUsersAndGroups, or UserRights policies.

(Get more info about KB5003214 Preview.)

Windows 10 May 2021 Update (version 21H1)

Release date: May 18, 2021

Version 21H1, called the Windows 10 May 2021 Update, is the most recent update to Windows 10. This is a relatively minor update, but it does have a few new features.

Here’s a quick summary of what’s new in 21H1:

  • Windows Hello multicamera support: If you have an external Windows Hello camera for your PC, you can set the external camera as your default camera. (Windows Hello is used for signing into PCs.) Why should this change matter to you? If you have an external camera, you probably bought it because it’s superior to the built-in, internal one on your computer. So with this change, you’ll be able to use the more accurate camera for logging into your PC.
  • Improved Windows Defender Application Guard performance: Windows Defender Application Guard lets administrators configure applications to run in an isolated, virtualized container for improved security. With this change, documents will open more quickly. It can currently take up to a minute to open an Office document in it.
  • Better Windows Management Instrumentation (WMI) Group Policy Service support: Microsoft has made it easier for administrators to change settings to support remote work.

Updates to Windows 10 versions 2004 and 20H2 prior to the 21H1 release

KB5003173 (OS Builds 19041.985 and 19042.985)

Release date: May 11, 2021

This build includes a variety of security updates for Windows App Platform and Frameworks, the Windows Kernel, Windows Media, the Microsoft Scripting Engine, and the Windows Silicon Platform. For more details, see Microsoft’s Security Update Guide. It also updates security for Bluetooth drivers and Windows OLE (compound documents).

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5003173.)

KB5001391 (OS Builds 19041.964 and 19042.964) Preview

Release date: April 28, 2021

This update gives you quick access to an integrated feed of dynamic content, such as news, weather, sports, and more, that updates throughout the day, via the Windows taskbar. You can personalize the feed to match your interests. For more details, see Microsoft’s Personalized content at a glance: Introducing news and interests on the Windows 10 taskbar.

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. In addition, devices with Windows installations created from custom offline media or custom ISO images might have the legacy version of Microsoft Edge removed by the update, but not automatically replaced by the new Microsoft Edge.

(Get more info about KB5001391 Preview.)

KB5001330 (OS Builds 19041.928 and 19042.928)

Release date: April 13, 2021

This update includes a wide variety of security updates, for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Office Media, Windows Fundamentals, Windows Cryptography, the Windows AI Platform, Windows Kernel, Windows Virtualization, and Windows Media. For details, see Microsoft’s Security Update Guide website.

There are several other security issues addressed, including fixing a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication.

In this build, Microsoft also removed the Microsoft Edge legacy browser and replaced it with the new Chromium-based Edge.

There are several known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5001330.)

KB5000842 (OS Builds 19041.906 and 19042.906) Preview

Release date: March 29, 2021

This update fixes a variety of minor bugs, including one that made high dynamic range (HDR) screens appear much darker than expected, and another that caused video playback to be out of sync in duplicate mode with multiple monitors.

There are several known issues in this build, including one in which System and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10. Devices using Windows Update for Business or that connect directly to Windows Update are not impacted.

(Get more info about KB5000842 Preview.)

KB5001649 (OS Builds 19041.870 and 19042.870)

Release date: March 18, 2021

This out-of-band update fixes a single bug in which graphical content could not be printed.

There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.

(Get more info about KB5001649.)

KB5001567 (OS Builds 19041.868 and 19042.868)

Date: March 15, 2021

This out-of-band update fixes a single bug, which caused a blue screen when you attempted to print to certain printers using some apps.

There is one known issue in this update, in which system and user certificates may be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10.

(Get more info about KB5001567.)

KB5000802 (OS Builds 19041.867 and 19042.867)

Release date: March 9, 2021

This update includes a wide variety of security updates for the Windows Shell, Windows Fundamentals, Windows Management, Windows Apps, Windows User Account Control (UAC), Windows Virtualization, the Windows Kernel, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media. For details, see the Microsoft Security Update Guide.

There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB5000802.)

KB4601382 (OS Builds 19041.844 and 19042.844) Preview

Release date: February 24, 2021

This update fixes a variety of minor bugs, including one that caused video playback to flicker when rendering on certain low-latency capable monitors, and another that sometimes prevented the input of strings into the Input Method Editor (IME).

(Get more info about KB4601382.)

KB4601319 (OS Builds 19041.804 and 19042.804)

Release date: February 9, 2021

This update fixes a bug and includes a variety of security updates. The bug fixed could damage the file system of some devices and prevent them from starting up after running chkdsk /f.

Security updates are provided for Windows App Platform and Frameworks, Windows Apps, Windows Input and Composition, Windows Cloud Infrastructure, Windows Management, Windows Authentication, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Core Networking, and Windows Hybrid Cloud Networking. For details, see the Microsoft Security Update Guide.

There are three known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4601319.)

KB4598242 (OS Builds 19041.746 and 19042.746)

Release date: January 12, 2021

This build fixes a variety of security vulnerabilities, including one with HTTPS-based intranet servers, and a security bypass vulnerability in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface.

There are also security updates to Windows App Platform and Frameworks, Windows Media, Windows Fundamentals, Windows Kernel, Windows Cryptography, Windows Virtualization, Windows Peripherals, and Windows Hybrid Storage Services. For details see the Microsoft Security Update Guide.

There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10, version 1809.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4598242.)

KB4592438 (OS Builds 19041.685 and 19042.685)

Release date: December 8, 2020

This update fixes a security vulnerability by preventing applications that run as a SYSTEM account from printing to “FILE:” ports. It also has security updates for the legacy version of Microsoft Edge, the Microsoft Graphics Component, Windows Media, Windows Fundamentals, and Windows Virtualization. For details see the Microsoft Security Update Guide.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4592438.)

KB4586853 (OS Builds 19041.662 and 19042.662) Preview

Release date: November 30, 2020

This build fixes a wide variety of bugs, including one that caused Narrator to stop responding after you unlock a device if the app was in use before you locked the device, and another that made makes the touch keyboard unstable in the Mail app.

There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4586853.)

KB4594440 (OS Builds 19041.631 and 19042.631)

Release date: November 19, 2020

This minor build fixes issues with Kerberos authentication related to the PerformTicketSignature registry subkey value in CVE-2020-17049, which was a part of the November 10, 2020 Windows update.

There are two known issues in this update, one in which system and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4594440.)

KB4586781 (OS Builds 19041.630 and 19042.630)

Release date: November 10, 2020

This build updates the 2020 DST start date for the Fiji Islands to December 20, 2020 and includes security updates to the Microsoft Scripting Engine, Windows Input and Composition, Microsoft Graphics Component, the Windows Wallet Service, Windows Fundamentals, and the Windows Kernel. For details see the release notes for November 2020 Security Updates.

There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4586781.)

KB4580364 (OS Builds 19041.610 and 19042.610)

Release date: October 29, 2020

This update makes it easier to connect to others in Skype, using Meet Now from the taskbar. In addition, there are a wide variety of bug fixes, including for one that displayed the incorrect CPU frequency for certain processors, another that displayed nothing on the screen for five minutes or more during a Remote Desktop Protocol (RDP) session, and another that caused the Docker pull operation to fail due to a Code Integrity (CI) Policy that blocks the import of a Windows container image.

There are two known issues in this update, including one in which system and user certificates might be lost when updating a device from Windows 10 version 1809 or later to a later version of Windows 10, and another in which users of the Microsoft Input Method Editor (IME) for Japanese or Chinese languages might experience issues when attempting various tasks.

(Get more info about KB4580364.)

Windows 10 October 2020 Update (version 20H2)

Release date: October 20, 2020

Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a few new features.

Here’s a quick summary of what’s new in 20H2:

  • The new Chromium-based version of the Microsoft Edge browser is now built directly into Windows 10.
  • The System page of Control Panel has been removed. Those settings have been moved to the Settings app.
  • The Start menu’s tiled background will match your choice of Windows themes. So the tiled background will be light if you’re using the Windows 10 light theme and dark if you’re using the Windows 10 dark theme.
  • When you use Alt-Tab, Edge will now display each tab in your browser in a different Alt-Tab window. Previously, when you used Alt-Tab, Edge would get only a single window. You can change this new behavior by going to Settings > System > Multitasking.
  • When you pin a site to the taskbar in Edge, you can click or mouse over its icon to see all your browser tabs that are open for that website.
  • When you detach a keyboard on a 2-in-1 device, the device will automatically switch to the tablet-based interface. Previously, you were asked whether you wanted to switch. You can change that setting by going to Settings > System > Tablet.
  • The Your Phone app gets a variety of new features for some Samsung devices. When using one of the devices, you can interact with the Android apps on your phone from the Your Phone app on Windows 10.

What IT needs to know: Windows 10 version 20H2 also has a variety of small changes of note for sysadmins and those in IT.

  • IT professionals who administer multiple mobile devices get a new Modern Device Management (MDM) “Local Users and Groups” settings policy that mirrors options available for devices that are managed through Group Policy.
  • Windows Autopilot, used to set up and configure devices in enterprises, has gained a variety of small enhancement, including better deployment of HoloLens devices, the addition of co-management policies, enhancements to Autopilot deployment reporting, and the ability to reuse Configuration Manager task sequences to configure devices.
  • Microsoft Defender Application Guard now supports Office. This allows untrusted Office documents from outside an enterprise to launch in an isolated container to stop potentially malicious content from compromising computers or exploiting personal information found on them.
  • Latest Cumulative Updates (LCUs) and Servicing Stack Updates (SSUs) have been combined into a single cumulative monthly update, available via Microsoft Catalog or Windows Server Update Services.
  • Biometric sign-on has been made more secure. Windows Hello now has support for virtualization-based security for certain fingerprint and face sensors, which protects, isolates, and secures a user’s biometric authentication data.

For more details, see Microsoft’s “What’s new for IT pros in Windows 10, version 20H2.”

Updates to Windows 10 version 2004 prior to the 20H2 release

KB4579311 (OS Build 19041.572)

Release date: October 13, 2020

This build fixes a few minor bugs and includes a variety of security updates. Among the bugs fixed are an issue with creating null ports using the user interface, and another issue with a possible elevation of privilege in win32k.

Security updates were issued for Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Media, Windows Fundamentals, Windows Authentication, Windows Virtualization, and Windows Kernel. For details, see the Release Notes for October 2020 Security Updates.

There are two known issues in this build: In one, users of Microsoft Input Method Editor (IME) for Chinese and Japanese might have issues with input. In the other, when installing a third-party driver you might receive the error “Windows can’t verify the publisher of this driver software.” You might also see the error “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4579311.)

KB4577063 (OS Build 19041.546) Preview

Release date: October 1, 2020

This build reduces distortions and aberrations in Windows Mixed Reality head-mounted displays and fixes a wide variety of bugs, including one that caused random line breaks when you redirect PowerShell console error output, and another that that prevented the Language Bar from appearing when a user signs in to a new session.

There is one known issue in this build: Users of Microsoft Input Method Editor (IME) for Chinese and Japanese might have issues with input.

(Get more info about KB4577063.)

KB4571756 (OS Build 19041.508)

Release date: September 8, 2020

This build includes security updates for Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Media, Windows Shell, Windows Cloud Infrastructure, Windows Fundamentals, Windows Management, Windows Kernel, Windows Virtualization, Windows Storage and Filesystems, the Microsoft Scripting Engine, and the Microsoft JET Database Engine.

For details, see the Release Notes for September 2020 Security Updates.

The build also fixes a security vulnerability issue with user proxies and HTTP-based intranet servers, and addresses an issue with a possible elevation of privileges in windowmanagement.dll.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build: Users of Microsoft Input Method Editor (IME) for Chinese and Japanese might have issues with input.

(Get more info about KB4571756.)

KB4571744 (OS Build 19041.488)

Release date: September 3, 2020

This build fixes a laundry list of minor bugs, including one that prevented apps from downloading an update or opening in certain scenarios, another that prevented users from reducing the size of windows and another that caused File Explorer to stop working when you browsed directories of RAW images and other file types.

There is one known issue in this build: Users of Microsoft Input Method Editor (IME) for Chinese and Japanese might have issues with input.

(Get more info about KB4571744.)

KB4566782 (OS Build 19041.450)

Release date: August 11, 2020

This build includes security updates for the Microsoft Scripting Engine, Internet Explorer, Windows Graphics, Microsoft Graphics Component, Windows Kernel, Windows Input and Composition, Windows Media, Windows Shell, the Windows Wallet Service, Microsoft Edge Legacy, Windows Cloud Infrastructure, Windows Authentication, the Windows AI Platform, Windows Fundamentals, Windows Storage and Filesystems, Windows Update Stack, Windows File Server and Clustering, Windows Hybrid Storage Services, Windows App Platform and Frameworks, the Microsoft JET Database Engine, and Windows SQL components.

For details, see the Release Notes for August 2020 Security Updates.

The build also fixes an issue in Universal Windows Platform (UWP) apps that allows single sign-on authentication when an app does not have the Enterprise Authentication capability.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

There is one known issue in this build: When using some apps, such as Microsoft Excel, users of the Microsoft Input Method Editor (IME) for Chinese and Japanese might receive an error, or the app might stop responding or close when attempting to drag using the mouse.

(Get more info about KB4566782.)

KB4568831 (OS Build 19041.423)

Release date: July 31, 2020

This minor build addresses a wide variety of bugs and issues, including one that caused the Settings page to close unexpectedly, which prevented default applications from being set up properly, and another that prevented some applications from printing to network printers.

There is one known issue in this build, in which when using some apps such as Excel, users of the Microsoft Input Method Editor (IME) for Chinese and Japanese might receive an error, or the app might stop responding or close when users attempt to drag using the mouse.

(Get more info about KB4568831.)

KB4565503 (OS Build 19041.388)

Release date: July 14, 2020

This build fixes several bugs, including one that might prevent you from connecting to OneDrive using the OneDrive app. It also has security updates for the Microsoft Scripting Engine, Windows App Platform and Frameworks, the Microsoft Store, Windows Graphics, Windows Input and Composition, Windows Media, Windows Shell, Windows Fundamentals, Windows Management, Windows Kernel, Windows Hybrid Cloud Networking, Windows Storage and Filesystems, Windows Update Stack, Windows MSXML, Windows File Server and Clustering, Windows Remote Desktop, Internet Explorer, Microsoft Edge Legacy, and the Microsoft JET Database Engine. For details, see the Release notes for the July 2020 Security Updates.

There is one known issue in this build, in which when using some apps, such as Microsoft Excel, users of the Microsoft Input Method Editor (IME) for Chinese and Japanese might receive an error, or the app might stop responding or close when attempting to drag using the mouse.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4565503.)

KB4567523 (OS Build 19041.331)

Release date: June 18, 2020

This minor build fixes a single issue, in which certain printers could not print, generated print errors, or caused apps and print spoolers to close unexpectedly.

There is one known issue in this build, which affects the ImeMode property to control the Input Method Editor (IME) mode for individual text entry fields to increase typing efficiency. Some IMEs in this build might have issues using the ImeMode property with certain apps, for example the input mode will not switch automatically to Kanji or Hiragana.

(Get more info about KB4567523.)

KB4557957 (OS Build 19041.329)

Release date: June 9, 2020

This build improves the reliability of voice assistants that use keywords and has security updates for the Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Windows App Platform and Frameworks, Windows Media, Windows Kernel, Microsoft Graphics Component, Windows Input and Composition, Windows Shell, Windows Silicon Platform, Microsoft Xbox, the Microsoft Store, Windows Cloud Infrastructure, Windows Fundamentals, Windows Management, Windows Authentication, Windows Cryptography, Microsoft HoloLens, Windows Virtualization, Windows Peripherals, Windows Storage and Filesystems, Windows File Server and Clustering, Windows Hybrid Storage Services, the Microsoft JET Database Engine, and the Windows Update Stack. For details, see the Release Notes for June 2020 Security Updates.

There are no known issues in this build.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4557957.)

Windows 10 May 2020 Update (version 2004)

Release date: May 27, 2020

Version 2004, called the Windows 10 May 2020 Update, is the most recent update to Windows 10. This is a relatively minor update but does have a variety of new features for both users and system administrators. For more details, see: “Review: Windows 10 May 2020 Update delivers little tweaks that add up to… well, not a lot.”

Here’s a quick summary of what’s new in 2004:

  • Cortana now runs as a standalone app in a resizable window. It also loses a variety of capabilities, such as playing music, controlling home devices, and working on the lock screen.
  • Task Manager now displays new information, including the temperature of your GPU and your disk type.
  • Settings gets many small tweaks, including adding a header with account information, and a redone network status page that combines information that used to be found on multiple pages, such as your IP address, current connection properties and data usage.
  • The Windows Subsystem for Linux (WSL) gets more features. It now uses a real Linux kernel, and is faster than previously.
  • IT can now take advantage of Windows Hello biometrics logins rather than passwords, by setting that up as the default on enterprise devices.
  • Installing and setting up Windows for others has been made easier thanks to new controls added to Dynamic Update, which can lead to less downtime during installation for users.
  • A variety of new commands have been given to PowerShell for Delivery Optimization, a Windows networking service that reduces bandwidth consumption by sharing the work of downloading update and upgrade packages among multiple devices in business deployments.
  • The security of the Chromium version of Edge has been improved, thanks to porting Application Guard to it.

Updates to the November 2019 Update (version 1909)

KB4556799 (OS Build 18363.836)

Release date: May 12, 2020

This build updates the 2020 start date for daylight saving time (DST) in the Kingdom of Morocco, and has security updates for Internet Explorer, the Microsoft Scripting Engine, Windows App Platform and Frameworks, Microsoft Graphics Component, Windows Input and Composition, Windows Media, Windows Shell, Microsoft Xbox, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Authentication, Windows Kernel, Windows Linux, Windows Update Stack, Windows Network Security and Containers, Windows Active Directory, Windows Storage and Filesystems, and the Microsoft JET Database Engine. For details, see the Release Notes for May 2020 Security Updates.

There are no known issues in this build.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4556799.)

KB4550945 (OS Build 18363.815)

Release date: April 21, 2020

This update fixes a variety of small bugs, including one that turned off notifications for devices that use a VPN on a cellular network, and another that generated unexpected notifications when you change the default application settings.

(Get more info about KB4550945.)

KB4549951 (OS Build 18363.778)

Release date: April 14, 2020

This security update fixes a variety of security holes in Windows 10, including for Microsoft Edge, Internet Explorer, and a Win32k Information Disclosure Vulnerability. For more details, see the April 2020 Security Update Release Notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4549951.)

KB4554364 (OS Build 18363.753)

Release date: March 30, 2020

This optional update fixes a bug that could cause Windows to display a limited or no internet connection status in the notification area on devices that use a manual or auto-configured proxy, especially with a virtual private network (VPN). The bug also could prevent some devices from connecting to the internet using applications that use WinHTTP or WinINet.

Note: Microsoft recommends that the update be applied only to devices that are affected by the bug.

There are no known issues in the update.

(Get more info about KB4554364.)

KB4541335 (OS Build 18363.752)

Release date: March 24, 2020

This minor update fixes half-a-dozen small bugs, including one that caused an error when printing to a document share, and another that prevented applications from closing. There are no known issues in the update.

(Get more info about KB4541335).

KB4551762 (OS Build 18363.720)

Release date: March 12, 2020

This security-only update has a patch for Microsoft Server Message Block 3.1.1 (SMBv3), a network communication protocol issue that provides shared access to files, printers, and serial ports. For details, see the March 2020 Security Updates Release Notes.

There is one known issue with the update: when using Windows Server containers, you might encounter problems with 32-bit applications and processes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4551762.)

KB4540673 (OS Build 18363.719)

Release date: March 10, 2020

This build fixes one small bug and plugs a series of security holes. It fixes an issue that prevented some users from upgrading Windows 10 because of corrupted third-party assemblies.

The update also has security patches Windows App Platform and Frameworks, Windows Media, Windows Silicon Platform, Microsoft Edge, Internet Explorer, Windows Fundamentals, Windows Authentication, Windows Peripherals, Windows Update Stack, and Windows Server. For details, see the March 2020 Security Updates Release Notes.

There is one known issue with the update, in which when using Windows Server containers, you might encounter problems with 32-bit applications and processes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4540673.)

KB4535996 (OS Build 18363.693)

Release date: February 27, 2020

This build fixes a wide variety of minor bugs, including one that prevented some applications from printing to network printers, and another that caused Microsoft Narrator to stop working when a user session is longer than 30 minutes.

(Get more info about KB4535996.)

KB4532693 (OS Build 18363.657)

Release date: February 11, 2020

This Patch Tuesday build fixes two small bugs and plugs a series of security holes. It fixes problems people experienced when migrating cloud printers during an upgrade and improves the installation experience when updating to Windows 10, version 1903.

The update also has security patches for Internet Explorer, Microsoft Edge, Windows Fundamentals, Windows Cryptography, Windows Virtualization, Windows Network Security and Containers, Windows Server, Windows Management, Microsoft Graphics Component, Windows Input and Composition, Windows Media, the Microsoft Scripting Engine, and Windows Shell. For details, see the February 2020 Security Updates Release Notes.

There are no known issues with the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4532693.)

KB4532695 (OS Build 18363.628)

Release date: January 28, 2020

This build improves the accuracy of Windows Hello face authentication and fixes a variety of small bugs, including one that caused a gray box to appear when you searched within Control Panel and File Explorer, another that prevented File Explorer’s Quick Access control from pasting clipboard content using the right mouse button, and another that caused the touch keyboard to close when you selected any key. There are no known issues with the update.

(Get more info about KB4532695.)

KB4528760 (OS Build 18363.592)

Release date: January 14, 2020

This build has security updates for Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Storage and Filesystems, the Microsoft Scripting Engine, and Windows Server. For details, see the January 2020 Security Updates Release Notes. It also has updates for Microsoft HoloLens (OS Build 18362.1044).

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4528760.)

KB4530684 (OS Build 18363.535)

Release date: December 10, 2019

This minor update fixes two minor issues — one that might cause error 0x3B in cldflt.sys on some devices, and another that might prevent you from creating a local user account using the Input Method Editor (IME) for Chinese, Japanese, or Korean languages when setting up a new Windows device during the Out of Box Experience (OOBE).

The update also has security patches for Windows Virtualization, Windows Kernel, the Microsoft Scripting Engine, and Windows Server. For details, see the December 2019 Security Updates Release Notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4530684.)

KB4524570 (OS Build 18363.476)

Release date: November 12, 2019

This update fixes security issues in Windows, Internet Explorer and Microsoft Edge (EdgeHTML-based). For details, see Microsoft’s November 2019 Security Update notes.  

There is one known issue in this update, in which you may not be able to create a local user when setting up a new Windows device during the Out of Box Experience (OOBE) while using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages. 

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4524570.)

Windows 10 November 2019 Update (version 1909)

Release date: Nov. 12, 2019

Version 1909, called the Windows 10 November 2019 Update, is the most recent update to Windows 10. There are very few new features in this update, making it more like a service pack of old than a feature update. At this point it’s not clear whether in the future there will be one full-featured update and one service-pack-like update per year or whether Microsoft will go back to its two-feature-updates-a-year schedule. For more details, see “What we know so far about the unusual Windows 10 1909” and “5 unanswered questions about Windows 10 1909.”

Here’s a quick summary of what’s new for users in 1909.

  • It lets you create calendar events straight from the taskbar. To do it, click the time on the taskbar and you’ll open the Calendar view. Now click a date and time, then type the event’s name into the text box. You’ll also be able to choose the date, time and location.
  • When you type a search into the search box, it will now search through files in your OneDrive account as well as on your PC. Also, as you type, a drop-down menu with suggested files appears. Click a file to open it.
  • Voice assistants in addition to Cortana, including Amazon’s Alexa, will be able to run on Windows 10’s lock screen.
  • Under-the-hood improvements should speed up the performance of some PCs, as well as increase the battery life in some laptops.
  • The Start Menu has gotten minor tweaks. When you hover over items in the navigation pane on the left side of the menu, the items clearly show what you’re about to click.

What IT needs to know: The following features in 1909 are of note for IT staff.

  • Windows containers no longer need to have their host and container versions match. That requirement restricted Windows from supporting mixed-version container pod scenarios. Previously, containers from older versions of Windows 10 couldn’t be run on newer versions of Windows 10. In this update, it’s possible, so that a container made using 1903, for example, can be run on 1909.
  • Windows Defender Credential Guard, which protects enterprise users’ logins and credentials against theft, is now available for ARM64 devices. Some Windows 10 convertible PCs use ARM64.
  • Enterprises can now use Microsoft’s Intune enterprise mobility management (EMM) service to allow devices running Windows 10 in S mode to install and run Win32 (desktop) apps. Before this, S Mode only allowed devices to run apps from the Microsoft Store. Microsoft Store apps don’t run on the desktop.
  • The security of BitLocker encryption has been improved. Whenever BitLocker is used to encrypt a device, a recovery key is created, but before this security improvement, it was possible for an unauthorized user to get access to the recovery key and decrypt the device. Now, PCs have additional security if a key is exposed. Here’s how Microsoft explains the change: “Key-rolling or Key-rotation feature enables secure rolling of Recovery passwords on MDM managed AAD devices upon on demand request from Microsoft Intune/MDM tools or upon every time recovery password is used to unlock the BitLocker protected drive.”

There are two known issues in this update: one in which some users cannot set Win32 program defaults for certain app and file type combinations using the Open with… command or Settings > Apps > Default apps, and another in which Microsoft Notepad and other Win32 programs cannot be set as default applications.

(Get more info about KB4464455.)

KB4464330 (OS Build 17763.55)

Release date: October 9, 2018

This very minor, non-feature update fixes an issue in which an incorrect timing calculation may prematurely delete user profiles on devices subject to the “Delete user profiles older than a specified number of day” group policy. It also has security updates for Windows Kernel, Microsoft Graphics Component, Microsoft Scripting Engine, Internet Explorer, Windows Storage and Filesystems, Windows Linux, Windows Wireless Networking, Windows MSXML, the Microsoft JET Database Engine, Windows Peripherals, Microsoft Edge, Windows Media Player, and Internet Explorer. (Go to the Security Update Guide for more details about these updates.)

There are no known issues with the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4464330.)

Windows 10 October 2018 Update (version 1809)

Release date: October 2, 2018; paused October 5; re-released November 13, 2018

Version 1809, called the Windows 10 October 2018 Update, is the feature update that preceded the May 2019 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

  • A new, powered-up Windows Clipboard can hold multiple clips, store clips permanently, let you preview clips and choose which one you’d like to paste into a document, and share clips across Windows 10 devices.
  • A new screenshot and annotation tool called Snip & Sketch lets you capture and annotate the entire screen, a rectangular portion of the screen or a freehand-drawn portion of it. After you take a screen capture, you can annotate it and then save it to a file, copy it to the Clipboard, open it in another program or share it via email, social media and other methods.
  • Storage Sense, which helps save storage space, now works with OneDrive Files On-Demand to clean out files you’ve downloaded from OneDrive cloud storage to your PC but that you don’t use any longer. You can choose how long you would like the cloud files to stay on your PC unused before you want them deleted, from never to 60 days.
  • The Microsoft Edge browser lets you set autoplay permissions for sound and video on websites on a site-by-site basis. It also lets you look up word definitions in its built-in eReader for books and PDFs, and mark up PDFs and books using a highlighter and by adding notes.
  • The new Your Phone app links Windows 10 devices to iOS and Android phones. It allows you to start web browsing on an iOS or Android device and then continue where you left off on your PC. It also lets you view photos on your Android phone from your Windows 10 PC.
  • Search Previews have been powered up slightly. You no longer need to click to display the preview panel; it opens automatically. It also now shows files found on your PC.
  • Smaller changes include a new dark theme for File Explorer; the addition of the SwiftKey swipe keyboard, which lets you enter text by swiping a finger across an onscreen keyboard; updates that are less intrusive; and faster sign-ins on shared PCs.

What IT needs to know: There are few significant changes that affect IT in the Windows 10 October 2018 Update, other than New Microsoft Edge Group Policies that let admins enable and disable full-screen mode, printing, the favorites bar, and browser history saves. IT can also allow or ban Edge extensions (not that there are many available) and configure the Home button and new tab page and startup options.

Updates to the April 2018 Update (version 1803)

KB4458469 (OS Build 17134.319)

Release date: September 20, 2018

This non-feature update fixes several dozen issues, including one that prevents custom keyboard layouts from working correctly, another that prevents some Bluetooth devices from pairing with Windows, and another in which a daily, repetitive task starts unexpectedly when the task is first created or starts when the task is updated.

There are no known issues with the update.

(Get more info about KB4458469.)

KB4464218 (OS Build 17134.286)

Release date: September 17, 2018

This non-feature update fixes a single issue that occurs after installing any of the updates released between July 24, 2018 and September 11, 2018. In those updates, Windows no longer recognizes the Personal Information exchange (PFX) certificate used for authenticating to a Wi-Fi or VPN connection. So Intune takes a long time to deliver user profiles because it doesn’t recognize that the required certificate is on the device. This build fixes the problem.

There are no known issues with the update.

(Get more info about KB4464218.)

KB4457128 (OS Build 17134.285)

Release date: September 11, 2018

This non-feature update includes several security updates and fixes an issue that causes the Program Compatibility Assistant (PCA) service to have excessive CPU usage. It provides protection against a Spectre Variant 2 vulnerability (CVE-2017-5715) for ARM64 devices. And it also includes security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Microsoft Graphics Component, Windows Media, Windows Shell, Windows Hyper-V, Windows datacenter networking, Windows virtualization and kernel, Windows Linux, Windows kernel, Microsoft JET Database Engine, Windows MSXML, and Windows Server. (See the Security Update Guide for details.)

There are no known issues with the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4457128.)

KB4346783 (OS Build 17134.254)

Release date: August 30, 2018

This non-feature update addresses a little more than a dozen problems, including one in which an issue in Microsoft Foundation Class applications may cause applications to flicker, and another in which Microsoft Edge or other UWP applications can’t perform client authentication when the private key is stored on a TPM 2.0 device.

There is one known issue in the update: Microsoft Edge may fail when using the New Application Guard Window, but normal Microsoft Edge instances aren’t affected.

(Get more info about KB4346783.)

KB4343909 (OS Build 17134.228)

Release date: August 14, 2018

This non-feature update addresses a handful of minor issues, including fixing a problem that caused high CPU usage and performance degradation on some systems with Family 15h and 16h AMD processors, and fixing another one that significantly reduced battery life after upgrading to Windows 10 version 1803, the Windows 10 April 2018 Update.

It also has security fixes, including several for Windows Server, and protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) that affects Intel Core processors and Intel Xeon processors

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4343909.)

KB4340917 (OS Build 17134.191)

Release date: July 24, 2018

This non-feature update addresses a dozen minor issues, including problems updating time zone information, an issue that prevented OpenType fonts from printing in Win32 applications and an issue with Roaming User Profiles where the AppDataLocal and AppDataLocallow folders are incorrectly synchronized at user logon and logoff, among others.

There is one known issue: After installation of any of the July 2018 .NET Framework Security Updates, a COM component will fail to load because of “access denied,” “class not registered,” or “internal failure occurred for unknown reasons” errors. For more details, see KB4345913.

(Get more info about KB4340917.)

KB4345421 (OS Build 17134.166)

Release date: July 16, 2018

This non-feature update addresses a small number of issues, including one in which the DHCP Failover server may cause enterprise clients to receive an invalid configuration when requesting a new IP address, resulting in a loss of connectivity. It also fixes another issue that may cause the restart of the SQL Server service to fail occasionally, listing the error “Tcp port is already in use.” There are no known issues with the update.

(Get more info about KB4345421.)

KB4338819 (OS Build 17134.165)

Release date: July 10, 2018

This security update addresses a small number of issues, including one that may cause the Mitigation Options Group Policy client-side extension to fail during GPO processing. It also evaluates the Windows ecosystem to help ensure application and device compatibility for all updates to Windows and enables debugging of WebView content in UWP apps using the Microsoft Edge DevTools Preview app that’s available in the Microsoft Store.

The update also includes security updates for Internet Explorer, Windows apps, Windows graphics, Windows data center networking, Windows wireless networking, Windows virtualization, Windows kernel, and Windows Server. All security updates fix vulnerabilities in the Microsoft .NET Framework.

The update has a known issue: After installing this update on a DHCP Failover Server, Enterprise clients may receive an invalid configuration when requesting a new IP address.  This may result in loss of connectivity as systems fail to renew their leases.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4338819.)

KB4284848 (OS Build 17134.137)

Release date: June 26, 2018

This non-feature update fixes a wide variety of bugs, including a performance issue on Windows Mixed Reality that occurred on some laptops with hybrid graphics adapters, such as the Surface Book 2, and another in which the Video Settings HDR streaming calibration slider stopped working due to a conflict with the panel brightness intensity settings configured by some OEMs.

The ancient, security-challenged SMBv1 protocol also has a fix for a bug in which users got the “An invalid argument was supplied” error message when accessing files or running programs from a shared folder using the protocol. The release also fixes a bug in which media content previously generated by Media Center didn’t play after the Windows 10 April 2018 Update was installed. There were more than a dozen other minor bugs squashed as well.

(Get more info about KB4284848.)

KB4284835 (OS Build 17134.112)

Release date: June 12, 2018

This update addresses a variety of issues, including several security problems. It fixes a problem that stops the GameBar from launching and also adds support for the SameSite cookie web standard to Microsoft Edge and Internet Explorer. Among other changes, it also addresses an issue in which some systems started up to a black screen. That occurred because previous updates to Windows 10 version 1803 were incompatible with specific versions of PC tune-up utilities after installation.

The update also provides protections for an additional subclass of speculative execution side channel vulnerabilities known as Speculative Store Bypass  (CVE-2018-3639). The protections aren’t enabled by default. IT administrators who want to turn them on for the Windows client should follow the instructions in KB4073119. For Windows Server guidance, follow the instructions in KB4072698. This should be done in addition to the mitigations already released for Spectre Variant 2 (CVE-2017-5715) and Meltdown (CVE-2017-5754).

The release also includes security updates to Internet Explorer, Microsoft Edge, Microsoft scripting engine, Windows Desktop Bridge, Windows apps, Windows shell, Windows kernel, Windows Server, Windows storage and filesystems, Windows wireless networking, remote code execution, and Windows virtualization and kernel.

There is a known issue in this update, in which some users running Windows 10 version 1803 may receive an error “An invalid argument was supplied” when accessing files or running programs from a shared folder using the SMBv1 protocol. To work around the problem, enable SMBv2 or SMBv3 on both the SMB server and the SMB client, as described in KB2696547.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4284835.)

KB4338548 (OS Build 17134.83)

Release date: June 5, 2018

This extremely minor update fixes a single bug in which 2017 and 2018 versions of Intuit QuickBooks Desktop couldn’t run in multi-user mode on Windows 10 version 1803 devices.

(Get more info about KB4338548.)

KB4100403 (OS Build 17134.81)

Release date: May 23, 2018

This update fixes a variety of minor bugs, including one in which Internet Explorer might cause communication between web workers to fail in certain asynchronous scenarios with multiple visits to a web page, and another that caused Windows Hello enrollment to fail on hardware with dGPUs.

There are several known issues with the update, including one in which some users running Windows 10 version 1803 may receive an error “An invalid argument was supplied” when accessing files or running programs from a shared folder using the SMBv1 protocol.

(Get more info about KB4100403.)

KB4103721 (OS Build 17134.48)

Release date: May 8, 2018

This update fixes several minor bugs, closes security holes and introduces no new features. Among other fixes, it addresses one that causes some devices to stop responding or working when using applications such as Cortana or Chrome after installing the Windows 10 April 2018 Update. And security updates are included for Windows Server, Microsoft Edge, Internet Explorer, Microsoft scripting engine, Windows app platform and frameworks, Windows kernel, Microsoft Graphics Component, Windows storage and filesystems, HTML help and Windows Hyper-V.

The update has one known issue – when some devices with Intel SSD 600p Series or Intel SSD Pro 6000p Series hard disks attempt to upgrade to the Windows 10 April 2018 Update, they may repeatedly enter a UEFI screen after restart or stop working. Microsoft is working with Intel and hardware partners  to identify and block devices with Intel SSD 600p Series or Intel SSD Pro 6000p Series from installing the April 2018 Update. It also is working on a fix that will allow those devices to eventually install the update.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4103721.)

Windows 10 April 2018 Update (version 1803)

Release date: April 30, 2018

Version 1803, called the Windows 10 April 2018 Update, is the major update to Windows 10 that preceded the October 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

  • The most important new feature is Timeline, which lets you review and resume activities and open files you’ve started on your PC, or any other Windows PCs you have. It also tracks what you’ve done on iOS and Android devices if you install Microsoft’s digital assistant Cortana on them and are logged in. It shows a list of activities day by day for up to 30 days. Each activity shows up as a large tile, with the file name and document title or URL and website name across it, and the name of the application or app that created it across the top. Click any activity to reopen it. (Note that at present, Timeline only tracks activities in certain Microsoft programs such as the Edge browser and Office applications.)
  • The new Diagnostic Data Viewer is supported, which Microsoft is designed to let you see the “diagnostic data collected from your Windows devices, how it is used, and to provide you with increased control over that data.” However, the information is presented in such a complex, technical way that even programmers will likely have a difficult time understanding it. The viewer isn’t built directly into the Windows 10 April 2018 Update. Instead, you have to download it from the Microsoft Store.
  • The My People feature now lets you pin up to 10 contacts on the Windows taskbar. Previously, you could only pin up to three.
  • Microsoft Edge gets several minor tweaks, including a revamped Hub, the ability to mute auto-playing audio in tabs, and a forms-filler for web-based forms.
  • The Notebook feature of Cortana gets a new, cleaner interface for its Notebook. It now has two tabs, Organizer and Manage Skills. The Organizer makes it easier to create lists and set reminders. The Manage Skills tab lets you add “skills” to Cortana, such as controlling your home and its appliances, connecting Cortana to music services such as Spotify, tracking your fitness and more.
  • You get more control over app permissions, such as whether they can access your camera, location and contacts.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 April 2018 Update:

  • Windows 10 Professional now gets the Windows Defender Application Guard, which protects Microsoft Edge. There’s also a new feature in the application guard that lets users download files inside Edge instead of directly to the operating system, as a way to increase security.
  • There are new policies for Group Policy and Mobile Device Management (MDM) that can better control how Delivery Optimization is used for Windows Update and Windows Store app updates. You can also now monitor Delivery Optimization using Windows Analytics.
  • Windows AutoPilot also gets a tweak that lets IT make sure policies, settings and apps are provisioned on devices before users begin using them.
  • Windows gets the Linux curl and tar utilities for downloading files and extracting .tar archives built directly into Windows. Windows also now natively supports Unix sockets (AF_UNIX) with a new afunix.sys kernel driver. That will make it easier to port software to Windows from Linux as well as from other Unix-like operating systems.
  • There are a host of improvements to the Windows Subsystem for Linux, which lets you run a variety of Linux distributions on Windows 10. Linux applications can run in the background, some launch settings for Linux distributions can be customized, and Linux applications have been given access to serial devices. The new Unix sockets report is available for the Windows Subsystem for Linux as well as Windows itself.
  • The Windows 10 Pro for Workstations version of Windows 10 gets a new power scheme called Ultimate Performance it’s only for desktop PCs, not those that can be powered by batteries. In addition, Windows 10 Pro for Workstations no longer ships with games like Candy Crush or other similar consumer-focused apps. Instead, it features enterprise- and business-related apps.
  • Administrators have been given the power to configure an enterprise’s PCs to run custom scripts during feature updates, which will make configuration and deployment easier.

For  more details, see the Microsoft blog post “Making IT simpler with a modern workplace.”

Updates to the Fall Creators Update (version 1709)

KB4093105 (OS Build 16299.402)

Release date: April 23, 2018

This update fixes three dozen minor bugs and issues and introduces no new features. Among other fixes, it addresses one that removes user-pinned folders or tiles from the Start menu in some cases, and another that causes Skype and Xbox to stop working.

The update has one known issue — it reports that KB4054517 failed to install because of error 0x80070643, even though the installation was successful. If you want to verify the installation and make sure are no additional updates available, select Check for Updates. Microsoft is working on a resolution to the problem and will issue a fix in an upcoming Windows update.

(Get more info about KB4093105.)

KB4093112 (OS Build 16299.371)

Release date: April 10, 2018

This update fixes a variety of minor bugs and issues and plugs a number of security holes. Among other fixes, it addresses one that causes an access violation in Internet Explorer when it runs on the Microsoft Application Virtualization platform. It also fixes an issue that might cause the App-V service to stop working on an RDS server that hosts many users. There are also updates to Internet Explorer, Microsoft Edge, Windows kpp platform and frameworks, Microsoft scripting engine, Windows graphics, Windows Server, Windows kernel, Windows datacenter networking, Windows wireless networking, Windows virtualization and Kernel, and Windows Hyper-V.

The update has a variety of issues. In one, after it’s installed, users may experience unexpected panning or scrolling in certain apps while using the pen. In another, Windows Update History reports that KB4054517 failed to install because of error 0x80070643.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4093112.)

KB4089848 (OS Build 16299.334)

Release date: March 22, 2018

This non-security updates fixes a variety of minor bugs and issues but offers no new features. Among other issues, it fixes a problem in which Bluetooth devices failed to receive data after a restart, and problems Microsoft Edge had in rendering PDF documents with backgrounds created using various third-party publishing tools. It also fixed an issue with the press-and-hold feature when using a pen in Tablet mode, and another that caused monitors to disconnect after a computer woke from Sleep.

(Get more info about KB4089848.)

KB4088776 (OS Build 16299.309)

Release date: March 13, 2018

This update fixes a variety of bugs and closes several security holes. It fixes a problem in which pinch and zoom gestures don’t work on some hardware when using Internet Explorer, and another one in which Internet Explorer becomes unresponsive in certain scenarios when a Browser Helper Object is installed. It also fixes a bug in which media and other applications become unresponsive or fail when upgrading graphics drivers, and one in which after installing KB4090913, the Mixed Reality Portal failed to initialize.

The update also includes security updates to Internet Explorer, Microsoft Edge, Microsoft Scripting Engine, Windows Desktop Bridge, Windows Kernel, Windows Shell, Windows MSXML, Device Guard, Windows Hyper-V, Windows Installer, and the Microsoft Scripting Engine.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4088776.)

KB4090913 (OS Build 16299.251)

Release date: March 5, 2018

This update fixes a significant bug and adds no new features. The bug was one in which some USB devices and onboard devices, including built-in laptop cameras, keyboards, or mice, stopped working. It occurred when the Windows Update servicing stack incorrectly skipped installing newer versions of critical drivers in the cumulative update and uninstalled the currently active drivers.

The current update has a variety of known issues, including that some devices may fail to start after installing it and return the error message INACCESSIBLE_BOOT_DEVICE. See Microsoft’s suggested workarounds.

(Get more info about KB4090913.)

KB4074588 (OS Build 16299.248)

Release date: February 13, 2018

This February 2018 “Patch Tuesday” update fixes a wide variety of bugs, adds no new features and offers a several security updates. Among other bugs handled, it fixes an issue in Internet Explorer where pressing the delete key inserted a new line in input boxes in an application. It also updates time zone information and fixes a bug that caused delays when switching keyboard languages using Alt+Shift. There are a number of known issues with the update, including one in which Windows Update History incorrectly reports that KB4054517 failed to install. 

The patch also includes security updates to Microsoft Scripting Engine, Microsoft Edge, Internet Explorer, Microsoft Windows Search component, Windows Kernel, Windows Authentication, Device Guard, Common Log File System driver, and the Windows storage and file systems.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4074588.)

KB4058258 (OS Build 16299.214)

Release date: January 31, 2018

This minor non-feature update fixes a variety of minor bugs, including one in which colors are distorted when the system is connected to displays that support the wide color gamut, and another in which delays are caused when switching keyboard languages using Alt+Shift. The update also includes unnamed security protections for 32-bit (x86) versions of the Windows 10 Fall Creators Update. There are several known issues with the update, including that after its installation, “Windows Update History reports that KB4054517 failed to install because of error 0x80070643.”

(Get more info about KB4058258.)

KB4073291 (OS Build 16299.201)

Release date: January 18, 2018

This update is only for PCs with the 32-bit (x86) version of Windows 10 1709 that have already installed the January 3, 2018 update (KB4056892, OS Build 16299.192). Microsoft has provided no information about this update beyond a list of files that are in it (CSV download) and that it “provides additional protections for 32-Bit (x86) version of Windows 10 1709.” However, it notes that there are a number of known issues with the update, including that “Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.”

(Get more info about KB4073291.)

KB4056892 (OS Build 16299.192)

Release date: January 3, 2018

This update fixes a variety of minor bugs, including one in which event logs stop receiving events when a maximum file size policy is applied to the channel. It also fixes several Microsoft Edge-related issues including one in which printing an Office Online document in Microsoft Edge fails and another in which Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.

Also included are security updates for Internet Explorer, Microsoft Edge, Windows 10, .NET Framework and more. For details see the January 2018 Security Updates Release Notes.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4056892.)

KB4054517 (OS Build 16299.125)

Release date: December 12, 2017 

This update fixes a variety of minor bugs, including one in which Windows Defender Device Guard and Application Control block some applications from running, even in Audit-Only Enforcement Mode. It also fixes a variety of issues with updating time zone information.

Also included are 34 security updates to the Microsoft Scripting Engine, Microsoft Edge and Windows Server. The most notable of them are fixes to two remote code execution bugs in the Microsoft Malware Protection Engine. For details about the two remote execution bugs, see CVE-2017-11937 and CVE-2017-11940.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4054517.)

KB4051963 (OS Build 16299.98)

Release date: November 30, 2017

This minor, non-feature update includes a variety of bug fixes. It addresses several problems with Internet Explorer, including a script-related issue that caused the browser to stop working in some cases, and another in which forms submissions didn’t work properly. It also fixed performance problems when users run full-screen Microsoft DirectX 9 games and applications. And it fixes an issue in which user selections for Feedback Frequency in Settings > Privacy > Feedback & diagnostics weren’t saved.

(Get more info about KB4051963.)

KB4048955 (OS Build 16299.64)

Release date: November 14, 2017

This first “Patch Tuesday” release for the Fall Creators Update contains no new features, but has a variety of bug fixes and security patches. It fixes a problem that caused the Mixed Reality Portal to stop responding on launch and one where black screens appeared when switching between windowed and full-screen modes when playing some Microsoft DirectX games. It also fixes an issue in which application tiles were missing from the Start menu. A variety of other problems have been solved as well.

Fifty-three security vulnerabilities have also been also fixed, with 20 of them rated as critical. Security holes have been patched throughout Windows, including in Internet Explorer, Microsoft Edge, Windows, Microsoft Office, ASP.NET Core, and Chakra Core.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4048955.)

KB4043961 (OS Build 16299.19)

Release date: October 17, 2017

This very minor, non-feature update addresses only a few small issues, including a bug in which, after apps are removed, they’re reinstalled on every restart, logoff and login. There are also security updates to Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Windows Search Component, Windows TPM, Windows NTLM, Device Guard, Microsoft Scripting Engine, Windows Wireless Networking, Microsoft Windows DNS, Windows Server, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4043961.)

Windows 10 Fall Creators Update (version 1709)

Release date: October 17, 2017

Version 1709, called the Windows 10 Fall Creators Update, is the major update to Windows 10 that preceded the April 2018 Update. Here’s a quick summary of what’s new for users in it. (For more details, see our full review.)

  • OneDrive gets a new feature called Files On-Demand that gives you access to all of your OneDrive files on every device, without having to download them first. You’ll be able to see all the files you have in OneDrive, even if they’re only in the cloud and not on your PC. Icons tell you which are local and which are in the cloud. Just open the file, and if it’s not on your PC, it gets downloaded.
  • The new My People feature lets you pin three contacts to the Windows taskbar and then communicate with them instantly without having to open a separate app such as Skype or Mail. You can also click to see a list of all communications between them and you at a glance.
  • You can now send web links from your iOS or Android device to your PC and have them open in Microsoft Edge.
  • Cortana gets several new features, including displaying results in a scrollable flyout panel, so you don’t have to launch a web browser.
  • Microsoft Edge gets some minor improvements, including better Favorites handling and the ability to mark up PDFs and e-books.
  • Security has been beefed up, including the addition of Windows Defender Exploit Guard, which includes intrusion rules and policies to protect against a variety of threats, notably zero-day exploits. A new anti-ransomware feature called Controlled Folder Access has also been added; it lets only approved apps have access to Windows system files and folders.
  • New privacy features include the ability to review the kinds of devices and services apps from the Microsoft Store want access to before you download them.
  • The update incorporates Microsoft’s new design system and guidelines, called Fluent Design. Overall, transitions are smoother, and there are subtle changes to the transparency effect.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Fall Creators Update:

  • The notoriously insecure SMBv1 networking protocol, exploited in recent ransomware attacks including WannaCry and Petya, won’t be included on clean installs of the Windows 10 Fall Creators Update, but SMBv1 components will remain if you do in-place upgrades on PCs that already have the component installed.
  • Windows Defender Advanced Threat Protection (ATP), a suite of tools introduced in Windows 10 that helps enterprise customers protect their users and networks against threats and respond to attacks, is being beefed up. Among other things, it will run on the Windows Server OS.
  • ATP is also part of Windows Defender Application Guard for Microsoft Edge, available only for Windows 10 Enterprise Edition. It protects against malware attacks by confining visits to unknown or untrusted websites to a virtual machine, so that attacks can’t spread to a PC or the network.
  • Windows AutoPilot, which improves self-service deployments of Windows 10 PCs, gets a variety of tweaks, including better mobile device management (MDM) services.
  • Windows Analytics’ new Device Health tool gathers information on how PCs perform in an enterprise, and based on that, identifies potential issues and outlines steps to resolve them.
  • Enterprises get more control over what kind of information Windows Analytics gathers for the IT staff. In order to improve users’ privacy, IT staff can limit the information collected by Windows Analytics to only diagnostic data.

For more details about new features for IT, see “What’s new in Windows 10, version 1709 IT Pro content,”  “Announcing end-to-end security features in Windows 10” and “Delivering the Modern IT promise with Windows 10” from Microsoft.

Updates to the Creators Update (version 1703)

KB4041676 (OS Build 15063.674)

Release date: October 10, 2017

This non-feature update addresses a wide variety of issues, including ones related to security. It fixes a bug that won’t allow some games from downloading from the MIcrosoft Store. The build also fixes an issue in which some Universal Windows Platform (UWP) apps and Centennial apps (.NET and Win32-based Windows applications that have been packaged to be published to the Microsoft Store) have a gray icon and display the error message “This app can’t open” on launch.

In addition, security updates are included for many parts of Windows, including Microsoft Windows Search Component, Windows kernel-mode drivers, Microsoft Graphics Component, Internet Explorer, Windows kernel, Microsoft Edge, Windows Authentication, Windows TPM, Device Guard, Windows Wireless Networking, Windows Storage and Filesystems, Microsoft Windows DNS, Microsoft Scripting Engine, Windows Server, Windows Subsystem for Linux, Microsoft JET Database Engine, and the Windows SMB Server.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4041767.)

KB4040724 (OS Build 15063.632)

Release date: September 25, 2017

This non-feature update addresses two very minor issues: Cellular connectivity and reliability have been improved, and performance problems with Microsoft Edge that were introduced in KB40387888 have been resolved.

(Get more info about KB4040724.)

KB4038788 (OS Build 15063.608)

Release date: Sept. 12, 2017

This non-feature update addresses a wide variety of miscellaneous minor issues, including one where some machines fail to load wireless WAN devices when they resume from Sleep, and another where spoolsv.exe stops working. Also addressed is a problem in which the option to join Azure AAD is sometimes unavailable during the out-of-box experience, and another in which clicking the buttons on Windows Action Center notifications results in no action being taken.

What IT needs to know

This release includes security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel and Windows Virtualization. Because it’s a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4038788.)

KB4034674 (OS Build 15063.540)

Release date: Aug. 8, 2017

This non-feature update addresses a variety of minor issues, primarily aimed at IT. Two fixes are for mobile devices: One in which the policies provisioned using Mobile Device Management (MDM) don’t take precedence over policies set by provisioning packages, but should, and another in which an access violation in the Mobile Device Manager Enterprise feature causes stop errors. Also addressed is an issue in which the Site to Zone Assignment List group policy (GPO) was not set on machines when it was enabled.

There are also security updates for many Windows features and services, including Microsoft Edge, Microsoft Windows Search Component, Microsoft Scripting Engine, Microsoft Windows PDF Library, Windows Hyper-V, Windows Server, Windows kernel-mode drivers, Windows Subsystem for Linux, Windows shell, Common Log File System Driver, Internet Explorer, and the Microsoft JET Database Engine.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update.

(Get more info about KB4034674.)

KB4032188 (OS Build 15063.502)

Release date: July 31, 2017

This non-feature update addresses a variety of minor issues and bugs, including one in which Win32 applications have problems working with various Bluetooth LE devices including head tracking devices, a reliability issue with launching the Settings app while an application is using the camera, and a bug in which video playback artifacts appear during transitions from portrait to landscape on mobile devices.

What IT needs to know: Several minor issues addressed in this update affect IT, including the Mobile Device Manager Enterprise feature not allowing headsets to work correctly, and a bug that can cause a service using a Managed Service Account (MSA) to fail to connect to a domain after an automatic password update.

(Get more info about KB4032188.)

KB4025342 (OS Build 15063.483)

Release date: July 11, 2017

This security update (a Patch Tuesday release) fixes 54 vulnerabilities in Windows 10, Microsoft Edge, Internet Explorer, Microsoft Office and Microsoft Exchange. Nineteen of the vulnerabilities were rated as critical, 32 as important and three as moderate.

The critical bugs include six remote code execution ones, including one for Microsoft’s HoloLens mixed reality head-mounted display that is currently available only to developers. It allowed the device to be hacked “by merely receiving WiFi packets, apparently without any form of authentication at all,” in Microsoft’s words.

Microsoft Edge received patches for thirteen critical scripting engine memory corruption vulnerabilities, including one in which an attacker could gain the same user rights as the current user.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. In addition to the patches for Windows 10 Creators Update are security patches for Windows Server 2016 / Windows 10 Anniversary Update.

(Get more info about KB4025342.)

KB4022716 (OS Build 15063.447)

Release date: June 27, 2017

This non-security update kills more than three dozen minor bugs. Among them are one that causes the Camera app to use a lot of memory on mobile platforms, which reduces battery life. The update also improves Bluetooth connectivity with wearable devices.

What IT needs to know: Some of the bugs affect networks, including one in which network printers may fail when using the printer vendor’s setup software on machines with less than 4GB of RAM. Installing the printers using the Settings app or from Devices and Printers in Control Panel will ensure they’re installed properly. In addition, the update fixes an issue which prevented users from connecting to the Terminal Services Gateway (TSG) running on Windows Server 2008 SP2 after it has been upgraded to the Creators Update, with the result that users were not able to access Remote Desktop Services or remote apps.

(Get more info about KB4022716.)

KB4022725 (OS Builds 15063.413 and 15063.414)

Release date: June 13, 2017

This security update closes dozens of security holes, including two remote code execution vulnerabilities (CVE-2017-8464, which is similar to Stuxnet, and CVE-2017-8543, which is a wormlike attack).

It also fixes a variety of bugs, including one in which a user may have to press the space bar to dismiss the lock screen to log in, even after the log on is authenticated using a companion device.

What IT needs to know: Because this is a security update, it should be applied immediately, especially because several of the security holes are being actively used by attackers. (Get more info about KB4022725.)

KB4020102 (OS Build 15063.332)

Release date: May 25, 2017

This non-security update fixes a wide variety of bugs but offers no new features. Among other issues, it fixes a problem when network printers may fail to install using the printer vendor’s setup software on PCs with less than 4GB of RAM. It also fixes several problems with Internet Explorer, including one where non-administrator users can’t install ActiveX controls. (Get more info about KB4020102.)

KB4016871 (OS Builds 15063.296 and 15063.297)

Release date: May 9, 2017

This is a security update that also includes minor bug fixes, but no new features. The security updates are for Microsoft Edge, Internet Explorer, Microsoft Graphics Component, Windows SMB Server, Windows COM, Microsoft Scripting Engine, the Windows kernel, Windows Server, and the .NET Framework. Among the bugs fixed are one in which autochk.exe can randomly skip drive checks and not fix data corruptions, which could lead to data loss.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4016871.)

KB4016240 (OS Build 15063.250)

Release date: April 25, 2017

This non-security update squashes a wide variety of bugs but includes no new features. It fixes a bug that caused intermittent logout from web applications and another that made systems unresponsive in certain situations after running Direct3D apps in full-screen exclusive mode. Previous to this patch, Windows Forms configuration issues caused antivirus applications to stop working at startup; they now work.

What IT needs to know: Two of the bugs fixed with this release are one in which some VMs experienced network connectivity loss while provisioning IP addresses and another that prevented Group Policy settings from disabling the lock screen. (Get more info about  KB4016240.)

KB4015583 (OS Build 15063.138)

Release date: April 11, 2017

This security update includes only a few minor bug fixes and no new features. It updates security for Scripting Engine, libjpeg image-processing library, Hyper-V, Windows kernel-mode drivers, Adobe Type Manager Font Driver, Internet Explorer, Graphics Component, Active Directory Federation Services, .NET Framework, Lightweight Directory Access Protocol, Microsoft Edge and Windows OLE. In addition, it fixes a problem with updating time zone information.

What IT needs to know: Because this is a security update, it should be applied relatively soon. Over the next few weeks, check for reports about problematic issues, and if all seems well, apply the update. (Get more info about KB4015583.)

KB4016251 (OS Build 15063.13)

Release date: April 5, 2017

This non-security update fixes a few very minor bugs and has no new features. It repairs a problem that caused the Surface USB: Bluetooth radio to sometimes fail during hibernate/resume, and fixes an issue in which a virus protection product driver installation would trigger a system crash on Windows build 15060 configured with DeviceGuard. (Get more info about KB4016251.)

Windows 10 Creators Update (version 1703)

Release date: April 5, 2017

Version 1703, dubbed the Creators Update, is the major update to Windows 10 that preceded the Fall Creators Update. Here’s a quick summary of what’s new for users in the Creators Update. (For more details, see our full review.)

  • It helps you better organize the Start menu by letting you put multiple tiles for apps into a single folder — for example, you can group all social media apps into one folder.
  • Users are given a bit more control over the update process: They can delay an update for three days and keep delaying it in three-day increments, or choose specific times for updates to install.
  • The Edge browser has gotten some improvements, including having Flash disabled by default for security reasons and supporting the ePub and PDF formats for reading books and other content.
  • Microsoft added some 3D and virtual reality features, including running HoloLens virtual reality and mixed reality apps for the first time, and introducing a Paint 3D app for creating 3D objects.
  • System settings that previously were in multiple locations have been consolidated into the Settings app.
  • There’s a new all-in-one security dashboard called Windows Defender Security Center that consolidates many security and computer health settings and information.
  • New gaming features include streaming gaming sessions over the internet; a Game Mode to improve gaming performance; and a Game bar to let you record your gameplay, take screenshots and perform games-related tasks.
  • The Cortana personal assistant gets a few modest additions, including scheduling monthly reminders and helping you set up devices.

What IT needs to know: IT staff should be aware of these features that are new in the Windows 10 Creators Update:

  • Security has been improved in a number of ways, including adding new features and insights into Windows Defender Advanced Threat Protection (ATP) to better investigate and respond to network threats. Among the new features are sensors in memory, better intelligence and improved remediation capabilities.
  • Several new configuration service providers (CSPs) available in the Creators Update let administrators manage Windows 10 devices through Mobile Device Management (MDM) or provisioning packages. The DynamicManagement CSP, for instance, can enable or disable certain device features depending on location, network presence or time.
  • New mobile application management capabilities can protect data on personal mobile devices without requiring each device to be part of the corporate MDM.
  • The Windows Configuration Designer (previously called Windows Imaging and Configuration Designer) includes new wizards to make it easier to create provisioning packages, including for desktop devices, Windows mobile devices, Surface Hub devices, HoloLens devices and kiosk devices.
  • Enterprise security administrators get a more comprehensive documentation library for Windows Defender Antivirus.
  • If an enterprise-wide update policy hasn’t been configured, users with Windows Pro, Windows Enterprise or Windows Education editions have much more control over how Windows updates. With the Creators Update, users can now automatically delay cumulative monthly updates for up to 30 days, and can delay feature updates by up to 365 days.

For more details about new features for IT, see the Microsoft blog posts “Windows 10 Creators Update advances security and best-in-class modern IT tools” and “What’s new in Windows 10, version 1703 IT pro content.”

Take 2: Google AI again lets users generate images of people

August 29, 2024 /

Google’s Gemini AI model can once again be used to generate images that represent people, according to Ars Technica. The company had shut down the feature in February after it was criticized for creating historically inaccurate images often related to the subject’s skin color.

The now-updated Gemini 1.5 model should be able to avoid the earlier problems; Google says it also cannot generate images of photo-realistically identifiable individuals, such as famous people.

Google in a blog post Wednesday said it has also focused on improving both AI security and responsibility to ensure the technology is used in an ethical way.

Apple gives IT the power to switch off Apple Intelligence

August 29, 2024 /

Apple has introduced new tools mobile device management (MDM) vendors can use to give IT the power to restrict Apple Intelligence across their fleets. 

Understanding the significance of the on-going AI with everything war, Apple device management vendor Addigy was fast out the gate to announce its support for the tools, which other MDM providers are likely to support, too. The new tools basically consist of a set of restrictions that can be deployed against managed devices to prevent the use of Apple Intelligence features. 

What Apple Intelligence features can be controlled?

The AI features Apple has announced so far include Genmoji, Image Playground, Image Wand, iPhone Mirroring, and Writing Tools. The new controls allow MDM systems to offer admins console-based management tools to enable or disable their use on a managed device. The tools I’ve found include:

  • allowGenmoji.
  • allowImagePlayground.
  • allowImageWand.
  • allowiPhoneMirroring.
  • allowPersonalizedHandwritingResults.
  • allowVideoConferencingRemoteControl.
  • allowWritingTools.

It is worth noting that only the Writing Tools within Apple Intelligence have been made available in beta so far, and Apple has always said some of its AI functions won’t be available until next year. The idea is that IT will be able to disable the features if they’re concerned about use of company data with AI.

Addigy acts fast

In announcing its support for the new restrictions, Addigy CEO Jason Dettbarn said: “While Apple Intelligence is an exciting development, many organizations are rightly concerned about potential impacts. Some don’t allow AI on devices. Others want to fully understand its implications before deciding when, or even whether, to enable it — and they don’t want to risk waiting until AI ships to try managing it.” 

Of course, as Apple Intelligence remains beta software, Addigy MDM is only available to organizations that are part of Apple’s AppleSeed for IT scheme, which lets users test upcoming Apple releases in unique work environments.

I expect other MDM vendors intend to include support for Apple’s restrictions in their own systems. (Some have begun such deployment in beta.)

Why does this matter?

The decision to enable MDM services to prevent the use of Apple Intelligence will be welcomed by enterprise users concerned their employees might inadvertently leak confidential or protected information while using the new AI service.

The release is also true to form. Apple’s commitment to privacy and security across all of its devices is more than skin deep; its extensive white paper explaining the Private Cloud Compute service is proof positive. 

But data privacy is a journey, and the best way to protect anyone’s data is not to have any of it in the first place — that’s Apple’s constant aim in everything it does, including AI. The company’s decision to use as little information as it can to make services work is a very smart one, as it minimizes the potential attack surface. Giving MDM the power to forbid any such use also protects devices and their data.

Save the world

We know the company is working to build AI models that run on device, rather than in the cloud. That’s a good thing, as it protects privacy. But the move to ensure small models run at relatively low power could also help reduce the overall energy consumption we’re seeing from the growing use of generative AI (genAI). That seems particularly important now that some estimates indicate ChatGPT is consuming as much energy to generate its responses as would be needed to power 21,602 US homes for a year. Apple’s environmental commitments mean it will take energy consumption generated by Apple Intelligence into account in its environmental reporting.

(I do note that the new tools don’t seem to constrain the use of ChatGPT from Apple Intelligence on a managed device, but I imagine there will be some protection in place by the time integrated access ships.)

It’s time for Apple in business

One final note: Apple has introduced MDM code to prevent the installation of apps downloaded from websites on managed devices. That’s good, as it means European firms won’t be forced to expose their data to the risk of accidental malware installation via apps found outside of legitimate app stores.

Finally, of course, Apple’s painstaking preparation for the mass market introduction of AI on its platforms should be seen as proof positive, as if it were required, that its ecosystem is secure by design and quite ready for business.

More from Jonny Evans

Please follow me on LinkedInMastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

California’s contentious AI safety bill gets closer to becoming a law

August 29, 2024 /

California State Assembly last week passed the “hotly debated” AI safety bill that could establish the nation’s most stringent regulations on AI, with the California Senate later approving the Assembly’s amendments, setting the stage for a contentious decision by Governor Gavin Newsom.

The legislation, known as the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (SB 1047), proposes rigorous testing and accountability measures for AI developers, particularly those creating large and complex models. The bill, if enacted into law, would require AI companies to test their systems for safety before releasing them to the public.

The State Senate, which has already passed the legislation, later approved the Assembly’s amendments and sent the bill for “engrossing and enrolling” — the processes of verifying that all amendments are correctly incorporated and proofreading the printed version. Once that is complete, Newsom will have until September 30 to sign or veto the bill.

“With this vote, the Assembly has taken the truly historic step of working proactively to ensure an exciting new technology protects the public interest as it advances,” Senator and co-author of the bill Scott Wiener said in a statement.

Key Provisions of the bill

Authored by Democratic State Senator Scott Wiener, the bill mandates that companies developing advanced AI models — specifically those costing over $100 million to create or those using substantial computing power — must undergo pre-sale testing for significant risks. This includes preventing the misuse of AI for tasks such as launching cyberattacks or developing biological weapons.

The bill also requires developers to implement a “kill switch” to deactivate models that pose a threat and to undergo third-party audits to verify their safety practices.

If AI technologies are found to be used in harmful ways and companies have not conducted the required testing, the bill empowers the state attorney general to file lawsuits. The legislation aims to protect the public from potential AI-related hazards but also seeks to balance innovation with safety.

Though the bill, also known as SB 1047, aims to impose rigorous safety standards on AI developers, it has also drawn sharp criticism and sparked a broader controversy about the future of AI regulation in the state.

While proponents argue that the legislation is necessary to protect the public and prevent the dangerous misuse of AI, critics claim that the AI bill goes too far and could stifle innovation. They warn that the stringent requirements might drive AI developers out of California, making the state less competitive in the fast-evolving tech landscape.

Tech industry pushback

The tech industry has reacted strongly against SB 1047. More than 74% of all companies that shared their views over the bill have opposed it. Major players including Google and Meta have voiced their opposition, fearing that the bill could create an unfriendly regulatory environment and hinder AI advancements.

OpenAI, known for its popular ChatGPT platform, has argued that AI regulation “should be handled at the federal level” to ensure a uniform approach across states, rather than through state-specific laws that could lead to a patchwork of regulations. In an open letter to Senator Weiner, OpenAI chief strategy officer Jason Kwon said the AI bill would “stifle innovation,” and companies would “leave California.”

Weiner, however, responding to the letter, said this argument “makes no sense.”

“This tired argument — which the tech industry also made when California passed its data privacy law, with that fear never materializing — makes no sense given that SB 1047 is not limited to companies headquartered in California. Rather, the bill applies to companies doing business in California. As a result, locating outside of California does not avoid compliance with the bill,” Weiner wrote in the letter.

SB 1047 has also drawn criticism from key industry figures, including Dr. Fei-Fei Li, the co-director of the Stanford Institute for Human-Centered Artificial Intelligence and often referred to as the “godmother of AI.”

In an article published in Fortune earlier this month, Li expressed concerns that the bill’s penalties and restrictions could have unintended consequences that stifle innovation.

She argued that SB 1047 “will harm our emerging AI ecosystem,” particularly affecting sectors that are already at a disadvantage compared to major tech companies, such as the public sector, academia, and smaller tech firms.

Even some AI researchers and developers who support the idea of regulation have criticized the bill. Andrew Ng, a prominent AI entrepreneur and former head of AI at Google, has called the bill “anti-open source” and “anti-innovation” in an X post arguing that it targets the broad development of AI technology rather than focusing on specific harmful applications.

Not only the tech leaders, but even Democrat lawmakers have also opposed the bill vehemently. House Speaker Nancy Pelosi, representing San Francisco, has been particularly vocal in her opposition, labeling the bill as “well-intentioned but ill-informed.” She and Representatives Ro Khanna and Zoe Lofgren argue that the bill could harm California’s tech industry by imposing burdensome regulations that may deter AI development.

In an open letter, the group of lawmakers expressed concerns that the bill could jeopardize open-source AI models, which rely on publicly available code and are considered vital for advancing AI technologies. They argue that such regulations could discourage innovation and put California at a disadvantage compared to other states and countries that are more welcoming to AI development.

Besides, industry groups have also launched a major campaign against the bill, including creating a website that generates letters for people to send to California lawmakers, urging them to vote against the legislation.

Despite the significant pushback, SB 1047 has found supporters both in the legislature and within the tech community. The bill passed the California Assembly with a 41-9 vote and is expected to clear the Senate again before reaching Governor Newsom’s desk.

Supporters like Tesla CEO Elon Musk and AI startup Anthropic have praised the bill for taking a proactive stance on AI safety, emphasizing the need for guardrails to prevent potential misuse of powerful AI technologies.

However, Senator Wiener has defended the legislation, arguing that it does not stifle innovation but aims to ensure that AI development proceeds responsibly. “Innovation and safety are not mutually exclusive,” Wiener said in the statement, stressing that the bill is designed to increase public trust in AI technologies by holding companies accountable to safety standards they have already adopted.

What’s next for the California AI bill?

As the bill moves closer to becoming law, Governor Newsom faces a pivotal decision that could have wide-ranging implications for the tech industry and AI regulation nationwide.

With Congress showing little progress on federal AI legislation, California’s actions could set a precedent for other states considering how to manage the rapid development of AI technologies.