auditing

Microsoft released a cumulative security update today for Windows 11’s servicing branches 22621 and 22631 — published as KB5065431 (OS Builds 22621.5909 and 22631.5909) — that combines a Latest Cumulative Update (LCU) with a servicing‑stack update (SSU) and carries a set of security and quality...

Microsoft’s Copilot Studio has moved from built‑in guardrails to active, near‑real‑time intervention: organizations can now route an agent’s planned actions to external monitors that approve or block those actions while the agent is executing, enabling step‑level enforcement that ties existing...

Microsoft has quietly but meaningfully shifted the balance of power between autonomous AI agents and enterprise defenders: Copilot Studio now supports near‑real‑time runtime security controls that let organizations route an agent’s planned actions through external monitors (Microsoft Defender...

Satya Nadella’s short thread on X showing five ChatGPT-5 prompts has done more than spark social-media conversation — it offers a practical blueprint for how Microsoft expects Copilot to reshape executive workflows, compress decision cycles, and push generative AI from “drafting tool” to a...

X’s new XChat promises “end-to-end” privacy — but its current implementation leaves several simple, well-known privacy protections out in the open, and experts warn that the feature as shipped can expose users to avoidable risks ranging from leaked image metadata to a service operator or insider...

Microsoft will audit and then begin enforcing a block on NTLMv1–derived credentials in Windows 11, version 24H2 and Windows Server 2025: the change is gated by a new registry key (BlockNtlmv1SSO), exposes two new NTLM event IDs for Audit vs Enforce behavior, and will be rolled out in phases...

Microsoft’s Agent Factory guidance sharpens the focus on agent observability as the non-negotiable foundation for reliable, safe, and scalable agentic AI — and its recommendations are timely: as agents move from prototypes to workflows that touch business-critical data and systems, observability...

Microsoft’s recent quiet fix to an M365 Copilot logging gap has opened a new debate over cloud transparency, audit integrity, and how enterprise defenders should respond when a vendor patches a service-side flaw without issuing a public advisory. Security researchers say a trivial prompt...

Microsoft’s Copilot is delivering real productivity gains across Word, Teams, Outlook and other Microsoft 365 surfaces — but a recent disclosure shows those gains can come at the cost of auditability: under certain prompting patterns Copilot has produced user-visible summaries and actions...

A security researcher’s routine Copilot query revealed a startling blind spot in Microsoft’s logging: under certain prompts, Copilot could return file summaries without leaving the expected Purview audit entry — and, according to the researcher, Microsoft quietly rolled out a fix without issuing...

A single frame published on a local page — a wire or staff photograph labeled “Panthers Texans Football” and paired with a terse, weather‑style line — crystallized a familiar but avoidable editorial tension: vivid visual storytelling versus the metadata and verification practices that protect...

Microsoft’s Copilot may have closed an eye‑catching zero‑click hole, but a quieter — and arguably more dangerous — problem has been bubbling under the surface: Copilot and related AI components are not reliably creating the audit trails organizations depend on for compliance and forensics. That...

Microsoft has quietly moved one of the most consequential AI experiments of the last year from a sidebar into the very fabric of Excel: the new COPILOT function lets users write plain‑language prompts directly in a cell and receive AI‑generated results that behave like any other formula in the...

Excel’s new COPILOT function hands everyday spreadsheet users an AI-powered microscope and a blunt instrument at the same time: it can summarize, classify, extract, and generate structured outputs from free-text or tabular data with a single cell formula, but it also introduces new operational...

Microsoft 365 Copilot is reshaping how knowledge workers draft emails, summarize meetings, and automate tasks—but for regulated industries the productivity upside comes with a non‑negotiable requirement: auditable, defensible recordkeeping and governance. Enterprise compliance teams now face a...

The UK government has announced a national programme to trial agentic AI across public services, inviting frontier AI labs to work with Whitehall teams to build prototypes that could automate routine “life admin” — from filling forms and booking appointments to tailored careers and...

The arrival of GPT‑5 and the public reaction to it have exposed a familiar but urgent truth: incremental technical progress can sharpen capability while exposing unresolved safety, UX and trust problems — and a single real‑world harm can erase otherwise tidy marketing narratives. The Northwest...

Popular generative‑AI browser assistants can and do sweep up deeply personal data from ordinary web sessions — including health records, bank details and even social‑security numbers — and forward that content to remote servers where it can be tracked, profiled and reused in ways most users...

A Microsoft Garage hackathon prototype has graduated into a commercial workstream that uses generative AI to attack permitting bottlenecks across nuclear, renewable, mining, and grid projects — a practical, high-stakes application of AI that could materially shorten the time and cost of getting...

iManage’s latest announcement tightens the scaffolding around AI for law firms: the company has added support for the Model Context Protocol (MCP), upgraded its Insight+ search and knowledge-discovery engine, and expanded Ask iManage’s conversational and evidence features — all intended to let...