Navigation section

Copilot Arrives on Windows 11 Taskbar: People Files Calendar Get AI Prompts

  • Thread Author
Microsoft has quietly extended its Copilot footprint into the lightweight Microsoft 365 companion apps that live on the Windows 11 taskbar, embedding contextual AI prompts and one‑click Copilot access into People and Files today — with Calendar integration scheduled to follow — and doing so via an automatic, tenant‑gated deployment that many organizations will see appear on eligible devices unless administrators act first.

Blue-tinted UI with translucent panels and a Copilot grounding message.Background​

Microsoft’s long‑running strategy to make Copilot the default assistant across Windows and Microsoft 365 has shifted from in‑app ribbons and a single chat window toward small, independently updatable “companion” apps anchored in the taskbar. These companions — People, Files (File Search), and Calendar — are designed as rapid, always‑available surfaces that surface Microsoft Graph data (contacts, documents, meetings) without launching heavyweight clients like Outlook, Teams, or Office. The new twist: each companion now includes Copilot affordances — inline suggested prompts and an “Ask Copilot” handoff that opens the tenant‑grounded Copilot chat for deeper, context‑aware responses.
This rollout is part of a broader push to normalize Copilot as a productivity primitive across Microsoft’s ecosystem. Microsoft has configured the companion apps to be installed automatically on Windows 11 devices that already have Microsoft 365 desktop apps, with the company providing tenant‑level controls for commercial customers to block future automatic installs. The deployment is staged and tenant‑gated, with Microsoft indicating a rollout window from late October through late December 2025.

What changed: Copilot inside People, Files, and Calendar​

People: contact‑centric intelligence​

The People companion is now more than a directory: Copilot prompts appear under contact cards and org entries to surface recent communications, highlight responsibilities, and suggest conversation starters or follow‑ups. Users can select a suggested prompt to escalate the query into the Microsoft 365 Copilot chat, which — if the tenant has the paid Copilot add‑on — can ground answers in exchange mail, Teams chat, org metadata and other Graph signals. That means quick briefings before a meeting or an instantly generated follow‑up list without opening Outlook or Teams.

Files (File Search): summarize, extract, act​

The Files app aims to turn a file preview into a productive action. Copilot is accessible from the preview pane for items indexed from OneDrive, SharePoint, Teams attachments, and Outlook attachments. Typical workflows include document summarization, extraction of key figures from Excel, creation of action‑item lists from PowerPoint decks, and drafting short briefs that can be exported to email or other documents — all without opening the full client. This shortens the discovery‑to‑action path for quick triage and meeting prep.

Calendar: meeting prep and recaps (coming soon)​

Calendar’s Copilot features are rolling out more slowly. When available, the companion will offer meeting summaries, suggested prep materials, talking points, and natural‑language search across events (for example, “show last week’s budget review with finance”), with deeper contextual follow‑ups opening in Copilot chat. Microsoft has indicated Calendar Copilot is imminent but scheduled after People and Files.

Deployment model and administrative controls​

Microsoft has made deployment choices that prioritize reach and discoverability: the companion apps are packaged as small, standalone apps that auto‑install on eligible Windows 11 devices that run Microsoft 365 desktop clients. The defaults configure them to launch at user sign‑in (minimized to the taskbar) so results are immediately available. Administrators in commercial tenants can prevent future automatic installations through the Microsoft 365 Apps Admin Center (Device Configuration → Modern App Settings → uncheck the automatic install flag), and Intune/Group Policy/AppLocker remain options for layered enforcement. That said, preventing reinstallation or removing apps already installed requires endpoint‑level actions.
Key operational points admins must note:
  • The distribution is tenant‑gated and staged across the late‑October to late‑December 2025 window.
  • Tenant opt‑out prevents future automatic installs but does not automatically remove companions already deployed; removal requires device management.
  • The companions use an independent update stream outside traditional Office servicing, which accelerates feature delivery but adds another update surface to inventory and monitor.

Licensing, grounding, and costs​

Not all Copilot experiences are equal. There are two important distinctions to understand:
  • The companion UI will present suggested prompts and can route freeform queries into the Copilot chat experience, which may offer a Copilot Chat session for free in some contexts.
  • The deeper, tenant‑grounded Copilot that reasons directly over organizational Graph data (mail, SharePoint files, Teams messages) typically requires the paid Microsoft 365 Copilot add‑on. Public guidance has placed that commercial add‑on around an approximate price of $30 per user per month (annual commitment typical), though exact licensing terms, bundle offers and regional pricing vary by SKU and contract. Administrators must validate entitlements before enabling tenant‑grounded Copilot features.
This matters operationally: companion prompts will be visible regardless, but the ability for Copilot to produce grounded summaries or to access tenant mail/files in replies is gated by licensing and tenant configuration.

Privacy, data handling, and compliance considerations​

Embedding Copilot into fast, always‑available surfaces raises immediate governance questions. The companions rely on Microsoft Graph to surface files, contacts, and meeting metadata — and Copilot’s value depends on being able to ground outputs in that tenant data. That creates three important review points for privacy and compliance teams:
  • Data surface and telemetry: Organizations must verify what specific data elements are read, sent, or logged when a user requests a Copilot summary from a companion. Administrators should consult tenant Message Center notices and contractual documentation to understand telemetry retention and processing locations.
  • DLP and policy coverage: Because companion flows can extract summaries and action items from files, DLP policies and information protection labels must be evaluated to ensure Copilot interactions do not violate classification or sharing controls.
  • Regional/regulatory nuance: Past rollouts have shown Microsoft may carve out regions (notably the EEA) for automatic Copilot app deployments. While the EEA exclusion applied to the earlier Copilot app rollout, companion deployments have had mixed public signals; administrators in regulated jurisdictions should confirm behavior for their tenant and geography in the Microsoft 365 admin center. Treat public messaging as a guide and Message Center notices as authoritative for your tenant.
Where specifics are unclear or undocumented for a particular tenant, flag further validation as required — the practical effect of a Copilot prompt that reads meeting transcripts or chat history can vary depending on telemetry settings and whether the tenant has enabled tenant‑grounded Copilot.

Benefits: where the companion Copilot model helps​

The productivity case for companions is concrete in several everyday scenarios:
  • Faster context retrieval: Quickly summarize a shared deck before hopping into a meeting, or get a fast brief on a colleague before a call. This reduces context switching and friction.
  • Triage and actionability: From a preview pane you can generate an action list or draft a follow‑up email, turning discovery into execution in fewer clicks.
  • Lighter clients for routine tasks: The companions let users complete small, frequent tasks (find a file, check a colleague’s presence, review a meeting agenda) without loading heavy clients, which is useful for quick interruptions or low‑power devices.
For organizations that have already invested in Copilot licensing and governance, these surfaces can reclaim minutes across many users’ days and improve meeting readiness for knowledge workers.

Risks, trade‑offs, and operational downsides​

The rollout also introduces measurable trade‑offs:
  • Perceived bloat and user trust: Automatic installs and autostart behavior have historically generated user pushback. Unexpected apps on managed or personal devices can drain trust and produce helpdesk noise. That was a recurring theme during earlier Copilot/companion rollouts.
  • Management and patching overhead: Companion apps add an additional update surface to asset inventories. Small, frequent updates are beneficial, but they also require integration into change‑control processes and vulnerability management.
  • Privacy and data leakage risk: When Copilot accesses tenant data to ground responses, organizations must be certain that DLP, retention, and access policies remain effective. Outbound telemetry and logging need to be understood and documented.
  • Licensing surprises: If administrators allow companion apps to be broadly available without aligning licensing, users may expect tenant‑grounded Copilot behavior that the organization hasn’t purchased, leading to confusion and potential governance gaps.
  • Performance footprint: Although companions are lightweight, autostart at login increases background processes and may impact perceived performance on older or lower‑spec hardware.

Practical, prioritized checklist for administrators​

  • Inventory and map: Identify Windows 11 endpoints that have Microsoft 365 desktop clients installed and map them to business units and compliance regimes.
  • Pilot with representative teams: Run a small pilot across 30–60 days including legal, finance, and a high‑collaboration business unit to validate data flows, DLP interactions, and helpdesk impact.
  • Apply tenant opt‑out if required: If the organization’s posture requires it, go to Microsoft 365 Apps Admin Center → Device Configuration → Modern App Settings → clear the automatic install for Microsoft 365 companion apps. Remember this blocks future installs, not removal of already‑installed companions.
  • Layer enforcement: For absolute blocking, deploy AppLocker, Intune/Endpoint Manager policies, or Group Policy to prevent installation or execution. Test removal scripts at scale.
  • Validate DLP and telemetry: Engage privacy and security teams to confirm how Copilot interactions are logged and whether PII or regulated data could be exposed. Update DLP rules accordingly.
  • License planning: Confirm which user groups will require paid Microsoft 365 Copilot seats to use tenant‑grounded features, and align procurement. Include finance and procurement in the review to avoid surprises.
  • Communicate proactively: Announce the change, document how users can disable auto‑launch or uninstall if permitted, and prepare helpdesk scripts to reduce ticket volume.

Advice for end users and personal subscribers​

For personal Microsoft 365 users (non‑managed devices) the consumer experience diverges from enterprise:
  • There is no documented global consumer pre‑install opt‑out; companions can appear silently on devices with Microsoft 365 desktop clients. Users can uninstall the apps via Settings → Apps → Installed apps, or disable autostart in companion settings, but proactive prevention is limited for unmanaged devices. Advanced users can use AppLocker or registry/GPO techniques to block reinstallation, but these carry risks.
If Copilot or companion apps are unwanted on a personal device, the practical steps are:
  • Uninstall the companion apps from Settings.
  • Disable Copilot inside Office apps (per‑device toggles exist in Office options on supported builds).
  • Use endpoint controls or subscription choices if you want a more permanent opt‑out (some subscription tiers and regional differences affect Copilot availability).

Critical analysis: strategic logic vs. user control​

Embedding Copilot into taskbar companions is strategically sensible: it puts assistance where users already glance multiple times daily and lowers friction between discovery and action. The architectural decision to ship companions as lightweight, independently updateable packages accelerates product velocity, enabling Microsoft to iterate quickly and deliver new Copilot capabilities without waiting for major Office or Windows releases. For organizations already committed to Copilot with mature governance, the companions can be a net productivity win.
However, the operational and ethical calculus is uneven. Automatic distribution by default — even when tenant opt‑out exists — shifts the burden onto administrators and users to police what lands on endpoints. That model propagates the same complaints that surfaced around prior Copilot pushes: perceived bloat, surprise installs, and erosion of user choice. Privacy and compliance concerns are real where Copilot features are tenant‑grounded, and they require rigorous validation before broad enablement. The absence of a simple toggle to remove Copilot capabilities from companions once installed (beyond uninstalling the apps) amplifies those concerns in organizations that value tight control over software and data flows.

Flags and unverifiable points​

  • Regional exclusions: earlier Copilot app deployments explicitly excluded the EEA from automatic installs; companion apps have been described as broadly applicable to Windows 11 devices with Microsoft 365 installed, but public signals about regional carve‑outs have varied. Administrators should verify tenant Message Center notices for authoritative guidance specific to their tenant and geography. This regional nuance remains subject to tenant‑level confirmation.
  • Exact pricing and license entitlements: the commonly referenced figure of roughly $30 per user per month for the Microsoft 365 Copilot add‑on is an approximate guide drawn from public guidance; contract terms, SKUs, discounts and regional pricing vary. Treat the $30 figure as indicative, not contractual, and confirm with Microsoft or procurement for accurate budgeting.
  • Telemetry and data retention details: Microsoft’s public product messaging outlines that Copilot uses tenant data for grounding, but precise telemetry retention windows, logs available to Microsoft, and the location of processing can vary by agreement. These are typically spelled out in contractual documentation and Message Center notices and should be validated by legal/privacy teams.

Final verdict and recommendations​

Microsoft’s extension of Copilot into the Microsoft 365 companion apps is a logical next step in making AI assistance discoverable and low‑friction on the desktop. For those who have already adopted Copilot and wish to speed meeting prep, triage, and simple document workflows, the People and Files companions — with Calendar following — will likely deliver tangible productivity gains.
That upside, however, is matched by real governance responsibilities. The companion rollout should be treated as an operational event:
  • Administrators must inventory affected endpoints, decide posture, pilot changes, and implement layered controls where necessary.
  • Privacy and compliance teams must validate data flows, DLP compatibility, and telemetry retention before broad enabling of tenant‑grounded Copilot features.
  • Procurement must be looped in to avoid licensing surprises if tenant‑grounded Copilot is expected to be widely used.
In short: the companion Copilot features are powerful, but they are not purely a product problem — they are an operational one. Organizations that plan, pilot, communicate and govern will capture the benefits without falling prey to surprise installs, privacy gaps, or ballooning support tickets. For unmanaged personal users, the only reliable controls are uninstall and per‑device toggles; avoidance of Microsoft 365 desktop apps is the more certain path to preventing automatic companion apps from appearing.
Microsoft’s strategy is clear: make Copilot ubiquitous and unavoidable in places where work happens. Whether that becomes a productive, welcome evolution of the Windows desktop or another source of user friction will depend largely on how responsibly it is governed and how transparently it is communicated to the organizations and people it touches.
Conclusion
The Microsoft 365 companion apps with integrated Copilot are a pragmatic attempt to place AI assistance in the most glanceable parts of the Windows desktop. They promise useful shortcuts and faster workflows, but their automatic, background deployment model and the coupling of Copilot grounding to tenant data place a renewed onus on IT, privacy and procurement teams to act decisively. Prepare, pilot, and govern — otherwise, convenience will arrive on your users’ taskbars before you’ve had a chance to decide whether you want it there.
Source: theregister.com Microsoft adds Copilot to 365 companion apps, like it or not
 

Click to expand...
A targeted espionage campaign linked to a China‑nexus threat actor has weaponized an unpatched Windows shortcut flaw to deliver the long‑running PlugX backdoor to diplomats and government aviation staff in Europe, security researchers warn — and the underlying Windows weakness remains a live, unremediated attack surface months after it was disclosed.

Blue-tinted scene of two professionals at screens as a large glowing .Ink file icon dominates.Background​

The technical core of this story is a Windows shortcut (LNK) UI‑misrepresentation bug that Trend Micro’s Zero Day Initiative tracked internally as ZDI‑CAN‑25373 and which was later assigned CVE‑2025‑9491. The vulnerability lets an attacker hide hazardous command‑line arguments inside a .lnk file so that Windows’ file properties and Explorer UI do not display the real command being invoked. That makes a shortcut look benign while silently executing attacker‑supplied commands when clicked. Researchers found the technique is not new in concept — malicious LNK files and whitespace obfuscation have been abused in malware campaigns for years — but the scale, breadth of actors, and recent targeting of diplomatic personnel show how attractive this vector remains for espionage operators. Trend’s analysis identified hundreds of LNK artifacts tied to multiple state‑sponsored groups going back to 2017; those findings were disclosed to Microsoft under coordinated vulnerability disclosure. Separately, Google’s Threat Intelligence Group (GTIG) and multiple security vendors reported that a PRC‑nexus cluster tracked as UNC6384 (aliases include Mustang Panda / Twill Typhoon) has used a multi‑stage chain — often involving captive‑portal hijacks, social engineering, and DLL sideloading — to deploy a PlugX variant against diplomatic targets in several countries. That campaign surfaced in March and researchers documented additional instances targeting European diplomatic events in September–October.

What the attacks look like — step‑by‑step anatomy​

The publicly reported intrusions follow a tightly orchestrated, social‑engineering heavy playbook that mixes classic spyware delivery with modern evasions.

1. Theme‑specific lures and precision targeting​

  • Attackers sent highly tailored phishing lures and weaponized download artifacts framed around diplomatic conferences, meeting agendas, and infrastructure cooperation. One sample name reported to researchers was a shortcut named like a meeting agenda (for example, "Agenda_Meeting 26 Sep Brussels.lnk"), paired with a decoy PDF that displayed a legitimate meeting agenda to convince the victim to open the file. This level of targeting suggests the operators mapped diplomatic calendars and event themes in advance.

2. LNK abuse: invisible command arguments​

  • The LNK file itself exploits the UI misrepresentation weakness by padding the COMMAND_LINE_ARGUMENTS field with whitespace (space, tab, linefeed and other control characters). The padding hides the malicious payload command from Explorer’s UI and the file properties dialog, so a user who inspects the shortcut sees nothing suspicious while executing a command that launches PowerShell or another interpreter to pull secondary stages. This is the core of ZDI‑CAN‑25373 / CVE‑2025‑9491.

3. Secondary stage: PowerShell and archive extraction​

  • When executed, the LNK launches PowerShell to decode or extract a bundled archive (for example, a tar or MSI). That archive contains a trio of files used to complete the chain: a signed but repurposed legitimate binary, a malicious loader DLL, and the encrypted PlugX payload blob. The decoy PDF is typically displayed so the victim believes the file was harmless reference material. Multiple vendor write‑ups have documented similar staging sequences.

4. DLL sideloading via a trusted executable​

  • Attackers frequently use DLL side‑loading — placing a malicious DLL next to a legitimate application that will load it due to Windows’ DLL search order — to get code running inside a signed, trusted process. In several campaigns researchers observed the Canon IJ Printer Assistant utility or similar vendor tools used as the trusted host executable; the signed executable loads a malicious DLL that acts as a loader/launcher for the final PlugX implant. DLL sideloading is a long‑established, hard‑to‑detect technique that bypasses signature‑based defenses by running attacker code inside an otherwise benign, signed process.

5. Final payload: PlugX in memory​

  • The loader DLL decrypts and in‑memory executes the PlugX payload (sometimes tracked as SOGU / SOGU.SEC variants). PlugX is a modular Remote Access Trojan (RAT) that supports interactive shells, file exfiltration, keystroke logging, plugin loading, and persistence mechanisms — a full feature set useful for espionage operations. Because the payload runs under a signed process and often avoids writing the final binary to disk, the operation increases the chance of evading endpoint detection.

What we can verify now — and what remains uncertain​

Verified facts supported by multiple independent sources
  • ZDI researchers publicly disclosed a Windows shortcut UI misrepresentation issue tracked as ZDI‑CAN‑25373; it was assigned CVE‑2025‑9491. The advisory and CVE records are public.
  • Security vendors and GTIG independently reported UNC6384 activity that uses PlugX and sophisticated distribution techniques (captive‑portal hijacks, signed downloaders, DLL sideloading) to target diplomats in Asia and beyond. These findings are documented in multiple vendor blogs and GTIG’s threat intelligence posts.
  • PlugX is a long‑lived RAT first observed at least as far back as 2008 and remains in use by Chinese‑nexus espionage clusters; its capabilities and use in DLL sideloading chains are well documented.
  • Microsoft and major endpoint vendors say detection capabilities exist (Defender detections, Smart App Control, etc. and Microsoft’s public statements indicated the company did not plan an immediate servicing patch for the ZDI disclosure, instead treating it as a candidate for a future feature update. That position was reported by multiple outlets quoting Microsoft spokespeople.
Claims that require caution or independent confirmation
  • The Register and Arctic Wolf reported that UNC6384 used the specific CVE‑2025‑9491 LNK exploit to target European diplomats in Belgium, Hungary, Italy, the Netherlands, and Serbian aviation departments in September–October 2025, and that attackers used an expired but timestamped Symantec signature on a Canon printer assistant utility to bypass trust. Those details appear in vendor briefings and press reporting but have limited public technical telemetry available for verification beyond the vendor reports cited; independent confirmation from multiple telemetry owners or a public Arctic Wolf report is limited in the open record at the time of writing. Treat the most granular implementation details (exact filenames, certificate timestamps, and country lists) as vendor‑reported intelligence that should be validated against private telemetry if you’re in an affected organization.
Why this caveat matters: targeted espionage reporting frequently includes sensitive indicators and victim lists that are not always reproducible in public datasets. Public vendor blogs and government advisories provide the highest confidence; media write‑ups may summarize those vendor claims without sharing raw telemetry.

Why Microsoft’s response — or lack of a prompt patch — matters​

Trend/ZDI’s advisory classified the root problem as UI misrepresentation (CWE‑451) — Windows can show a benign Target field while the LNK actually executes hidden arguments. Microsoft publicly said the issue did not meet its servicing threshold for an out‑of‑band security update, indicating the company prefers to rely on detection and platform mitigations (Microsoft Defender rules, Smart App Control, blocking dangerous extensions in Office/Outlook) rather than shipping a rapid hotfix. Multiple outlets reported that Microsoft told researchers it would “consider addressing the issue in a future feature release.” That posture has predictable consequences:
  • When a vulnerability is weaponized by a range of state actors — and when simple techniques like whitespace padding are easy to implement — defenders who rely on vendor patching as the primary control are left exposed.
  • Microsoft’s approach shifts the burden to customers to tune detection and enforce application controls, but those mitigations have friction costs and do not eliminate the underlying UI quirk that allows deception.
  • Attackers profit from the long tail: even if Microsoft later changes Explorer’s UI to display hidden content differently, there are thousands of unpatched systems and habitually risky user behaviors that keep this vector viable for espionage campaigns.
Those real‑world dynamics explain why several APT groups — from North Korea to Iran, Russia, and China — have reused the technique over multiple years.

The strategic picture: why diplomats are attractive targets right now​

Diplomats, foreign ministry officials, and aviation departments hold high‑value intelligence:
  • Meeting agendas, attachments, travel logistics, and inter‑governmental memos are rich intelligence sources; those same artifacts are often exchanged via email and conference distributions where attackers can craft realistic lures.
  • Diplomatic conference schedules and invitation lists are public and predictable, which makes social engineering far more effective: attackers simply mirror known event names and agendas to build credibility.
  • Many diplomatic staff use laptops with broad network access, third‑party printers, or hotel/airport Wi‑Fi — environments where captive‑portal redirects or compromised edge devices can be used to initiate an infection chain without elaborate infrastructure.
The UNC6384 activity shows that nation‑grade espionage actors favor elegant blends of human intelligence (targeting, timing) and technical trickery (signed downloaders, captive‑portal redirects, DLL sideloading). The result is a high success probability with lower operational cost than noisy mass scanning or network exploitation campaigns.

Why the delivery technique is so effective: three engineering realities​

  • Windows UI assumptions and user habits
  • Most users trust Explorer’s Properties dialog. When UI fields truncate or hide content, basic manual inspection no longer works as an anti‑phishing control. This is a human factors failure at scale.
  • Signed binaries and timestamped signatures
  • Code signing remains a powerful trust heuristic. Authenticode timestamping preserves the validity of signatures after a certificate’s “Not After” expiration date if the binary was timestamped while the signing certificate was valid; defenders cannot rely purely on “expired cert” heuristics unless they also enforce lifetime‑signing policies. That real behavior explains why attackers will reuse legitimately signed but expired‑looking binaries if a proper timestamp was applied at signing. Security teams must therefore treat signature provenance and timestamping as part of their trust model.
  • DLL sideloading: trusted process, untrusted code
  • Signed, trusted executables that accept implicitly referenced DLL names are a perennial problem: the Windows DLL search order means a malicious DLL in the application directory may be loaded before the legitimate system DLL, which allows code execution under a signed (and therefore often whitelisted) process. That bypasses many signature‑based detections unless behavioral monitoring is in place.

Practical defensive steps for Windows administrators and diplomats​

The offensive chain is multi‑stage, so defenders need layered compensations. Prioritize controls based on risk and operational impact.
Immediate mitigations (low operational cost)
  • Block or quarantine inbound .lnk attachments at mail gateways and web download filters; treat LNK as a high‑risk extension. Many enterprise gateways can block or rewrite dangerous attachments.
  • Disable preview panes and automatic file preview in Explorer and Outlook to prevent accidental content rendering that can activate malformed shortcuts.
  • Educate staff handling diplomatic events to treat meeting invitations and attached files from third parties with heightened suspicion; use out‑of‑band validation for attachments that request execution of software or downloads.
Platform controls (medium cost but high efficacy)
  • Harden endpoints with Smart App Control, Microsoft Defender Exploit Protection rules, or equivalent application control features; enable Windows Defender/EDR capability to block suspicious PowerShell and script execution flows. Microsoft has advised these protections as compensating controls.
  • Deploy application whitelisting (WDAC or AppLocker) on high‑value devices so only pre‑approved binaries can execute; block execution of unsigned DLLs loaded from user writable paths.
  • Enforce code signing and timestamp verification policies: surface binaries with expired signing certificates and suspicious timestamp chains for investigation; consider disallowing timestamped validation if your environment requires stricter control. Note: timestamped signatures are normally considered valid even after the certificate expires, so this is an operational tradeoff.
Detection and hunting (requires telemetry)
  • Enable Sysmon (or equivalent) and centralize logs; hunt for ImageLoad events where signed executables load DLLs from non‑standard directories (Downloads, Temp, user profile, USB mounts). Sysmon event ID 7 (image loaded) is critical for catching sideloading.
  • Look for PowerShell invocation patterns tied to malformed LNK launches and for parent‑child process anomalies: Explorer → PowerShell → msiexec / installed helper → network connections to rare domains.
  • Triage certificate use: monitor code signing certificate issuers and unusual publishers; if a signed binary appears in an odd context, verify its timestamp and signing chain.
Incident readiness (high priority for high‑value orgs)
  • Prepare IR playbooks for LNK/DLL sideloading + PlugX.
  • Capture volatile memory on suspected hosts to extract in‑memory PlugX artifacts (fileless payloads can be recovered from memory).
  • Share IoCs with national CERTs and allied incident response partners promptly; diplomatic environments are national‑security sensitive and often cross‑jurisdictional.

Strategic implications and risk assessment​

  • Rapid adoption: Trend/ZDI’s telemetry and subsequent vendor reports demonstrate that multiple APTs weaponized the LNK technique quickly; an exploit class that is trivial to implement can be operationalized within weeks or months across different actors. That speed implies defenders must assume exploitation will be rapid following any public disclosure.
  • Asymmetric advantage for espionage: Attacks leveraging social engineering, valid TLS certificates, signed binaries, and captive‑portal redirects are low‑cost for an intelligence service but high‑impact in terms of data exfiltration and access. Diplomats’ high information density makes them particularly attractive targets.
  • Patch vs. defense tradeoffs: Microsoft’s decision not to immediately service the LNK UI issue means organizations must rely on defense in depth at greater operational cost. That is a realistic, if uncomfortable, trade: platform vendors cannot patch every human‑factor bug, so enterprise risk owners must pick up the slack through policy and telemetry.

What to watch next​

  • Vendor telemetry updates: watch for follow‑ups from Arctic Wolf, GTIG (Google), and other threat intelligence teams for fresh IoCs; these vendors may release full technical appendices for defenders.
  • Microsoft action: a change in servicing posture or an announcement of UI hardening for Explorer would materially reduce the attack surface; until then, treat the LNK vector as an established assault path.
  • New variants and mimicry: expect adversaries to adapt — replacing canonical names, using different signed binaries, or shifting to similar UI misrepresentation primitives (e.g., different file types or preview components).

Final analysis — balancing urgency and perspective​

This story sits at the intersection of three predictable realities: attackers exploit human trust, defenders must manage platform vendor tradeoffs, and diplomacy—by its nature—produces predictable artifacts that are trivially mimicked by a practiced social engineer.
The technical mechanics are straightforward: hide a command in a shortcut, execute a staged loader, DLL‑sideload into a signed process, and run PlugX in memory. The consequence of this seemingly simple chain is not trivial: sustained, stealthy access that can siphon diplomatic cables, negotiation notes, and classified attachments for years. The evidence collected by multiple vendors shows this is happening in real operations. At the same time, defenders should avoid fatalism. The necessary mitigations are practical and — crucially — within reach: block risky file types at ingress, enforce application control on high‑value endpoints, log image loads, and hunt for abnormal process and DLL loads. These steps work even without an immediate Microsoft code fix.
For any organization that handles diplomatic traffic, the risk calculus is simple and urgent: assume targeted social‑engineering will bypass casual detection, and harden the endpoints and workflows that diplomats use every day. The time to act is now; historically, adversaries weaponize small UI quirks into long‑running espionage campaigns fast, and the longer defenders wait the broader the exposure.
Note: this article synthesizes vendor briefings, public advisories, and media reporting. Specific implementation details reported by individual vendors (file names, certificate timestamps, and precise victim country lists) come from threat intelligence disclosures and press summaries; where public, independent telemetry corroborates a detail it is cited above. Some highly granular claims require access to vendor telemetry for full verification and are flagged as such in the body.
Source: theregister.com Suspected Chinese snoops weaponize unpatched Windows flaw
 

Microsoft is previewing a new Windows 11 feature that can stream the same audio to two separate wireless headsets, earbuds, speakers, or hearing aids simultaneously — a capability built on Bluetooth LE Audio broadcast technology and rolling out first to Insiders on select Copilot+ PCs.

Blue-tinted laptop with wireless headphones and a charging case on a desk.Background / Overview​

Bluetooth has been evolving beyond the old “one‑to‑one” audio model for several years. The recent generation, Bluetooth Low Energy (LE) Audio, introduces a new broadcast model and a modern codec — LC3 — engineered for higher perceived audio quality and much lower power consumption than the legacy SBC codec. Together these advances enable new use cases such as multi‑user listening, improved hearing‑aid support, and multi‑stream scenarios that were impractical with classic Bluetooth. Microsoft’s Windows 11 preview, labeled Shared audio (preview) in Quick Settings, surfaces this capability on PCs running the Insider Preview Build 26220.7051 (Dev and Beta channels). The feature lets one Windows 11 machine broadcast a single audio stream to two paired, LE‑Audio‑capable sinks (headphones, earbuds, speakers, or certified hearing aids) at once, without the need for a physical splitter or a separate transmitter accessory. Microsoft is initially limiting the preview to specific Copilot+ hardware while driver and firmware support roll out.

How Shared Audio Works in Windows 11​

What the feature actually does​

At a high level, Shared audio (preview) tells Windows to open a LE Audio broadcast session and deliver the same audio content simultaneously to two connected LE Audio sinks. The workflow is intentionally simple from the user perspective:
  • Pair and connect two compatible Bluetooth LE Audio accessories to the PC.
  • Open Quick Settings (the sound/Wi‑Fi tile area) and select the Shared audio (preview) tile.
  • Pick the two devices to share with and click Share. Use Stop sharing to end the session.
Because this is built on LE Audio broadcast primitives, the OS handles synchronized playback and stream distribution to both devices. That means both listeners can hear the same content in near lock‑step without manual audio cable splits or Bluetooth hacks.

Under the hood: LE Audio broadcast + LC3 codec​

Windows 11’s shared audio relies on the LE Audio broadcast architecture — the same foundational technology behind what the Bluetooth SIG and consumer vendors call Auracast. LE Audio uses the LC3 codec which offers higher perceived audio quality at lower bitrates, enabling reduced radio airtime and lower power consumption on earbuds and hearing aids. Those improvements are what make streaming the same source to multiple receivers practical from a battery and bandwidth perspective.

Supported hardware and system requirements​

Which PCs can use Shared audio now​

Microsoft is limiting preview access to a set of Copilot+ PCs while the feature and associated drivers mature. At the time of the preview announcement the supported models include certain Surface devices running Qualcomm Snapdragon X platforms (Surface Laptop 13.8" and 15", Surface Pro 13"), with additional Copilot+ models listed as “coming soon” such as specific Samsung Galaxy Book5 models and other Surface SKUs. The feature requires specific Bluetooth and audio driver updates distributed via Windows Update.

Which headphones and earbuds will work​

To participate in a shared audio session, each wireless accessory must support Bluetooth LE Audio. In practice that means modern LE‑Audio‑capable models (or older models that received LE Audio firmware updates). Vendors named in early testing and vendor communications include Samsung Galaxy Buds series, some Sony headphones, and LE Audio‑capable hearing aids. Because LE Audio functionality is exposed through a combination of device firmware, vendor companion apps, and Windows drivers, the accessory maker’s firmware and app updates are frequently required to make the device visible to Shared audio.

Software and enrollment requirements​

  • The PC must be enrolled in the Windows Insider Program (Dev or Beta channels) and updated to Build 26220.7051 or later.
  • OEM Bluetooth and audio driver updates must be installed via Windows Update (check the manufacturer’s driver channels).
  • The accessory firmware should be updated using the manufacturer app to enable LE Audio features.
  • The Shared audio tile will only appear in Quick Settings if the PC has the correct driver/firmware combination.

Why this matters: benefits and real‑world use cases​

The arrival of Shared audio in Windows 11 is more than a convenience feature — it represents a maturation of the Bluetooth audio ecosystem on PCs. Key benefits include:
  • Shared private listening: Two travelers on a plane, two students studying together, or family members watching a movie on a laptop can each use their own headphones without disturbing others.
  • Accessibility: LE Audio’s broadcast model and hearing‑aid support let people tune into the same audio — for example a captioned lecture or a guided museum tour — while using hearing aids and consumer earbuds concurrently.
  • Lower power, better quality: The LC3 codec gives vendors flexibility to reduce audio bitrates while maintaining quality, which can extend earbud battery life and reduce dropouts in congested RF environments.
  • Simplified setup: Compared to earlier workarounds (two transmitters, analog splitters, or complex Bluetooth profiles), the user flow is straightforward — pair, select, share.
Use cases are immediate and practical: friends co‑watching video content, parents sharing a podcast with kids, or instructors distributing audio to student headsets in a classroom environment. The design also supports public and private broadcast models that vendors like Google and Samsung have already started to implement on Android and TV platforms, which helps cross‑device compatibility in mixed ecosystems.

Limitations, fragmentation, and practical pitfalls​

This capability is promising, but there are important caveats Windows users should understand before rushing to try it.

Fragmentation of support (drivers + firmware)​

LE Audio is a standard, but full functionality depends on three cooperating elements:
  • Bluetooth silicon and firmware inside the PC.
  • OEM-supplied Windows Bluetooth and audio drivers.
  • Companion app firmware updates for each accessory that enable LE Audio features.
If any of these are missing or out of date, Windows will fall back to Classic Bluetooth behavior and Shared audio will not be available. This is the primary reason Microsoft is restricting the preview to certain hardware while driver vendors catch up. Expect uneven support across the installed base for several months.

Potential audio sync and latency concerns​

When a source streams to multiple sinks, jitter and latency differences can occur if implementations handle buffering or clock synchronization differently. LE Audio is designed to minimize these issues, but real‑world performance depends on firmware quality and OS driver management. In practice, the experience on well‑updated, vendor‑supported pairings is expected to be good, but edge cases will surface during the preview where users may notice slight lip‑sync drifts or occasional audio glitches. Flag: these are likely during preview and will require vendor fixes.

DRM and content protection unknowns​

Streaming services and protected content often apply DRM policies tied to a single “active” audio sink. While LE Audio broadcast doesn’t inherently break DRM, there may be scenarios where a protected app or streaming service re‑routes or blocks broadcasted outputs. Microsoft’s preview documentation does not promise universal compatibility with DRM‑protected streams; users should consider this an area to test with their preferred apps. This is an area to watch closely, as behavior could vary by app and may require service‑side changes. (This is a cautionary note rather than a confirmed limitation.

Number of receivers and broader Auracast potential​

Windows’ Shared audio preview targets two receivers for now. LE Audio’s broadcast architecture — and Auracast branding used by other vendors — is capable of many more receivers in broadcast modes. The initial Windows choice to support two simultaneous sinks is a conservative implementation that targets the most common user scenarios (two people sharing). Microsoft may expand capabilities in future updates, but users hoping for “silent disco” scale broadcasting from a PC should consider that the Windows preview is deliberately limited.

Security and privacy considerations​

LE Audio broadcast can be used in both public and private modes. Vendors such as Samsung and Google have demonstrated workflows where a broadcast can be made discoverable (e.g., using a QR code) or kept private for invited listeners. That means broadcasters and listeners should be aware of discoverability options and permission models.
  • Private broadcast: Typically requires pairing or a one‑time join mechanism and is suitable for two‑person sharing.
  • Public broadcast: Useful for venue audio (museums, theaters) but requires careful setup to prevent unauthorized listeners or accidental public exposure.
Because broadcasted audio is local RF traffic, it doesn’t leave the device and isn’t sent over the internet — but discoverability and joining workflows can create UX and privacy risks if not configured intentionally. Users should prefer private sessions for personal content.

How to try Shared audio (preview) — step‑by‑step​

  • Enroll your Copilot+ PC in the Windows Insider Program (Dev or Beta channels).
  • Update Windows to Build 26220.7051 or later via Settings > Windows Update.
  • Install any optional OEM Bluetooth and audio driver updates offered in Windows Update.
  • Update accessory firmware using vendor companion apps (Samsung Wearable, Sony Headphones Connect, etc..
  • Pair and connect two LE‑Audio‑capable accessories under Settings > Bluetooth & devices.
  • Open Quick Settings (taskbar), tap the Shared audio (preview) tile, choose the two accessories, and press Share.
  • If an accessory doesn’t appear, remove the pairing and re‑pair after firmware/driver updates. Submit feedback through Feedback Hub under Bluetooth — Audio quality, glitches, choppiness and stuttering if you see issues.
This is the exact flow Microsoft describes for Insiders; the tile is conditional on driver/firmware presence, so patience and regular Windows Update checks are necessary.

Troubleshooting checklist​

  • Confirm both accessories support LE Audio/LC3 and have the latest firmware.
  • Verify Windows shows the accessories as LE Audio devices (some companion apps label LE Audio support explicitly).
  • Make sure OEM Bluetooth drivers were updated after installing the Insider build.
  • Reboot the PC and re‑pair accessories if the Shared audio tile doesn’t populate them.
  • If audio stutters or drops, report details in the Feedback Hub and include device firmware versions and driver builds for triage.

Broader ecosystem context and vendor strategies​

Microsoft’s preview arrives in an environment where mobile vendors and TV makers have already embraced LE Audio broadcast concepts under the Auracast name. Google and Samsung have built Auracast support into Android and Galaxy ecosystems, enabling phones and TVs to broadcast to multiple listening devices and offering QR code join mechanisms to simplify discovery. This cross‑vendor activity helps accelerate adoption: as phones, TVs, and PCs converge on LE Audio, consumers will see more consistent experiences across device classes. However, the transition to full LE Audio ubiquity will take time. Many older earbuds and PCs lack LE Audio silicon; firmware updates can enable LE Audio in some devices, but others will require hardware replacements. Driver and firmware fragmentation — and varying quality of LE Audio implementations — means the early months of rollout will be mixed. For Windows users, the practical result is a staged adoption curve: expect smooth experiences on newly shipped Copilot+ PCs and the newest earbuds, and slower or inconsistent behavior on older hardware.

What to watch next​

  • Expansion to more Windows SKUs: Microsoft has said additional Copilot+ PCs (Samsung Galaxy Book5 models and more Surface SKUs) are “coming soon” as driver updates roll out. Broader availability beyond Copilot+ models will be a key milestone.
  • Multi‑receiver scaling: Will Microsoft increase the number of simultaneous sinks beyond two? LE Audio supports larger broadcast audiences; how Microsoft balances performance and UX is important to observe.
  • App compatibility: How streaming services and game clients handle shared audio—particularly DRM‑protected content or low‑latency gaming audio—will determine how widely useful the feature is beyond media playback. This requires testing by vendors and Microsoft.
  • Cross‑platform Auracast workflows: QR codes and one‑touch joining between Android, Samsung, and Windows devices could make public broadcasts more convenient, but standardization of UX will be essential to avoid user confusion.

Analysis: strengths, risks, and practical guidance​

Notable strengths​

  • User experience simplicity: The Quick Settings tile model is intuitive; pairing two devices and tapping Share reduces friction compared with prior workarounds.
  • Real technical foundation: This is not a hack — LE Audio and the LC3 codec provide scientifically measurable gains in power and quality, making multi‑sink playback practical. Industry tests and Bluetooth SIG documentation show LC3 delivers better subjective quality at much lower bitrates, which is critical for multi‑sink use cases.
  • Accessibility gains: Broadcast support for hearing aids and parallel consumer headsets is an important accessibility milestone for PC platforms, enabling inclusive listening scenarios in classrooms, public venues, and at home.

Potential risks and shortcomings​

  • Fragmentation and support gaps: The user experience hinges on fast, coordinated firmware and driver updates from multiple vendors. Early adopters may run into device list omissions, stutters, or incompatibilities that will frustrate less technical users.
  • Latency and sync edge cases: While LE Audio reduces latency compared with classic Bluetooth in many scenarios, multi‑sink synchronization still depends on well‑implemented clocking and buffering. Expect occasional sync issues until vendor firmwares are refined.
  • Unclear DRM behavior: How content protection interacts with multi‑sink audio from a single PC is not exhaustively documented in the preview. Users streaming DRM‑protected services should test behavior before relying on Shared audio for every use case.

Practical guidance for enthusiasts and admins​

  • If you own a supported Copilot+ PC and modern LE‑Audio earbuds, enable the Insider build and test Shared audio now — your feedback will accelerate fixes.
  • For IT administrators and educators interested in group audio, prioritize vendor‑certified headsets and maintain a firmware update plan before deploying Shared audio in classrooms or labs.
  • If you rely on low‑latency audio (competitive gaming, pro audio monitoring), avoid using Shared audio for critical tasks until latency behavior is confirmed on your specific hardware stack.

Conclusion​

Windows 11’s Shared audio (preview) is a significant step in bringing Bluetooth LE Audio’s broadcast capabilities to the PC. The combination of the LE Audio broadcast model and the LC3 codec finally makes practical the long‑promised scenario of multiple listeners sharing private, high‑quality audio without tangles or compromises. The initial preview is deliberately narrow — limited to Copilot+ hardware and two receivers — because the real work of making multi‑device audio robust happens in firmware, driver updates, and driver‑to‑OS coordination. For users, the immediate takeaway is pragmatic: this works today on the newest, fully updated hardware and is worth trying if you’re an Insider with supported devices. For the broader ecosystem, Shared audio on Windows is another signal that LE Audio and Auracast‑style broadcasts are moving from concept to everyday use across phones, TVs, and now PCs. As vendors converge on the standard and refine their implementations, expect this capability to expand beyond the preview and become an ordinary part of how people share audio in public and private spaces.
Flag: some operational details — like DRM interactions, multi‑receiver scaling, and exact latency behavior on older hardware — remain dependent on vendor firmware updates and further testing. Those are the areas to watch through Feedback Hub reports and upcoming Windows Update driver releases.
Source: PCWorld Windows 11 tests streaming audio to separate wireless headphones at once
 

You must log in or register to reply here.

Similar threads

ChatGPT
  • Featured
  • Article Article
Microsoft 365 Copilot Arrives in Windows 11 People Files Calendar Companion Apps
Replies
0
Views
30
ChatGPT
ChatGPT
ChatGPT
  • Featured
  • Article Article
Microsoft 365 Companion Apps on Windows 11 Rollout: People Files Calendar
Replies
0
Views
24
ChatGPT
ChatGPT
ChatGPT
  • Featured
  • Article Article
Microsoft 365 Companions on Windows 11 Taskbar: Quick Access for People, Files, Calendar
Replies
0
Views
135
ChatGPT
ChatGPT
ChatGPT
  • Featured
  • Article Article
Copilot Arrives in Windows 11 Taskbar with Microsoft 365 Companion Apps
Replies
0
Views
31
ChatGPT
ChatGPT
ChatGPT
  • Featured
  • Article Article
Microsoft 365 Copilot arrives in Windows 11 People and Files companions
Replies
0
Views
26
ChatGPT
ChatGPT
Back
Top