Blog

This month’s Patch Tuesday highlights three critical zero-day vulnerabilities affecting Windows PCs and requiring immediate patching  — that is,  identified as “patch now.” Some updates like those to Office and Edge browsers follow standard release schedules, but be aware of a critical update for SharePoint Server.  Developers need to aware o a late addition to the update cycle affecting the Azure Agent, requiring attention for Azure-based virtual macHines. Testing is crucial this month, especially for core Windows features like the Common Error Log, DNS, cryptography and routing services.
More info on Microsoft Security updates for May.

April’s Patch Tuesday was a complex one, especially for SQL-dependent applications. This hefty Patch Tuesday from Microsoft included 149 updates. While there were no zero-day vulnerabilities, key areas addressed include crypto APIs, networking and remote desktop connections. A major update to the Kerberos security system removes Windows 11 from the affected list, highlighting the importance of staying updated. For developers, 11 updates target the development platform, with 10 focused on SQL ODBC issues and 1 on .NET. While the .NET update can be added to the standard schedule, the ODBC updates require careful examination.
More info on Microsoft Security updates for April.

This month’s Patch Tuesday from Microsoft was complex. There were no reported zero-day vulnerabilities, but a number of updates, particularly those affecting SQL, OLE and ODBC components, underscore the importance of a thorough evaluation. Key areas of focus include file management, cryptography, networking, remote desktop connections, and SQL-related functionalities. Given the interconnectedness of these systems, organizations should prioritize testing across their application portfolios to identify potential impacts. The update to the Kerberos security system is noteworthy, as it removes support for certain Windows 11 versions.
More info on Microsoft Security updates for March.

Microsoft’s Azure AI Vision Face API is used to power the face detection and recognition. The software can also conduct a “liveness” check, which helps prevent the use of a static photo or 2D video to trick the verification system, Microsoft said, so deepfakes shouldn’t be effective.  

Customer organizations can choose the level of confidence required to accept a Face Check login attempt. The higher the confidence score threshold, the less likely Face Check will incorrectly verify an impersonator. The default score is a 50% match, which equates to a one in 100,000 chance of getting a false positive; at 90%, the chances are  one in a billion, Microsoft said. (A higher confidence score requirement also increases the likelihood a legitimate login attempt will be rejected.)

Changes in a user’s appearance compared to the verified photo — a different haircut, for example –—could lower the match score, as well as differences in surroundings, such as lighting.

Microsoft is urging all users of Office and Microsoft 365 to update the software as soon as possible, because hackers have started exploiting a serious vulnerability to access sensitive information on computers.

To be fully protected against the vulnerability, designated CVE-2024-38200, users need to install a security fix that will be released to the public on Aug. 13, this month’s Patch Tuesday, according to The Hacker News.

Tuesday’s security fixes will also close other publicized vulnerabilities, including CVE-2024-38202 and CVE-2024-21302, that could be used by hackers to downgrade Windows to an earlier version.

There are plenty of nuances to the guidance that might apply to you or your business, but the basic outcome is most developers will be paying less and developers of free apps will continue to pay nothing at all. Fee-based apps with fewer than 1 million downloads (which is most of them) will pay just 5% Store Services Fee, or 7% for developers remaining in the App Store ecosystem.

How much is fair?

For all the complexity, it seems reasonable to believe Apple’s problems with regulators will inevitably coalesce around the question of how much is appropriate to charge for access to its ecosystem. It’s not as if globally accepted and used computing platforms create themselves; they are the sum of decades of work, investment, and effort that requires reward. Otherwise, why bother trying? 

Apple’s biggest critic, Epic CEO Tim Sweeney, doesn’t see it that way, arguing that Apple’s top rate 15% fee is an “illegal junk fee.” But it is difficult within that argument to discern any recognition for the value provided by Apple’s platforms. It can’t be that Sweeney doesn’t understand this intrinsic value. After all, Epic charges application developers using Unreal Engine 5% of revenue after the first $1 million. Is that a “junk fee?”

In the text entry box, you can refine the result by typing more prompts.

Although the Copilot sidebar offers more options for refining its rewritten text than it does for text it generates from scratch, it’s still underpowered compared to the Rewrite with Copilot panel. The best way to rewrite text with Copilot in Word is to use the Rewrite with Copilot panel.

Using the right-click menu in OneNote

Alternatively, in OneNote, you can right-click the top bar of a text field on a page. On the menu that opens, select Copilot and on the next menu, Rewrite.

This action will trigger Copilot to rewrite everything inside this text field. The rewrite will then be set inside the top of the text field.

Summarize long documents, notes, emails, or threads

You can have Copilot generate a brief summary of a long document in Word or a page in OneNote. For this to work well, Microsoft says the document or page should contain at least 300 words but no more than 20,000.

In Outlook, Copilot can summarize a long email and, even more useful, the conversation within an entire email thread.

Using the Copilot sidebar in Word and OneNote

With the document opened in Word or page opened in OneNote, highlight the text that you want summarized. (If you want a summary of the entire document or page, skip this step.)

Click the Copilot button on the Home tab of the ribbon toolbar to open the Copilot sidebar. Inside the text entry box, type summarize and click the arrow button.

Copilot will generate a summary and display it inside the sidebar.

Below the summary, there’s the familiar Copy button to copy the summary to your PC clipboard.

Below that, you can click References to see a list of citations within the document that Copilot used to generate this summary. Clicking a snippet of the cited text will show in the main window of the app where in the document or page these words are. Clicking the down arrow to the right of a citation will show the passage that Copilot used as a citation.

Between the results field and the text entry box, you’ll see suggested prompts that you can click to revise the summary. Click the circular arrow icon to refresh these prompts with new suggestions.

Using the right-click menu in OneNote

Right-click the top bar of a text field. On the menu that opens, select Copilot > Summarize. This action will trigger Copilot to summarize everything inside this text field. The summary will then be set inside the top of the text field.

Summarizing emails and threads in Outlook

Open the email or conversation that you want to summarize. Click Summarize or Summary by Copilot at the top of the email thread. Copilot will generate a summary of the email or thread.

This summary will be posted at the top of the email or thread. Thread summaries may include citations that Copilot used in generating the summary.  Clicking a citation (denoted by a number) will scroll down the thread to the cited email for you to view.

Getting a summary when sharing a Word doc (business plans only)

If you have Copilot with a Microsoft 365 business plan, you can use Copilot to generate a summary of a Word document when you share it with your co-workers. This summary is inserted as a passage of text inside the message that your co-workers receive inviting them to collaborate on the document.

With the document open in Word, click the Share button toward the upper right. On the Share panel that opens, click the Copilot icon inside the lower right of the “Add a message” composition box. The AI will generate and insert the summary. You can edit the summary before you send out the invite.

Related:

According to Bickley, anything related to an antitrust probe is “more hype than substance at this point, because, first, semiconductors are the most volatile sector in the stock market. [Nvidia CEO] Jensen Huang knows full well that this wave that they’re riding at the end of the day will crest, and it will crash, and it will happen violently when it does. They are squeezing everything they can out of the short runway and they are trying to elongate that runway as much as possible.”

As for the DOJ, he said, “if you have reputable names complaining, they are going to take a look at it, but under the Biden administration, the department has been extraordinarily unsuccessful in about every antitrust action they’ve decided to take on. Just because they’re looking at it doesn’t mean they’re going to do anything about it.”

“[By the time] they do something about it, and the time that it takes to resolve, this cycle will have already crested, in my opinion. The money will already be made, the damage will already be done … The reality is that we are talking about an anti-competition inquiry for a product that there is really no competition for.”

In short, dynamicSpot shows a pill-like shape around your phone’s camera cutout whenever a new notification arrives. You can then tap that shape to expand and interact with the notification or long-press it to jump directly into the associated app.

And the specifics of exactly how it works are entirely up to you. You can set how long the pill remains in place after a notification arrives, with a default of 20 seconds but a possible value as high as 24 hours — if you really want to make sure something important catches your eye. And you can select exactly which apps cause the dynamicSpot alert to appear, so you could conceivably use the tool only for important, high-priority notifications, if you were so inclined.

The app can also show pop-ups for important system events, like when your battery is low or your internet connection is unavailable — a handy little touch that makes those types of alerts even more prominent and likely to be noticed.

Not only is the company now equipped with a wide and diverse range of enterprise-focused companies such as Addigy, Jamf, Kandji and all the other firms I speak with each week, but its future-focused platforms are inherently more resilient by design. That’s why Apple dumped support for kernel extensions years ago, among other examples. While no platform is ever completely secure, the vast majority of problems on Apple’s platforms emerge through user error, not globally deployed automated PC-borking software updates.

Of course, the bias that Apple is a consumer product that isn’t fit for the enterprise runs deep, and shifting that view is taking time — though events such as the Crowdstrike disaster should help people question that opinion. 

I think the momentum to diversify is growing. 

Google’s AI unit Deepmind has demonstrated two new AI systems, AlphaProof and AlphaGeometry 2, which can successfully solve complex mathematical problems, representing a significant milestone in AI development, Reuters reports .

Today’s AI models work by being able to recognize patterns and statistically predict, for example, the next word that should be generated. However, this is not enough to handle abstract mathematics, which instead requires a system that can reason in a way that more closely resembles human intelligence.

AlpaProof and AlphaGeometry 2 succeeded in solving four out of six questions in this year’s edition of the International Mathematical Olympiad (IMO). One question was solved in just a few minutes; others took up to three days to solve, which is longer than the competition allows. AlpaProof also managed to solve the competition’s most difficult problem, which only five of 600 human participants managed to do.