Longtime Slashdot reader kamesh shares a report from TechCrunch: Tech behemoth IBM is teaming up with AI research lab Anthropic to bring AI into its software. Armonk, New York-based IBM announced it will be adding Anthropic's Claude large language model family into some of its software products on Tuesday. The first product to tap Claude will be IBM's integrated development environment, which is already available to a select group of customers. IBM also announced it created a guide in partnership with Anthropic on how enterprises can build, deploy, and maintain enterprise-grade AI agents. Terms of the deal were not disclosed.

An anonymous reader shares a report: It's been a while since Apple last mocked Windows security, but the iPhone maker has just released an ad that hits Windows hard. The eight-minute commercial pokes fun at the CrowdStrike Blue Screen of Death (BSOD) issue that took down millions of Windows machines last year.

Apple's ad follows The Underdogs, a fictional company that's about to attend a trade show, before a PC outage causes chaos and a Blue Screen of Death shuts down machines at the convention. If it wasn't clear Apple was mocking the infamous CrowdStrike incident, an IT expert appears in the middle of the ad and starts discussing kernel-level functionality, the core part of an operating system that has unrestricted access to system memory and hardware.

An anonymous reader quotes a report from BleepingComputer: The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing data in RAM for ultra-fast access. The security flaw (tracked as CVE-2025-49844) is caused by a 13-year-old use-after-free weakness found in the Redis source code and can be exploited by authenticated threat actors using a specially crafted Lua script (a feature enabled by default). Successful exploitation enables them to escape the Lua sandbox, trigger a use-after-free, establish a reverse shell for persistent access, and achieve remote code execution on the targeted Redis hosts.

After compromising a Redis host, attackers can steal credentials, deploy malware or cryptocurrency mining tools, extract sensitive data from Redis, move laterally to other systems within the victim's network, or use stolen information to gain access to other cloud services. "This grants an attacker full access to the host system, enabling them to exfiltrate, wipe, or encrypt sensitive data, hijack resources, and facilitate lateral movement within cloud environments," said Wiz researchers, who reported the security issue at Pwn2Own Berlin in May 2025 and dubbed it RediShell.

While successful exploitation requires attackers first to gain authenticated access to a Redis instance, Wiz found around 330,000 Redis instances exposed online, with at least 60,000 of them not requiring authentication. Redis and Wiz urged admins to patch their instances immediately by applying security updates released on Friday, "prioritizing those that are exposed to the internet." To further secure their Redis instances against remote attacks, admins can also enable authentication, disable Lua scripting and other unnecessary commands, launch Redis using a non-root user account, enable Redis logging and monitoring, limit access to authorized networks only, and implement network-level access controls using firewalls and Virtual Private Clouds (VPCs).

Police arrested 33-year-old Joseph Mayuyo after a series of online threats forced TikTok to evacuate its Culver City headquarters. TechCrunch reports: A press release from the Culver City Police Department says that TikTok employees reported receiving multiple threats, across various social media platforms, from 33-year-old Hawthorne resident Joseph Mayuyo. After an additional message threatened TikTok's Culver City headquarters, police say company security evacuated the office "out of an abundance of caution."

Police then investigated Mayuyo's home, according to the press release. During the investigation, he allegedly posted additional threatening statements, including one declaring that he would not be taken alive. Detectives obtained search and arrest warrants, and they negotiated with Mayuyo for 90 minutes before he voluntarily exited his home and was taken into custody, the police department says.

Business Insider reports that one TikTok employee described the threats as "really scary," while another was concerned that they seemed to specifically target the e-commerce department. Mayuyo's X account has reportedly been suspended for violating the platform's hateful content policy. A Medium account under his name published a post in July criticizing TikTokShop USA as a "scam."

Vibe coding tools "are transforming the job experience for many tech workers," writes the Los Angeles Times. But Gartner analyst Philip Walsh said the research firm's position is that AI won't replace software engineers and will actually create a need for more. "There's so much software that isn't created today because we can't prioritize it," Walsh said. "So it's going to drive demand for more software creation, and that's going to drive demand for highly skilled software engineers who can do it..." The idea that non-technical people in an organization can "vibe-code" business-ready software is a misunderstanding [Walsh said]... "That's simply not happening. The quality is not there. The robustness is not there. The scalability and security of the code is not there," Walsh said. "These tools reward highly skilled technical professionals who already know what 'good' looks like."
"Economists, however, are also beginning to worry that AI is taking jobs that would otherwise have gone to young or entry-level workers," the article points out. "In a report last month, researchers at Stanford University found "substantial declines in employment for early-career workers'' — ages 22-25 — in fields most exposed to AI. Stanford researchers also found that AI tools by 2024 were able to solve nearly 72% of coding problems, up from just over 4% a year earlier."

And yet Cat Wu, project manager of Anthropic's Claude Code, doesn't even use the term vibe coding. "We definitely want to make it very clear that the responsibility, at the end of the day, is in the hands of the engineers." Wu said she's told her younger sister, who's still in college, that software engineering is still a great career and worth studying. "When I talk with her about this, I tell her AI will make you a lot faster, but it's still really important to understand the building blocks because the AI doesn't always make the right decisions," Wu said. "A lot of times the human intuition is really important."

"Recent attacks show that hackers keep using the same tricks to sneak bad code into popular software registries," writes long-time Slashdot reader selinux geek, suggesting that "the real problem is how these registries are built, making these attacks likely to keep happening." After all, npm wasn't the only software library hit by a supply chain attack, argues the Linux Security blog. "PyPI and Docker Hub both faced their own compromises in 2025, and the overlaps are impossible to ignore." Phishing has always been the low-hanging fruit. In 2025, it wasn't just effective once — it was the entry point for multiple registry breaches, all occurring close together in different ecosystems... The real problem isn't that phishing happened. It's that there weren't enough safeguards to blunt the impact. One stolen password shouldn't be all it takes to poison an entire ecosystem. Yet in 2025, that's exactly how it played out...

Even if every maintainer spotted every lure, registries left gaps that attackers could walk through without much effort. The problem wasn't social engineering this time. It was how little verification stood between an attacker and the "publish" button. Weak authentication and missing provenance were the quiet enablers in 2025... Sometimes the registry itself offers the path in. When the failure is at the registry level, admins don't get an alert, a log entry, or any hint that something went wrong. That's what makes it so dangerous. The compromise appears to be a normal update until it reaches the downstream system... It shifts the risk from human error to systemic design.

And once that weakly authenticated code gets in, it doesn't always go away quickly, which leads straight into the persistence problem... Once an artifact is published, it spreads into mirrors, caches, and derivative builds. Removing the original upload doesn't erase all the copies... From our perspective at LinuxSecurity, this isn't about slow cleanup; it's about architecture. Registries have no universally reliable kill switch once trust is broken. Even after removal, poisoned base images replicate across mirrors, caches, and derivative builds, meaning developers may keep pulling them in long after the registry itself is "clean."
The article condlues that "To us at LinuxSecurity, the real vulnerability isn't phishing emails or stolen tokens — it's the way registries are built. They distribute code without embedding security guarantees. That design ensures supply chain attacks won't be rare anomalies, but recurring events."BR>
So in a world where "the only safe assumption is that the code you consume may already be compromised," they argue, developers should look to controls they can enforce themselves:

• Verify artifacts with signatures or provenance tools.
• Pin dependencies to specific, trusted versions.
• Generate and track SBOMs so you know exactly what's in your stack.
• Scan continuously, not just at the point of install.

"A group of researchers from the University of California, Irvine, have developed a way to use the sensors in high-quality optical mice to capture subtle vibrations and convert them into audible data," reports Tom's Hardware: [T]he high polling rate and sensitivity of high-performance optical mice pick up acoustic vibrations from the surface where they sit. By running the raw data through signal processing and machine learning techniques, the team could hear what the user was saying through their desk. Mouse sensors with a 20,000 DPI or higher are vulnerable to this attack. And with the best gaming mice becoming more affordable annually, even relatively affordable peripherals are at risk....

[T]his compromise does not necessarily mean a complicated virus installed through a backdoor — it can be as simple as an infected FOSS that requires high-frequency mouse data, like creative apps or video games. This means it's not unusual for the software to gather this data. From there, the collected raw data can be extracted from the target computer and processed off-site. "With only a vulnerable mouse, and a victim's computer running compromised or even benign software (in the case of a web-based attack surface), we show that it is possible to collect mouse packet data and extract audio waveforms," the researchers state.
The researchers created a video with raw audio samples from various stages in their pipeline on an accompanying web site where they calculate that "the majority of human speech" falls in a frequency range detectable by their pipeline. While the collected signal "is low-quality and suffers from non-uniform sampling, a non-linear frequency response, and extreme quantization," the researchers augment it with "successive signal processing and machine learning techniques to overcome these challenges and achieve intelligible reconstruction of user speech."

They've titled their paper Invisible Ears at Your Fingertips: Acoustic Eavesdropping via Mouse Sensors. The paper's conclusion? "The increasing precision of optical mouse sensors has enhanced user interface performance but also made them vulnerable to side-channel attacks exploiting their sensitivity."

Thanks to Slashdot reader jjslash for sharing the article.

There's an 85-second ad (starring a humanoid robot) that argues "Technology promised to save us time. Instead it stole our focus. Opera Neon gives you both back."

Or, as BleepingComputer describes it, Opera Neon "is a new browser that puts AI in control of your tabs and browsing activities, but it'll cost $19.90 per month." It'll do tasks for you, open websites for you, manage tabs for you, and listen to you. The idea behind these agentic browsers is to put AI in control. "Neon acts at your command, opening tabs, conducting research, finding the best prices, assessing security, whatever you need. It delivers outcomes you can use, share, and build on," Opera noted...

As spotted on X, Opera Neon, the premium AI browser for Windows & macOS, costs $59.90 for nine months. Opera neon invite. This is an early bird offer, but when the offer expires, Opera Neon will cost $19.90 per month.
The browser's web page says Opera Neon "can handle everyday tasks for you, like filling in forms, placing orders, replying to emails, or tidying up files. Reusable cards turn repeated chores into single-step tasks, letting you focus on the work that matters most to you."

Opera describes itself as "the company that gave you tabs..."

"Microsoft buys a lot of GPUs from both Nvidia and AMD," writes the Register. "But moving forward, Redmond's leaders want to shift the majority of its AI workloads from GPUs to its own homegrown accelerators..." Driving the transition is a focus on performance per dollar, which for a hyperscale cloud provider is arguably the only metric that really matters. Speaking during a fireside chat moderated by CNBC on Wednesday, Microsoft CTO Kevin Scott said that up to this point, Nvidia has offered the best price-performance, but he's willing to entertain anything in order to meet demand.

Going forward, Scott suggested Microsoft hopes to use its homegrown chips for the majority of its datacenter workloads. When asked, "Is the longer term idea to have mainly Microsoft silicon in the data center?" Scott responded, "Yeah, absolutely...

Microsoft is reportedly in the process of bringing a second-generation Maia accelerator to market next year that will no doubt offer more competitive compute, memory, and interconnect performance... It should be noted that AI accelerators aren't the only custom chips Microsoft has been working on. Redmond also has its own CPU called Cobalt and a whole host of platform security silicon designed to accelerate cryptography and safeguard key exchanges across its vast datacenter domains.

The food delivery robots that arrived in Atlanta in June "are not our friends," argues a headline at CNN.

The four-wheeled Serve Robotics machines "get confused at crosswalks. They move with the speed and caution of a first-time driver, stilted and shy, until they suddenly speed up without warning. Their four wheels look like they were made for off-roading, but they still get stuck in the cracks of craggy sidewalks. Most times I see the bots, they aren't moving at all... " Cyclists swerve to avoid them like any other obstacle in the road. Patrons of Shake Shack (a national partner of Serve) weave around the mess of robots parked in front of the restaurant to make their way inside and place orders on iPads... The dawn of everyday, "friendly" robots may be here, but they haven't proven themselves useful — or trustworthy — yet. "People think they are your friends, but they're actually cameras and microphones of corporations," said Joanna Bryson, a longtime AI scholar and professor of ethics and technology at the Hertie School in Berlin. "You're right to be nervous..."

When robots show up in a city, it's often not because the residents of said city actively wanted them there or had a say in their arrival said Edward Ongweso Jr. [a researcher at the Security in Context initiative, a tech journalist and self-proclaimed "decelerationist" urging a slower rollout for Silicon Valley tech pioneers and civic leaders embracing untested and unregulated technology]... "They're being rolled out without any sort of input from people, and as a result, in ways that are annoying and inconvenient," Ongweso Jr. said. "I suspect that people would feel a lot differently if they had a choice ... 'what kind of robots are we interested in rolling out in our homes, in our workplaces, on our college campuses or in our communities?'"

Delivery robots aren't unique to Atlanta. AI-driven companies including Avride and Coco Robotics have sent fleets of delivery robots to big cities like Chicago, Dallas and Jersey City, as well as sleepy college towns... "They're popping up everywhere," Ongweso Jr. continued, "because there's sort of a realization that you have to convince people to view them as inevitable. The way to do that is to just push it into as many places as possible, and have these spectacle demonstrations, get some friendly coverage, try to figure out the ways in which you're selling this as the only alternative.... If you humanize it, you're more willing to entertain it and rationalize it being in your area — 'That's just Jeffrey,' or whatever they name it — instead of seeing it for what it is, which is a bunch of investors privately encroaching on a community or workplace," Ongweso Jr. said. "It's not the future. It's a business model."
Serve Robotics CEO Ali Kashani told CNN their goal in Atlanta was reducing traffic — and that the robots' average delivery distance there was under a mile, taking about 18 minutes per delivery.

Serve Robotics has also launched their robots in Chicago, Los Angeles, Miami, Dallas-Fort Worth and Atlanta, according to the site Robotics 247, as part of an ongoing collaboration with Uber Eats. (Although after the robots launched in Los Angeles, a man in a mobility scooter complained the slow-moving robot swerved in front of him.) And "residents of other cities have had to rescue them when they've been felled by weather," reports CNN.

CNN also spoke to Dylan Losey, an assistant professor of mechanical engineering at Virginia Tech who studies human-robot interaction, who notes that the robots' AI algorithms are "completely unregulated... We don't know if a third party has checked the hardware and software and deemed the system 'safe' — in part because what it means for these systems to be 'safe' is not fully understood or standardized." (CNN's reporter adds that "the last time I got close to a bot, to peer down at a flier someone left on top of it, it revved at me loudly. Perhaps they can sense a hater.")

But Serve's CEO says there's one crucial way robot delivery will be cheaper than humans. "You don't have to tip the robots."

Amazon will be adding facial recognition to its camera-equipped Ring doorbells for the first time in December, according to the Washington Post.

"While the feature will be optional for Ring device owners, privacy advocates say it's unfair that wherever the technology is in use, anyone within sight will have their faces scanned to determine who's a friend or stranger." The Ring feature is "invasive for anyone who walks within range of your Ring doorbell," said Calli Schroeder, senior counsel at the consumer advocacy and policy group Electronic Privacy Information Center. "They are not consenting to this." Ring spokeswoman Emma Daniels said that Ring's features empower device owners to be responsible users of facial recognition and to comply with relevant laws that "may require obtaining consent prior to identifying people..."

Other companies, including Google, already offer facial recognition for connected doorbells and cameras. You might use similar technology to unlock your iPhone or tag relatives in digital photo albums. But privacy watchdogs said that Ring's use of facial recognition poses added risks, because the company's products are embedded in our neighborhoods and have a history of raising social, privacy and legal questions... It's typically legal to film in public places, including your doorway. And in most of the United States, your permission is not legally required to collect or use your faceprint. Privacy experts said that Ring's use of the technology risks crossing ethical boundaries because of its potential for widespread use in residential areas without people's knowledge or consent.

You choose to unlock your iPhone by scanning your face. A food delivery courier, a child selling candy or someone walking by on the sidewalk is not consenting to have their face captured, stored and compared against Ring's database, said Adam Schwartz, privacy litigation director for the consumer advocacy group Electronic Frontier Foundation. "It's troubling that companies are making a product that by design is taking biometric information from people who are doing the innocent act of walking onto a porch," he said.
Ring's spokesperson said facial recognition won't be available some locations, according to the article, including Texas and Illinois, which passed laws fining companies for collecting face information without permission. But the Washington Post heard another possible worst-case scenario from Calli Schroeder, senior counsel at the consumer advocacy and policy group Electronic Privacy Information Center: databases of identified faces being stolen by cyberthieves, misused by Ring employees, or shared with outsiders such as law enforcement.

Amazon says they're "reuniting lost dogs through the power of AI," in their announcement this week, thanks to "an AI-powered community feature that enables your outdoor Ring cameras to help reunite lost dogs with their families... When a neighbor reports a lost dog in the Ring app, nearby outdoor Ring cameras automatically begin scanning for potential matches."

Amazon calls it an example of their vision for "tools that make it easier for neighbors to look out for each other, and create safer, more connected communities." They're also 10x zoom, enhanced low-light performance, 2K and 4K resolutions, and "advanced AI tuning" for video...

BrianFagioli shares a report from NERDS.xyz: Signal has introduced the Sparse Post Quantum Ratchet (SPQR), a new upgrade to its encryption protocol that mixes quantum safe cryptography into its existing Double Ratchet. The result, which Signal calls the Triple Ratchet, makes it much harder for even future quantum computers to break private chats. The change happens silently in the background, meaning users do not need to do anything, but once fully rolled out it will make harvested messages useless even to adversaries with quantum power.

The company worked with researchers and used formal verification tools to prove the new protocol's security. Signal says the upgrade preserves its guarantees of forward secrecy and post compromise security while adding protection against harvest now, decrypt later attacks. The move raises a bigger question: will this be enough when large scale quantum computers arrive, or will secure messaging need to evolve yet again?

Last month, federal investigators said they dismantled a China-linked plot that aimed to cripple New York City's telecommunications system by overloading cell towers, jamming 911 calls, and disrupting communications. According to law enforcement sources, the plot was even bigger than first thought. "Agents from Homeland Security Investigations found an additional 200,000 SIM cards at a location in New Jersey," according to ABC News. "That's double the 100,000 SIM cards, along with hundreds of servers, that were recently seized at five other vacant offices and apartments in and around the city." From the report: Investigators secured each of those locations, seized the electronics, and are now trying to track down who rented the spaces and filled them with shelves full of gear capable of sending 30 million anonymous text messages every minute, overloading communications and blacking out cellular service in a city that relies on it for emergency response and counterterrorism.

According to sources, the investigation began after several high-level people, including at least one with direct access to President Donald Trump, were targeted not only by swatters but also with actual threats received on their private phones. "The potential threat these data centers pose to the public could include shutting down critical resources that the public needs, like the 911 system, or potentially impacting the public's ability to communicate everything, including business transactions," said Don Mihalek, an ABC News contributor who was formerly with the Secret Service.

An anonymous reader quotes a report from Ars Technica: As we careen toward a future in which Google has final say over what apps you can run, the company has sought to assuage the community's fears with a blog post and a casual "backstage" video. Google has said again and again since announcing the change that sideloading isn't going anywhere, but it's definitely not going to be as easy. The new information confirms app installs will be more reliant on the cloud, and devs can expect new fees, but there will be an escape hatch for hobbyists.

Confirming app verification status will be the job of a new system component called the Android Developer Verifier, which will be rolled out to devices in the next major release of Android 16. Google explains that phones must ensure each app has a package name and signing keys that have been registered with Google at the time of installation. This process may break the popular FOSS storefront F-Droid. It would be impossible for your phone to carry a database of all verified apps, so this process may require Internet access. Google plans to have a local cache of the most common sideloaded apps on devices, but for anything else, an Internet connection is required. Google suggests alternative app stores will be able to use a pre-auth token to bypass network calls, but it's still deciding how that will work.

The financial arrangement has been murky since the initial announcement, but it's getting clearer. Even though Google's largely automated verification process has been described as simple, it's still going to cost developers money. The verification process will mirror the current Google Play registration fee of $25, which Google claims will go to cover administrative costs. So anyone wishing to distribute an app on Android outside of Google's ecosystem has to pay Google to do so. What if you don't need to distribute apps widely? This is the one piece of good news as developer verification takes shape. Google will let hobbyists and students sign up with only an email for a lesser tier of verification. This won't cost anything, but there will be an unclear limit on how many times these apps can be installed. The team in the video strongly encourages everyone to go through the full verification process (and pay Google for the privilege). We've asked Google for more specifics here.

The Cybersecurity Information Sharing Act expired on Wednesday when the federal government shut down. The law had provided legal protections since 2015 for organizations to share cyber threat intelligence with federal agencies. Without these protections, private sector companies that control most U.S. critical infrastructure face potential legal risks when sharing information about threats. Sen. Gary Peters called the lapse "an open invitation to cybercriminals and hostile actors to attack our economy and our critical infrastructure."

The intelligence sharing enabled by CISA 2015 helped expose Chinese campaigns including Volt Typhoon in 2023 and Salt Typhoon last year. Several cybersecurity firms pledged to continue sharing threat data despite the law's expiration. Halcyon and CrowdStrike confirmed they would maintain information sharing. Palo Alto Networks said it remained committed to public-private partnerships but did not specify whether it would continue sharing threat data. Multiple bipartisan reauthorization efforts failed before the shutdown. The House Homeland Security Committee had approved a 10-year extension last month.

An anonymous reader shares a report: Google said hackers are sending extortion emails to an unspecified number of executives, claiming to have stolen sensitive data from their Oracle business applications. In a statement, Google said a group claiming affiliation with the ransomware gang cl0p, opens new tab was sending emails to "executives at numerous organizations claiming to have stolen sensitive data from their Oracle E-Business Suite." Google cautioned that it "does not currently have sufficient evidence to definitively assess the veracity of these claims."

Japan is just a few days away from running out of Asahi Super Dry as the producer of the nation's most popular beer wrestles with a devastating cyber attack that has shut down its domestic breweries. From a report: The vast majority of Asahi Group's 30 factories in Japan have not operated since Monday after the attack disabled its ordering and delivery system, the company said. Retailers are already expecting empty shelves as the outage stretches into its fourth day with no clear timeline for factories recommencing operations. Super Dry could also run out at izakaya pubs, which rely on draught and bottles.

Lawson, one of Japan's big convenience stores, said in a statement that it stocks many Asahi Group products and "it is possible that some of these products may become increasingly out of stock from tomorrow onwards." "This is having an impact on everyone," said an executive at another of Japan's major retailers. "I think we will run out of products soon. When it comes to Super Dry, I think we'll run out in two or three days at supermarkets and Asahi's food products within a week or so."

A hacking group claims to have pulled data from a GitLab instance connected to Red Hat's consulting business, scooping up 570 GB of compressed data from 28,000 customers. From a report: The hack was first reported by BleepingComputer and has been confirmed by Red Hat itself. "Red Hat is aware of reports regarding a security incident related to our consulting business and we have initiated necessary remediation steps," Stephanie Wonderlick, Red Hat's VP of communications told 404 Media.

A file released by the hackers and viewed by 404 Media suggested that the hacking group may have acquired some data related to about 800 clients, including Vodafone, T-Mobile, the US Navy's Naval Surface Warfare Center, the Federal Aviation Administration, Bank of America, AT&T, the U.S. House of Representatives, and Walmart.

Researchers have unveiled two new hardware-based attacks, Battering RAM and Wiretap, that break Intel SGX and AMD SEV-SNP trusted enclaves by exploiting deterministic encryption and physical interposers. Ars Technica reports: In the age of cloud computing, protections baked into chips from Intel, AMD, and others are essential for ensuring confidential data and sensitive operations can't be viewed or manipulated by attackers who manage to compromise servers running inside a data center. In many cases, these protections -- which work by storing certain data and processes inside encrypted enclaves known as TEEs (Trusted Execution Enclaves) -- are essential for safeguarding secrets stored in the cloud by the likes of Signal Messenger and WhatsApp. All major cloud providers recommend that customers use it. Intel calls its protection SGX, and AMD has named it SEV-SNP.

Over the years, researchers have repeatedly broken the security and privacy promises that Intel and AMD have made about their respective protections. On Tuesday, researchers independently published two papers laying out separate attacks that further demonstrate the limitations of SGX and SEV-SNP. One attack, dubbed Battering RAM, defeats both protections and allows attackers to not only view encrypted data but also to actively manipulate it to introduce software backdoors or to corrupt data. A separate attack known as Wiretap is able to passively decrypt sensitive data protected by SGX and remain invisible at all times.

Microsoft began rolling out Windows 11 version 25H2 today, delivering the annual update as a compact enablement package to users who enable the "get the latest updates as soon as they're available" toggle in Windows Update. The company tested the release in its Windows Insider Release Preview ring during the previous month before the broader rollout.Version 25H2 shares its code base and servicing branch with the existing 24H2 release. Both versions will receive identical monthly feature updates going forward.

The update removes PowerShell 2.0 and the Windows Management Instrumentation command-line tool to reduce the operating system's footprint. John Cable, vice president of program management for Windows servicing and delivery, said the release includes advancements in build and runtime vulnerability detection paired with AI-assisted secure coding. Microsoft designed the version to address security threats under its security development lifecycle policy requirements. The company plans to expand availability over the coming months and will document known compatibility issues on its Windows release health hub. Devices with detected application or driver incompatibilities will receive safeguard holds that delay the update until resolution.