Sr. Content Developer at Microsoft, working remotely in PA, TechBash conference organizer, former Microsoft MVP, Husband, Dad and Geek.
157258 stories
·
33 followers

Pure Virtual C++ 2026 [Meet the Speakers, Part 1]: Build Faster, Run Faster

1 Share

pvclogo png image

Pure Virtual C++ 2026 is almost here: a free, one-day virtual conference for the whole C++ community, streaming Tuesday, July 21, 2026 at 9:00 AM PT on YouTube (Microsoft Reactor) and Twitch, with on-demand recordings on the Visual Studio YouTube channel afterward. Register now →

This is the first post in our three-part Meet the Speakers series. Over the next week we’ll introduce you to the people behind this year’s featured sessions and the problems they’re helping you solve. The theme of today’s post is one that every C++ developer feels in their bones: building faster, running faster.

Why this theme matters

Slow builds and heavyweight binaries are a tax every C++ team pays, every single day. The two sessions below address that tax from different angles: one by modernizing how your code is compiled with C++20 modules, the other by putting an AI agent to work finding and fixing the real bottlenecks in your build. If you’ve ever watched a progress bar instead of writing code, these talks are for you.

Ryan Shepherd: C++/WinRT: Build faster and smaller with C++20 modules

crutkas cppwinrt modules Ryan Shepherd pic01 round png image Ryan is a Senior Software Engineer on Windows, where he works on developer fundamentals: WinRT, C++/WinRT, the SDKs, and the CRT. Away from the keyboard he’s a freelance trombonist who also dabbles in composition, photography, baking, and camping with his wife and two dogs.Follow Ryan: GitHub @DefaultRyan

What the session is about. C++/WinRT recently gained support for C++20 modules, and the payoff is real: the Windows Terminal team adopted it and cut their build time by roughly 15% while shedding tens of gigabytes of build-time disk usage. Ryan walks through how that support works and what it takes to adopt modules in your own C++/WinRT code.

What you’ll learn

  • How modules change the compilation model and why that translates into faster builds and smaller build footprints.
  • The concrete before/after story from Windows Terminal’s adoption.
  • What you need to get started: C++/WinRT 3.0 or later and MSVC Build Tools 14.50 or later.

Why C++ developers should attend. Modules are one of the highest-leverage modernization steps available today, but adoption still feels uncertain to many teams. Ryan turns it into a practical, evidence-backed decision with numbers you can take back to your own project.

Learn ahead

David Li: Cut Your Build Times Without Becoming a Build Expert

davidli1 cut build times DavidLiProfileSquare round png image David is the Game Developer Product Manager for Visual Studio, with 14 years in the software industry and a genuine passion for developer productivity. A gamer himself, he spends his off-hours with his baby and dog and conquering the world in Europa Universalis V.Follow David: X @thecpppm

What the session is about. This session shows how GitHub Copilot build performance for Windows tackles slow C++ builds while keeping you in the driver’s seat. You’ll see the full agentic loop: capture a build trace, surface the real hotspots (expensive headers, heavy template instantiations), apply targeted fixes, and verify each one with before-and-after numbers. For iterative cases, Copilot keeps the changes that help and rolls back anything that regresses, including honest tradeoffs like a slightly slower clean build in exchange for much faster incremental build. You end up with results you can trust and understand.

What you’ll learn

  • How to find and fix real build bottlenecks in minutes instead of days.
  • How every change is measured and kept.
  • How you stay in control: Copilot does the heavy lifting, but you make the calls on what to keep.

Why C++ developers should attend. Build performance work has traditionally required dedicated build systems expertise and deep tooling knowledge. This session puts that expertise within reach: Copilot does the heavy analysis from a simple prompt while you stay in control of every change.

Learn ahead

Register today

Both talks are featured sessions at Pure Virtual C++ 2026. Register for free →

Next up in the series: The AI-Native C++ Developer Workflow, where we meet Sinem Akinci and Augustin Popa and dig into Copilot across the CLI and Visual Studio. Can’t make it live? Every session will be available on-demand on the Visual Studio YouTube channel after the event.

See you there!

The post Pure Virtual C++ 2026 [Meet the Speakers, Part 1]: Build Faster, Run Faster appeared first on C++ Team Blog.

Read the whole story
alvinashcraft
20 minutes ago
reply
Pennsylvania, USA
Share this story
Delete

Modernize .NET applications in the GitHub Copilot app

1 Share

Upgrading a .NET application isn’t a single prompt.

Every upgrade begins with understanding your application, evaluating dependencies, planning the work, applying code transformations, fixing build failures, and validating the results. Each phase uncovers new information that shapes the work that follows. A dependency update can uncover compatibility issues, a build failure can change the next task, and dependencies between projects can change the order of work.

GitHub Copilot upgrade carries out that workflow. The GitHub Copilot upgrade agent assesses your application, generates a structured upgrade plan, creates implementation tasks, and executes the work.

Now you can follow that workflow in the GitHub Copilot app through an interactive upgrade canvas. Instead of piecing together progress across chat, generated Markdown artifacts, and code changes, the upgrade canvas gives you a live view of the modernization workflow as it unfolds.

The result is a .NET modernization experience that’s easier to follow, easier to review, and easier to steer.

From assessment to execution

The GitHub Copilot upgrade agent starts by assessing your .NET application and identifying what needs to change:

  • What version of .NET is this application targeting?
  • Which NuGet packages need to be updated?
  • Are there breaking API changes?
  • Which projects can be upgraded independently?
  • What should happen first?

From there, the agent generates a structured upgrade plan and breaks the work into actionable implementation tasks. As execution begins, the canvas reflects the latest state of the upgrade, including the assessment, upgrade plan, implementation tasks, execution progress, code changes, build failures, and final results.

Instead of asking the agent to summarize what happened or piecing together progress from generated artifacts, you can follow the modernization effort from assessment through execution in a single view.

Available wherever you work

While the GitHub Copilot app provides the interactive upgrade canvas, GitHub Copilot upgrade is also available across the developer tools you already use:

  • Visual Studio – Built directly into Visual Studio. Right-click your solution or project in Solution Explorer and select Modernize to start a .NET upgrade.
  • Visual Studio Code – Install the GitHub Copilot upgrade extension, select the Upgrade agent from the agent picker dropdown, and prompt it to modernize your .NET application.
  • GitHub Copilot CLI – Install the GitHub Copilot upgrade plugin to assess, plan, and execute .NET upgrades directly from the terminal.

Whether you prefer working in an IDE, the terminal, or the GitHub Copilot app, you can use the same upgrade workflow across every surface.

Get started

Getting started takes just a few clicks.

  1. Add the GitHub Copilot upgrade marketplace. If you don’t already have the GitHub Copilot app installed, you’ll be prompted to install it first.
  2. In the Add plugin marketplace? dialog, select Allow.
  3. In the Plugins window, select Add marketplace.
  4. Select Install for the upgrade-agent plugin.
  5. Open your repository, start a new agent session, and select the Upgrade agent from the agent picker dropdown.

To open the interactive upgrade canvas:

  1. In the upper-right corner of the GitHub Copilot app, select the review panel icon (Toggle review panel).
  2. In the review panel, select + (Open in panel).
  3. Choose Upgrade Dashboard.

The Upgrade Dashboard opens an interactive upgrade canvas where you can assess your application, review the upgrade plan, track execution, and monitor your modernization effort from start to finish.

Try it on your next .NET upgrade, and share your feedback or ideas in the GitHub Copilot upgrade repository.

The post Modernize .NET applications in the GitHub Copilot app appeared first on .NET Blog.

Read the whole story
alvinashcraft
1 hour ago
reply
Pennsylvania, USA
Share this story
Delete

ChatGPT is now a partner for your most ambitious work

1 Share
ChatGPT Work is an agent that can take action across your apps and files, stay with a project for hours if needed, and turn a goal into finished work.
Read the whole story
alvinashcraft
1 hour ago
reply
Pennsylvania, USA
Share this story
Delete

GPT-5.6: Frontier intelligence that scales with your ambition

2 Shares
More intelligence from every token, stronger performance per dollar, and more capability on demand for your hardest work.
Read the whole story
alvinashcraft
1 hour ago
reply
Pennsylvania, USA
Share this story
Delete

Evolving Windows vulnerability management to meet the speed of AI-powered discovery

1 Share
Windows has adapted to emerging threats for decades, all while operating at unparalleled scale. It's our responsibility to bring clarity, transparency and sustained investment so customers understand what is happening, what Microsoft is doing and how they can reduce their exposure. The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code, with new mechanisms that can accelerate both discovery and analysis. The fastest way to reduce customer exposure is to find issues before attackers can use them. Windows is expanding its ability across the platform to find issues earlier, accelerate the engineering work to fix them, strengthen validation and deliver timely, high-quality updates that keep customers protected.

Finding vulnerabilities earlier and at greater scale

By applying AI across security analysis, we can identify patterns faster, prioritize risk and scale vulnerability discovery across the Windows codebase. This helps reduce the time between discovery and customer protection. It includes using Microsoft Security’s multi-model agentic scanning harness (MDASH), which utilizes multiple models including leading third-party AI vulnerability discovery models. To run MDASH at Windows scale, Windows set up dedicated cloud infrastructure for scanning and proving. A scanner pipeline scans critical binaries and validates candidates using multi-model debate across multiple model families. Confirmed candidates then flow to a separate, Windows-specific prove pipeline that helps eliminate remaining false positives, so only the highest-confidence findings reach the engineering team. This automation helps handle a larger volume of potential vulnerabilities and shortens the review window for new ones, shrinking the attack window for zero-day exploits. This effort extends beyond Windows as we work across Microsoft to drive broader adoption of these tools and practices throughout both the company and the wider ecosystem. We partner closely with AI-powered scanning teams across Microsoft’s product divisions, sharing insights, comparing best practices and aligning on key findings. In parallel, we collaborate with the Microsoft Security Response Center (MSRC) to continuously refine the end-to-end process from vulnerability discovery and issue filing to remediation and validation. We also regularly reassess our prioritization and rollout strategy based on lessons learned and feedback gathered through our Chief Information Security Officers’ (CISOs) engagements with customers. We continue to evolve our internal systems and practices so that vulnerability discovery is not treated as a separate activity, but as part of how we build, review and improve Windows before new features or updates are released. As a part of this we are updating our Secure Development Lifecycle (SDL) best practices to ensure our secure-by-design approach explicitly accounts for potential AI-enabled attack techniques and exploit paths. That means using AI to help identify potential issues earlier in the development process, while relying on human expertise to evaluate findings, make risk-based decisions and ensure fixes meet the quality bar customers expect. As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release. This is evidence that defenders are getting better at identifying and addressing issues. Our focus is to effectively utilize these AI tools to support faster protection, stronger engineering systems and more actionable guidance for customers.

Fixing responsibly with AI and engineering discipline

Windows is evolving our engineering and validation systems to reduce the time from discovery to protection, with areas where customer risk is greatest. As we build our end-to-end system from discovery to remediation of vulnerabilities on Windows, we’re making the following investments to help ensure that we are not compromising update quality as we gain speed:
  • We are integrating AI into our process to compress the path from discovery to a validated fix, helping engineers understand failures faster, propose candidate fixes consistent with the surrounding code, surface related issues elsewhere in the codebase and select the regression tests most likely to be affected by a change.
  • Windows updates undergo validation across a range of testing environments, including the Security Update Validation Program (SUVP) and internal validation designed to help evaluate compatibility, reliability and real-world usage scenarios. This broad validation helps identify , application compatibility and quality issues before updates are broadly released.
  • We’re also investing in new technology, including Windows-specific tools and agentic harnesses, to enable end-to-end generation and validation of fixes using AI, keeping humans in the loop when it comes to code review.
Customers rely on Windows updates to protect their environments, and they also need confidence that updates will deploy smoothly across diverse devices, applications and configurations. That is why quality remains central to this work. As we increase the pace of vulnerability discovery and remediation, we are also committed to giving customers practical ways to test, deploy and monitor updates in their own environments. In cases where customers see signals of potential issues or regressions, they can connect with to report the issue and/or learn if it is a known issue. In the event of an issue, we are able to employ Known Issue Rollback (KIR), a mitigation technology that allows customers to quickly revert a targeted change, fix, functionality or feature that caused the problem, to its previous behavior. This approach allows the customer’s security protections to stay in place instead of uninstalling an entire update to fix an issue.

Helping customers safely stay current

The most important guidance is to stay current and take security updates as soon as possible. Timely patching is one of the most effective ways to reduce exposure, especially as AI accelerates the speed at which vulnerabilities can be discovered and exploited. We also recognize that every customer's situation is different. Many organizations need to assess risk, validate updates, sequence deployments and prioritize critical assets. When Microsoft releases security updates, we share Common Vulnerabilities and Exposure (CVE) information and high-level guidance about the vulnerabilities addressed in the Security Update Guide, including available context on risk and mitigations where applicable. Customers should use that information to build a risk map for their own estate, prioritize protections for high-value targets and accelerate deployment where exposure is greatest. To help organizations prepare with less disruption, we also provide ahead of the planned security update release for the following month for testing. These cumulative releases include new features and quality improvements. We target optional non-security preview releases for the fourth week of the month, two weeks before they'll see these features become part of the next monthly security update. These previews enable compatibility testing across a broad set of devices, applications and environments, helping identify issues earlier and increasing confidence in the quality and deployment readiness of the subsequent monthly security updates. Security is not just about responding faster to vulnerabilities. It is also about reducing exposure to security attacks. Windows is designed with multiple layers of protection enabled by default, strong identity protection with Windows Hello, the ability to reduce reliance on administrator privileges, trusted application experiences and hardware-rooted security. Together, these capabilities help organizations reduce exposure, strengthen resilience and provide a more secure foundation as organizations assess, test and deploy updates across their environment. To learn more about Windows security, see the Windows 11 Security Book or the Windows Server 2025 Security Book for your Server fleet. Windows also works closely with Microsoft Defender and the broader security ecosystem to help protect customers during the window between vulnerability disclosure and full deployment of security updates. Where possible, Microsoft Defender provides detections and protections that add another layer of defense. Through programs such as Microsoft Active Protections Program (MAPP), Microsoft also collaborates with security protection and antivirus partners so they can prepare protections for customers as security updates are released. We recommend that customers update their security endpoint software to the latest version and take daily signature updates for best protection. Intune helps teams identify gaps, enforce compliance and deploy fixes across endpoints, and Azure Arc makes it easy to connect Windows Servers outside Azure to Microsoft Defender for Cloud.

Tools that make patching easier

A holistic patch strategy depends on tools that help teams move across the full lifecycle: automate what can move fast, identify what still needs attention and limit exposure when devices or apps fall behind. Modern management capabilities such as Windows Autopatch with hotpatch enabled, available in Microsoft Intune, can help accelerate security updates and minimize disruptions for your Windows 11 devices. With Autopatch, customers can configure the automatic deployment of Windows security updates, driver updates and firmware updates, based on reliability signals, so issues can be contained before they spread. Autopatch now surfaces a with device-level drill-down, so customers can see where their estate is exposed and how to reconfigure their policies to stay more secure. Windows Servers can be hotpatched as well through Azure Arc, enabling rebootless security updates for your critical infrastructure and VMs across the fleet, manageable at scale with Azure Update Manager. Intune Enterprise Application Management helps keep apps current. Microsoft Defender Vulnerability Management, Windows and Intune insights help teams understand remaining exposure and prioritize remediation. Compliance policies, Conditional Access and security baselines help enforce the desired state across the endpoint estate, or harden devices when updates can’t be applied right away. Together, these capabilities help customers move from a time-based patching cadence to a more continuous, risk-based approach. For practical guidance on operationalizing patching across endpoint estates, see the Microsoft Intune blog on building a patch strategy for today’s threat pace. https://www.youtube.com/watch?v=QdjSkbKXoJw

Building trust through continuous improvement

The threat environment will continue to evolve as AI advances, with researchers continuing to find new classes of issues and attackers looking for ways to move faster. Our response is to keep strengthening the systems that help us find vulnerabilities earlier, fix them responsibly and support customers through safe, timely updates. As the pace of vulnerability discovery increases, customers shouldn’t have to choose between speed and stability. Our job is to help customers stay protected while deploying updates with confidence. Windows will continue investing in the systems, engineering practices and platform protections needed to reduce exposure responsibly at global scale.
Read the whole story
alvinashcraft
1 hour ago
reply
Pennsylvania, USA
Share this story
Delete

OpenAI rolls out GPT-5.6 after government green light — and announces ‘ChatGPT Work’

1 Share

About two weeks after OpenAI's GPT-5.6 was caught up in regulatory drama - rolled out only to government-approved organizations during a "limited preview" period - the company has received the Trump administration's green light for a public rollout of the model.

To celebrate, OpenAI also unveiled a new AI agent on the same day: ChatGPT Work. It's billed as a combination of ChatGPT and Codex, allowing the everyday non-technical user to take advantage of Codex's capabilities for non-coding tasks, and it's powered by the GPT-5.6 model suite (Sol, Terra, and Luna). "It can gather context from the apps, files, and workflows you choose and creat …

Read the full story at The Verge.

Read the whole story
alvinashcraft
1 hour ago
reply
Pennsylvania, USA
Share this story
Delete
Next Page of Stories