microsoft

intel,-microsoft-discuss-plans-to-run-copilot-locally-on-pcs-instead-of-in-the-cloud

Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud

AI, chatgpt, copilot, intel, microsoft, Tech / /

the ai pc —

Companies are trying to make the “AI PC” happen with new silicon and software.

The basic requirements for an AI PC, at least when it's running Windows.

Enlarge / The basic requirements for an AI PC, at least when it’s running Windows.

Intel

Microsoft said in January that 2024 would be the year of the “AI PC,” and we know that AI PCs will include a few hardware components that most Windows systems currently do not include—namely, a built-in neural processing unit (NPU) and Microsoft’s new Copilot key for keyboards. But so far we haven’t heard a whole lot about what a so-called AI PC will actually do for users.

Microsoft and Intel are starting to talk about a few details as part of an announcement from Intel about a new AI PC developer program that will encourage software developers to leverage local hardware to build AI features into their apps.

The main news comes from Tom’s Hardware, confirming that AI PCs would be able to run “more elements of Copilot,” Microsoft’s AI chatbot assistant, “locally on the client.” Currently, Copilot relies on server-side processing even for small requests, introducing lag that is tolerable if you’re making a broad request for information but less so if all you want to do is change a setting or get basic answers. Running generative AI models locally could also improve user privacy, making it possible to take advantage of AI-infused software without automatically sending information to a company that will use it for further model training.

Right now, Windows doesn’t use local NPUs for much, since most current PCs don’t have them. The Surface Studio webcam features can use NPUs for power-efficient video effects and background replacement, but as of this writing that’s pretty much it. Apple’s and Google’s operating systems both use NPUs for a wider swatch of image and audio processing features, including facial recognition and object recognition, OCR, live transcription and translation, and more.

Intel also said that Microsoft would require NPUs in “next-gen AI PCs” to hit speeds of 40 trillion operations per second (TOPS) to meet its requirements. Intel, AMD, Qualcomm, and others sometimes use TOPS as a high-level performance metric when comparing their NPUs; Intel’s Meteor Lake laptop chips can run 10 TOPS, while AMD’s Ryzen 7040 and 8040 laptop chips hit 10 TOPS and 16 TOPS, respectively.

Unfortunately for Intel, the first company to put out an NPU suitable for powering Copilot locally may come from Qualcomm. The company’s upcoming Snapdragon X processors, long seen as the Windows ecosystem’s answer to Apple’s M-series Mac chips, promise up to 45 TOPS. Rumors suggest that Microsoft will shift the consumer version of its Surface tablet to Qualcomm’s chips after a few years of offering both Intel and Qualcomm options; Microsoft announced a Surface Pro update with Intel’s Meteor Lake chips last week but is only selling it to businesses.

Asus and Intel are offering a NUC with a Meteor Lake CPU and its built-in NPU as an AI development platform.

Enlarge / Asus and Intel are offering a NUC with a Meteor Lake CPU and its built-in NPU as an AI development platform.

Intel

All of that said, TOPS are just one simplified performance metric. As when using FLOPS to compare graphics performance, it’s imprecise and won’t capture variations in how each NPU handles different tasks. And the Arm version of Windows still has software and hardware compatibility issues that could continue to hold it back.

As part of its developer program, Intel is also offering an “AI PC development kit” centered on an Asus NUC Pro 14, a mini PC built around Intel’s Meteor Lake silicon. Intel formally stopped making its NUC mini PCs last year, passing the brand and all of its designs off to Asus. Asus is also handling all remaining warranty service and software support for older NUCs designed and sold by Intel. The NUC Pro 14 is one of the first new NUCs announced since the transition, along with the ROG NUC mini gaming PC.

Intel, Microsoft discuss plans to run Copilot locally on PCs instead of in the cloud Read More »

world’s-first-global-ai-resolution-unanimously-adopted-by-united-nations

World’s first global AI resolution unanimously adopted by United Nations

AI, AI ethics, AI harms, AI policy, AI regulation, AI safety, Biz & IT, Bletchley Declaration, brad smith, Britain, machine learning, microsoft, Policy, Reuters, UK, UN, United Nations, united states, US government / /

We hold these seeds to be self-evident —

Nonbinding agreement seeks to protect personal data and safeguard human rights.

The United Nations building in New York.

Enlarge / The United Nations building in New York.

On Thursday, the United Nations General Assembly unanimously consented to adopt what some call the first global resolution on AI, reports Reuters. The resolution aims to foster the protection of personal data, enhance privacy policies, ensure close monitoring of AI for potential risks, and uphold human rights. It emerged from a proposal by the United States and received backing from China and 121 other countries.

Being a nonbinding agreement and thus effectively toothless, the resolution seems broadly popular in the AI industry. On X, Microsoft Vice Chair and President Brad Smith wrote, “We fully support the @UN’s adoption of the comprehensive AI resolution. The consensus reached today marks a critical step towards establishing international guardrails for the ethical and sustainable development of AI, ensuring this technology serves the needs of everyone.”

The resolution, titled “Seizing the opportunities of safe, secure and trustworthy artificial intelligence systems for sustainable development,” resulted from three months of negotiation, and the stakeholders involved seem pleased at the level of international cooperation. “We’re sailing in choppy waters with the fast-changing technology, which means that it’s more important than ever to steer by the light of our values,” one senior US administration official told Reuters, highlighting the significance of this “first-ever truly global consensus document on AI.”

In the UN, adoption by consensus means that all members agree to adopt the resolution without a vote. “Consensus is reached when all Member States agree on a text, but it does not mean that they all agree on every element of a draft document,” writes the UN in a FAQ found online. “They can agree to adopt a draft resolution without a vote, but still have reservations about certain parts of the text.”

The initiative joins a series of efforts by governments worldwide to influence the trajectory of AI development following the launch of ChatGPT and GPT-4, and the enormous hype raised by certain members of the tech industry in a public worldwide campaign waged last year. Critics fear that AI may undermine democratic processes, amplify fraudulent activities, or contribute to significant job displacement, among other issues. The resolution seeks to address the dangers associated with the irresponsible or malicious application of AI systems, which the UN says could jeopardize human rights and fundamental freedoms.

Resistance from nations such as Russia and China was anticipated, and US officials acknowledged the presence of “lots of heated conversations” during the negotiation process, according to Reuters. However, they also emphasized successful engagement with these countries and others typically at odds with the US on various issues, agreeing on a draft resolution that sought to maintain a delicate balance between promoting development and safeguarding human rights.

The new UN agreement may be the first “global” agreement, in the sense of having the participation of every UN country, but it wasn’t the first multi-state international AI agreement. That honor seems to fall to the Bletchley Declaration signed in November by the 28 nations attending the UK’s first AI Summit.

Also in November, the US, Britain, and other nations unveiled an agreement focusing on the creation of AI systems that are “secure by design” to protect against misuse by rogue actors. Europe is slowly moving forward with provisional agreements to regulate AI and is close to implementing the world’s first comprehensive AI regulations. Meanwhile, the US government still lacks consensus on legislative action related to AI regulation, with the Biden administration advocating for measures to mitigate AI risks while enhancing national security.

World’s first global AI resolution unanimously adopted by United Nations Read More »

microsoft-debuts-major-surface-overhauls-that-regular-people-can’t-buy

Microsoft debuts major Surface overhauls that regular people can’t buy

copilot, microsoft, Microsoft Surface, Surface, surface laptop, surface pro, Tech, Windows 11 / /

business time —

Not the first business-exclusive Surfaces, but they’re the most significant.

  • Microsoft

  • Yes, both devices launch with Microsoft’s new Copilot key.

    Microsoft

  • The Surface Pro 10. Looks familiar.

    Microsoft

  • An NFC reader supports physical security keys.

    Microsoft

  • The 13.5- and 15-inch Surface Laptop 6.

    Microsoft

  • The 15-inch Laptop 6 can be configured with a security card reader, another business thing.

    Microsoft

Microsoft is debuting major updates to two of its Surface PCs today: both the Surface Pro 10 and the 13.5- and 15-inch Surface Laptop 6 are major internal upgrades to Microsoft’s mainstream Surface devices. Both were last updated nearly a year and a half ago, and they’re both getting new Intel chips with significantly faster integrated GPUs, upgraded webcams, the Copilot key, and better battery life (according to Microsoft’s spec sheets).

The catch is that both of these Surfaces are being sold exclusively to businesses and commercial customers; as of this writing, regular people will not be able to buy one directly from Microsoft, and they won’t show up in most retail stores.

These aren’t the first Surface products released exclusively for businesses. Microsoft introduced a new business-exclusive Surface Go 3 tablet last fall, and a Surface Pro 7+ variant for businesses in early 2021. It is, however, the first time Microsoft has introduced new versions of its flagship tablet and laptop without also making them available to consumers. You can find some of these business-only PCs for sale at some third-party retailers, but usually with extended shipping times and higher prices than consumer systems.

Though this seems like a step back from the consumer PC market, Microsoft is still reportedly planning new consumer Surfaces. The Verge reports that Microsoft is planning a new Surface with Qualcomm’s upcoming Snapdragon X chip, to debut in May. It’s that device, rather than today’s traditional Intel-based Surface Pro 10, that will apparently take over as the flagship consumer Surface PC.

“We absolutely remain committed to consumer devices,” a Microsoft spokesperson told Ars. “Building great devices that people love to use aligns closely with our company mission to empower individuals as well as organizations. We are excited to be bringing devices to market that deliver great AI experiences to our customers. This commercial announcement is only the first part of this effort.”

This would be a big departure for Microsoft, which for a few years now has offered the Intel-based Surface tablets as its primary convertible tablets and the Arm-based Surface Pro X and Surface Pro 9 with 5G as separate niche variants. Older Qualcomm chips’ mediocre performance and lingering software and hardware compatibility issues with the Arm version of Windows have held those devices back, though Snapdragon X at least promises to solve the performance issues. If Microsoft plans to go all-in on Arm for its flagship consumer Surface device, it at least makes a little sense to retain the Intel-based Surface for businesses that will be more sensitive to those performance and compatibility problems.

What’s new in the Surface Pro 10 and Surface Laptop 6?

As for the hardware itself, for people who might be getting them at work or people who go out of their way to find one: The biggest upgrade is that both Surface devices have been updated with Intel Core Ultra CPUs based on the Meteor Lake architecture. While the processor performance improvements in these chips are a bit underwhelming, their Arc-integrated GPUs are significantly faster than the old Iris Xe GPUs. And the chips also include a neural processing unit (NPU) that can accelerate some AI and machine-learning workloads; Microsoft currently uses them mostly for fancy webcam effects, but more software will likely take advantage of them as they become more widely available.

Those new chips (and small battery capacity increases) have also bumped all of Microsoft’s battery life estimates up a bit. The Surface Pro 10 is said to be good for 19 hours of “typical device usage,” up from 15.5 hours from the Intel version of the Surface Pro 9. The 13.5 and 15-inch Surface Laptop 6 gets 18.5 and 19 hours of battery life, respectively, up from 18 and 17 hours for the Surface Laptop 5.

The downside is that the Surface Laptops are a bit heavier than the Laptop 5: 3.06 pounds and 3.7 pounds, compared to 2.86 and 3.44 pounds for the 13.5- and 15-inch models.

Both models also get new webcam hardware to go with those NPU-accelerated video effects. The Surface Pro goes from a 1080p webcam to a 1440p webcam, and the Surface Laptop goes from 720p to 1080p. The Surface Pro 10’s camera also features an “ultrawide field of view.” Both cameras support Windows Hello biometric logins using a scan of your face, and the Surface Pro 10 also has an NFC reader for use with hardware security keys. As business machines, both devices also have dedicated hardware TPM modules to support drive encryption and other features, instead of the firmware TPMs that the Surface Pro 9 and Surface Laptop 5 used. Neither supports Microsoft’s Pluton technology.

A new Type Cover with a brighter backlight and bolder legends was made for users with low vision or those who want to reduce eyestrain.

Enlarge / A new Type Cover with a brighter backlight and bolder legends was made for users with low vision or those who want to reduce eyestrain.

Microsoft

Neither device gets a big screen update, though there are small improvements. Microsoft says the Surface Pro 10’s 13-inch, 2880×1920 touchscreen is 33 percent brighter than before, with a maximum brightness of 600 nits. The screen has a slightly better contrast ratio than before and an anti-reflective coating; it also still supports a 120 Hz refresh rate. The Surface Laptop 6 doesn’t get a brightness bump but does have better contrast and an anti-reflective coating. Both devices are still using regular IPS LCD panels rather than OLED or something fancier.

And finally, some odds and ends. The 15-inch Surface Laptop 6 picks up a second Thunderbolt port and optional support for a smart card reader. The Surface Pro now has a “bold keyset” keyboard option, with an easier-to-read font and brighter backlight for users with low vision. These keyboards should also work with some older Surface devices, if you can find them.

The systems will be available to pre-order “in select markets” on March 21, and they’ll begin shipping on April 9. Microsoft didn’t share any specifics about pricing, though as business machines, we’d generally expect them to cost a little more than equivalent consumer PCs.

Listing image by Microsoft

Microsoft debuts major Surface overhauls that regular people can’t buy Read More »

deepmind-co-founder-mustafa-suleyman-will-run-microsoft’s-new-consumer-ai-unit

DeepMind co-founder Mustafa Suleyman will run Microsoft’s new consumer AI unit

AI, copilot, deepmind, microsoft, syndication / /

Minding deeply —

Most staffers from Suleyman’s startup, Inflection, will join Microsoft as well.

Mustafa Suleyman, talks on Day 1 of the AI Safety Summit at Bletchley Park at Bletchley Park on November 1, 2023 in Bletchley, England.

Enlarge / Mustafa Suleyman, talks on Day 1 of the AI Safety Summit at Bletchley Park at Bletchley Park on November 1, 2023 in Bletchley, England.

Microsoft has hired Mustafa Suleyman, the co-founder of Google’s DeepMind and chief executive of artificial intelligence start-up Inflection, to run a new consumer AI unit.

Suleyman, a British entrepreneur who co-founded DeepMind in London in 2010, will report to Microsoft chief executive Satya Nadella, the company announced on Tuesday. He will launch a division of Microsoft that brings consumer-facing products including Microsoft’s Copilot, Bing, Edge, and GenAI under one team called Microsoft AI.

It is the latest move by Microsoft to capitalize on the boom in generative AI. It has invested $13 billion in OpenAI, the maker of ChatGPT, and rapidly integrated its technology into Microsoft products.

Microsoft’s investment in OpenAI has given it an early lead in Silicon Valley’s race to deploy AI, leaving its biggest rival, Google, struggling to catch up. It also has invested in other AI startups, including French developer Mistral.

It has been rolling out an AI assistant in its products such as Windows, Office software, and cyber security tools. Suleyman’s unit will work on projects including integrating an AI version of Copilot into its Windows operating system and enhancing the use of generative AI in its Bing search engine.

Nadella said in a statement on Tuesday: “I’ve known Mustafa for several years and have greatly admired him as a founder of both DeepMind and Inflection, and as a visionary, product maker and builder of pioneering teams that go after bold missions.”

DeepMind was acquired by Google in 2014 for $500 million, one of the first large bets by a big tech company on a startup AI lab. The company faced controversy a few years later over some of its projects, including its work for the UK healthcare sector, which was found by a government watchdog to have been granted inappropriate access to patient records.

Suleyman, who was the main public face for the company, was placed on leave in 2019. DeepMind workers had complained that he had an overly aggressive management style. Addressing staff complaints at the time, Suleyman said: “I really screwed up. I was very demanding and pretty relentless.”

He moved to Google months later, where he led AI product management. In 2022, he joined Silicon Valley venture capital firm Greylock and launched Inflection later that year.

Microsoft will also hire most of Inflection’s staff, including Karén Simonyan, cofounder and chief scientist of Inflection, who will be chief scientist of the AI group. Microsoft did not clarify the number of employees moving over but said it included AI engineers, researchers, and large language model builders who have designed and co-authored “many of the most important contributions in advancing AI over the last five years.”

Inflection, a rival to OpenAI, will switch its focus from its consumer chatbot, Pi, and instead move to sell enterprise AI software to businesses, according to a statement on its website. Sean White, who has held various technology roles, has joined as its new chief executive.

Inflection’s third cofounder, Reid Hoffman, the founder and executive chair of LinkedIn, will remain on Inflection’s board. Inflection had raised $1.3 billion in June, valuing the group at about $4 billion, in one of the largest fundraisings by an AI start-up amid an explosion of interest in the sector.

The new unit marks a big organizational shift at Microsoft. Mikhail Parakhin, its president of web services, will move along with his entire team to report to Suleyman.

“We have a real shot to build technology that was once thought impossible and that lives up to our mission to ensure the benefits of AI reach every person and organization on the planet, safely and responsibly,” Nadella said.

Competition regulators in the US and Europe have been scrutinising the relationship between Microsoft and OpenAI amid a broader inquiry into AI investments.

© 2024 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.

DeepMind co-founder Mustafa Suleyman will run Microsoft’s new consumer AI unit Read More »

office-2024-will-be-the-next-standalone-release,-as-the-office-brand-lives-on

Office 2024 will be the next standalone release, as the Office brand lives on

Excel, microsoft, Microsoft office, office, Powerpoint, Tech, Word / /

return to office —

Consumer prices stay the same; MS promises at least one more standalone release.

Office 2024 will be the next standalone release, as the Office brand lives on

Microsoft

Last week, Microsoft announced that it would soon begin offering previews of Microsoft Office 2024, the next standalone perpetually licensed version of the Office suite. Like Office 2021 before it, Office 2024 will be part of Microsoft’s Long-Term Servicing Channel (LTSC), which is intended for IT administrators and users who value stability and predictability over constant iteration.

But Microsoft is being clearer than ever that it would really like people to move to using Microsoft 365 subscriptions, referring to Office 2024 as “a specialty product that Microsoft has committed to maintaining for use in exceptional circumstances.” The company will be increasing prices for businesses by “up to 10 percent” compared to Office 2021, a price hike that Microsoft says will “support continued innovation in this niche space.” Pricing for the consumer version of Office 2024 should stay the same as it is for Office 2021.

Office 2024 will receive support and security updates for five years from its release date, which will be “later this year,” along with a new LTSC release of Windows 11. The company has also committed to releasing at least one more standalone version of Office in the future. If you bought Office 2021 and you’re still happy with it, you’ll still get support (including security updates) until October of 2026. Support for Office 2019 ended in October 2023.

Highlights of the Office 2024 release include “new meeting creation options and search enhancements in Outlook, dozens of new Excel features and functions including Dynamic Charts and Arrays; and improved performance, security, and accessibility,” according to Microsoft. One missing feature of note will be Microsoft Publisher, which will be discontinued in October 2026.

Like other standalone Office releases, Office 2024’s feature set will be frozen in time without the continuous changes present in the Microsoft 365 versions of the same apps. And while the perpetually licensed versions of Office can interact with Microsoft services like OneDrive, the company says that other features like the Copilot AI assistant won’t be available in Office 2024 because it is a “disconnected product.” It’s also missing real-time collaboration features available in Microsoft 365.

Is it a rebrand if you keep using the old brand name in parentheses?

Enlarge / Is it a rebrand if you keep using the old brand name in parentheses?

Microsoft

Among other things, the continued existence of the standalone Office product shows that the “Office” brand name will still be with us for a while, despite Microsoft’s formal decision to retire it back in late 2022. “Office” remains useful as a noun that refers to all of these apps collectively—and separately from the Microsoft 365 subscription product. Even in places where the Office name has been removed, Microsoft seems reticent to do away with it entirely; the Microsoft 365 app that comes built into Windows has the new name and the new logo but also includes “Office” in parentheses as if to say “yes, we know what name most people use to talk about this software.”

Office 2024 will be the next standalone release, as the Office brand lives on Read More »

unreleased-preview-of-microsoft’s-os/2-2.0-is-a-glimpse-down-a-road-not-taken

Unreleased preview of Microsoft’s OS/2 2.0 is a glimpse down a road not taken

ibm, microsoft, MS-DOS, OS/2, Tech / /

OS/2 the future —

Microsoft’s involvement in IBM’s OS/2 project ended before v2.0 was released.

This big, weathered box contains an oddball piece of PC history: one of the last builds of IBM's OS/2 that Microsoft worked on before pivoting all of its attention to Windows.

Enlarge / This big, weathered box contains an oddball piece of PC history: one of the last builds of IBM’s OS/2 that Microsoft worked on before pivoting all of its attention to Windows.

In the annals of PC history, IBM’s OS/2 represents a road not taken. Developed in the waning days of IBM’s partnership with Microsoft—the same partnership that had given us a decade or so of MS-DOS and PC-DOS—OS/2 was meant to improve on areas where DOS was falling short on modern systems. Better memory management, multitasking capabilities, and a usable GUI were all among the features introduced in version 1.x.

But Microsoft was frustrated with some of IBM’s goals and demands, and the company continued to develop an operating system called Windows on its own. Where IBM wanted OS/2 to be used mainly to boost IBM-made PCs and designed it around the limitations of Intel’s 80286 CPU, Windows was being created with the booming market for PC-compatible clones in mind. Windows 1.x and 2.x failed to make much of a dent, but 1990’s Windows 3.0 was a hit, and it came preinstalled on many consumer PCs; Microsoft and IBM broke off their partnership shortly afterward, making OS/2 version 1.2 the last one publicly released and sold with Microsoft’s involvement.

But Microsoft had done a lot of work on version 2.0 of OS/2 at the same time as it was developing Windows. It was far enough along that preview screenshots appeared in PC Magazine, and early builds were shipped to developers who could pay for them, but it was never formally released to the public.

But software archaeologist Neozeed recently published a stable internal preview of Microsoft’s OS/2 2.0 to the Internet Archive, along with working virtual machine disk images for VMware and 86Box. The preview, bought by Brian Ledbetter on eBay for $650 plus $15.26 in shipping, dates to July 1990 and would have cost developers who wanted it a whopping $2,600. A lot to pay for a version of an operating system that would never see the light of day!

The Microsoft-developed build of OS/2 2.0 bears only a passing resemblance to the 32-bit version of OS/2 2.0 that IBM finally shipped on its own in April 1992. Neozeed has published a more thorough exploration of Microsoft’s version, digging around in its guts and getting some early Windows software running (the ability to run DOS and Windows apps was simultaneously a selling point of OS/2 and a reason for developers not to create OS/2-specific apps, one of the things that helped to doom OS/2 in the end). It’s a fascinating detail from a turning point in the history of the PC as we know it today, but as a usable desktop operating system, it leaves something to be desired.

All 26 disks of the OS/2 2.0 preview, plus hefty documentation manuals. There are some things about the '90s I don't miss.

Enlarge / All 26 disks of the OS/2 2.0 preview, plus hefty documentation manuals. There are some things about the ’90s I don’t miss.

This unreleased Microsoft-developed OS/2 build isn’t the first piece of Microsoft-related software history that has been excavated in the last few months. In January, an Internet Archive user discovered and uploaded an early build of 86-DOS, the software that Microsoft bought and turned into MS-DOS/PC-DOS for the original IBM PC 5150. Funnily enough, these unreleased previews serve as bookends for IBM and Microsoft’s often-contentious partnership.

As part of the “divorce settlement” between Microsoft and IBM, IBM would take over the development and maintenance of OS/2 1.x and 2.x while Microsoft continued to work on a more advanced far-future version 3.0 of OS/2. This operating system was never released as OS/2, but it would eventually become Windows NT, Microsoft’s more stable business-centric version of Windows. Windows NT merged with the consumer versions of Windows in the early 2000s with Windows 2000 and Windows XP, and those versions gradually evolved into Windows as we know it today.

It has been 18 years since IBM formally discontinued its last release of OS/2, but as so often happens in computing, the software has found a way to live on. ArcaOS is a semi-modernized, intermittently updated branch of OS/2 updated to run on modern hardware while still supporting the ability to run MS-DOS and 16-bit Windows apps.

Unreleased preview of Microsoft’s OS/2 2.0 is a glimpse down a road not taken Read More »

microsoft-says-kremlin-backed-hackers-accessed-its-source-and-internal-systems

Microsoft says Kremlin-backed hackers accessed its source and internal systems

apts, Biz & IT, microsoft, midnight blizzard, Security, source code / /

THE PLOT THICKENS —

Midnight Blizzard is now using stolen secrets in follow-on attacks against customers.

Microsoft says Kremlin-backed hackers accessed its source and internal systems

Microsoft said that Kremlin-backed hackers who breached its corporate network in January have expanded their access since then in follow-on attacks that are targeting customers and have compromised the company’s source code and internal systems.

The intrusion, which the software company disclosed in January, was carried out by Midnight Blizzard, the name used to track a hacking group widely attributed to the Federal Security Service, a Russian intelligence agency. Microsoft said at the time that Midnight Blizzard gained access to senior executives’ email accounts for months after first exploiting a weak password in a test device connected to the company’s network. Microsoft went on to say it had no indication any of its source code or production systems had been compromised.

Secrets sent in email

In an update published Friday, Microsoft said it uncovered evidence that Midnight Blizzard had used the information it gained initially to further push into its network and compromise both source code and internal systems. The hacking group—which is tracked under multiple other names, including APT29, Cozy Bear, CozyDuke, The Dukes, Dark Halo, and Nobelium—has been using the proprietary information in follow-on attacks, not only against Microsoft but also its customers.

“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access,” Friday’s update said. “This has included access to some of the company’s source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised.

In January’s disclosure, Microsoft said Midnight Blizzard used a password-spraying attack to compromise a “legacy non-production test tenant account” on the company’s network. Those details meant that the account hadn’t been removed once it was decommissioned, a practice that’s considered essential for securing networks. The details also meant that the password used to log in to the account was weak enough to be guessed by sending a steady stream of credentials harvested from previous breaches—a technique known as password spraying.

In the months since, Microsoft said Friday, Midnight Blizzard has been exploiting the information it obtained earlier in follow-on attacks that have stepped up an already high rate of password spraying.

Unprecedented global threat

Microsoft officials wrote:

It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures. Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as 10-fold in February, compared to the already large volume we saw in January 2024.

Midnight Blizzard’s ongoing attack is characterized by a sustained, significant commitment of the threat actor’s resources, coordination, and focus. It may be using the information it has obtained to accumulate a picture of areas to attack and enhance its ability to do so. This reflects what has become more broadly an unprecedented global threat landscape, especially in terms of sophisticated nation-state attacks.

The attack began in November and wasn’t detected until January. Microsoft said then that the breach allowed Midnight Blizzard to monitor the email accounts of senior executives and security personnel, raising the possibility that the group was able to read sensitive communications for as long as three months. Microsoft said one motivation for the attack was for Midnight Blizzard to learn what the company knew about the threat group. Microsoft said at the time and reiterated again Friday that it had no evidence the hackers gained access to customer-facing systems.

Midnight Blizzard is among the most prolific APTs, short for advanced persistent threats, the term used for skilled, well-funded hacking groups that are mostly backed by nation-states. The group was behind the SolarWinds supply-chain attack that led to the hacking of the US Departments of Energy, Commerce, Treasury, and Homeland Security and about 100 private-sector companies.

Last week, the UK National Cyber Security Centre (NCSC) and international partners warned that in recent months, the threat group has expanded its activity to target aviation, education, law enforcement, local and state councils, government financial departments, and military organizations.

Microsoft says Kremlin-backed hackers accessed its source and internal systems Read More »

what-a-potential-post-xbox-future-could-mean-for-sony-and-nintendo

What a potential post-Xbox future could mean for Sony and Nintendo

consoles, gaming, microsoft, Nintendo, PlayStation 5, Sony, Switch, syndication, xbox, xbox one s / /

shifting landscape —

“All signs point to the hardware becoming less and less important to Microsoft.”

What a potential post-Xbox future could mean for Sony and Nintendo

Aurich Lawson

Microsoft’s decision to ease off its 23-year competition with Sony and Nintendo over supremacy in games hardware has opened a path for Japan’s return as the world’s undisputed home of the console.

The prospect of a new, less internationalized era of console wars has raised hopes of happier times for the Japanese survivors but has also caused analysts and investors to revisit the question of how much longer the whole genre of dedicated games machines will continue to exist.

Microsoft head of gaming Phil Spencer last month revealed plans to release what would previously have been exclusively Xbox games for use on rival platforms, as part of a new focus on cloud-based gaming.

While the US technology giant has said it is still working on a new generation of more powerful consoles, analysts think its long-term direction is clear.

“All signs point to the hardware becoming less and less important to Microsoft, so there is that possibility that we could go back to a point like we were in the 1990s where the viable choices of console were all Japanese,” said Serkan Toto, head of the games consultancy Kantan Games.

Giving up the console fight to concentrate on software could be taken as a huge victory for Japan. To many, the birthplace of Super Mario, Sonic the Hedgehog, Final Fantasy, and Pokémon is the spiritual home of the console and has featured the industry’s fiercest “golden age” 1980s and 1990s clashes of Nintendo vs Sega, and later, Nintendo vs Sony.

“It may not happen immediately because the technology of cloud gaming is clearly not ready yet, but from what Microsoft is indicating, there is a possibility that we go back to an all-Japan console industry with Sony and Nintendo each dominating their part of that market in their different, unique ways,” said David Gibson, an analyst at MST Financial.

But the return to a Japan-only industry for dedicated games hardware could more clearly define the console as a commercial cul-de-sac.

That issue, said independent games analyst Pelham Smithers, could be particularly acute for Sony, which last week announced plans to cut 900 staff from its games unit.

“It was tough enough for Sony arguing the need to investors for a PS5—and a lot of people at the time were saying that the PS5 could be the end of the line—but Microsoft’s commitment to console gaming helped,” said Smithers.

Nintendo, meanwhile, faces an issue of timing. Its Switch machine, released in 2017 and now significantly underpowered even when compared with some mobile phones, is to be replaced with a next-generation successor. But the Kyoto-based company has yet to say precisely when and what it will look like.

Analysts said Nintendo is still traumatized by the experience in 2012 when it launched a poorly conceived successor to the global blockbuster Wii console.

Sales of the existing Switch are respectable, said Toto, but more or less everyone who wanted the console has bought one by now. The market, he said, will be waiting for Nintendo’s successor and may hold back on buying games for the Switch ahead of a new machine being released.

Gibson said Sony’s problems are very different: its PS5 machine, now four years old, is popular, but its games business is now guided by “accountants,” rather than people primed to manage a creative business.

Previous generations of the PlayStation had been launched with an expectation that the machine would initially be sold at a loss, before the price of components quickly fell, allowing the company to break even and, in time, allow price cuts for customers.

By its fifth year of release the PS4 had two price cuts totaling $100. The PS5 has had none. “With the accountants in charge, Sony is not prepared to cut prices by $100 to stimulate demand because that would cost $2 billion in profits,” Gibson said.

Microsoft, which has spent huge sums on acquisitions of game studios such as the $75 billion purchase of Activision, is facing similar issues with its hardware economics. Analysts said the US company may have greater motivation than Sony to become an all-platform king.

“The state of the console market right now may not be an advertisement per se for Japan getting its mojo back. It feels more like these three very idiosyncratic businesses are doing well or not for idiosyncratic reasons,” said Robin Zhu, games analyst at Bernstein.

There is a chance that Microsoft’s new direction is a “win, win, win situation,” according to Atul Goyal at Jefferies, because of the different situation each company finds itself in.

Microsoft, he said, could pump up returns by offering its games across different platforms, while Nintendo and Sony would face “less intense competition” and benefit from having a wider choice of titles for customers.

But, as Zhu said, one factor that might keep Microsoft from killing off the Xbox entirely is the same thing that will keep Sony and Nintendo in the market—the fierce loyalty of gamers.

“The concern [Microsoft] will have is that you’ve already convinced your customers to buy the hardware; by telling them that Xbox games will be on every other platform, you risk upsetting your highest engagement and most dogmatic customers,” he said.

© 2024 The Financial Times Ltd. All rights reserved Not to be redistributed, copied, or modified in any way.

What a potential post-Xbox future could mean for Sony and Nintendo Read More »

hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-of-it

Hackers exploited Windows 0-day for 6 months after Microsoft knew of it

Biz & IT, lazarus group, microsoft, Security / /
The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

Hackers backed by the North Korean government gained a major win when Microsoft left a Windows zero-day unpatched for six months after learning it was under active exploitation.

Even after Microsoft patched the vulnerability last month, the company made no mention that the North Korean threat group Lazarus had been using the vulnerability since at least August to install a stealthy rootkit on vulnerable computers. The vulnerability provided an easy and stealthy means for malware that had already gained administrative system rights to interact with the Windows kernel. Lazarus used the vulnerability for just that. Even so, Microsoft has long said that such admin-to-kernel elevations don’t represent the crossing of a security boundary, a possible explanation for the time Microsoft took to fix the vulnerability.

A rootkit “holy grail”

“When it comes to Windows security, there is a thin line between admin and kernel,” Jan Vojtěšek, a researcher with security firm Avast, explained last week. “Microsoft’s security servicing criteria have long asserted that ‘[a]dministrator-to-kernel is not a security boundary,’ meaning that Microsoft reserves the right to patch admin-to-kernel vulnerabilities at its own discretion. As a result, the Windows security model does not guarantee that it will prevent an admin-level attacker from directly accessing the kernel.”

The Microsoft policy proved to be a boon to Lazarus in installing “FudModule,” a custom rootkit that Avast said was exceptionally stealthy and advanced. Rootkits are pieces of malware that have the ability to hide their files, processes, and other inner workings from the operating system itself and at the same time control the deepest levels of the operating system. To work, they must first gain administrative privileges—a major accomplishment for any malware infecting a modern OS. Then, they must clear yet another hurdle: directly interacting with the kernel, the innermost recess of an OS reserved for the most sensitive functions.

In years past, Lazarus and other threat groups have reached this last threshold mainly by exploiting third-party system drivers, which by definition already have kernel access. To work with supported versions of Windows, third-party drivers must first be digitally signed by Microsoft to certify that they are trustworthy and meet security requirements. In the event Lazarus or another threat actor has already cleared the admin hurdle and has identified a vulnerability in an approved driver, they can install it and exploit the vulnerability to gain access to the Windows kernel. This technique—known as BYOVD (bring your own vulnerable driver)—comes at a cost, however, because it provides ample opportunity for defenders to detect an attack in progress.

The vulnerability Lazarus exploited, tracked as CVE-2024-21338, offered considerably more stealth than BYOVD because it exploited appid.sys, a driver enabling the Windows AppLocker service, which comes preinstalled in the Microsoft OS. Avast said such vulnerabilities represent the “holy grail,” as compared to BYOVD.

In August, Avast researchers sent Microsoft a description of the zero-day, along with proof-of-concept code that demonstrated what it did when exploited. Microsoft didn’t patch the vulnerability until last month. Even then, the disclosure of the active exploitation of CVE-2024-21338 and details of the Lazarus rootkit came not from Microsoft in February but from Avast 15 days later. A day later, Microsoft updated its patch bulletin to note the exploitation.

Hackers exploited Windows 0-day for 6 months after Microsoft knew of it Read More »

age-of-empires-2-gets-another-expansion-25-years-later,-and-deservedly-so

Age of Empires 2 gets another expansion 25 years later, and deservedly so

age of empires, age of empires 2, gaming, microsoft, real time strategy, real time strategy game, rts / /

Expansing empire of Age of Empires —

The rest of 2024 promises a whole lot for Age of Empires fans across all titles.

Cover artwork for Victors and Vanquished expansion to Age of Empires II

Enlarge / A battle between Ragnar Lothbrok and Oda Nobunaga was unlikely to occur, given the roughly 700 years between their existences. But Age of Empires is a limitless canvas.

World’s Edge

Real-time strategy (RTS) games aren’t getting many new titles or mainstream attention these days, but that need not be a problem. Age of Empires 2, one of the best games in the genre—and some would say of all time, period—continues to be playable on modern systems and is even getting new expansions.

Victors and Vanquished gameplay trailer.

Victors and Vanquished, an expansion for Age of Empires 2: Definitive Edition, arrives March 14. It adds 19 scenarios to the base game, allowing you to play as, among others, Oda Nobunaga, Charlemagne, and Ragnar Lothbrok. The campaigns are inspired by the deep community around Age of Empires but spiffed up with voice acting, music, bug fixes, and “quality of life improvements.” Some new mechanics show up in the scenarios, including population migration, political decisions, assassinations, and more. It’s $13 on launch day, works with Xbox Game Pass on PC (where AoE2: DE is included), and it’s on sale for preorder at about $11 until launch.

  • Oda Nobunaga’s realm in Victors and Vanquished.

    World’s Edge

  • Otto the Great, beset on all sides, with competing vassals to consider, in Victors and Vanquished.

    World’s Edge

  • Setting for Ragnar Lothbrok’s campaign in Victors and Vanquished.

    World’s Edge

  • Gameplay from Victors and Vanquished.

    World’s Edge

Developer World’s Edge Studios has offered up five expansions for AoE2:DE since its 2019 release, including the Return of Rome DLC in 2023 that shuttled in the civilizations from the original Age of Empires. A big chunk of their inspiration comes from the community. And a huge chunk of that big chunk is Filthydelphia, who had been turning out campaigns like “Kings of West Africa” and “Francis Drake on the Spanish Main” for years. Beyond the maps and army configurations, many of the campaigns contain narrative pieces. “City of Peace” involves a young woman murdered in Madinat al-Salaam, and you, the vizier, must find her murderer. Community scenarios like these make up 14 of the expansion’s 19 scenarios.

The Age of Empires series, started by a group that included a co-creator of Civilization, sought to give players a kind of “Hollywood History,” as detailed in our definitive oral history of the series. It was brightly colored, it was accurate only to the point that it made battles fun to play, and it had Microsoft to help distribute it. It sold faster than even Microsoft expected, and the sequel brought the game forward in time into knights, castles, and the like. Age of Empires 2 arrived just as real-time strategy games were at their peak, but also starting their decline. A decade later, they were merging into their scaled-back, fighting-forward cousins, MOBAs (multiplayer online battle arena), in games like Dota 2 and League of Legends.

If you’ve got a broad love of the Age of Empires franchise, but this particular expansion doesn’t compel you, don’t worry: all of 2024 is shaping up to be a big year for Xbox Studios developer World’s Edge to tempt you with one new thing or another. Age of Mythology: Retold looks to go beyond just being a “Definitive Edition” and to majorly remake the fantasy spinoff. Age of Empires III: Definitive Edition is now free to play and getting its own DLC this year. And Age of Empires IV is in its seventh season this spring.

Age of Empires 2 gets another expansion 25 years later, and deservedly so Read More »

microsoft-confirms-which-xbox-games-are-going-to-switch,-playstation

Microsoft confirms which Xbox games are going to Switch, PlayStation

exclusives, gaming, microsoft, xbox / /

four fewer reasons to buy an Xbox? —

Hi-Fi Rush, Grounded, Pentiment, and Sea of Thieves are going multiplatform.

Four Xbox console exclusives will soon be exclusive no more.

Enlarge / Four Xbox console exclusives will soon be exclusive no more.

Microsoft

During a “business update” video podcast last week, Microsoft addressed widespread rumors of Xbox software going multiplatform by saying that four of its legacy titles would be going “to the other consoles” in the future. But the company waited until today to confirm the names of the four soon-to-be-multiplatform titles.

The Xbox games coming to other consoles in the coming months are (multiplatform launch date in parentheses):

  • Pentiment (February 22, Switch, PS4/5): Obsidian’s historical murder mystery has a sprawling narrative that reacts strongly to player choices.
  • Hi-Fi Rush (March 9, PS5): A rhythm-action game from Bethesda Softworks where you have to match your attacks and movements to the beat to maximize your impact.
  • Grounded (April 16, Switch, PS4/5): Obsidian’s co-op survival adventure will be fully cross-play compatible across all platforms.
  • Sea of Thieves (April 30, PS5): Despite what we considered a poor first impression, Rare’s pirate-themed multiplayer simulation has attracted 35 million players, according to Microsoft. This title will also be cross-play compatible across platforms.

Microsoft’s announcement comes just after Grounded and Pentiment were announced for Switch as part of the morning’s Nintendo Direct: Partner Showcase video stream, the timing of which likely prevented Microsoft from announcing its plans for those titles last week. There wasn’t a lot of drama to today’s announcement, though; The Verge and independent journalist Stephen Totilo cited anonymous sources in accurately naming all four games just after Microsoft’s presentation last week.

Before that presentation, rumors flying around the Xbox community suggested that major Xbox exclusives like Starfield or Bethesda’s upcoming Indiana Jones and the Great Circle would be coming to other consoles or that Microsoft had plans to leave the console space entirely. And while Microsoft has effectively shot down those rumors, the company has suggested that exclusive games will be a less important part of its console strategy going into the future.

“[I have] a fundamental belief that over the next five or ten years… games that are exclusive to one piece of hardware are going to be a smaller and smaller part of the game industry,” Xbox CEO Phil Spencer said.

Microsoft confirms which Xbox games are going to Switch, PlayStation Read More »

microsoft-fixes-problem-that-let-edge-replicate-chrome-tabs-without-permission

Microsoft fixes problem that let Edge replicate Chrome tabs without permission

Browsers, google chrome, microsoft, Microsoft Edge, Tech, web browsers / /

Tab thieving thwarted —

Edge update is first proof that this was definitely a glitch.

Microsoft fixes problem that let Edge replicate Chrome tabs without permission

Microsoft

Microsoft has fixed a problem that resulted in tabs from Google Chrome being imported to Microsoft Edge without user consent, as spotted by The Verge. Microsoft has kept mum on the situation, making the issued update the first time Microsoft has identified this as a problem, rather than typical behavior for the world’s third-most-popular browser.

In late January, The Verge Senior Editor Tom Warren reported experiencing the puzzling Edge issue. After updating his computer, Edge launched with the tabs that Warren most recently used in Chrome. He eventually realized that Edge has a feature you can toggle, reading: “Always have access to your recent browsing data each time you browse on Microsoft Edge.” The setting is reachable in Edge by typing “edge://settings/profiles/importBrowsingData.” Interestingly, it allows Edge to import browsing data from Chrome every time you open Edge, but data from Firefox can only be imported manually. However, Edge was seizing Chrome tabs without this setting enabled. Others reported having this problem via Microsoft’s support forum and social media, as well.

The Edge setting as seen on a Windows 11 23H2 system running Edge 122. You can have data continuously imported from Chrome or on demand from Firefox, but other browsers don't appear.

Enlarge / The Edge setting as seen on a Windows 11 23H2 system running Edge 122. You can have data continuously imported from Chrome or on demand from Firefox, but other browsers don’t appear.

Andrew Cunningham

Microsoft didn’t respond to The Verge’s initial request for comment, but this week it released an Edge update that seems to address matters. Microsoft’s release notes from February 15 say:

Edge has a feature that provides an option to import browser data on each launch from other browsers with user consent. This feature’s state might not have been syncing and displaying correctly across multiple devices. This is fixed.

Microsoft seems to be saying that the status (enabled or disabled) of Edge’s importing data ability wasn’t syncing correctly across people’s Microsoft devices. However, this doesn’t explain the number of users who claimed they saw the problem without having the feature enabled. Microsoft declined Ars Technica’s request for comment.

With this fix, Microsoft is claiming that the behavior was, indeed, unintentional. But that wasn’t a given. Besides the fact that Microsoft hasn’t provided more details about the problem, the company also has a history of both sneakily and overtly trying to coerce people into using Edge. You’ll see Microsoft pester you with pop-up messages if you try to download Chrome or change your default browser, for example.

Edge and Chrome are both based on the Chromium browsing engine, but Chrome has long maintained a massive lead over Edge in terms of market share. Global Statcounter data points to Chrome having 64.41 percent market share last month, followed by Safari (18.82 percent), and then Edge (5.36 percent). The numbers inch slightly more in Microsoft’s favor when looking at the US market specifically (9.31 percent share in January), although Chrome still dominated (49.06 percent).

  • Browser market share for the past year globally.

  • Browser market share for the past year in the US.

Like many web browsers, Edge has a hard time competing with Chrome, which ties in with other popular Google services, like Gmail. Similarly, Edge promotes Microsoft offerings, including coupons, Microsoft accounts, and, as of recently, Copilot.

Edge pulling Chrome tabs seemed to fit in with pushy strategies Microsoft has employed to get people on its browser and other products, like Microsoft 365. Without more information, we don’t know when Microsoft first knew about Edge’s unwanted tab replication or how long it took to make it stop. Regardless, Microsoft doesn’t intend for tab swiping to be part of the Edge experience currently, so at least this particular nuisance should be over.

Microsoft fixes problem that let Edge replicate Chrome tabs without permission Read More »