copilot

LG TVs’ unremovable Copilot shortcut is the least of smart TVs’ AI problems

AI, chatbots, copilot, generative ai, lg, microsoft, samsung, Tech, TVs / Mike M. / December 19, 2025

But Copilot will still be integrated into Tizen OS, and Samsung appears eager to push chatbots into TVs, including by launching Perplexity’s first TV app. Amazon, which released Fire TVs with Alexa+ this year, is also exploring putting chatbots into TVs.

After the backlash LG faced this week, companies may reconsider installing AI apps on people’s smart TVs. A better use of large language models in TVs may be as behind-the-scenes tools to improve TV watching. People generally don’t buy smart TVs to make it easier to access chatbots.

But this development is still troubling for anyone who doesn’t want an AI chatbot in their TV at all.

Some people don’t want chatbots in their TVs

Subtle integrations of generative AI that make it easier for people to do things like figure out the name of “that movie” may have practical use, but there are reasons to be wary of chatbot-wielding TVs.

Chatbots add another layer of complexity to understanding how a TV tracks user activity. With a chatbot involved, smart TV owners will be subject to complicated smart TV privacy policies and terms of service, as well as the similarly verbose rules of third-party AI companies. This will make it harder for people to understand what data they’re sharing with companies, and there’s already serious concern about the boundaries smart TVs are pushing to track users, including without consent.

Chatbots can also contribute to smart TV bloatware. Unwanted fluff, like games, shopping shortcuts, and flashy ads, already disrupts people who just want to watch TV.

LG’s Copilot web app is worthy of some grousing, but not necessarily because of the icon that users will eventually be able to delete. The more pressing issue is the TV industry’s shift toward monetizing software with user tracking and ads.

If you haven’t already, now is a good time to check out our guide to breaking free from smart TV ads and tracking.

LG TVs’ unremovable Copilot shortcut is the least of smart TVs’ AI problems Read More »

Microsoft drops AI sales targets in half after salespeople miss their quotas

agentic AI, AI, AI adoption, AI agents, AI infrastructure, AI spending, azure, Biz & IT, Cloud Computing, copilot, enterprise AI, foundry, generative ai, machine learning, microsoft, Microsoft Copilot, simulated reasoning, SR models / DJ Henderson / December 3, 2025

Microsoft has lowered sales growth targets for its AI agent products after many salespeople missed their quotas in the fiscal year ending in June, according to a report Wednesday from The Information. The adjustment is reportedly unusual for Microsoft, and it comes after the company missed a number of ambitious sales goals for its AI offerings.

AI agents are specialized implementations of AI language models designed to perform multistep tasks autonomously rather than simply responding to single prompts. So-called “agentic” features have been central to Microsoft’s 2025 sales pitch: At its Build conference in May, the company declared that it has entered “the era of AI agents.”

The company has promised customers that agents could automate complex tasks, such as generating dashboards from sales data or writing customer reports. At its Ignite conference in November, Microsoft announced new features like Word, Excel, and PowerPoint agents in Microsoft 365 Copilot, along with tools for building and deploying agents through Azure AI Foundry and Copilot Studio. But as the year draws to a close, that promise has proven harder to deliver than the company expected.

According to The Information, one US Azure sales unit set quotas for salespeople to increase customer spending on a product called Foundry, which helps customers develop AI applications, by 50 percent. Less than a fifth of salespeople in that unit met their Foundry sales growth targets. In July, Microsoft lowered those targets to roughly 25 percent growth for the current fiscal year. In another US Azure unit, most salespeople failed to meet an earlier quota to double Foundry sales, and Microsoft cut their quotas to 50 percent for the current fiscal year.

Microsoft drops AI sales targets in half after salespeople miss their quotas Read More »

Even Microsoft’s retro holiday sweaters are having Copilot forced upon them

copilot, culture, microsoft, Tech, Windows / Shannon Garcia / December 1, 2025

I can take or leave some of the things that Microsoft is doing with Windows 11 these days, but I do usually enjoy the company’s yearly limited-time holiday sweater releases. Usually crafted around a specific image or product from the company’s ’90s-and-early-2000s heyday—2022’s sweater was Clippy themed, and 2023’s was just the Windows XP Bliss wallpaper in sweater form—the sweaters usually hit the exact combination of dorky/cute/recognizable that makes for a good holiday party conversation starter.

Microsoft is reviving the tradition for 2025 after taking a year off, and the design for this year’s flagship $80 sweater is mostly in line with what the company has done in past years. The 2025 “Artifact Holiday Sweater” revives multiple pixelated icons that Windows 3.1-to-XP users will recognize, including Notepad, Reversi, Paint, MS-DOS, Internet Explorer, and even the MSN butterfly logo. Clippy is, once again, front and center, looking happy to be included.

Not all of the icons are from Microsoft’s past; a sunglasses-wearing emoji, a “50” in the style of the old flying Windows icon (for Microsoft’s 50th anniversary), and a Minecraft Creeper face all nod to the company’s more modern products. But the only one I really take issue with is on the right sleeve, where Microsoft has stuck a pixelated monochrome icon for its Copilot AI assistant.

Even Microsoft’s retro holiday sweaters are having Copilot forced upon them Read More »

Microsoft tries to head off the “novel security risks” of Windows 11 AI agents

AI, copilot, microsoft, Tech, Windows 11, windows 11 25h2 / Mike M. / November 18, 2025

Microsoft has been adding AI features to Windows 11 for years, but things have recently entered a new phase, with both generative and so-called “agentic” AI features working their way deeper into the bedrock of the operating system. A new build of Windows 11 released to Windows Insider Program testers yesterday includes a new “experimental agentic features” toggle in the Settings to support a feature called Copilot Actions, and Microsoft has published a detailed support article detailing more about just how those “experimental agentic features” will work.

If you’re not familiar, “agentic” is a buzzword that Microsoft has used repeatedly to describe its future ambitions for Windows 11—in plainer language, these agents are meant to accomplish assigned tasks in the background, allowing the user’s attention to be turned elsewhere. Microsoft says it wants agents to be capable of “everyday tasks like organizing files, scheduling meetings, or sending emails,” and that Copilot Actions should give you “an active digital collaborator that can carry out complex tasks for you to enhance efficiency and productivity.”

But like other kinds of AI, these agents can be prone to error and confabulations and will often proceed as if they know what they’re doing even when they don’t. They also present, in Microsoft’s own words, “novel security risks,” mostly related to what can happen if an attacker is able to give instructions to one of these agents. As a result, Microsoft’s implementation walks a tightrope between giving these agents access to your files and cordoning them off from the rest of the system.

Possible risks and attempted fixes

For now, these “experimental agentic features” are optional, only available in early test builds of Windows 11, and off by default. Credit: Microsoft

For example, AI agents running on a PC will be given their own user accounts separate from your personal account, ensuring that they don’t have permission to change everything on the system and giving them their own “desktop” to work with that won’t interfere with what you’re working with on your screen. Users need to approve requests for their data, and “all actions of an agent are observable and distinguishable from those taken by a user.” Microsoft also says agents need to be able to produce logs of their activities and “should provide a means to supervise their activities,” including showing users a list of actions they’ll take to accomplish a multi-step task.

Microsoft tries to head off the “novel security risks” of Windows 11 AI agents Read More »

Microsoft’s Mico heightens the risks of parasocial LLM relationships

AI, Avatar, copilot, mico, microsoft / Kelly Newman / October 24, 2025

While mass media like radio, movies, and television can all feed into parasocial relationships, the Internet and smartphone revolutions have supercharged the opportunities we all have to feel like an online stranger is a close, personal confidante. From YouTube and podcast personalities to Instagram influencers or even your favorite blogger/journalist (hi), it’s easy to feel like you have a close connection with the people who create the content you see online every day.

After spending hours watching this TikTok personality, I trust her implicitly to sell me a purse. Credit: Getty Images

Viewing all this content on a smartphone can flatten all these media and real-life personalities into a kind of undifferentiated media sludge. It can be all too easy to slot an audio message from your romantic partner into the same mental box as a stranger chatting about video games in a podcast. “When my phone does little mating calls of pings and buzzes, it could bring me updates from people I love, or show me alerts I never asked for from corporations hungry for my attention,” Julie Beck writes in an excellent Atlantic article about this phenomenon. “Picking my loved ones out of the never-ending stream of stuff on my phone requires extra effort.”

This is the world Mico seems to be trying to slide into, turning Copilot into another not-quite-real relationship mediated through your mobile device. But unlike the Instagram model who never seems to acknowledge your comments, Mico is always there to respond with a friendly smile and a warm, soothing voice.

AI that “earns your trust”

Text-based AI interfaces are already frighteningly good at faking human personality in a way that encourages this kind of parasocial relationship, sometimes with disastrous results. But adding a friendly, Pixar-like face to Copilot’s voice mode may make it much easier to be sucked into feeling like Copilot isn’t just a neural network but a real, caring personality—one you might even start thinking of the same way you’d think of the real loved ones in your life.

Microsoft’s Mico heightens the risks of parasocial LLM relationships Read More »

AI-powered features begin creeping deeper into the bedrock of Windows 11

copilot, microsoft, Tech, Windows 11, windows 11 24h2, windows 11 25h2 / Shannon Garcia / October 17, 2025

everything old is new again

Copilot expands with an emphasis on creating and editing files, voice input.

Microsoft is hoping that Copilot will succeed as a voice-driven assistant where Cortana failed. Credit: Microsoft

Like virtually every major Windows announcement in the last three years, the spate of features that Microsoft announced for the operating system today all revolve around generative AI. In particular, they’re concerned with the company’s more recent preoccupation with “agentic” AI, an industry buzzword for “telling AI-powered software to perform a task, which it then does in the background while you move on to other things.”

But the overarching impression I got, both from reading the announcement and sitting through a press briefing earlier this month, is that Microsoft is using language models and other generative AI technologies to try again with Cortana, Microsoft’s failed and discontinued entry in the voice assistant wars of the 2010s.

According to Microsoft’s Consumer Chief Marketing Officer Yusuf Mehdi, “AI PCs” should be able to recognize input “naturally, in text or voice,” to be able to guide users based on what’s on their screens at any given moment, and that AI assistants “should be able to take action on your behalf.”

The biggest of today’s announcements is the introduction of a new “Hey, Copilot” activation phrase for Windows 11 PCs, which once enabled users to summon the chatbot using only their voice rather than a mouse or keyboard (if you do want to use the keyboard, either the Copilot key or the same Windows + C keyboard shortcut that used to bring up Cortana will also summon Copilot). Saying “goodbye” will dismiss Copilot when you’re done working with it.

Macs and most smartphones have sported similar functionality for a while now, but Microsoft is obviously hoping that having Copilot answer those questions instead of Cortana will lead to success rather than another failure.

The key limitation of the original Cortana—plus Siri, Alexa, and the rest of their ilk—is that it could only really do a relatively limited and pre-determined list of actions. Complex queries, or anything the assistants don’t understand, often get bounced to a general web search. The results of that search may or may not accomplish what you wanted, but it does ultimately shift the onus back on the user to find and follow those directions.

To make Copilot more useful, Microsoft has also announced that Copilot Vision is being rolled out worldwide “in all markets where Copilot is offered” (it has been available in the US since mid-June). Copilot Vision will read the contents of a screen or an app window and can attempt to offer useful guidance or feedback, like walking you through an obscure task in Excel or making suggestions based on a group of photos or a list of items. (Microsoft additionally announced a beta for Gaming Copilot, a sort of offshoot of Copilot Vision intended specifically for walkthroughs and advice for whatever game you happen to be playing.)

Beyond these tweaks or wider rollouts for existing features, Microsoft is also testing a few new AI and Copilot-related additions that aim to fundamentally change how users interact with their Windows PCs by reading and editing files.

All of the features Microsoft is announcing today are intended for all Windows 11 PCs, not just those that meet the stricter hardware requirements of the Copilot+ PC label. That gives them a much wider potential reach than things like Recall or Click to Do, and it makes knowing what these features do and how they safeguard security and privacy that much more important.

AI features work their way into the heart of Windows

Microsoft wants general-purpose AI agents to be able to create and modify files for you, among other things, working in the background while you move on to other tasks. Credit: Microsoft

Whether you’re talking about the Copilot app, the generative AI features added to apps like Notepad and Paint, or the data-scraping Windows Recall feature, most of the AI additions to Windows in the last few years have been app-specific, or cordoned off in some way from core Windows features like the taskbar and File Explorer.

But AI features are increasingly working their way into bedrock Windows features like the taskbar and Start menu and being given capabilities that allow them to analyze or edit files or even perform file management tasks.

The standard Search field that has been part of Windows 10 and Windows 11 for the last decade, for example, is being transformed into an “Ask Copilot” field; this feature will still be able to look through local files just like the current version of the Search box, but Microsoft also envisions it as a keyboard-driven interface for Copilot for the times when you can’t or don’t want to use your voice. (We don’t know whether the “old” search functionality lives on in the Start menu or as an optional fallback for people who disable Copilot, at least not yet.)

A feature called Copilot Actions will also expand the number of ways that Copilot can interact with local files on your PC. Microsoft cites “sorting through recent vacation photos” and extracting information from PDFs and other documents as two possible use cases, and that this early preview version will focus on “a narrow set of use cases.” But it’s meant to be “a general-purpose agent” capable of “interacting with desktop and web applications.” This gives it a lot of latitude to augment or replace basic keyboard-and-mouse input for some interactions.

Screenshots of a Windows 11 testing build showed Copilot taking over the area of the taskbar that is currently reserved for the Search field. Credit: Microsoft

Finally, Microsoft is taking another stab at allowing Copilot to change the settings on your PC, something that earlier versions were able to do but were removed in a subsequent iteration. Copilot will attempt to respond to plain-language questions about your PC settings with a link to the appropriate part of Windows’ large, labyrinthine Settings app.

These new features dovetail with others Microsoft has been testing for a few weeks or months now. Copilot Connectors, rolled out to Windows Insiders earlier this month, can give Copilot access to email and file-sharing services like Gmail and Dropbox. New document creation features allow Copilot to export the contents of a Copilot chat into a Word or PDF document, Excel spreadsheet, or PowerPoint deck for more refinement and editing. And AI actions in the File Explorer appear in Windows’ right-click menu and allow for the direct manipulation of files, including batch-editing images and summarizing documents. Together with the Copilot Vision features that enable Copilot to see the full contents of Office documents rather than just the on-screen portions, all of these features inject AI into more basic everyday tasks, rather than cordoning them off in individual apps.

Per usual, we don’t know exactly when any of these new features will roll out to the general public, and some may never be available outside of the Windows Insider program. None of them are currently baked into the Windows 11 25H2 update, at least not the version that the company is currently beginning to roll out to some PCs.

Learning the lessons of Recall

Microsoft at least seems to have learned lessons from the botched rollout of Windows Recall last year.

If you didn’t follow along: Microsoft’s initial plan had been to roll out Recall with the first wave of Copilot+ PCs, but without sending it through the Windows Insider Preview program first. This program normally gives power users, developers, security researchers, and others the opportunity to kick the tires on upcoming Windows features before they’re launched, giving Microsoft feedback on bugs, security holes, or other flaws before rolling them out to all Windows PCs.

But security researchers who did manage to get their hands on the early, nearly launched version of Recall discovered a deeply flawed feature that preserved too much personal information and was trivially easy to exploit—a plain-text file with OCR text from all of a user’s PC usage could be grabbed by pretty much anybody with access to the PC, either in person or remote. It was also enabled by default on PCs that supported it, forcing users to manually opt out if they didn’t want to use it.

In the end, Microsoft pulled that version of Recall, took nearly a year to overhaul its security architecture, and spent months letting the feature make its way through the Windows Insider Preview channels before finally rolling it out to Copilot+ PCs. The resulting product still presents some risks to user privacy, as does any feature that promises to screenshot and store months of history about how you use your PC, but it’s substantially more refined, the most egregious security holes have been closed, and it’s off by default.

Copilot Actions are, at least for now, also disabled by default. And Microsoft Corporate Vice President of Windows Security Dana Huang put up a lengthy accompanying post explaining several of the steps Microsoft has taken to protect user privacy and security when using Copilot Actions. These include running AI agents with their own dedicated user accounts to reduce their access to data in your user folder; mandatory code-signing; and giving agents the fewest privileges they need to do their jobs. All of the agents’ activities will also be documented, so users can verify what actions have been taken and correct any errors.

Whether these security and privacy promises are good enough is an open question, but unlike the initial version of Recall, all of these new features will be sent out through the Windows Insider channels for testing first. If there are serious flaws, they’ll be out in public early on, rather than dropped on users unawares.

Andrew is a Senior Technology Reporter at Ars Technica, with a focus on consumer tech including computer hardware and in-depth reviews of operating systems like Windows and macOS. Andrew lives in Philadelphia and co-hosts a weekly book podcast called Overdue.

AI-powered features begin creeping deeper into the bedrock of Windows 11 Read More »

Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic

AI, AI assistants, AI development tools, Amazon, Amazon Web Services, Anthropic, AWS, azure, Biz & IT, Claude, copilot, Dario Amodei, GPT-5, large language models, machine learning, microsoft, Microsoft Copilot, multimodal AI, Office 365, openai / 9u50fv / September 10, 2025

Microsoft’s Office 365 suite will soon incorporate AI models from Anthropic alongside existing OpenAI technology, The Information reported, ending years of exclusive reliance on OpenAI for generative AI features across Word, Excel, PowerPoint, and Outlook.

The shift reportedly follows internal testing that revealed Anthropic’s Claude Sonnet 4 model excels at specific Office tasks where OpenAI’s models fall short, particularly in visual design and spreadsheet automation, according to sources familiar with the project cited by The Information, who stressed the move is not a negotiating tactic.

Anthropic did not immediately respond to Ars Technica’s request for comment.

In an unusual arrangement showing the tangled alliances of the AI industry, Microsoft will reportedly purchase access to Anthropic’s models through Amazon Web Services—both a cloud computing rival and one of Anthropic’s major investors. The integration is expected to be announced within weeks, with subscription pricing for Office’s AI tools remaining unchanged, the report says.

Microsoft maintains that its OpenAI relationship remains intact. “As we’ve said, OpenAI will continue to be our partner on frontier models and we remain committed to our long-term partnership,” a Microsoft spokesperson told Reuters following the report. The tech giant has poured over $13 billion into OpenAI to date and is currently negotiating terms for continued access to OpenAI’s models amid ongoing negotiations about their partnership terms.

Stretching back to 2019, Microsoft’s tight partnership with OpenAI until recently gave the tech giant a head start in AI assistants based on language models, allowing for a rapid (though bumpy) deployment of OpenAI-technology-based features in Bing search and the rollout of Copilot assistants throughout its software ecosystem. It’s worth noting, however, that a recent report from the UK government found no clear productivity boost from using Copilot AI in daily work tasks among study participants.

Microsoft ends OpenAI exclusivity in Office, adds rival Anthropic Read More »

With new in-house models, Microsoft lays the groundwork for independence from OpenAI

AI, copilot, llm, MAI-1-preview, MAI-Voice-1, microsoft, Microsoft Copilot, openai / 9u50fv / August 30, 2025

Since it’s hard to predict where this is all going, it’s likely to Microsoft’s long-term advantage to develop its own models.

It’s also possible Microsoft has introduced these models to address use cases or queries that OpenAI isn’t focused on. We’re seeing a gradual shift in the AI landscape toward models that are more specialized for certain tasks, rather than general, all-purpose models that are meant to be all things to all people.

These new models follow that somewhat, as Microsoft AI lead Mustafa Suleyman said in a podcast with The Verge that the goal here is “to create something that works extremely well for the consumer… my focus is on building models that really work for the consumer companion.”

As such, it makes sense that we’re going to see these models rolling out in Copilot, which is Microsoft’s consumer-oriented AI chatbot product. Of MAI-1-preview, the Microsoft AI blog post specifies, “this model is designed to provide powerful capabilities to consumers seeking to benefit from models that specialize in following instructions and providing helpful responses to everyday queries.”

So, yes, MAI-1-preview has a target audience in mind, but it’s still a general-purpose model since Copilot is a general-purpose tool.

MAI-Voice-1 is already being used in Microsoft’s Copilot Daily and Podcasts features. There’s also a Copilot Labs interface that you can visit right now to play around with it, giving it prompts or scripts and customizing what kind of voice or delivery you want to hear.

MA1-1-preview is in public testing on LMArena and will be rolled out to “certain text use cases within Copilot over the coming weeks.”

With new in-house models, Microsoft lays the groundwork for independence from OpenAI Read More »

In 3.5 years, Notepad.exe has gone from “barely maintained” to “it writes for you”

AI, copilot, microsoft, Tech, Windows, Windows 11, windows 11 24h2 / DJ Henderson / May 23, 2025

By late 2021, major updates for Windows’ built-in Notepad text editor had been so rare for so long that a gentle redesign and a handful of new settings were rated as a major update. New updates have become much more common since then, but like the rest of Windows, recent additions have been overwhelmingly weighted in the direction of generative AI.

In November, Microsoft began testing an update that allowed users to rewrite or summarize text in Notepad using generative AI. Another preview update today takes it one step further, allowing you to write AI-generated text from scratch with basic instructions (the feature is called Write, to differentiate it from the earlier Rewrite).

Like Rewrite and Summarize, Write requires users to be signed into a Microsoft Account, because using it requires you to use your monthly allotment of Microsoft’s AI credits. Per this support page, users without a paid Microsoft 365 subscription get 15 credits per month. Subscribers with Personal and Family subscriptions get 60 credits per month instead.

Microsoft notes that all AI features in Notepad can be disabled in the app’s settings, and obviously, they won’t be available if you use a local account instead of a Microsoft Account.

Microsoft is also releasing preview updates for Paint and Snipping Tool, two other bedrock Windows apps that hadn’t seen much by way of major updates before the Windows 11 era. Paint’s features are also mostly AI-related, including a “sticker generator” and an AI-powered smart select tool “to help you isolate and edit individual elements in your image.” A new “welcome experience” screen that appears the first time you launch the app will walk you through the (again, mostly AI-related) new features Microsoft has added to Paint in the last couple of years.

In 3.5 years, Notepad.exe has gone from “barely maintained” to “it writes for you” Read More »

Lighter, cheaper Surface Laptop saves a little money but gives up a lot

ARM, copilot, microsoft, qualcomm, snapdragon, Surface, surface laptop, Tech, Windows 11, windows 11 24h2 / Beth Washington / May 6, 2025

The laptop has two USB-C ports on the right side, seen here, and a USB-A port and headphone jack on the left. Surface Connect is gone. For those reasons, it seems like most individual buyers would still be better off going for the 13.8-inch Surface Laptop, with the new one only really making sense for companies buying these in bulk if the 13.8-inch Surface goes up in price or if the 13-inch Surface happens to be discounted and the 13.8-inch version isn’t. The 13.8-inch Laptop is also obviously still the one you want if you want more than 16GB of RAM or 512GB of storage, or if you need more CPU and GPU speed.

The new 13-inch Laptop has most of the same basic ports as the 13.8-inch version, just arranged slightly differently. You still get a pair of USB-C ports (both supporting 10 Gbps USB 3.2 speeds, rather than USB 4), one USB-A port, and a headphone jack, but the USB-A port and headphone jack are now on the left side of the laptop. As with the 12-inch Surface Pro tablet, the Surface Connect port has been removed, so this is compatible with all existing USB-C accessories but none of the ones that use Microsoft’s proprietary connector.

An awkward refresh

Both of the new Surface devices being announced today. Credit: Microsoft

The new Surface Laptop doesn’t seem to regress on any major functional fronts—unlike the 12-inch Surface Pro, which throws out an 11-year-old keyboard fix that made the Surface Pro’s keyboard cover much more stable and laptop-like—but it’s still an odd refresh. But inflation, supply chain snarls, and the Trump administration’s rapidly changing tariff plans have made pricing and availability harder to predict than they were a few years ago.

Though PCs and smartphones are (currently) exempted from most tariffs, Microsoft did recently raise the prices of its years-old Xbox Series S and X consoles; it’s possible these new Surface devices were originally designed to be budget models but that world events kept them from being as cheap as they otherwise might have been.

Lighter, cheaper Surface Laptop saves a little money but gives up a lot Read More »

Windows 11 updates are accidentally getting rid of Copilot, at least for now

copilot, Tech, Windows 11 / DJ Henderson / March 18, 2025

Microsoft’s Windows updates over the last couple of years have mostly been focused on adding generative AI features to the operating system, including multiple versions of the Copilot assistant. Copilot has made it into Windows 11 (and even, to a more limited extent, the aging Windows 10) as a native app, and then a wrapper around a web app, and soon as a native app again.

But this month’s Windows updates are removing the Copilot app from some Windows 11 PCs and unpinning it from the taskbar, according to this Microsoft support document. This bug obviously won’t affect systems where Copilot had already been uninstalled, but it has already led to confusion among some Windows users.

Microsoft says it is “working on a resolution to address the issue” but that users who want to get Copilot back can reinstall the app from the Microsoft Store and repin it to the taskbar, the same process you use to install Copilot on PCs where it has been removed.

Though some version of Copilot has been included in fresh Windows 11 installs since mid-2023, and Microsoft even added a Copilot key into the standard Windows keyboard in early 2024, Copilot’s appearance and capabilities have shifted multiple times since then.

Windows 11 updates are accidentally getting rid of Copilot, at least for now Read More »

Copilot exposes private GitHub pages, some removed by Microsoft

AI, Biz & IT, copilot, GitHub, private, public, search cashe, Security / Shannon Garcia / February 28, 2025

Screenshot showing Copilot continues to serve tools Microsoft took action to have removed from GitHub. Credit: Lasso

Lasso ultimately determined that Microsoft’s fix involved cutting off access to a special Bing user interface, once available at cc.bingj.com, to the public. The fix, however, didn’t appear to clear the private pages from the cache itself. As a result, the private information was still accessible to Copilot, which in turn would make it available to the Copilot user who asked.

The Lasso researchers explained:

Although Bing’s cached link feature was disabled, cached pages continued to appear in search results. This indicated that the fix was a temporary patch and while public access was blocked, the underlying data had not been fully removed.

When we revisited our investigation of Microsoft Copilot, our suspicions were confirmed: Copilot still had access to the cached data that was no longer available to human users. In short, the fix was only partial, human users were prevented from retrieving the cached data, but Copilot could still access it.

The post laid out simple steps anyone can take to find and view the same massive trove of private repositories Lasso identified.

There’s no putting toothpaste back in the tube

Developers frequently embed security tokens, private encryption keys and other sensitive information directly into their code, despite best practices that have long called for such data to be inputted through more secure means. This potential damage worsens when this code is made available in public repositories, another common security failing. The phenomenon has occurred over and over for more than a decade.

When these sorts of mistakes happen, developers often make the repositories private quickly, hoping to contain the fallout. Lasso’s findings show that simply making the code private isn’t enough. Once exposed, credentials are irreparably compromised. The only recourse is to rotate all credentials.

This advice still doesn’t address the problems resulting when other sensitive data is included in repositories that are switched from public to private. Microsoft incurred legal expenses to have tools removed from GitHub after alleging they violated a raft of laws, including the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, the Lanham Act, and the Racketeer Influenced and Corrupt Organizations Act. Company lawyers prevailed in getting the tools removed. To date, Copilot continues undermining this work by making the tools available anyway.

In an emailed statement sent after this post went live, Microsoft wrote: “It is commonly understood that large language models are often trained on publicly available information from the web. If users prefer to avoid making their content publicly available for training these models, they are encouraged to keep their repositories private at all times.”

Copilot exposes private GitHub pages, some removed by Microsoft Read More »