Kevin Beaumont on Microsoft Recall

Kevin Beaumont has a nice write up of the nuances of Microsoft Recall that is rolling out in the May security updates for 24H2.

For those of you in businesses be aware of the following:

1. Recall has to be enabled. It will not be turned on by default in a domain/business setting.
2. In a consumer setting, you will be asked if you want to enable it.

Here’s where Microsoft is making things blurry. It’s calling the images it’s taking snapshots. “Snapshots” implies the backup of the device as it does right before an update. That’s not what this is. It’s taking images of what you see on the computer and doing OCR and other AI processing on them.

Microsoft, you need to be more consistent in your naming.

Master Patch Listing for May 13, 2025

I’ve updated the master patch list here.  Please note I am not recommending installing updates at this time, we are just testing and reporting.

So far in May I’m seeing some businesses report that they are seeing Bitlocker recovery keys being requested.  See . May 13 -KB5058379 Windows 10 leads to corruption and endpoints asking – Microsoft Community

Note that I’m only seeing this in businesses, not consumer pcs.

As always, thank you all for supporting the cause! Remember we use the “name your price” model where you can choose how much you will pay for a membership. Plus membership gives you full access, And if you donate $50 or more, you’ll get a special code to enable text messages sent to your phone each time the Master Patch List gets updated and when I change the MS-DEFCON level.

More details about these updates in Monday’s newsletter.  You are missing out if you don’t sign up. All content is human made with our own blood, sweat, tears, fingers, and brain power — and it’s 100% AI free.  Therefore, if I’ve fat fingered any KB numbers or if you have any questions, as always post in the forums and I’ll follow up!

AutoSave is for Microsoft, not for you

After 30 years, I get around the Microsoft Office apps pretty well. There are surprises from time to time. Yesterday, I noticed that AutoSave was not turned on for one of my Excel spreadsheets. I don’t use AutoSave very often but thought I should for this particular document. I was surprised.

When I attempted to move the AutoSave slider to On, Excel displayed the dialog you see to the left, asking which OneDrive account I wanted to use. The document is personal, so I did not want it in the cloud — I wanted to keep it local.

Curious, I asked Copilot “In Office apps, does autosave work only for files stored in OneDrive?” The response was “Yes,” followed by further details including a note about using AutoRecover instead. (I give Copilot high marks for honesty, at least in this case.)

In short, Microsoft allows this useful feature only if you are using OneDrive. It’s not an Office feature — it’s a OneDrive feature. At the very least, you need a Microsoft account to get that minimal amount of storage Redmond offers, or a full-fledged 365 account ($) for more space.

May 2025 updates are out

Once again it’s the second Tuesday of the month. Time once again for the major “B” week release better known as Patch Tuesday.

Remember at this time we are in test mode only.

KB5058411 is out for Windows 11 24H2. Fixes an issue where the audio form your microphone might mute unexpectedly.

KB5058405 is out for Windows 11 23H2. This includes the following fixes:

• [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.
• [Windows Update] Fixed: This update addresses an issue where you might be unable to update to Windows 11, version 24H2 via WSUS. The download might not start or complete, showing error code 0x80240069 and logs with “Service has unexpectedly stopped”.

KB5058379 is for Windows 10 22H2.

More details in next Monday’s newsletter.  And now we start testing and looking for issues and side effects.

Apple releases 18.5

Apple’s iOS 18.5 is out. Notably, the emergency satellite features will be available as far back as the iPhone 13 instead of the previously announced iPhone 14. It also adds minor updates for Screen Time, Mail, and wallpaper; fixes bugs; and coincides with other Apple OS security releases for iPadOS, watchOS, and others.

Many of the security bugs have already been exploited but — as is true for many Apple bugs — only for targeted users. Remember to ensure your device is set up for backup either to your computer or to the cloud.

In addition, the following updates are released:

Which antivirus apps and VPNs are the most secure in 2025?

PUBLIC DEFENDER

By Brian Livingston

To protect yourself from malware, a strong antivirus program — constantly updated against threats that emerge every day — is a must. But your security and privacy can be enhanced by adding a virtual private network (VPN) and a secure browser to your computing environment.

In today’s analysis, I cover the security features of the best antivirus apps and VPNs. These two applications are often bundled together in a suite. Sometimes, paying for a tough VPN also gets you a good antivirus app as part of the deal. In other cases, you’re better off selecting two unrelated apps that simply work well with each other.

Read the full story in our Plus Newsletter (22.19.0, 2025-05-12).
This story also appears in our public Newsletter.

Stay connected anywhere

TRAVELING TECH

By Peter Deegan

As standardized as things seem to be in personal computing, traveling in different countries creates some challenges.

For example, not all Wi-Fi is the same. Different rules for online access apply, depending upon the country. In this article, I’ll explore options for Internet access when you’re overseas and how to use those options economically and wisely.

I should know. I’ve set foot in all seven continents and visited 237 countries and territories.

Read the full story in our Plus Newsletter (22.19.0, 2025-05-12).

Copilot, under the table

AI

By Will Fastie

I’m used to getting regular updates to the operating system on my Android phone, Samsung’s One UI.

That’s because I can’t do much about it. The phone gives me three opportunities to delay having an O/S update installed, but eventually the phone will update itself, outside my control.

As it turns out, Microsoft is even more underhanded.

Read the full story in our Plus Newsletter (22.19.0, 2025-05-12).

The Windows experience

MICROSOFT

By Will Fastie

For decades, it didn’t matter which edition of Windows one used.

Whether Home, Pro, Education, or Enterprise, almost any application written for Windows would run in all those editions. Doom II? No problem. WordPerfect? Ditto. Excel? Of course. Then came Windows RT, a relative failure that was replaced three years later with Windows for Arm.

Now, Microsoft is saying out loud something it probably intended all along and which will most likely change our perception of Windows forever.

Read the full story in our Plus Newsletter (22.19.0, 2025-05-12).

A tale of two operating systems

PATCH WATCH

By Susan Bradley

I’ve been struggling with two inevitabilities.

The first is the impending end of life for Windows 10 and my quest to find Extended Support Update (ESU) plans so that I can safely hold on to Windows 10 as necessary.

The second is embracing Windows 11 24H2.

As it turns out, I’ve had problems with both.

Read the full story in our Plus Newsletter (22.19.0, 2025-05-12).

AI slop

I spotted a post from Daniel Stenberg complaining about bug reports that turn out to be nothing but what he deems “AI slop” — the bug reporter got vulnerability details by using various AI tools and did not independently verify or confirm that the bug was real.

Bug reporting is a fine art. A good bug report needs to explain what operating system is installed and what steps or actions triggered the event in question. Most of us do not explain bugs very well at all.

Conversely, it’s sometimes hard to distinguish between a bug and an intended, dribbled-out change. All we know is that something changed and we often can’t quite explain what happened. If it’s hard for humans to determine whether something is a bug, is it any wonder that AI doesn’t find bugs? With many vendors using AI to do more of their coding, does this bode well for software?

Privacy and the Real ID

I was listening to a story the other day about the history of the RealID law and why it’s taken so long to get fully enforced. Originally, it was anticipated that having a verified ID would be no big deal, but then this thing called privacy rose up and started making people question why we needed to be in a database in the first place.

The origin of the need for proper verification came not from 9/11 but from how a fake driver’s license was made by the wife of one of the Oklahoma City bombers in 1995. She created the fake ID on an ironing board. Officials were concerned that it was so easy to circumvent the verification process.

Dissertations on the impact of the law have discussed how people have resisted the concept because of concerns about privacy and surveillance. If you already have a passport, you don’t need a RealID. In fact, other identification methods include trusted traveler cards such as Global Entry.

Even in computing we are struggling with proper verification. Attackers are moving past stealing our passwords and are now finding ways to grab the “other” authentication methods we use, such as OAuth. If someone malicious tricks us into approving OAuth permissions to another app without you realizing it, you may inadvertently give the attacker rights to something important. The best way to prevent this is to be aware of what you are clicking on — especially if you get a two-factor prompt out of the blue. Time and time again, attackers find weak spots to abuse, forcing us to keep changing how we do things.

What is a privacy concern to one, is a security protection to another.