Technology News

Making technology work for business

  1. Meta officially ‘acqui-hires’ Scale AI — will it draw regulator scrutiny?

    Meta is looking to up its weakening AI game with a key talent grab.

    Following days of speculation, the social media giant has confirmed that Scale AI’s founder and CEO, Alexandr Wang, is joining Meta to work on its AI efforts.

    Meta will invest $14.3 billion in Scale AI as part of the deal, and will have a 49% stake in the AI startup, which specializes in data labeling and model evaluation services. Other key Scale employees will also move over to Meta, while CSO Jason Droege will step in as Scale’s interim CEO.

    This move comes as the Mark Zuckerberg-led company goes all-in on building a new research lab focused on “superintelligence,” the next step beyond artificial general intelligence (AGI).

    The arrangement also reflects a growing trend in big tech, where industry giants are buying companies without really buying them — what’s increasingly being referred to as “acqui-hiring.” It involves recruiting key personnel from a company, licensing its technology, and selling its products, but leaving it as a private entity.

    “This is fundamentally a massive ‘acqui-hire’ play disguised as a strategic investment,” said Wyatt Mayham, lead AI consultant at Northwest AI Consulting. “While Meta gets Scale’s data infrastructure, the real prize is Wang joining Meta to lead their superintelligence lab. At the $14.3 billion price tag, this might be the most expensive individual talent acquisition in tech history.”

    Closing gaps with competitors

    Meta has struggled to keep up with OpenAI, Anthropic, and other key competitors in the AI race, recently even delaying the launch of its new flagship model, Behemoth, purportedly due to internal concerns about its performance. It has also seen the departure of several of its top researchers.

     “It’s not really a secret at this point that Meta’s Llama 4 models have had significant performance issues,” Mayham said. “Zuck is essentially betting that Wang’s track record building AI infrastructure can solve Meta’s alignment and model quality problems faster than internal development.” And, he added, Scale’s enterprise-grade human feedback loops are exactly what Meta’s Llama models need to compete with ChatGPT and Claude on reliability and task-following.

    Data quality, a key focus for Wang, is a big factor in solving those performance problems. He wrote in a note to Scale employees on Thursday, later posted on X (formerly Twitter), that when he founded Scale AI in 2016 amidst some of the early AI breakthroughs, “it was clear even then that data was the lifeblood of AI systems, and that was the inspiration behind starting Scale.”

    But despite Meta’s huge investment, Scale AI is underscoring its commitment to sovereignty: “Scale remains an independent leader in AI, committed to providing industry-leading AI solutions and safeguarding customer data,” the company wrote in a blog post. “Scale will continue to partner with leading AI labs, multinational enterprises, and governments to deliver expert data and technology solutions through every phase of AI’s evolution.”

    Allowing big tech to side-step notification

    But while it’s only just been inked, the high-profile deal is already raising some eyebrows. According to experts, arrangements like these allow tech companies to acquire top talent and key technologies in a side-stepping manner, thus avoiding regulatory notification requirements.

    The US Federal Trade Commission (FTC) requires mergers and acquisitions totaling more than $126 million be reported in advance. Licensing deals or the mass hiring-away of a company’s employees don’t have this requirement. This allows companies to move more quickly, as they don’t have to undergo the lengthy federal review process.

    Microsoft’s deal with Inflection AI is probably one of the highest-profile examples of the “acqui-hiring” trend. In March 2024, the tech giant paid the startup $650 million in licensing fees and hired much of its team, including co-founders Mustafa Suleyman (now CEO of Microsoft AI) and Karén Simonyan (chief scientist of Microsoft AI).

    Similarly, last year Amazon hired more than 50% of Adept AI’s key personnel, including its CEO, to focus on AGI. Google also inked a licensing agreement with Character AI and hired a majority of its founders and researchers.

    However, regulators have caught on, with the FTC launching inquiries into both the Microsoft-Inflection and Amazon-Adept deals, and the US Justice Department (DOJ) analyzing Google-Character AI.

    Reflecting ‘desperation’ in the AI industry

    Meta’s decision to go forward with this arrangement anyway, despite that dicey backdrop, seems to indicate how anxious the company is to keep up in the AI race.

    “The most interesting piece of this all is the timing,” said Mayham. “It reflects broader industry desperation. Tech giants are increasingly buying parts of promising AI startups to secure key talent without acquiring full companies, following similar patterns with Microsoft-Inflection and Google-Character AI.”

    However, the regulatory risks are “real but nuanced,” he noted. Meta’s acquisition could face scrutiny from antitrust regulators, particularly as the company is involved in an ongoing FTC lawsuit over its Instagram and WhatsApp acquisitions. While the 49% ownership position appears designed to avoid triggering automatic thresholds, US regulatory bodies like the FTC and DOJ can review minority stake acquisitions under the Clayton Antitrust Act if they seem to threaten competition.

    Perhaps more importantly, Meta is not considered a leader in AGI development and is trailing OpenAI, Anthropic, and Google, meaning regulators may not consider the deal all that concerning (yet).

    All told, the arrangement certainly signals Meta’s recognition that the AI race has shifted from a compute and model size competition to a data quality and alignment battle, Mayham noted.

    “I think the [gist] of this is that Zuck’s biggest bet is that talent and data infrastructure matter more than raw compute power in the AI race,” he said. “The regulatory risk is manageable given Meta’s trailing position, but the acqui-hire premium shows how expensive top AI talent has become.”

  2. Microsoft’s Patch Tuesday updates: Keeping up with the latest fixes

    Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are.  Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.

    The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates.  Like tacos, Patch Tuesday is here to stay.

    In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”

    Patch Tuesday will continue to be an “important part of our strategy to keep users secure,” Microsoft said, adding that it’s now an important part of the cybersecurity industry.  As a case in point, Adobe, among others, follows a similar patch cadence.

    Patch Tuesday coverage has also long been a staple of Computerworld’s commitment to provide critical information to the IT industry. That’s why we’ve gathered together this collection of recent patches, a rolling list we’ll keep updated each month.

    In case you missed a recent Patch Tuesday announcement, here are the latest six months of updates.

    June Patch Tuesday: 68 fixes — and two zero-day flaws

    Microsoft offered up a fairly light Patch Tuesday release for June, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. But two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) mean IT admins need to get busy with quick patching plans. More info on Microsoft Security updates for June 2025.

    May’s Patch Tuesday serves up 78 updates, including 5 zero-day fixes

    This May Patch Tuesday release is very much a “back-to-basics” update with just 78 patches for Microsoft Windows, Office, Visual Studio, and .NET. Notably, Microsoft has not released any patches for Microsoft Exchange Server or Microsoft SQL Server. However, five zero-day exploits for Windows mean this month’s Windows updates should be patched now. More info on Microsoft Security updates for May 2025.

    For April, a large ‘dynamic’ Patch Tuesday release

    IT admins will be busy this month: the latest patch update from Microsoft includes 126 fixes, including one for an exploited Windows flaw and five critical patches for Office. The April Patch Tuesday release is large (126 patches), broad and unfortunately very dynamic, with several re-releases, missing files and broken patches affecting both the Windows and Office platforms. More info on Microsoft Security updates for April 2025.

    For March’s Patch Tuesday, 57 fixes — and 7 zero-days

    For so few patches from Microsoft this month (57), we have seven zero-days to manage (with a “Patch Now” recommendation for Windows) and standard release schedules for Microsoft Office, Microsoft browsers (Edge) and Visual Studio.  Adobe is back with a critical update for Reader, too — but it’s not been paired (at least for now) with a Microsoft patch. More info on Microsoft Security updates for March 2025.

    For February’s Patch Tuesday, Microsoft rolls out 63 updates

    Microsoft released 63 patches for Windows, Microsoft Office, and developer platforms in this week’s Patch Tuesday update. The February release was a relatively light update, but it comes with significant testing requirements for networking and remote desktop environments. Two zero-day Windows patches (CVE-2025-21391 and CVE-2025-21418) have been reported as exploited and another Windows update (CVE-2025-21377) has been publicly disclosed — meaning IT admins get a “Patch Now” recommendation for this month’s Windows updates. More info on Microsoft Security updates for February 2025.

    2025’s first Patch Tuesday: 159 patches, including several zero-day fixes

    Microsoft began the new year with a hefty patch release for January, addressing eight zero-days with 159 patches for Windows, Microsoft Office and Visual Studio. Both Windows and Microsoft Office have “Patch Now” recommendations (with no browser or Exchange patches) for January. Microsoft also released a significant servicing stack update (SSU) that changes how desktop and server platforms are updated, requiring additional testing on how MSI Installer, MSIX and AppX packages are installed, updated, and uninstalled. More info on Microsoft Security updates for January 2025.

  3. For June’s Patch Tuesday, 68 fixes — and two zero-day flaws

    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” recommendation for both Windows and Office. (Developers can follow their usual release cadence with updates to Microsoft .NET and Visual Studio.)

    To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates. (More information about recent Patch Tuesday releases is available here.)

    Known issues

    Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern:

    • Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” or [] are not supported in Excel filenames. An error is generated, advising the user to remove the offending characters.
    • Windows 10: There are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity.

    Major revisions and mitigations

    Microsoft might have won an award for the shortest time between releasing an update and a revision with:

    • CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release (and has been revised again for documentation purposes).

    Windows lifecycle and enforcement updates

    Microsoft did not release any enforcement updates for June.


    Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated.

    For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts.

    Core OS and UI compatibility

    Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations:

    • Run print operations from 32-bit applications on 64-bit Windows environments.
    • Use different print drivers and configurations (e.g., local, networked).
    • Observe printing from older productivity apps and virtual environments.

    Remote desktop and network connectivity

    This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed:

    • Create and reconnect Remote Desktop (RDP) sessions under varying network conditions.
    • Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments.
    • Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots.

    Filesystem, SMB and storage

    Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations:

    • Access file shares using server names, FQDNs, and IP addresses.
    • Enable and validate encrypted and compressed file-share operations between clients and servers.
    • Run tests that create, open, and read from system log files using various file and storage configurations.
    • Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes.
    • Test disk addition/removal, failover behaviors, and resiliency settings.
    • Run system-level storage diagnostics across active and passive nodes in the cluster.

    Windows installer and recovery

    Microsoft delivered another update to the Windows Installer (MSI) application infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security (VBS):

    • Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools (e.g. Intune).
    • Validate restore point behavior for points older than 60 days under varying virtualization-based security (VBS) settings.
    • Check both client and server behaviors for allowed or blocked restores.

    We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected.

    Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

    • Browsers (Microsoft IE and Edge);
    • Microsoft Windows (both desktop and server);
    • Microsoft Office;
    • Microsoft Exchange and SQL Server; 
    • Microsoft Developer Tools (Visual Studio and .NET);
    • And Adobe (if you get this far).

    Browsers

    Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patches (CVE-2025-5068 and CVE-2025-5419) where both updates are rated important. These low-profile changes can be added to your standard release calendar.

    Microsoft Windows

    Microsoft released five critical patches and (a smaller than usual) 40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities:

    • Missing release of memory after effective lifetime in Windows Cryptographic Services (WCS) allows an unauthorized attacker to execute code over a network.
    • Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
    • Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
    • Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

    Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates.

    Microsoft Office

    Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release.

    Microsoft Exchange and SQL Server

    There are no updates for either Microsoft Exchange or SQL Server this month. 

    Developer tools

    There were only three low-level updates (product focused and rated important) released, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule.

    Adobe (and 3rd party updates)

    Adobe has released (but Microsoft has not co-published) a single update to Adobe Acrobat (APSB25-57). There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above.

  4. Apple WWDC 2025: News and analysis

    Apple’s Worldwide Developers Conference 2025 saw a range of announcements that offered a glimpse into the future of Apple’s software design and artificial intelligence (AI) strategy, highlighted by a new design language called  Liquid Glass and by Apple Intelligence news.

    Liquid Glass is designed to add translucency and dynamic movement to Apple’s user interface across iPhones, iPads, Macs, Apple Watches, and Apple TVs. The overhaul aims to make interactions with elements like buttons and sidebars adapt contextually.

    However, the real news of WWDC could be what we didn’t see.  Analysts had high expectations for Apple’s AI strategy, and while Apple Intelligence was talked about, many market watchers reported that it lacked the innovation that have come from Google’s and Microsoft’s generative AI (genAI) rollouts.

    The question of whether Apple is playing catch-up lingered at WWDC 2025, and comments from Apple execs about delays to a significant AI overhaul for Siri were apparently interpreted as a setback by investors, leading to a negative reaction and drop in stock price.

    Follow this page for Computerworld‘s coverage of WWDC25.

    WWDC25 news and analysis

    Apple’s AI Revolution: Insights from WWDC

    June 13, 2025: At Apple’s big developer event, developers were served a feast of AI-related updates, including APIs that let them use Apple Intelligence in their apps and ChatGPT-augmentation from within Xcode. As a development environment, Apple has secured its future, with Macs forming the most computationally performant systems you can affordably purchase for the job.

    For developers, Apple’s tools get a lot better for AI

    June 12, 2025: Apple announced one important AI update at WWDC this week, the introduction of support for third-party large language models (LLM) such as ChatGPT from within Xcode. It’s a big step that should benefit developers, accelerating app development.

    WWDC 25: What’s new for Apple and the enterprise?

    June 11, 2025: Beyond its new Liquid Glass UI and other major improvements across its operating systems, Apple introduced a hoard of changes, tweaks, and enhancements for IT admins at WWDC 2025.

    What we know so far about Apple’s Liquid Glass UI

    June 10, 2025: What Apple has tried to achieve with Liquid Glass is to bring together the optical quality of glass and the fluidity of liquid to emphasize transparency and lighting when using your devices. 

    WWDC first look: How Apple is improving its ecosystem

    June 9, 2025: While the new user interface design Apple execs highlighted at this year’s Worldwide Developers Conference (WWDC) might have been a bit of an eye-candy distraction, Apple’s enterprise users were not forgotten.

    Apple infuses AI into the Vision Pro

    June 8, 2025: Sluggish sales of Apple’s Vision Pro mixed reality headset haven’t dampened the company’s enthusiasm for advancing the device’s 3D computing experience, which now incorporates AI to deliver richer context and experiences.

    WWDC: Apple is about to unlock international business

    June 4, 2025: One of the more exciting pre-WWDC rumors is that Apple is preparing to make language problems go away by implementing focused artificial intelligence in Messages, which will apparently be able to translate incoming and outgoing messages on the fly. 

  5. Apple’s AI Revolution: Insights from WWDC

    After this year’s WWDC, I’m feeling a lot more positive about Apple’s efforts to weave artificial intelligence into its ecosystem. While a contextual Siri may not arrive until next year, the focus right now is on developing the inherent technologies rather than mass market AI interactions.

    At Apple’s big developer event, developers were served a feast of AI-related updates, including APIs that will let them use Apple Intelligence in their apps and ChatGPT-augmentation from within Xcode. What this means is that as a development environment, Apple has secured its future, with Macs forming the most computationally performant systems you can affordably purchase for this work.

    Apple’s role in AI innovation

    The power of Apple Silicon has already made the MacBook Pro a favored device for AI development, and the announcements at WWDC consolidate that status. If you want a machine that can build AI, makes use of AI, and can even run its own on-device AI to support the work you’re doing, get a Mac.

    Ensuring the Mac remains a chosen development tool makes it more likely the products of that labor will work on the platform in the future. Apple is smart to continue to invest in its platforms to ensure they continue to be the best system for AI development, especially because the future of artificial intelligence isn’t yet written and far from certain.

    When smart isn’t so smart

    In a widely-discussed, statistics-driven report published just before WWDC began, Apple clarified some of the shortcomings of generative AI (genAI) in the current innovation cycle, showing the intelligent machines are still not as smart as they are so often portrayed. What this means is that even the most sophisticated genAI systems you might use are not yet as smart as they’re made out to be. 

    What do you do with a technology that has so many unwritten futures to it? I guess you enter the story line, which Apple achieved at WWDC. Being part of the development narrative may not be the same as being the company that owns a ChatGPT, Anthropic, or Gemini, but it does mean you sit in the same room. Being in the same room matters to AI developers, as professionals in the field really like to speak together, which goes with the territory when working at the cutting-edge of human endeavor. To an extent, it implies that developers at WWDC might all be hoping for more from Apple Intelligence but could well be working on its competitors. On a Mac.

    To climb a mountain

    I’m not saying Apple has no mountain to climb. It will clearly continue to struggle on the ascent. It’s just that I’ve become more certain the company will reach the summit — because that summit is not defined by consumer-facing AI chatbots. It is defined by powerful, intelligent tools to help humans achieve things they’ve been unable to do before. There’s a huge difference between applied AI and a glorified search engine, and while Apple’s report hints that machines might never match human cognition at the highest levels, that’s not to say Apple’s self-developed large language models (LLMs) can’t amplify what we can do. 

    Perhaps the focus around AI is misplaced — the aim should not be on creating smart machines to replace human beings, but on building tech to augment them. Why replace the most sophisticated organic machine that has evolved with a computer when humans already have their own minds? Why not just build an AI to extend and enable what those amazing minds can achieve?

    Can AI be a path to freedom?

    If we follow that direction of travel, we end up in a place that seems to align with Apple’s moves at WWDC. Focused AI solutions to help people get things done will always be both more useful and less societally challenging than smart machines that seek to replace us. So, it’s with this in mind that I think through a confluence of historical internal decisions and unfortunate failure, Apple has managed to arrive in a pretty good place. 

    The company that perhaps wants to develop an artificial intelligence for humanity now offers developers a great platform on which to build it. Perhaps one day, when humans once again make it to the mountain top, we will look with fresh eyes at tech’s promised land, a world in which computing devices augment and liberate humanity, rather than being exploited to keep us all in line.

    We’ve just got to fight for it.

    You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.