Articles from 2026
Browse all Windows news articles published in 2026
U.S. Senate Approves ChatGPT, Gemini, and Copilot for Non-Sensitive Government Work
The U.S. Senate has authorized staff to use three major generative AI platforms—OpenAI's ChatGPT, Google's Gemini, and Microsoft's Copilot—for routine, non-sensitive legislative work. This marks...
CVE-2026-29786: Critical Node Tar Vulnerability Allows File System Escape During Extraction
A newly discovered vulnerability in the widely used Node.js tar library enables malicious tarballs to escape extraction boundaries and overwrite files anywhere on the host system. Tracked as...
Go 1.26.1 Fixes Critical TOCTOU Vulnerability in OS Package: What Windows Developers Need to Know
The Go programming language team has released version 1.26.1 with a critical security fix for a time-of-check/time-of-use (TOCTOU) vulnerability in the os package. This subtle but dangerous race...
CVE-2026-3713: Critical Heap Overflow Vulnerability in libpng's pnm2png Tool
A newly disclosed vulnerability in the libpng project—tracked as CVE-2026-3713—allows a specially crafted PNM image to trigger a heap-based buffer overflow in the library's pnm2png utility. This...
Go html/template XSS flaw (CVE-2026-27142) fixed in Go 1.26.1, 1.25.8; Windows users urged to patch now
The Go programming language's standard library contains a critical security vulnerability in its html/template package that exposes web applications to cross-site scripting attacks. Tracked as...
CVE-2026-3731: libssh SFTP Off-by-One Bug Exposes Supply Chain Vulnerabilities
A subtle off-by-one error in libssh's SFTP extension handling has been assigned CVE-2026-3731, triggering security releases across multiple platforms and exposing critical questions about API hygiene...
CVE-2026-26018: CoreDNS Loop Vulnerability Threatens Kubernetes Clusters
CoreDNS has been assigned CVE-2026-26018, a high-severity denial-of-service vulnerability in the loop plugin that can be triggered remotely by an attacker who can send carefully crafted DNS queries....
CoreDNS CVE-2026-26017 TOCTOU Vulnerability: How Plugin Ordering Flaw Bypasses DNS Security Controls
CoreDNS has disclosed a critical security vulnerability that allows attackers to bypass DNS access controls through a subtle plugin ordering flaw. CVE-2026-26017, a Time-of-Check Time-of-Use (TOCTOU)...
Senate Authorizes ChatGPT, Gemini, Copilot for Aide Work, Mandates Human Verification
The U.S. Senate has authorized frontline aides to use three commercial AI chatbots for official work: OpenAI's ChatGPT, Google's Gemini, and Microsoft's Copilot. This decision represents a...
Windows 11 KB5079473 March 2026 Update: Sysmon Integration, Emoji 16 Support, and WebP Wallpaper Engine
Microsoft released cumulative update KB5079473 for Windows 11 on March 10, 2026, advancing both the 25H2 and 24H2 branches to new build numbers. The update pushes OS Build 26200.8037 for Windows 11...
Senate Issues First AI Policy, Authorizing ChatGPT, Gemini, Copilot for Aides
The U.S. Senate has quietly authorized staff to use three mainstream conversational AI assistants—OpenAI's ChatGPT, Google's Gemini, and Microsoft's Copilot—for non-sensitive work. A one-page...
Microsoft Copilot Cowork and Anthropic Claude Cowork: The Multi-Model AI Agent Platform Battle Begins
Microsoft and Anthropic have both announced multi-model AI agent platforms called \"Cowork,\" signaling a fundamental shift in how enterprises will deploy artificial intelligence. Microsoft's Copilot...