Anthropic Archives

Winsage

May 13, 2026

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has introduced a multi-model AI system called MDASH, designed to enhance vulnerability discovery and remediation processes. Currently in limited private preview testing with select customers, MDASH employs over 100 specialized AI agents for various classes of vulnerabilities, enabling autonomous discovery, validation, and demonstration of exploitable defects in complex codebases. The system operates through a structured pipeline that analyzes source code, constructs threat models, and validates findings using auditor and debater agents. MDASH has successfully identified 16 vulnerabilities in its initial tests, including two critical flaws affecting Windows networking and authentication: 1. CVE-2026-33824 (CVSS score: 9.8) - A double-free vulnerability in "ikeext.dll" allowing remote code execution via specially crafted packets. 2. CVE-2026-33827 (CVSS score: 8.1) - A race condition vulnerability in Windows TCP/IP ("tcpip.sys") enabling remote code execution through specially crafted IPv6 packets.

AppWizard

May 8, 2026

Codex users have been begging OpenAI for this upgrade — and it’s finally in the works

OpenAI's Codex users have expressed a strong desire for enhanced functionality, particularly remote session control via ChatGPT on mobile devices, which is currently absent. Developers have voiced their frustrations on platforms like GitHub and Reddit, noting that competitors like Anthropic's Claude offer seamless remote access. Recent updates in version 1.2026.125 of the ChatGPT Android app suggest that the remote control feature for Codex is in development, with code indicating users will soon be able to access Codex on their desktops remotely, reconnect to sessions from mobile devices, and receive prompts for updates or restarts. The code also hints at functionalities like creating launcher shortcuts for Codex. While a fully operational preview is not yet available, early indications show that the integration of remote control for Codex is imminent. However, it is noted that an APK teardown provides insights into potential features, but there is no guarantee they will be included in a public release.

Winsage

May 1, 2026

Windows Weekly 981: Semi-Sophisticated

Leo, Richard, and Paul discussed developments in the Windows Insider Program, Snapdragon X2 gaming, artificial intelligence, and Xbox. Two changes in the Insider Program were noted. Microsoft has open-sourced early MS-DOS source code. Intel reported a .7 billion loss, which Paul attributes to 'collusion.' Microsoft and OpenAI are revising their partnership, with Microsoft 365 Copilot gaining enhanced AI features in Word, Excel, and PowerPoint, and GitHub Copilot moving to a usage-based billing model starting June 1. OpenAI is reportedly entering the mobile phone market, while Adobe's Firefly AI Assistant is in preview, and Anthropic is increasing its creator space involvement. Microsoft Gaming has rebranded to Xbox, with new leadership focused on future plans, including a mobile game store pending changes in Apple's policies. Valve will release its Steam Controller next week. A listener inquired about purchasing Windows 11 on Arm for Mac virtualization, leading to suggestions for cost-saving options. PowerToys 0.99 introduces new utilities and improvements. This week’s episode of RunAs Radio compares M365 Copilot and Claude Cowork. Reifel Rye is recommended as the brown liquor of the week.

Tech Optimizer

April 26, 2026

CanisterSprawl: pgserve Compromised on npm: Malicious Versions Harvest Credentials and Exfiltrate to a Decentralized ICP Canister

On April 21, 2026, compromised versions of pgserve (1.1.11, 1.1.12, and 1.1.13) were published on npm, containing a 1,143-line credential-harvesting script that executes during the postinstall phase of npm install. The malware functions as a supply-chain worm, reinjecting itself into other packages if it finds an npm publish token. Stolen credentials are encrypted using RSA-4096 and AES-256 and exfiltrated to a decentralized Internet Computer Protocol (ICP) canister. The last legitimate release was v1.1.10, published on April 17, 2026. The malware was detected by StepSecurity AI Package Analyst and Harden Runner, which flagged the compromised versions as Critical / Rejected and confirmed live exfiltration during analysis. The injected script performs operations such as harvesting environment variables, collecting filesystem secrets, encrypting payloads, and propagating to other npm packages and Python packages if a PyPI token is detected. The exfiltration domains have been added to a global block list.

Winsage

April 19, 2026

Microsoft confirms AI agents are still coming to the Windows 11 taskbar as it prepares for public rollout

Microsoft is integrating AI agents into the Windows 11 taskbar, allowing users to invoke these agents, including third-party options, directly from the taskbar. This feature will be optional and not enabled by default. The AI agents, such as Microsoft 365 Researcher, can operate autonomously to perform tasks like planning, researching, and executing actions without user intervention. Users can activate these agents by hovering over the Microsoft 365 Copilot icon on the taskbar. The Microsoft 365 Researcher can conduct complex research tasks and generate reports using files from OneDrive or Microsoft 365, but it requires a Microsoft 365 subscription to access. A new feature called ‘Ask Copilot’ may enhance the search experience by allowing users to tag and trigger agents using the “@” symbol. This functionality is supported by the Model Context Protocol (MCP), which connects AI models with applications and files. Developers can integrate their agents using the Windows.UI.Shell.Tasks API. Despite earlier statements about reducing AI in Windows 11, Microsoft is adopting a more selective approach to AI integration, ensuring that the use of taskbar agents remains optional and not intrusive. The company is phasing out Copilot branding in certain applications while maintaining AI capabilities in a streamlined manner.

Winsage

April 14, 2026

Google’s Spotlight-like desktop search bar for Windows is available for everyone

Google released a desktop application for Windows inspired by macOS's Spotlight feature, available globally in English for Windows 10 or newer. Users can activate the app using the Alt + Space shortcut, which allows searching web content, local files, and Google Drive. The app includes viewing options like All, Images, and AI Mode, and integrates Google Lens for enhanced search capabilities. It also supports screen sharing. There is speculation about potential expansion to macOS and Linux, with reports of a Gemini app being tested for macOS.

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

Winsage

April 10, 2026

Windows and Xbox rediscover user feedback and fans are wondering what took so long

Microsoft has shifted its focus to better address user needs, revitalizing its Xbox Series X|S consoles and re-engaging with the gaming community through initiatives like the global Xbox FanFest. The company is also working to improve its relationship with Windows users by acknowledging past criticisms and planning to reinstate Windows Insider meetups and prioritize user-requested features. Despite these efforts, skepticism remains among observers of Microsoft's trajectory. Microsoft's relationship with OpenAI is complicated, with CEO Satya Nadella expressing concerns about backlash against AI integration. The company has invested over a billion dollars in OpenAI for exclusive access to AI models but may pursue legal action against OpenAI due to its collaborations with other tech giants. Microsoft's AI and cloud businesses are facing scrutiny from investors, with concerns about profitability and the sustainability of Azure operations. Nearly half of U.S. data centers planned for 2026 are at risk of cancellation, complicating Microsoft's AI ambitions. OpenAI's path to profitability is expected to be long, with projections suggesting it may not turn a profit until 2030. The competitive landscape, including rivals like Anthropic and alternatives from China, adds uncertainty. Legal challenges may arise from OpenAI's agreements with other companies, potentially affecting Microsoft's interests. Nadella's reference to "societal permission" indicates an awareness of Microsoft's public image, which has suffered. Xbox has faced community engagement issues, and Windows 11 has experienced public relations challenges and a decline in innovation. The costs associated with AI have been substantial, impacting Microsoft's reputation and consumer trust.

Winsage

April 5, 2026

Claude Cowork and Claude Code Can Now Control Your Windows Desktop

On April 3, 2026, Anthropic expanded Claude’s desktop control feature to Windows for Pro and Max subscribers, allowing users to operate applications, navigate web pages, and manage files on their PCs without prior configuration. The feature is in research preview and includes a Dispatch companion for task assignment from mobile devices. Claude uses a structured tool hierarchy for task execution, prioritizing connectors like Slack and Google Calendar, and engages in direct desktop control only when necessary. Users must opt in to activate the feature, which integrates with existing software without requiring API keys. The technology is partly derived from Anthropic’s acquisition of Vercept AI, which specializes in AI-driven computer control. Security concerns have arisen due to vulnerabilities demonstrated shortly after the launch, prompting Anthropic to implement safeguards while acknowledging the feature's potential errors. Users can stop Claude's operations, but the company admits it cannot disable the technology remotely once tasks have started. Competitors like Microsoft and Google are also exploring similar desktop-level AI automation capabilities.

Winsage

April 5, 2026

Microsoft Copilot Cowork is Now Available to Windows Users

Microsoft has introduced early access to Copilot Cowork through its Frontier program, enhancing the Researcher feature to improve planning, analysis, and decision-making workflows. Copilot Cowork is an AI system designed to manage complex, multi-step tasks within Microsoft 365, allowing users to set outcomes and receive real-time updates while enabling adjustments as needed. It is based on the Claude Cowork framework by Anthropic. The Researcher tool now includes a Critique feature that uses two AI models, GPT and Claude, to improve response accuracy, resulting in a 13.8% performance boost on the DRACO benchmark. Additionally, the Model Council feature allows users to compare outputs from multiple AI models side by side. These updates are part of Wave 3 of Microsoft 365 Copilot, aiming to make AI a more active participant in work tasks.