AI 资讯
Microsoft said the patches would get bigger. I measured how much bigger.
On 9 July 2026 the head of Windows published a post about AI-powered vulnerability discovery. One line in it was a warning to customers: "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release." It does not say how much higher. The post runs about 1400 words and contains no numbers at all. Five days later Microsoft shipped the July package: 1150 CVEs. The number Microsoft would not put in the blog post is sitting in Microsoft's own API. The Security Update Guide publishes every monthly package as machine-readable CVRF, acknowledgments included, no key required. So I pulled twelve months of it and did the arithmetic. What the data says I sampled eight months before the ramp and four after it. Month CVEs Month CVEs 2024-07 454 2026-04 737 2025-01 343 2026-05 991 2025-04 374 2026-06 1281 2025-07 527 2026-07 1150 2025-10 427 2026-01 310 2026-02 169 2026-03 460 The eight pre-ramp months average 383 CVEs. July 2026 is 1150, so the package is 3,0 times the old normal. The baseline broke in April and peaked in June at 1281. April to July inclusive is 4159 CVEs. At the old rate that is 10,9 months of output, delivered in four. The number I am not going to use February 2026 had 169 CVEs. It is the lowest month in two years, less than half the baseline. Divide July by February and you get 6,8 times, which is a much better number for a headline. I am not using it, because choosing your denominator is how honest people produce dishonest numbers. February is an outlier, and the only reason to anchor to it is that it flatters the story. The real multiplier is 3,0. It does not need help. It is not noise The obvious objection is that volume without quality is just a bigger pile. If AI were generating low-value findings that got patched anyway, the severity distribution would sag. It did the opposite. Measure 2025-07 2026-07 CVEs 527 1150 CVSS median 6,5 7,5 CVSS mean 6,47 7,26 CVSS 7,0 and above 48,0 % 71,
开源项目
Windows 11’s big patch Tuesday allows you to hold off on updates for longer
Microsoft just released a long list of improvements for Windows 11 as part of its bigger patch Tuesdays, and that includes the ability to pause updates indefinitely, as reported earlier by Windows Central. This option rolled out to Windows Insiders earlier this year, allowing you to hold off on updates for up to 35 days […]
AI 资讯
Microsoft tests Windows Search without all the ads and fluff
Microsoft is testing a cleaner version of the Windows 11 search menu that strips it of recommended content and ads. In a blog post on Monday, Microsoft announced that it's rolling out the decluttered Search Box to Windows Insiders in the Experimental channel as the company looks to regain trust with users and fix Windows. […]
AI 资讯
The Paintbrush Paradox: Why the Monolithic Era of AI Is Crumbling
Over the past week, two narratives have been colliding everywhere I look. On one side, there's panic. AI is expected to replace marketers, engineers, and entire categories of knowledge work almost overnight. On the other, there are quieter but far more consequential signals: enterprise teams discovering their AI infrastructure is burning through API budgets far faster than expected. This isn't because the underlying models are weak, but because the systems built around them are fundamentally inefficient by design. These aren't separate stories. They're the same failure showing up in different places. A conversation with another developer made that gap visible in real time. He argued that auditing a 150,000-line codebase requires feeding the entire repository into a model in one single, massive pass. It's still a common assumption in mainstream tech: that an LLM works like a giant biological brain that you must fully load with raw text before it can begin to think. But that assumption is already outdated. Modern AI systems don't scale through brute-force context. They scale through structure. And that shift changes everything. Key takeaways Bigger context windows did not solve AI. Treating a frontier model as a monolithic processor that re-reads an entire system on every query is wasteful, dilutes attention, and hides bugs under raw volume. ARC-AGI-3 makes the gap stark: frontier models scored under 1% on interactive reasoning tasks that untrained humans solve at nearly 100%. The gap is architecture, not memory. The teams pulling ahead treat the model as one narrow component inside a larger system: intelligent routing, task decomposition, retrieval, and only the minimum necessary context. The next advantage is not the biggest model or the longest prompt. It is the system designed around the model. Prompting was the first generation; systems architecture is the next. The Myth of the Infinite Context Window When context windows expanded into the hundreds of thousands o
科技前沿
Patch for Windows Defender 0-day could allow attackers to fill hard disk
The feud between NightmareEclipse and Microsoft shows no signs of resolving soon.
科技前沿
Microsoft fixes storage-hogging Windows 11 folder
Microsoft is addressing a Windows 11 bug that caused a folder to take up several gigabytes of storage space. As spotted earlier by Windows Latest, Microsoft included the patch in its optional June 2026 update (KB5095093), which "improves disk space usage for the CapabilityAccessManager.db-wal file." The CapabilityAccessManager.db-wal file is installed on Windows 11 PCs by […]
科技前沿
Microsoft adds another year to Windows 10 extended update program
About a quarter of PCs are still running Microsoft's previous operating system.
AI 资讯
Windows Platform Security and the Race to Secure AI Agents
In a new Windows Developer Blog post titled "Windows platform security for AI agents", Microsoft positions Windows as the trustworthy operating system for autonomous agents and introduces the Microsoft Execution Containers (MXC) SDK as the core of that strategy. The post argues that containment, identity and manageability must be built into the operating system. By Matt Saunders
AI 资讯
How to Call Windows Native APIs in Electron
How to Call Windows Native APIs in Electron Calling Windows native APIs in an Electron app feels like wanting to see the ocean but only having a map. After some trial and error, I've found a few paths—writing this article serves as a record and a guide for others who might follow. Background When building Electron desktop applications, you inevitably need to interact with the operating system. On Windows, these requirements are quite common: Calling Windows Store APIs for in-app purchases Handling file system virtualization specific to Windows Store apps Obtaining system-level permissions and resources Interacting with Windows Runtime (WinRT) components Electron is fundamentally a Node.js environment, and Node.js doesn't natively provide direct access to Windows native APIs. A bridge is needed between the two. It's like trying to communicate with a friend who doesn't speak Chinese—you need a translator. Electron is written in JavaScript, Windows APIs in C/C++. The language barrier requires building a bridge. That's the harsh reality of the code world. About HagiCode The solutions shared in this article come from our practical experience with the HagiCode project. HagiCode Desktop needs to call Microsoft Store APIs to handle subscription purchases and license management, which is why we developed a set of technical solutions. After all, necessity drives innovation—that's a truth. Technical Solution Comparison When calling Windows native APIs in Electron, there are several mainstream approaches to choose from. Each has its applicable scenarios—like different tools in a toolbox, they work best when used in the right place, otherwise just add trouble. Solution Applicable Scenarios Pros Cons dynwinrt WinRT APIs (e.g., Store API) Type-safe, auto-generated bindings, modern JavaScript support Only supports WinRT APIs, requires Windows SDK Native Node.js Extensions High performance, any Windows API Complete control, optimal performance Requires C++ development skills, comple
AI 资讯
Vercel Labs Open-Sources Zero-Native: A Zig-Based Cross-Platform Native Application Framework
Vercel Labs recently open-sourced zero-native, a cross-platform framework for native desktop applications. Zero-native bypasses Electron runtime in favor or native OS WebViews and claims to achieve smaller, more efficient native apps with minimal overhead. Zero-native is written in Zig, thus directly interoperates with native C libraries, and features fast incremental compilation times. By Bruno Couriol
AI 资讯
Why I built a native libmpv IPTV player for Windows — an HDR tone-mapping deep-dive
Up front, so there's no confusion: the app I'm describing (Nightmare TV) is a player only . You bring your own M3U / Xtream Codes playlist — it ships with no channels and no content. This post is about the playback engineering, not about where streams come from. Think "VLC for IPTV," not a content service. The problem that started it I watch a lot of live content on my PC — sports, mostly. And every IPTV player I tried on Windows fell into one of two buckets: An Android app running in an emulator. TiviMate and the good mobile players are Android-only, so on a desktop you end up in an emulator or a VM. Input lag, no real HDR path, fans spinning. A thin ExoPlayer / libVLC wrapper. These run natively, but most of them treat HDR as "pass the HDR10 metadata to the display and hope." On an SDR panel — or even a lot of HDR panels — bright skies in a football match blow out to a flat white blob, and 4K HEVC with a DTS track stutters because the decode path isn't doing what you think it is. I wanted the thing that didn't exist: a native Windows player with a reference-grade video path. So I built it on libmpv — the same playback core mpv uses — with a Flutter desktop shell on top for the UI. This post is the part I actually find interesting: the HDR tone-mapping pipeline. Why HDR "just passing through" isn't enough HDR10 content is mastered in the PQ (ST.2084) transfer function against a mastering display — often 1000 nits, sometimes 4000. Your screen is whatever it is: a 350-nit SDR laptop, a 600-nit "HDR400" monitor, an 800-nit OLED. If you map PQ straight to the panel, everything above the panel's peak just clips — all the highlight detail collapses to maximum white. Tone-mapping is the process of intelligently compressing the mastering range into the display range so you keep highlight detail instead of clipping it. The naive version (a fixed curve, or clipping) is what most wrapper players ship. The good version adapts to both the content and the display. The pipeline H
AI 资讯
I built a Brave debloater that refuses to brick your browser
(yes, its open source. link at the bottom, if u want to skip ahead!) Most "debloat scripts" are a pile of registry edits you run as admin and pray. No preview, no undo, and half of them happily disable Safe Browsing or updates for "performance." For your browser, the most security-sensitive app you run, that's reckless. So I built BraveDebloater with one rule: never make Brave less safe. It clears out the noise like Rewards, Wallet, VPN nags, Leo AI prompts, News, and telemetry such as P3A, Web Discovery, and Chromium metrics. But it flat-out refuses to disable Shields, weaken Safe Browsing, turn off updates, or touch your hosts file. That isn't a README promise. It's enforced in the tool itself. A few things that make it trustworthy: Dry-run by default. Nothing changes until you explicitly apply. Official Brave/Chromium enterprise policies, so every change is visible and auditable in brave://policy instead of hidden. Automatic backups before any change, written safely so you never end up with a corrupted file. Validated restore that checks the backup before writing anything and only touches Brave's own policy and profile files. Doctor mode, a read-only health check of your current policy state with no writes. It's MIT-licensed, PowerShell 5.1 compatible, and has a few beginner-friendly issues open. If you care about privacy or Windows tooling, I'd love a star and a PR. Check it out at: https://github.com/osfv/BraveDebloater
AI 资讯
Nvidia is already planning N2X and N3X chips — the goal is the Star Trek computer
Just in case you were wondering, Nvidia's RTX Spark isn't supposed to be a one-off. The company is not just flirting with becoming the fifth high-profile vendor of consumer laptop chips to see if people bite. At Computex 2026 in Taipei, Nvidia CEO Jensen Huang confirmed at least two additional generations of RTX Spark are […]
AI 资讯
Zero-Day Exploit Against Windows BitLocker
It’s nasty , but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments...