OpenAI prepares to launch GPT-5 in August

is a senior editor and author of Notepad , who has been covering all things Microsoft, PC, and tech for over 20 years. Earlier this year, I heard that Microsoft engineers were preparing server capacity for OpenAI’s next-generation GPT-5 model, arriving as soon as late May. After some additional testing and delays, sources familiar with OpenAI’s plans tell me that GPT-5 is now expected to launch as early as next month. OpenAI CEO Sam Altman recently revealed on X that “we are releasing GPT-5 soon” and even teased some of its capabilities in a podcast appearance with Theo Von earlier this week. Altman decided to let GPT-5 take a stab at a question he didn’t understand. “I put it in the model, this is GPT-5, and it answered it perfectly,” Altman said. He described it as a “here it is moment,” adding that he “felt useless relative to the AI” because he felt like he should have been able to answer the question but GPT-5 answered it instantly. “It was a weird feeling.” GPT-5 had already been spotted in the wild before Altman’s appearance on This Past Weekend, fueling speculation that the next-generation GPT model was imminent. I understand OpenAI is planning to launch GPT-5 in early August, complete with mini and nano versions that will also be available through its API. I reached out to OpenAI to comment on the launch of GPT-5 in August, but the company did not respond in time for publication. Altman referred to GPT-5 as “a system that integrates a lot of our technology” earlier this year, because it will include the o3 reasoning capabilities instead of shipping those in a separate model. It’s part of OpenAI’s ongoing efforts to simplify and combine its large language models to make a more capable system that can eventually be declared artificial general intelligence, or AGI. The declaration of AGI is particularly important to OpenAI, because achieving it will force Microsoft to relinquish its rights to OpenAI revenue and its future AI models. Microsoft and OpenAI have been renegotiating their partnership recently, as OpenAI needs Microsoft’s approval to convert part of its business to a for-profit company. It’s unlikely that GPT-5 will meet the AGI threshold that’s reportedly linked to OpenAI’s profits. Altman previously said that GPT-5 won’t have a “gold level of capability for many months” after launch. Unifying its o-series and GPT-series models will also reduce the friction of having to know which model to pick for each task in ChatGPT. I understand that the main combined reasoning version of GPT-5 will be available through ChatGPT and OpenAI’s API, and the mini version will also be available on ChatGPT and the API. The nano version of GPT-5 is expected to only be available through the API. While GPT-5 looks likely to debut in early August, OpenAI’s planned release dates often shift to respond to development challenges, server capacity issues, or even rival AI model announcements and leaks. Earlier this month, I warned about the possibility of a delay to the open language model that OpenAI is also preparing to launch, and Altman confirmed my reporting just days after my Notepad issue by announcing a delay “to run additional safety tests and review high-risk areas.” I’m still hearing that this open language model is imminent and that OpenAI is trying to ship it before the end of July — ahead of GPT-5’s release. Sources describe the model as “similar to o3 mini,” complete with reasoning capabilities. This new model will be the first time that OpenAI has released an open-weight model since its release of GPT-2 in 2019, and it will be available on Azure, Hugging Face, and other large cloud providers. Microsoft is in the security hot seat again Microsoft made security its top priority last year, following years of security issues and mounting criticism after a scathing report from the US Cyber Safety Review Board. The company has been working to improve its “inadequate” security culture ever since. But this week, we were reminded of Microsoft’s challenges once again. A major security flaw in Microsoft’s on-premises versions of SharePoint allowed hacking groups to exploit a zero-day vulnerability and breach more than 50 organizations — including the US nuclear weapons agency. Security researchers discovered the vulnerability was being exploited on July 18th, and Microsoft issued an alert a day later. Microsoft engineers then spent all weekend working on patches and released updates for SharePoint Subscription Edition and SharePoint 2019 late on July 20th. A patch for SharePoint 2016 servers was released on the morning of July 22nd. The previously unpatched flaw appears to have originated from a combination of two bugs that were presented at the Pwn2Own hacking contest in May. Microsoft has linked the attacks to two hacking groups that are affiliated with the Chinese government, but the company hasn’t disclosed exactly how hackers were able to bypass its patches to create a zero-day exploit. The security flaw was only exploitable through on-premises versions of SharePoint, so the Microsoft 365 version of SharePoint Online was unaffected. This certainly limited the scale of damage, but the targeted nature of these attacks will be hugely concerning for Microsoft and the company’s customers. It’s also likely to accelerate a move away from these older versions of SharePoint, which are in the extended support phase until July 2026. Complicating the concern around Microsoft’s security practices is a new report from ProPublica that warns of a little-known Microsoft program that could expose the US Defense Department to Chinese hackers. Microsoft has been using engineers in China to help maintain the department’s computer systems, with digital escorts that reportedly lack the technical expertise to properly police foreign engineers. It’s a troubling development after the Office of the Director of National Intelligence called China the “most active and persistent cyber threat to US Government, private-sector, and critical infrastructure networks.” On the same day the SharePoint exploit was discovered, Microsoft’s head of communications, Frank Shaw, responded to the ProRepublica report and announced changes to “assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.” Sources tell me that Microsoft’s escort program has now been locked down to only US-based employees for its government cloud data centers in Fairfax, Virginia. Microsoft’s entire threat protection teams were warned about the change on July 23rd, and there are “no exceptions” to the lockdown. Still, it’s surprising that such a program even existed, and Microsoft will now face some big questions around why it was using China-based engineers to maintain Defense Department systems. Sen. Tom Cotton has already asked the secretary of defense to look into Microsoft’s practices, and I’m sure Microsoft’s security teams are about to be busier than ever this summer. The pad: I’m always keen to hear from readers, so please drop a comment here, or you can reach me at [email protected] if you want to discuss anything else. If you’ve heard about any of Microsoft’s secret projects, you can reach me via email at [email protected] or speak to me confidentially on the Signal messaging app, where I’m tomwarren.01. I’m also tomwarren on Telegram, if you’d prefer to chat there. Thanks for subscribing to Notepad.