The Information Machine

OpenAI Codex Enterprise Push: Mobile Launch, Windows Sandbox, and Customer Stories · history

Version 11

2026-05-30 09:08 UTC · 461 items

What

OpenAI's enterprise Codex push continued through late May 2026 with a new customer case study (Braintrust: 50% engineering team adoption in one month [11]) and a major capability expansion: Computer Use on Windows, enabling Codex to control the Windows desktop via GUI automation [29][17][30]. The Computer Use launch was immediately met with widespread community reports of sandbox setup failures and crashes [16][17][18][19], and a researcher separately documented that the Codex CLI's sandbox can be escaped via tmux [15] — a distinct issue from the still-unresolved CVE-2025-59532 [13][14]. The enterprise case study library now spans seven named deployments across coding, finance, travel, developer tools, IT services, tax filing, and AI evaluation — all from OpenAI-controlled sources with no independent verification.

Why it matters

Computer Use on Windows marks a qualitative shift from code editing into general desktop automation, relevant to the finance and operations desks that dominate enterprise Windows environments [?]. But the feature's rocky launch, an unpatched command injection, and a newly documented CLI sandbox escape together suggest the platform is shipping capabilities faster than it can maintain security guarantees — a pattern enterprise buyers in regulated industries will need to weigh against the productivity claims in OpenAI's growing case study library.

Open questions

  • CVE-2025-59532 remains unpatched with a public Docker-based proof-of-concept [13][14], and the Codex CLI's sandbox can be escaped via tmux [15] — has OpenAI acknowledged either issue with a remediation timeline or patched CLI version?

  • Codex Computer Use on Windows launched with widespread, independently reported sandbox setup failures [16][17][18][19] — what is the feature's actual stability status, and what security review governed shipping desktop-level GUI control?

  • Cisco's 10-15x defect throughput claim [8] is the most dramatic productivity metric in the case study library — on what methodology, codebase size, and measurement period does it rest, and has any independent party reviewed it?

  • Ramp's May 2026 AI Index reports Anthropic overtook OpenAI in business AI adoption [23][24] — on what methodology (spend share, seat count, or usage volume) does this rest, and does it cover Codex-specific enterprise deployments?

Narrative

OpenAI launched Codex as a production enterprise coding platform across April–May 2026, growing from 3 million to over 4 million weekly active developers [1] and naming seven global systems integrators as partners: Accenture, Capgemini, CGI, Cognizant, Infosys, PwC, and TCS. The platform expanded across channels: mobile apps on iOS and Android on May 14 [2], a Windows app on May 16 [3], and an on-premises and hybrid deployment partnership with Dell Technologies on May 18 [4]. A Gartner Magic Quadrant Leader designation on May 22 [5] marked OpenAI's first entry into the category alongside three-time incumbent GitHub and Cursor, confirmed furthest right on completeness of vision [6].

A rapid sequence of customer case studies extended the deployment record through late May. Virgin Atlantic reports a 78-80% reduction in legacy codebase size with zero P1 defects at mobile app launch [7]; Cisco reports a 10-15x increase in defect resolution throughput on large C/C++ codebases with over 1,500 engineering hours saved monthly [8]; Warp reports agents co-creating approximately 90% of internal pull requests alongside 35x ARR growth [9]; Endava describes itself as an 'agentic organization' compressing requirements processes from weeks to two one-hour meetings [10]; and Braintrust reports 50% engineering team adoption within one month and a shift toward real-time customer feature ideation, with engineers writing test cases and letting Codex run autonomously rather than prompting step by step [11]. Every performance figure originates from OpenAI-controlled or co-published materials, with no independent technical verification.

The platform's security posture has accumulated challenges. OpenAI published 'Running Codex safely at OpenAI' on May 8 as an enterprise reference model [12], but CVE-2025-59532 was independently confirmed as a command injection with a public Docker-based proof-of-concept two weeks later [13][14]. A researcher documented that the Codex CLI disregards its sandbox when tmux is used, allowing access to bash sessions opened outside the sandbox boundary [15]. The launch of Computer Use on Windows around May 29 — enabling Codex to control the Windows desktop via GUI automation — was accompanied by immediate widespread community reports of sandbox setup failures, spawn errors, and crashes [16][17][18][19], with no confirmed remediation for any of these issues.

The competitive and financial picture adds friction to OpenAI's enterprise momentum narrative. Multiple sources report Q1 2026 revenue at approximately $5.7B with Codex cited as a growth driver [20][21], but a critical analysis reports a -122% Non-GAAP operating margin [22] and Ramp's AI Index reports Anthropic has overtaken OpenAI in business AI adoption [23][24]. Infosys, one of seven named GSI partners, publicly positions as model-agnostic [25]; UiPath treats Codex, Claude Code, and GitHub Copilot as interchangeable selectable components [26][27]; and GitHub's Agent HQ formally treats Claude and Codex as equivalent selectable agents [28] — a consistent pattern suggesting Codex is being absorbed into existing orchestration layers rather than adopted as a distinct platform.

Timeline

  • 2026-04-21: OpenAI reports 4M+ weekly active developers, launches Codex Labs, and names seven GSI partners in 'Scaling Codex to enterprises worldwide' [1][50]
  • 2026-05-06: OpenAI publishes B2B Signals research (frontier firms use 3.5x more AI per worker) and Singular Bank case study (60-90 min daily banker savings) [32][33]
  • 2026-05-08: OpenAI publishes 'Running Codex safely at OpenAI' as an enterprise security reference model documenting sandboxing, approvals, and agentic telemetry [12]
  • 2026-05-14: Codex launches in ChatGPT mobile app on iOS and Android in preview; Sea Limited case study published [2][51][52]
  • 2026-05-15: OpenAI publishes engineering retrospective on the Windows sandbox, detailing rejected security primitives and the final composed architecture [36]
  • 2026-05-16: Codex Windows app launches in Microsoft Store; community user reports Codex wiped files on their machine [3][53]
  • 2026-05-18: OpenAI and Dell Technologies announce partnership to deploy Codex in hybrid and on-premises enterprise environments [4][46][47]
  • 2026-05-20: UiPath launches enterprise platform treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components; Infosys publicly positions as model-agnostic [26][27][25]
  • 2026-05-21: GitHub officially launches Claude and Codex as selectable agents in Agent HQ; GPT-5.3-Codex reported as new base model for Copilot Business and Enterprise [28][40][54]
  • 2026-05-22: Gartner 2026 Magic Quadrant names OpenAI, GitHub, and Cursor as Leaders (Cursor furthest right); CVE-2025-59532 disclosed; Virgin Atlantic case study published with 78-80% codebase reduction and zero P1 defects [5][6][39][55][56][7]
  • 2026-05-23: Check Point Research characterizes CVE-2025-59532 as command injection; public Docker-based proof-of-concept published; Codex Security research preview announced [14][13][37]
  • 2026-05-24: Dell confirms Grok 2.5 deployment on identical infrastructure as Codex; GPT-5.5 rolls out; Codex Security reports 1.2M commits scanned and 10,561 high-severity issues [45][57][38]
  • 2026-05-25: Multiple sources report OpenAI Q1 2026 revenue at ~$5.7B; critical analysis reports -122% Non-GAAP operating margin; Ramp AI Index reports Anthropic has overtaken OpenAI in business AI adoption [20][22][21][23][24]
  • 2026-05-27: Cisco (10-15x defect throughput, feature timelines from quarters to weeks), Warp (90% agent-created PRs, GPT-5.5 uses 30% fewer tokens than GPT-5.4), and Thrive/Crete tax-filing agent case studies published [8][9][35]
  • 2026-05-28: Endava case study published; company describes itself as an 'agentic organization' compressing requirements processes from weeks to two one-hour meetings [10]
  • 2026-05-29: Braintrust case study published (50% engineering adoption in one month, real-time customer feature ideation); Codex Computer Use launches on Windows enabling desktop GUI control; community users immediately report widespread sandbox setup failures and a CLI sandbox escape via tmux is documented [11][17][30][18][16][19][15]
  • 2026-05-30: Additional Windows Computer Use failures confirmed; user advises disabling sandbox for the feature to function; German-language report confirms Computer Use desktop control capability [58][29][59]

Perspectives

OpenAI (product and marketing)

Positions Codex as a production-ready, cross-platform enterprise platform with broad industry adoption, rapid user growth, expanding GSI and hardware partnerships, Gartner Leader recognition, and explicit ambition to serve knowledge work across regulated and professional domains [1][32][4][5].

Evolution: Braintrust [11] is the seventh named customer case study, extending coverage to AI evaluation platforms and framing agentic coding as enabling real-time customer collaboration — a qualitative workflow shift claim, not just a throughput number. Computer Use on Windows marks the first expansion of Codex into full desktop GUI automation [29].

OpenAI (engineering and security)

Published 'Running Codex safely at OpenAI' as an enterprise reference model [12] and a candid Windows sandbox architecture retrospective [36], while Codex Security preview extended the security-tooling narrative [37][38].

Evolution: The security posture has accumulated three unresolved issues: CVE-2025-59532 confirmed as command injection with public proof-of-concept [14][13], CLI sandbox escape via tmux documented [15], and Computer Use on Windows launching with widespread sandbox failures [16][18] — none with confirmed remediation, placing all three in direct tension with the May 8 security reference post.

GitHub / Microsoft

GitHub earned its third consecutive Gartner Magic Quadrant Leader designation [39] and formally launched Claude and Codex as selectable agents in Agent HQ [28][40]; Microsoft published Azure documentation for cloud-sovereign Codex deployment [41].

Evolution: Consistent; three-year incumbency frames OpenAI's entry as joining an established market rather than defining one.

Cursor

Named a Leader in the 2026 Gartner Magic Quadrant and confirmed as positioned furthest to the right on completeness of vision among all three Leaders [6].

Evolution: Consistent.

Dell Technologies

Multi-model infrastructure broker enabling on-premises and hybrid AI deployment across vendors — confirmed deploying both Codex for OpenAI [4] and Grok 2.5 for xAI [45] on identical Dell AI Factory infrastructure with no disclosed exclusivity.

Evolution: Consistent; Dell's own blog confirms the multi-vendor arrangement [45].

Security researchers and community (Check Point Research, Cymulate, users)

Check Point Research independently characterized CVE-2025-59532 as command injection [14]; a public Docker-based proof-of-concept exists [13]; a researcher documented CLI sandbox escape via tmux [15]; community users reported Windows Computer Use crashes and spawn failures [16][18][19]; one user explicitly asked OpenAI whether the ASL-corruption sandbox bug had been fixed before installing [48].

Evolution: Two new unresolved issues this period (tmux escape [15], Computer Use failures [16][18]) added to the existing CVE — the cumulative security concern has grown without any corresponding confirmed remediation.

Independent market data (Ramp AI Index)

Ramp's May 2026 AI Index reports Anthropic has overtaken OpenAI in business AI adoption [23][24], providing transaction-data-based evidence in direct tension with OpenAI's enterprise momentum claims.

Evolution: Consistent; unchanged.

Enterprise automation platforms (UiPath, GitHub)

UiPath treats Codex, Claude Code, and GitHub Copilot as interchangeable selectable components [26][27]; GitHub Agent HQ formally treats Claude and Codex as equivalent selectable agents [28] — absorbing Codex into existing orchestration layers rather than adopting it as a standalone platform.

Evolution: Consistent; commoditization pattern unchanged.

Tensions

  • OpenAI published 'Running Codex safely at OpenAI' as an enterprise security reference [12], but CVE-2025-59532 was confirmed as command injection with a public proof-of-concept [14][13], the CLI sandbox can be escaped via tmux [15], and Computer Use on Windows launched with widespread sandbox failures [16][18] — none with confirmed remediation. [12][13][14][16][18][15]
  • OpenAI's scale narrative claims 4M+ weekly active developers and ~$5.7B Q1 2026 revenue with Codex as a driver [1][20], while Ramp's AI Index reports Anthropic has overtaken OpenAI in business AI adoption [23][24] and a critical analysis reports a -122% Non-GAAP operating margin [22]. [1][20][22][23][24]
  • The 2026 Gartner Magic Quadrant provided OpenAI its first major analyst validation [5], but GitHub earned the same Leader designation for the third consecutive year [39] and Cursor is confirmed furthest right [6], reflecting category maturity across incumbents rather than a breakthrough for any new entrant. [5][39][6]
  • OpenAI markets Codex as a uniquely positioned enterprise platform, but Infosys — one of its seven named GSI partners — publicly positions as model-agnostic [25], UiPath bundles Codex alongside Claude Code and GitHub Copilot as interchangeable components [26][27], and Dell simultaneously deploys Grok 2.5 on identical infrastructure [45]. [26][27][25][45]
  • All named enterprise performance claims — Cisco's 10-15x defect throughput [8], Virgin Atlantic's 78-80% codebase reduction [7], Warp's 90% agent-created PRs [9], Braintrust's 50% adoption in one month [11] — originate exclusively from OpenAI-controlled or co-published materials, with no independent technical verification. [7][8][9][10][11]
  • OpenAI frames Codex as expanding from coding into knowledge work and now into full desktop GUI automation via Computer Use on Windows [29], but the feature launched with widespread failures [16][18] and UiPath absorbs Codex as one component in its enterprise automation orchestration [27] — raising whether Codex is expanding into adjacent territory or being subsumed by existing platforms. [29][16][18][27][28]

Sources

  1. [1] Scaling Codex to enterprises worldwide — OpenAI Blog (2026-04-21)
  2. [2] Work with Codex from anywhere — OpenAI Blog (2026-05-14)
  3. [3] OpenAI Codex Arrives on Windows with Native Sandbox and Agentic Workflows | Windows Forum — reactive:openai-codex-enterprise-rollout
  4. [4] OpenAI and Dell partner to bring Codex to hybrid and on-premise enterprise environments — OpenAI Blog (2026-05-18)
  5. [5] OpenAI named a Leader in enterprise coding agents by Gartner — OpenAI Blog (2026-05-22)
  6. [6] Cursor is a leader in the 2026 Gartner Magic Quadrant for Enterprise AI Coding Agents, positioned furthest to the right ... — reactive:coding-agent-industry-pivot (2026-05-22)
  7. [7] How Virgin Atlantic ships faster with Codex — OpenAI Blog (2026-05-22)
  8. [8] Cisco and OpenAI redefine enterprise engineering with Codex — OpenAI Blog (2026-05-27)
  9. [9] Warp’s big bet on building open source with GPT-5.5 — OpenAI Blog (2026-05-27)
  10. [10] How Endava builds an agentic organization with Codex — OpenAI Blog (2026-05-28)
  11. [11] How Braintrust turns customer requests into code with Codex — OpenAI Blog (2026-05-29)
  12. [12] Running Codex safely at OpenAI — OpenAI Blog (2026-05-08)
  13. [13] GitHub - baktistr/cve-2025-59532-poc: A Docker-based research ... — reactive:openai-codex-enterprise-rollout
  14. [14] OpenAI Codex CLI Vulnerability: Command Injection — reactive:openai-codex-enterprise-rollout
  15. [15] Reminder that @OpenAI Codex CLI disregards its sandbox when using tmux: Codex will use the bash session opened in anoth... — reactive:openai-codex-enterprise-rollout (2026-05-29)
  16. [16] @daniel_mac8 No. Codex never works on my Windows. Somehow it stuck at Agent Sandbox set up and cant do anything. Shitty ... — reactive:openai-codex-enterprise-rollout (2026-05-29)
  17. [17] @OpenAI Codex Desktop Computer Use on Windows won’t start. — reactive:openai-codex-enterprise-rollout (2026-05-29)
  18. [18] @CodexReleases Codex Computer Use на Windows не запускался: windows sandbox failed: spawn setup refresh. Причина была в ... — reactive:openai-codex-enterprise-rollout (2026-05-29)
  19. [19] @gdb Bug Report. Codex is not working. It keeps asking for Agent Sandbox setup again and again. I'm on Windows 11 machin... — reactive:openai-codex-enterprise-rollout (2026-05-28)
  20. [20] PYMNTS | OpenAI’s Codex Helps Drive Nearly $6 Billion Quarter — reactive:openai-codex-enterprise-rollout
  21. [21] OpenAI Posts $5.7B Q1 Revenue, Leads Anthropic | Let's Data Science — reactive:openai-codex-enterprise-rollout
  22. [22] News: OpenAI Had A Negative 122% Non-GAAP Operating Margin ... — reactive:openai-codex-enterprise-rollout
  23. [23] Anthropic finally beat OpenAI in business AI adoption - VentureBeat — reactive:enterprise-ai-coding-battle
  24. [24] Anthropic beats OpenAI on business adoption - Ramp — reactive:enterprise-ai-coding-battle
  25. [25] Infosys Partners with OpenAI on Codex | CRN India posted on the ... — reactive:openai-codex-enterprise-rollout
  26. [26] UiPath Launches Enterprise Platform for Claude Code, OpenAI Codex, Copilot, and More - https://t.co/BKLcG2k1oK @UiPath @... — reactive:openai-codex-enterprise-rollout (2026-05-20)
  27. [27] UiPath opens its platform to every coding agent - here's why Claude Code and Codex go first — reactive:openai-codex-enterprise-rollout
  28. [28] Pick your agent: Use Claude and Codex on Agent HQ — reactive:openai-codex-enterprise-rollout
  29. [29] OpenAI bringt Computer Use auf Windows: Codex steuert ab sofort den echten Desktop, bedient Fenster, startet Programme, ... — reactive:openai-codex-enterprise-rollout (2026-05-30)
  30. [30] Выпустили Codex Computer Use на Windows, но у меня сразу упал 😄 — reactive:openai-codex-enterprise-rollout (2026-05-29)
  31. [32] How frontier enterprises are building an AI advantage — OpenAI Blog (2026-05-06)
  32. [33] Singular Bank helps bankers move fast with ChatGPT and Codex — OpenAI Blog (2026-05-06)
  33. [34] Get 2 months of Codex for your enterprise, free — reactive:openai-codex-enterprise-rollout (2026-05-13)
  34. [35] Building self-improving tax agents with Codex — OpenAI Blog (2026-05-27)
  35. [36] Building a safe, effective sandbox to enable Codex on Windows — OpenAI Blog (2026-05-15)
  36. [37] Codex Security: now in research preview - OpenAI — reactive:openai-codex-enterprise-rollout
  37. [38] OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues — reactive:openai-codex-enterprise-rollout
  38. [39] GitHub recognized as a Leader in the Gartner® Magic Quadrant ... — reactive:openai-codex-enterprise-rollout
  39. [40] Claude and Codex are now available in public preview on GitHub — reactive:openai-codex-enterprise-rollout
  40. [41] Codex with Azure OpenAI in Microsoft Foundry Models — reactive:openai-codex-enterprise-rollout
  41. [42] Third-party agents in Visual Studio Code — reactive:openai-codex-enterprise-rollout
  42. [43] GitHub Copilot · Agents on GitHub — reactive:openai-codex-enterprise-rollout
  43. [44] Cursor named a Leader in the 2026 Gartner® Magic Quadrant™ for ... — reactive:openai-codex-enterprise-rollout
  44. [45] Grok 2.5 and Dell AI Factory Power AI Revolution | Dell — reactive:openai-codex-enterprise-rollout
  45. [46] OpenAI and Dell Technologies partner to bring Codex to hybrid and on-premises enterprise environments | OpenAI https://t... — reactive:openai-codex-enterprise-rollout (2026-05-20)
  46. [47] OpenAI and Dell Collaborate to Deploy Codex in Hybrid and On-Premise Enterprise Settings — reactive:openai-codex-enterprise-rollout (2026-05-20)
  47. [48] @OpenAI Did you fix Sandbox on Windows so it will not corrupt ASL? I am scary to install Codex on Windows... — reactive:openai-codex-enterprise-rollout (2026-05-29)
  48. [49] @argofowl There's a shitton of issues on Windows. It's not even sandbox related, Codex App just becomes straight unusabl... — reactive:openai-codex-enterprise-rollout (2026-05-27)
  49. [50] OpenAI leans on global consultancies to expand Codex use in large ... — reactive:openai-codex-enterprise-rollout
  50. [51] Sea's View on the Future of Agentic Software Development with Codex — OpenAI Blog (2026-05-14)
  51. [52] OpenAI says Codex is coming to your phone - TechCrunch — reactive:codex-practical-dev-tool
  52. [53] Built a Windows sandbox after Codex wiped files on my machine — reactive:openai-codex-enterprise-rollout
  53. [54] 🚨Codex CLI 0.133.0 is out! — reactive:openai-codex-enterprise-rollout (2026-05-21)
  54. [55] CVE-2025-59532 Detail - NVD — reactive:openai-codex-enterprise-rollout
  55. [56] Codex has sandbox bypass due to bug in path configuration logic — reactive:openai-codex-enterprise-rollout
  56. [57] RT @OpenAI: GPT-5.5 is rolling out today for Plus, Pro, Business and Enterprise users across ChatGPT and Codex. — reactive:openai-codex-enterprise-rollout (2026-05-24)
  57. [58] here's a helpful tip if you want to use computer use on your windows computer using codex: don't enable the sandbox beca... — reactive:openai-codex-enterprise-rollout (2026-05-30)
  58. [59] Windows版Codexアプリの「コンピューターの使用」を試したら、GUI操作に入る前の接続確認で止まった。 — reactive:openai-codex-enterprise-rollout (2026-05-30)