All news with #patch release tag

⚠️ Siemens SCALANCE W-700 series devices with firmware earlier than V6.6.0 are affected by multiple security vulnerabilities. Siemens released firmware V6.6.0 to address these issues and urges operators to update affected units promptly. Temporary mitigations include reducing Wi‑Fi power, restricting physical access, disabling A‑MSDU if available, and minimizing network exposure of control devices. Several flaws could allow remote attackers to execute actions or cause denial of service; some carry high or critical CVSS scores.

⚠️Microsoft has released out-of-band updates to address multiple issues affecting Windows Server systems after the April 2026 cumulative patches. An installation failure impacting KB5082063 on Windows Server 2025 and LSASS crashes that can force domain controllers into restart loops are the primary problems. Microsoft published OOB fixes for Server 2025 (KB5091157) — which resolves both issues — and separate updates for 23H2, 2022, 2019, 2016 and Azure hotpatch editions; some Server 2025 devices may also enter BitLocker recovery after KB5082063.

⚠️ Maintainers of Thymeleaf released a patch addressing a critical Server-Side Template Injection (SSTI) vulnerability, tracked as CVE-2026-40478, that allows unauthenticated attackers to execute expressions and run code. The flaw bypasses Thymeleaf’s sandbox protections by exploiting control characters in expressions and improper class restrictions. All versions prior to 3.1.4.RELEASE are affected, there is no workaround, and organizations should upgrade immediately.

🔴 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that a high-severity Apache ActiveMQ flaw, CVE-2026-34197, is being actively exploited in attacks. The bug, present for 13 years, allows authenticated attackers to execute arbitrary code via improper input validation and injection. Apache released patches on March 30 for ActiveMQ Classic 6.2.3 and 5.19.4, and CISA added the CVE to its KEV catalog, ordering federal agencies to patch by April 30.

⚠️ Administrators using Cisco Webex Services with SSO integrated via Control Hub must upload a new identity provider (IdP) SAML certificate to remediate a critical impersonation vulnerability (CVE-2026-20184). Cisco has patched the cloud-side service, but affected customers must perform the configuration change in Control Hub; there are no workarounds. Cisco also released critical fixes for ISE and ISE-PIC addressing remote code execution and path traversal flaws that require patching and credential hygiene.

🔒 Cisco released updates addressing four critical vulnerabilities, including a fixed improper certificate validation bug in Webex Services SSO integration (CVE-2026-20184) that could enable user impersonation via crafted tokens. While Cisco patched the service-side defect, customers using SSO must upload a new SAML certificate for their IdP into Control Hub to avoid service interruptions. The company also fixed three critical ISE flaws that require administrative credentials to exploit.

🛡️ Cisco has released updates to address four critical vulnerabilities across Webex Services and Identity Services Engine (ISE) that could permit arbitrary code execution and user impersonation. A cloud-side SSO certificate validation flaw (CVE-2026-20184, CVSS 9.8) can allow unauthenticated impersonation, while three ISE input validation issues (CVE-2026-20147, CVE-2026-20180, CVE-2026-20186; CVSS 9.9) enable remote command or code execution when an attacker has appropriate credentials. Cisco provides specific patch levels and migration guidance and advises customers to apply updates or upload a new IdP SAML certificate to Control Hub where applicable.

🔐 Microsoft confirmed that some Windows Server 2025 devices may boot into BitLocker recovery after installing the April 2026 security update KB5082063. The issue affects very specific enterprise configurations where a Group Policy or registry setting includes PCR7 in the TPM platform validation profile while System Information reports Secure Boot State PCR7 Binding as 'Not Possible' and the Windows UEFI CA 2023 certificate is present but the 2023-signed Boot Manager is not yet running. Microsoft says the recovery key entry is required only once and has published workarounds: remove the Group Policy before deployment or apply a Known Issue Rollback (KIR) to prevent triggering BitLocker recovery.

🛠️ Microsoft has fixed a known issue that caused systems running Windows Server 2019 and 2022 to unexpectedly upgrade to Windows Server 2025. The problem was first acknowledged in September 2024 after widespread reports from administrators, and Microsoft says it has re-enabled the in-place upgrade offer via the Settings app. Microsoft previously cited third-party update management configuration, while some vendors said the root cause was a procedural error on Microsoft's side.

🔒 Microsoft has added new protections in the April 2026 cumulative updates to help block malicious Remote Desktop (.rdp) files commonly used in phishing campaigns. After the update users see a one-time educational prompt and, on subsequent opens, a security dialog that lists local resource redirections with every option disabled by default. Unsigned files receive a 'Caution: Unknown remote connection' warning and unknown publisher label. Administrators can temporarily disable the dialog via a registry policy but Microsoft advises keeping the protections enabled.

🔒 Microsoft has released the Windows 10 KB5082200 extended security update to address the April 2026 Patch Tuesday fixes, including two zero-day vulnerabilities. After installation, Windows 10 is updated to build 19045.7184 and Windows 10 Enterprise LTSC 2021 to build 19044.7184. The update adds Remote Desktop (.rdp) phishing protections, introduces dynamic Secure Boot status indicators in Windows Security, and fixes BitLocker recovery issues on certain Intel Connected Standby devices. Devices enrolled in ESU or running Enterprise LTSC can install via Windows Update.

🛡️ Microsoft has released cumulative updates KB5083769 (25H2/24H2) and KB5082052 (23H2) for Windows 11 as part of the April 2026 Patch Tuesday. These mandatory updates deliver security fixes, bug repairs, and several feature refinements, including the ability to toggle Smart App Control without a clean install and richer Narrator image descriptions on Copilot-enabled systems. After installation, affected builds update to 26200.8246 / 26100.8246 (25H2/24H2) and 22631.6936 (23H2). Install through Settings > Windows Update or the Microsoft Update Catalog.

🔒 Adobe released an emergency security update to fix a zero-day tracked as CVE-2026-34621, which has been exploited since at least December to bypass Acrobat/Reader sandbox protections. The flaw lets malicious PDFs invoke privileged JavaScript APIs (for example util.readFileIntoStream() and RSS.addFeed()) to read local files and exfiltrate data with no user interaction beyond opening the file. Affected versions of Acrobat DC, Acrobat Reader DC and Acrobat 2024 have fixes available; Adobe urges users to update via Help > Check for Updates or by downloading the installer.

⚠️Researchers from Cyera disclosed a high-severity authorization bypass in Docker Engine (CVE-2026-34040) that allows attackers with Docker API access to evade third-party AuthZ plug-ins and execute privileged commands on hosts. The flaw, rated 8.8 on the CVSS scale, was fixed in Docker Engine 29.3.1 and Docker Desktop 4.66.1. As an interim mitigation, administrators can filter malicious requests by limiting API request size (for example, blocking requests over 512KB) until patches are deployed.

🔔 Amazon RDS for SQL Server now supports the latest Microsoft cumulative updates (CU) and General Distribution Release (GDR) packages for SQL Server 2016 SP3, 2017, 2019, and 2022. The GDRs remediate security issues tracked as CVE-2026-21262 and CVE-2026-26115. AWS recommends upgrading RDS instances via the Management Console, AWS SDK, or CLI to apply these fixes. See the Microsoft KBs and the Amazon RDS SQL Server User Guide for upgrade guidance.

🔧 Microsoft has deployed a server-side fix after a Bing update disrupted Windows 11 23H2 Start Menu search on a small number of devices. The issue, first noted around April 6 and reportedly seen by some users for months, produced blank but clickable search results. Microsoft rolled back the problematic server-side Bing update and says reports of failures are decreasing; the company advises ensuring the device is online and that Web Search has not been disabled by Group Policy.

🛡️ Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL 17.9, 16.13, 15.17, and 14.22, which include community bug fixes and Aurora-specific enhancements. We recommend upgrading to the latest minor versions to address known security vulnerabilities and improve stability. Use automatic minor version upgrades, scheduled maintenance windows, the AWS Organizations Upgrade Rollout Policy, and Aurora's zero-downtime patching to perform phased, low-impact upgrades at scale.

🛡️ Google has patched a fourth zero-day in Chrome this year, addressing CVE-2026-5281 in Dawn, the browser's WebGPU implementation, which allowed remote code execution via a crafted HTML page when the renderer process was compromised. The company confirmed an exploit exists in the wild and urges users to update to Chrome 146.0.7680.178 or newer. This fix follows earlier 2026 patches for CSS memory handling, the Skia graphics library, and the V8 JavaScript engine.

🔒 Apple has widened rollout of iOS 18.7.7 and iPadOS 18.7.7 to more devices, enabling users who remain on iOS 18 to receive critical fixes without upgrading to iOS 26. The broadened distribution, announced on April 1, addresses vulnerabilities exploited by the DarkSword exploit kit in web-based watering‑hole attacks. Devices with automatic updates will be patched automatically; others can update manually. Researchers warn the toolkit has been linked to multiple threat actors and to payloads such as GhostBlade, GhostKnife and GhostSaber, and that a public leak raises the risk of wider abuse.

🔒 Cisco has released patches for a critical Integrated Management Controller (IMC) authentication bypass (CVE-2026-20093) that allows unauthenticated, remote attackers to gain Admin privileges by sending a crafted HTTP password-change request. The flaw affects CIMC on UCS C-Series and E-Series servers and permits altering any account password, including Admin. Cisco's PSIRT reports no known in-the-wild exploitation or public proof-of-concept yet and stresses there are no workarounds, so customers should upgrade to fixed software immediately.