< ciso
brief />
Tag Banner

All news with #patch tuesday tag

134 articles

CISA directs federal patch for ColdFusion zero-day

πŸ”’ The U.S. Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch an actively exploited, maximum-severity vulnerability in Adobe ColdFusion (CVE-2026-48282) by Friday. Adobe published fixes for affected ColdFusion versions last week and urged administrators to install updates immediately. The flaw enables unauthenticated remote code execution in low-complexity attacks and has been observed in the wild soon after disclosure. CISA added the issue to its KEV catalog and invoked BOD 26-04 to enforce remediation timelines for FCEB agencies.
read more β†’

Bad Epoll kernel flaw lets local users become root

πŸ›‘οΈ A newly disclosed Linux kernel vulnerability, Bad Epoll (CVE-2026-46242), allows an ordinary local user to escalate privileges to root and affects Linux desktops, servers, and Android. The flaw is a use-after-free race in the epoll subsystem; the timing window is tiny but an exploit by researcher Jaeyoung Chung widens it and succeeds reliably. A fix is available upstream (commit a6dc643c6931) and distributions should backport it; kernels built on 6.4+ are affected unless patched.
read more β†’

Adobe adds second monthly Patch Tuesday cycle

πŸ›‘οΈ Adobe will publish security updates twice each month to address faster vulnerability discovery and exploitation. The company will keep its existing second-Tuesday schedule and add a fourth-Tuesday release starting July, applying to advisories with CVEs needing customer action. Adobe cited increased threats and investment in vulnerability discovery as drivers for the new cadence. The change mirrors industry trends toward more frequent patching.
read more β†’

CISA orders urgent patches for exploited Cisco and PLM flaws

πŸ”” The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has set a June 28 deadline under BOD 26-04 for federal agencies to patch a critical Cisco Unified Communications Manager Server SSRF vulnerability, CVE-2026-20230, which is being actively exploited. Cisco released a patch on June 3 and labeled the issue critical after a proof-of-concept existed; subsequent reports showed active attacks writing arbitrary files. CISA also added a critical RCE flaw, CVE-2026-12569, affecting PTC Windchill and FlexPLM products to its Known Exploited Vulnerabilities list, requiring immediate remediation.
read more β†’

Microsoft confirms Office launch issue after June updates

πŸ› οΈ Microsoft is investigating reports that certain third-party applications may be unable to launch Word, Excel, PowerPoint, Access, and other Office apps or open documents after installing Windows updates released on or after June 9, 2026. The problem affects apps that use OLE automation, sometimes causing Office apps or documents to fail to open without an error. Microsoft advises opening Office files directly or contacting Microsoft Support for Business for enterprise workarounds while a fix is developed.
read more β†’

CISA directs urgent patch for JCE Joomla flaw

πŸ›‘οΈ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability in the Widget Factory Joomla Content Editor (JCE) plugin, tracked as CVE-2026-48907, which is being actively exploited in the wild. The flaw allows unauthenticated attackers to upload and execute PHP code via new editor profiles in affected Joomla deployments. JCE released version 2.9.99.6 in early June and urged immediate updates, noting that updates do not remove existing compromises and outlining remediation steps for infected sites.
read more β†’

Microsoft fixes WUSA update failures in June patch

πŸ”§ Microsoft fixed a known issue causing Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. The bug affected enterprise Windows 11 24H2/25H2 and Windows Server 2025 devices when multiple .msu files were present on a network share, producing ERROR_BAD_PATHNAME. Microsoft mitigated the issue for home and non-managed business devices in September 2025 and delivered a full fix in the June 2026 cumulative updates (KB5079391, KB5094125).
read more β†’

June Patch Tuesday: Record CVE Count and Critical Fixes

πŸ”’ June Patch Tuesday brought an unprecedented wave of fixes: Microsoft released over 200 CVEs including three disclosed zero-days and 32 critical patches, while SAP and Adobe patched multiple high-severity enterprise flaws. Microsoft warns this increase may become the new normal as AI accelerates vulnerability discovery, urging risk-based prioritization and automated patching. Administrators should urgently assess critical kernel, Active Directory, Hyper-V, and Exchange fixes.
read more β†’

Microsoft fixes 200 CVEs in June Patch Tuesday

πŸ›‘οΈ Microsoft released June Patch Tuesday updates addressing 200 vulnerabilities, including three publicly disclosed zero-days. The release fixed 33 critical CVEs β€” mostly remote code execution bugs β€” and a large share of elevation-of-privilege issues. Notable fixes include the HTTP/2 Bomb DoS (CVE-2026-49160), a BitLocker bypass (CVE-2026-50507), and a CTFMON elevation-of-privilege flaw (CVE-2026-45586). Administrators are advised to prioritize patches for several high-risk RCE and EoP bugs affecting Windows components like Win32K, Remote Desktop, DHCP client, and Hyper-V.
read more β†’

Record-breaking June 2026 Patch Tuesday updates

🚨 Microsoft released fixes addressing nearly 200 vulnerabilities in its June 2026 Patch Tuesday, the largest monthly tally to date, with almost three dozen rated critical and public exploit code for at least three flaws. Multiple zero-days were patched, including CVE-2026-49160 affecting IIS and CVE-2026-50507 for BitLocker, with some reports tied to researcher "Nightmare Eclipse." Microsoft and other vendors noted rising use of AI in vulnerability discovery and unusually high browser flaw counts this month.
read more β†’

Microsoft June 2026 Patch Tuesday: Key Fixes

πŸ›‘οΈ Microsoft released its June 2026 security update addressing 206 vulnerabilities, including 32 marked critical. Talos highlights multiple RCEs across Windows components, Office, Azure services, and other products, and calls out several vulnerabilities as more likely to be exploited. Cisco Talos published Snort 2 and Snort 3 rules to detect exploitation attempts and urges customers to update rule packs promptly.
read more β†’

Microsoft issues Windows 10 KB5094127 update

πŸ”’ Microsoft released the Windows 10 KB5094127 Extended Security Update, which applies June 2026 Patch Tuesday fixes and adds functionality to monitor the rollout of renewed Secure Boot certificates. The update brings Windows 10 to build 19045.7417 and Windows 10 Enterprise LTSC 2021 to build 19044.7417, and is available to Enterprise LTSC and ESU-enrolled systems via Windows Update. It also improves File Explorer search, enables dynamic Secure Boot status reporting, introduces the LimitSecureBootRequiredServiceData policy, and expands targeted delivery of new Secure Boot certificates. Microsoft warns of a known BitLocker recovery prompt issue for certain TPM/PCR7 and Secure Boot configurations and suggests a temporary Group Policy workaround while a permanent fix is prepared.
read more β†’

Microsoft June 2026 Patch Tuesday fixes 200 flaws

πŸ›‘οΈ Microsoft released its June 2026 Patch Tuesday addressing 200 vulnerabilities, including three publicly disclosed zero-day flaws. The update includes 33 Critical issues β€” 28 of them remote code execution β€” and a broad mix of elevation of privilege, information disclosure, spoofing, and DoS bugs. Microsoft also provided mitigations and new settings, such as MaxHeadersCount for HTTP/2, and highlighted that some fixes were issued earlier for cloud and Edge components.
read more β†’

Microsoft June 2026 Patch Tuesday: 200 Flaws Fixed

πŸ›‘οΈ Microsoft released its June 2026 Patch Tuesday addressing 200 vulnerabilities, including five publicly disclosed zero-days and one actively exploited flaw. The updates cover 33 Critical issues, with numerous RCE, elevation of privilege, information disclosure, and other vulnerabilities across Windows, Exchange, BitLocker, HTTP/2 and more. Microsoft also provided mitigations and new settings such as a MaxHeadersCount registry key for HTTP/2.
read more β†’

Windows 11 June 2026 Cumulative Updates Released

πŸ”” Microsoft released Windows 11 cumulative updates KB5094126 and KB5093998 for 25H2/24H2 and 23H2 on Patch Tuesday, delivering security fixes, bug patches, and new features. The updates change build numbers and add capabilities like Shared Audio and expanded Xbox mode, plus Task Manager NPU visibility and Multi‑App Camera. Install via Settings > Windows Update or the Microsoft Update Catalog for the June 2026 security rollup.
read more β†’

Critical Windows Netlogon RCE Flaw Now Exploited

πŸ”’ The Centre for Cybersecurity Belgium (CCB) warned that threat actors are exploiting a recently patched critical Windows Netlogon vulnerability (CVE-2026-41089). Microsoft patched the stack-based buffer overflow during May 2026 Patch Tuesday, which can allow unauthenticated remote code execution on domain controllers. The CCB urged administrators to apply updates immediately, noting a CVSS score of 9.8, while Microsoft has not yet confirmed active exploitation.
read more β†’

Microsoft fixes Windows 11 KB5089549 install failures

πŸ”§ Microsoft has fixed a known issue that caused installation failures and 0x800f0922 errors for the May 2026 Windows 11 security update (KB5089549). The failures were triggered by insufficient free space on the EFI System Partition (ESP), causing updates to rollback during reboot at roughly 35–36% completion. The fix is included in the May 26, 2026 preview cumulative update (KB5089573) and will be made available broadly in the June Patch Tuesday updates, with mitigation options for enterprises via Known Issue Rollback or Group Policy.
read more β†’

CISA orders federal patching for exploited Drupal flaw

πŸ›‘οΈ CISA has mandated U.S. federal agencies to patch an actively exploited SQL injection vulnerability in the Drupal CMS (CVE-2026-9082) by the specified deadline. Discovered by Google/Mandiant researcher Michael Maturi, the flaw affects Drupal's database abstraction API and allows unauthenticated SQL injection against PostgreSQL-backed sites. The Drupal team labelled the bug highly critical and released fixes after observing exploitation in the wild; Shadowserver reports nearly 670 exposed installations. CISA added the issue to its KEV Catalog and urged all organizations to apply vendor mitigations immediately.
read more β†’

Windows Server 2016 DC lookup fails with KB5087537

πŸ”” Microsoft confirmed a known issue where domain controller discovery may fail on Windows Server 2016 after installing the KB5087537 May 2026 security update. The problem affects only systems whose hostnames are exactly 15 characters long, causing DCLocator calls to return ERROR_INVALID_PARAMETER. This can prevent applications and admin tools from locating domain controllers and may disrupt administrative scenarios such as DFS Namespace management.
read more β†’

Microsoft: Patch Download Failures in Restricted Networks

πŸ”§ Microsoft warns that Windows Update may fail on restricted networks after installing the January 2026 optional preview updates, producing error code 0x80010002. Affected devices may download the February security update but then fail to retrieve March or later releases via the Windows Update settings. The issue stems from tightened download timeout requirements and does not affect installation capability. Admins can apply Known Issue Rollback (KIR) group policies and restart devices to work around the problem.
read more β†’