All news with #patch tuesday tag

🔧 Microsoft warns that Windows Update may fail on restricted networks after installing the January 2026 optional preview updates, producing error code 0x80010002. Affected devices may download the February security update but then fail to retrieve March or later releases via the Windows Update settings. The issue stems from tightened download timeout requirements and does not affect installation capability. Admins can apply Known Issue Rollback (KIR) group policies and restart devices to work around the problem.

⚠️ Some Windows 11 devices fail to complete Microsoft’s May Security Update when the EFI System Partition (ESP) has roughly 10MB or less free, producing the rollback message "Something didn’t go as planned. Undoing changes." Microsoft suggested a registry tweak or rollback while consultants warn this leaves endpoints unpatched and undermines trust in update validation. Experts recommend resizing partitions, testing fixes, and adding ESP checks to endpoint health.

🔒 Microsoft released patches for 138 vulnerabilities across its product portfolio, including 30 Critical and 104 Important flaws, with none currently listed as publicly known or under active attack. The update spans privilege escalation, remote code execution, information disclosure, and spoofing issues, and includes a recently patched AMD CPU isolation flaw (CVE-2025-54518). Notable high-risk fixes include CVE-2026-41096 (Windows DNS heap overflow) and several Critical issues in Azure, Dynamics 365, Hyper-V, and Office. Administrators are urged to prioritize updates, rotate Secure Boot certificates before the June 26, 2026 deadline, and follow mitigation guidance such as reducing internet exposure and enforcing MFA.

🔒 Microsoft released its May Patch Tuesday fixing 120 CVEs, including 17 critical flaws. The update addresses 14 RCEs, two elevation of privilege bugs and one information disclosure issue, with the majority of fixes covering EoP and RCE types. Microsoft credited its WARP team and an agentic AI system, MDASH, with discovering 16 of the issues. Administrators are urged to prioritize high-risk fixes such as CVE-2026-41089.

🔒 Microsoft’s May Patch Tuesday addresses 118 vulnerabilities, including critical Windows Server flaws in Netlogon (CVE-2026-41089) and the DNS Client (CVE-2026-41096), plus a severe RCE in Microsoft Dynamics 365 On-Premises. Cloud services such as Azure and Microsoft Teams have already been updated, but on-prem and endpoint administrators must prioritize OS and application patches. Analysts recommend additional protections like network segmentation, access restrictions, and monitoring. Also note a mandatory Secure Boot certificate rotation before June 26 and multiple high‑risk SAP and Oracle updates.

🔒 Microsoft’s May Patch Tuesday updates address at least 118 security flaws across Windows and other products, including 16 rated critical. This release is notable as the first Patch Tuesday in nearly two years without fixes for known exploited zero-days or previously disclosed vulnerabilities. Other major vendors — Apple, Google, Mozilla and Oracle — have accelerated patch cadences after collaborative AI evaluations. Administrators are advised to apply updates promptly and back up data before upgrading.

🔒 Microsoft released its May 2026 Patch Tuesday update addressing 137 vulnerabilities, of which 31 are rated critical. Microsoft reports no observed active exploitation in the wild, though several critical RCE and local code-execution flaws affect Windows services, Office, Azure, SharePoint, and mobile Office. Talos has published new Snort 2 and Snort 3 rule sets to detect many exploitation attempts and recommends immediate patching and signature updates.

🔒 Microsoft released Windows 11 cumulative updates KB5089549 (25H2/24H2) and KB5087420 (23H2) as the May 2026 Patch Tuesday rollout. The mandatory updates address 120 security vulnerabilities, deliver bug fixes, and introduce features such as desktop Xbox mode, expanded File Explorer archive support, haptic input signals, and Drop Tray. They also improve Windows Hello, taskbar reliability, printing, and add an optional registry control to harden batch-file processing. Install via Settings > Windows Update or the Microsoft Update Catalog.

🔔 Today's May 2026 Patch Tuesday from Microsoft delivers security updates addressing 120 distinct vulnerabilities, including 17 rated Critical. The release corrects multiple remote code execution, elevation-of-privilege, information disclosure, denial-of-service, spoofing, and security feature bypass flaws across Windows, Office, SharePoint, and developer tools. Notable patches close dangerous RCE vectors in Microsoft Office (Word, Excel, PowerPoint) that can be exploited via malicious attachments or the preview pane, and key fixes include Windows GDI EMF parsing, SharePoint server RCE, and a Windows DNS Client RCE. Administrators are strongly advised to prioritize and deploy updates promptly to reduce exposure.

⚠️ Microsoft and CISA have warned that a Windows shell spoofing vulnerability (CVE-2026-32202) is being actively exploited and has prompted a CISA directive requiring federal agencies to patch by May 12. Microsoft says exploitation can expose sensitive data though it does not allow full system takeover. Security experts caution the situation was aggravated by an incomplete earlier fix for CVE-2026-21510, creating a patch gap between vendor updates and organizational deployment. CISOs face a difficult balance between rapid remediation and careful testing to avoid service disruption, and are urged to apply interim mitigations where possible.

⚠ Microsoft confirmed a display bug causing newly introduced Windows security warnings to render incorrectly when opening Remote Desktop (RDP) files. The issue affects all supported Windows releases updated in April 2026 (including Windows 11 KB5083768 & KB5083769, Windows 10 KB5082200, and Windows Server KB5082063) and appears when multiple monitors use different scaling settings, producing overlapping text and misplaced buttons. These dialogs — deployed to warn users about unsigned or unverified RDP files and to show resource redirection settings — can become difficult or impossible to interact with until Microsoft provides a fix.

⚠️After installing the April 2026 Windows security update (KB5082063), some non‑Global Catalog domain controllers configured with Privileged Access Management (PAM) may experience Local Security Authority Subsystem Service (LSASS) crashes during startup. Affected servers can enter repeated reboot loops, disrupting authentication and directory services and potentially rendering domains unavailable. Microsoft is investigating and advises administrators to contact Microsoft Support for Business for mitigation options until a permanent fix is released.

⚠️ Microsoft is investigating reports that the April KB5082063 cumulative security update fails to install on some Windows Server 2025 systems, with affected devices returning 0x800F0983 installation errors. The company says it is monitoring diagnostic telemetry and observed recurring failures after the April 14, 2026 release. A limited number of servers may also boot into BitLocker recovery and request recovery keys, a condition Microsoft says typically affects enterprise-managed configurations. Microsoft is continuing its investigation and will share additional details as they become available.

🔒 April's Patch Tuesday addresses critical vulnerabilities across major vendors. Patches fix a near-critical SQL injection in SAP (CVE-2026-27681) that enables arbitrary database commands, an actively exploited RCE in Adobe Acrobat Reader (CVE-2026-34621), and numerous high-severity Microsoft, Fortinet, and ColdFusion issues. FortiSandbox fixes close authentication-bypass and command-injection holes, while Adobe's ColdFusion updates remediate multiple code execution and path-traversal flaws. Organizations should prioritize vendor updates and apply mitigations where immediate patching is not possible.

🔒 Microsoft released its April Patch Tuesday update addressing an unusually large set of CVEs, including two zero-day flaws. CVE-2026-32201 is being actively exploited and is a SharePoint server spoofing vulnerability that can manipulate how information is presented to users. The second, CVE-2026-33825, is a publicly disclosed elevation-of-privilege bug in Microsoft Defender that could allow system-level access if chained with other exploits. Administrators are urged to prioritise these fixes and also review a high-risk IKEv2 remote code execution issue rated CVSS 9.8.

🛡️ Microsoft released updates addressing 169 vulnerabilities across its product portfolio, including an actively exploited SharePoint spoofing flaw (CVE-2026-32201) and 168 additional issues rated from Low to Critical. The fixes primarily remediate privilege escalation, information disclosure, and remote code execution weaknesses, and include a high-severity IKEv2 RCE (CVE-2026-33824, CVSS 9.8) and a publicly known Microsoft Defender privilege escalation (CVE-2026-33825). Organizations are urged to prioritize patches for actively exploited CVEs and critical RCEs and to follow Microsoft and CISA guidance for mitigations.

🔒 Microsoft’s April Patch Tuesday addresses 167 vulnerabilities, including an actively exploited SharePoint Server zero-day and a critical Windows IKE remote code execution bug. Administrators should prioritize CVE-2026-32201 in SharePoint and the 9.8-rated CVE-2026-33824 in the Windows IKE service. Temporary mitigations—blocking UDP ports 500/4500 or restricting traffic to known peers—reduce risk but do not replace patching. Teams must also apply critical SAP fixes and validate Microsoft Defender and Active Directory protections.

🔒 Microsoft released its April 2026 Patch Tuesday updates addressing 167 security flaws across Windows and related products, including a SharePoint Server zero-day (CVE-2026-32201) and a publicly disclosed Windows Defender privilege escalation dubbed BlueHammer. Google Chrome and Adobe issued emergency fixes for actively exploited zero-days. Administrators should prioritize patches for SharePoint, SQL Server, and Defender and restart browsers to ensure Chromium-based updates are applied.

🔒 Microsoft released its April 2026 Patch Tuesday addressing 165 vulnerabilities across Windows, Office, .NET and server components, including eight rated critical. Critical issues include a .NET DoS (CVE-2026-23666), Remote Desktop and Office use-after-free flaws that can lead to code execution (CVE-2026-32157, CVE-2026-32190), multiple Word local code-execution bugs (CVE-2026-33114, CVE-2026-33115), and an IKEv2 double-free enabling remote code execution (CVE-2026-33824). Talos notes SharePoint vulnerability CVE-2026-32201 is being exploited in the wild and has released Snort rules; administrators should prioritize exposed services and apply mitigations such as blocking UDP 500/4500 if IKE is unused.

🔒 Microsoft released its April 2026 Patch Tuesday addressing 167 vulnerabilities, including two zero-days and eight Critical flaws. The updates patch an actively exploited SharePoint Server spoofing bug (CVE-2026-32201) and a publicly disclosed Microsoft Defender elevation-of-privilege flaw (CVE-2026-33825) that can grant SYSTEM privileges. Multiple Microsoft Office RCEs exploitable via preview panes or malicious documents were fixed; administrators should prioritize installing these patches immediately.