cve 2026-45639

CVE-2026-45639 is a Microsoft Windows Remote Desktop Protocol information disclosure vulnerability rated Important. It involves an out-of-bounds read that allows an unauthenticated network attacker to disclose portions of process memory across affected Windows and Remote Desktop clients. Microsoft confirmed the issue is remotely reachable and fixed in a June 2026 update, though exploitation is considered less likely. Administrators should prioritize patching this RDP vulnerability as part of routine security maintenance, treating it as a disciplined update task rather than an emergency. The tag covers discussion of the vulnerability details, Microsoft's advisory, and practical patch guidance for Windows systems.