july patch tuesday

  1. CVE-2026-50358: Install July Updates to Fix Windows Media EoP

    CVE-2026-50358, a Windows Media use-after-free vulnerability, can let a locally authenticated attacker elevate privileges on affected Windows 10, Windows 11, and Windows Server systems. Microsoft addressed the flaw in its July 14, 2026 security updates and rates it Important, with a CVSS 3.1...
  2. CVE-2026-50299: Patch Windows Storage Spaces Direct Physical RCE

    CVE-2026-50299 gives an unauthenticated attacker a path to code execution in Windows Storage Spaces Direct, but Microsoft’s own scoring makes the crucial limitation clear: exploitation requires physical access to the affected system. Microsoft fixed the flaw in the July 14, 2026 security updates...