patch tuesday

Microsoft has listed CVE-2026-47653 as a Remote Desktop Client remote code execution vulnerability in its Security Update Guide, published for Windows administrators tracking the June 9, 2026 security release, but the public advisory currently exposes more risk signaling than deep root-cause...

Microsoft disclosed CVE-2026-45588 on June 9, 2026, as an Important-rated Windows Secure Boot security feature bypass affecting supported Windows client and server releases, with official fixes published for Windows 10, Windows 11, Windows Server 2012 through 2025, and related Server Core...

Microsoft has listed CVE-2026-47641 as a Microsoft SharePoint Server spoofing vulnerability in its Security Update Guide on June 9, 2026, giving administrators another Patch Tuesday item to triage across on-premises SharePoint farms, especially environments still running SharePoint Server 2016...

Microsoft published CVE-2026-47298 on June 9, 2026, as a Microsoft SharePoint Server remote code execution vulnerability addressed through the June SharePoint security updates for Subscription Edition and SharePoint Server 2016. The most important word in that sentence is not remote or even...

Microsoft disclosed CVE-2026-47291 on June 9, 2026, as a Windows HTTP.sys remote code execution vulnerability in the HTTP protocol stack, giving administrators a Patch Tuesday item that matters most on systems where Windows itself is listening for and processing HTTP traffic. This is not merely...

Microsoft disclosed CVE-2026-45657 on June 9, 2026, as a critical Windows Kernel remote code execution vulnerability affecting supported Windows 11 and Windows Server releases, with patches available through the June security updates and a CVSS base score of 9.8. The advisory is short, but the...

Microsoft disclosed CVE-2026-45656 on June 9, 2026, as an Important-rated Windows UEFI Secure Boot security feature bypass that allows an authorized local attacker to weaken Secure Boot protections across supported Windows client and server releases. The uncomfortable part is not that Microsoft...

Microsoft disclosed CVE-2026-45655, a Windows BitLocker security feature bypass vulnerability, in its June 9, 2026 Security Update Guide, placing it among a notably large Patch Tuesday release that also includes other boot, Secure Boot, UEFI, and BitLocker-related fixes for supported Windows...

Microsoft disclosed CVE-2026-45634 on June 9, 2026, as an Important-rated Windows DHCP Client information disclosure vulnerability affecting supported Windows client and server releases, with official fixes issued through the June security updates and no public disclosure or exploitation...

Microsoft’s Security Update Guide entry for CVE-2026-45607 identifies a Windows Hyper-V remote code execution vulnerability, published in the June 2026 Patch Tuesday window, with the practical concern centered on how much administrators can trust the sparse public details while still acting...

Microsoft released the June 2026 Patch Tuesday updates on June 9 for Windows 11 versions 25H2, 24H2, and 26H1, bringing security fixes alongside a staggered rollout of Shared Audio, camera sharing, Task Manager NPU telemetry, search improvements, and performance changes. The headline is not that...

Microsoft has listed CVE-2026-45490 as a .NET SDK elevation-of-privilege vulnerability in its Security Update Guide on June 9, 2026, giving developers and administrators a new Patch Tuesday item to evaluate across Windows build agents, developer workstations, and CI environments. The important...

Microsoft published CVE-2026-45466, a Microsoft Word information disclosure vulnerability, in its Security Update Guide on Tuesday, June 9, 2026, identifying Word as the affected application and framing the issue as a confidentiality risk rather than code execution. The advisory arrives in the...

Microsoft disclosed CVE-2026-33828 on June 9, 2026, as a critical Windows Device Health Attestation elevation-of-privilege vulnerability that can let a locally authorized attacker cross a trust boundary and gain SYSTEM privileges on affected Windows clients and servers. The oddity is not the...

Microsoft released Windows 11 update KB5094126 on June 9, 2026, for Windows 11 versions 25H2 and 24H2, moving supported PCs to OS builds 26200.8655 and 26100.8655 with security fixes, Secure Boot certificate work, virtualization repairs, and features from May’s preview updates. The headline is...

Microsoft listed CVE-2026-45485 on June 9, 2026 as a Microsoft Office information disclosure vulnerability in its Security Update Guide, giving administrators a new Office-related confidentiality bug to assess during the June Patch Tuesday cycle. The important story is not only that Office can...

Microsoft released Windows 11 KB5094126 on June 9, 2026, as the June Patch Tuesday security update for Windows 11 versions 25H2 and 24H2, raising systems to builds 26200.8655 and 26100.8655 while beginning a wider rollout of performance, audio, camera, and Secure Boot changes. The update is...

Microsoft released Windows 11 cumulative update KB5094126 on June 9, 2026, for Windows 11 versions 24H2 and 25H2, raising them to OS builds 26100.8655 and 26200.8655, while Windows 11 version 23H2 received KB5093998 and build 22631.7219. On paper, this is another Patch Tuesday bundle: security...

Microsoft is expected to begin rolling out the June 2026 security update for Windows 11 on Tuesday, June 9, 2026, bringing a batch of quality-of-life features to versions 24H2 and 25H2 through the same cumulative servicing channel. The headline is not one giant redesign, but a cluster of smaller...

Windows administrators preparing for the May and June 2026 Patch Tuesday cycle should rank MSRC items by signal quality first: exploited-in-the-wild status, report-confidence metadata, advisory status, revision history, and only then headline severity or CVSS score. That ordering is the...