security update

Microsoft resolved a Windows 11 May 2026 security update installation failure on May 26, 2026, after KB5089549 began rolling back on some version 24H2 and 25H2 systems with very little free space left on the EFI System Partition. The fix arrived in preview update KB5089573 and is expected to...

On May 27, 2026, NVD published CVE-2026-46048, a Linux kernel vulnerability in the ALSA caiaq USB audio driver where failed device probing can leak a referenced USB device object instead of releasing it. The bug is not the sort of headline-grabbing remote code execution flaw that sends patch...

Microsoft says CVE-2026-42822 is mitigated for customers using Microsoft-operated Azure Resource Manager environments, while Azure Local Disconnected Operations customers must update their ALDO deployment to version 2604 or later through the Azure portal using the full system update process...

Microsoft confirmed on May 15, 2026, that the May 2026 Windows 11 security update KB5089549 can fail on some Windows 11 24H2 and 25H2 devices when the EFI System Partition has roughly 10MB or less free space. The failure typically arrives during the reboot phase, around 35–36 percent, then...

Microsoft’s guidance for CVE-2026-33110 says SharePoint Server 2016 customers should install the same security update listed for SharePoint Enterprise Server 2016, because the KB applies to both product names and protects both supported 2016 deployments from the remote code execution flaw. That...

Microsoft lists CVE-2026-42898 as a Microsoft Dynamics 365 on-premises remote code execution vulnerability, published through the Microsoft Security Response Center’s Security Update Guide on May 12, 2026, with the disclosure pointing administrators toward Microsoft’s patching and risk-scoring...

Microsoft’s Security Response Center has listed CVE-2026-35420 as a Windows Kernel elevation-of-privilege vulnerability, published in the May 2026 security update cycle, with vendor acknowledgement establishing that the flaw exists even though public technical detail remains deliberately...

CVE-2026-31540 is a Linux kernel i915 graphics-driver NULL pointer dereference, published on April 24, 2026, affecting Intel GPU systems where required i915 firmware is missing and suspend triggers an unchecked function-pointer call. It is not a Windows vulnerability in the usual Patch Tuesday...

CVE-2026-31617 is a newly disclosed Linux kernel vulnerability in the USB gadget Network Control Model path, and its importance lies less in a dramatic internet-scale exploit scenario than in the quiet places where Linux devices plug into trusted hosts. The flaw sits in f_ncm, the kernel...

Background CVE-2026-31474 is a Linux kernel use-after-free in the CAN ISO-TP path, specifically in isotp_sendmsg, where the transmit buffer can be freed too early while the sender is still consuming it for the final CAN frame. The kernel record describes a race between isotp_sendmsg and...

Microsoft has added a new Dynamics 365 on-premises vulnerability to its security roster, and the early signals point to a local information disclosure flaw with a medium CVSS score of 5.5. The issue, tracked as CVE-2026-33103, is described as an improper access control problem that could let an...

CVE-2026-32196 is a useful reminder that not every Windows security flaw arrives as a dramatic remote code execution headline. In this case, Microsoft’s Security Update Guide entry for Windows Admin Center Spoofing Vulnerability appears to place the issue in the broad, deceptively practical...

Microsoft’s security tracker today lists CVE-2026-24287 as a Windows kernel elevation-of-privilege (EoP) vulnerability that can be abused by an authorized local user to elevate to SYSTEM, and Microsoft has published a vendor advisory confirming the issue and that a patch is available...

AMD has quietly shipped a new Ryzen chipset driver package for Windows 10 and Windows 11 — version 7.06.02.123 — that stretches across roughly the entire modern Ryzen family and focuses on security hardening, targeted bug fixes, and compatibility updates for features Microsoft has been pressing...

Mozilla pushed a small but important maintenance release for the stable channel this week: Firefox 147.0.4 ships a targeted user-experience fix that stops some users from seeing a blank New Tab (about:home/about:newtab) and closes a heap-buffer-overflow in the libvpx video codec (tracked as...

I’m on Windows 11 Home 25H2, OS Build 26200.7623. KB5077181 repeatedly fails to install with error 0x800f0983 (download completes, install phase fails, retries). I’ve already run the usual integrity checks (SFC/DISM) and they report no corruption, but the update continues to fail. I also tried...

Microsoft has quietly begun enforcing a long‑announced cleanup of Windows’ printing stack: starting with January 2026 updates, Windows 11 will stop servicing legacy V3 and V4 printer drivers through Windows Update and will prefer Microsoft's modern IPP inbox class driver and Print Support Apps...

Microsoft’s February 2026 cumulative for Windows 11, tracked as KB5077181, is now available and arrives as a focused security-and-quality rollup that folds in fixes from January preview packages while adding targeted hardenings and platform updates for both consumer and enterprise systems. The...

Microsoft’s Security Update Guide has recorded CVE‑2026‑0391 — a spoofing or UI‑misrepresentation flaw affecting Microsoft Edge (Chromium‑based) on Android — and organizations should treat it as an operational phishing‑enabler that demands immediate verification and patching. Background /...

Microsoft’s January cumulative for Windows 11, KB5074109, intended to harden Secure Boot and fix NPU power-drain problems, has instead introduced a cluster of high-impact regressions — from intermittent black screens on GPU systems to Outlook POP freezes, Azure Virtual Desktop authentication...