security updates

Microsoft says Windows security updates released on or after June 9, 2026, may stop some custom folder icons and localized folder display names from appearing because Windows now ignores desktop.ini files whose source it cannot verify as trusted. That is not a cosmetic bug in the usual Patch...

Microsoft’s June 9, 2026 Windows security updates, including KB5094126 for Windows 11 24H2 and 25H2 and KB5093998 for Windows 11 23H2, changed how File Explorer handles desktop.ini folder customizations from sources Windows does not trust. The result is not data loss, and it is not a broken...

Microsoft’s June 2026 Patch Tuesday for Windows 11 is scheduled for June 9, bringing the usual security fixes alongside new user-facing features such as low-latency performance boosts, Shared Audio, richer NPU monitoring, setup-time user-folder naming, and Secure Boot certificate updates. The...

Microsoft disclosed CVE-2026-48560 on June 9, 2026, as a Microsoft SharePoint Server spoofing vulnerability addressed in June security updates for SharePoint Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition on on-premises Windows infrastructure. The important word...

CVE-2026-45501 is an Important-rated Microsoft Exchange Server spoofing vulnerability disclosed in Microsoft’s June 9, 2026 security updates, affecting on-premises Exchange Server and arriving alongside a broader Exchange patch set that also includes spoofing, information-disclosure...

Microsoft disclosed CVE-2026-45500, a Microsoft Exchange Server spoofing vulnerability, as part of the June 9, 2026 Exchange security updates for Exchange Server Subscription Edition and Exchange Server 2019 CU15, placing it among a cluster of Exchange flaws patched in the same release. The...

Microsoft disclosed CVE-2026-42829 on June 9, 2026, as an Important Windows Administrator Protection security feature bypass affecting Windows 11 versions 24H2, 25H2, and 26H1, with fixes delivered through KB5094126 and KB5095051 for x64 and Arm64 systems in the June Patch Tuesday release cycle...

Microsoft disclosed CVE-2026-47636 on June 9, 2026, as a spoofing vulnerability in Microsoft SharePoint Server, placing the issue in the on-premises collaboration stack that many organizations still use for intranets, document workflows, and line-of-business portals rather than SharePoint...

Microsoft has listed CVE-2026-45467 as a Microsoft SharePoint Server spoofing vulnerability in its Security Update Guide as of June 2026, but the public record available to administrators appears to offer more confidence in the flaw’s existence than in its operational details. That distinction...

Microsoft released June 2026 Security Updates for Exchange Server Subscription Edition, plus ESU-only updates for Exchange Server 2019 CU14/CU15 and Exchange Server 2016 CU23, on June 9, 2026, addressing newly disclosed Exchange vulnerabilities and the earlier CVE-2026-42897 Outlook Web Access...

Microsoft’s Security Response Center is tracking CVE-2026-6843, a medium-severity GNU nano vulnerability disclosed in April 2026 in which a local attacker can crash the editor by luring it into displaying a specially named directory containing printf-style format specifiers. The bug is not a...

CVE-2026-46004, published by NVD on May 27, 2026, is a Linux kernel vulnerability in the ALSA caiaq USB audio driver where failed device probing could continue after cleanup and create a use-after-free condition in later initialization code. It is not the kind of bug that should send every...

Hello, I've been using a competitor's antivirus on my Windows 11 Home 25H2 for several years. I'm thinking of switching to Microsoft Defender. I'd like information on whether this new product maintains the same level of security as before in terms of detecting intrusions that could damage the...

Microsoft’s May 2026 guidance for CVE-2026-45659 says the security update identified for SharePoint Enterprise Server 2016 also applies to SharePoint Server 2016, meaning administrators running either 2016-branded deployment should install the same KB to close the remote code execution flaw. The...

As of May 2026, a substantial minority of PC gamers on Steam still use Windows 10, even though Microsoft ended mainstream support on October 14, 2025, and the consumer Extended Security Updates runway is scheduled to expire on October 13, 2026. That is not merely nostalgia for a familiar Start...

Microsoft’s April 14, 2026 Windows 11 security update KB5083769, and the later optional preview update KB5083631, can stop some third-party backup tools from mounting disk images because Windows is now blocking vulnerable versions of the Macrium-associated psmounterex.sys kernel driver. That is...

Microsoft’s April 2026 Windows security updates have created an awkward Remote Desktop moment: a security feature designed to make RDP files safer can itself become hard to read on some multi-monitor systems. The confirmed issue affects the new warning dialog shown when users open Remote Desktop...

Starting in April 2026, Microsoft is doing something Windows users have not seen before: surfacing Secure Boot certificate status directly inside the Windows Security app. That matters because the company’s original Secure Boot certificates, issued in 2011, are now approaching expiration in June...

Microsoft’s April 2026 Windows 11 quality updates are doing exactly what modern Patch Tuesdays so often do: tightening security in one area while creating friction in another. KB5083769 for Windows 11 25H2 and 24H2 introduces new Remote Desktop safeguards meant to blunt spoofing attacks tied to...

Microsoft has assigned CVE-2026-35431 to a Microsoft Entra ID Entitlement Management spoofing vulnerability, but the public confidence signal attached to the entry is what makes this disclosure especially important. Microsoft’s Security Update Guide uses that metric to express how certain it is...