windows security

Microsoft’s Surface Laptop 8 for Business adds an integrated privacy display on select 13.8-inch models in May 2026, letting users darken side-angle viewing with a dedicated keyboard key while keeping the touchscreen usable. The feature works, according to early hands-on testing, but it does not...

CISA added CVE-2026-8398, CVE-2026-45321, and CVE-2026-48027 to its Known Exploited Vulnerabilities Catalog on May 27, 2026, after confirming active exploitation affecting DAEMON Tools Lite, TanStack packages, and the Nx Console developer extension. The move is more than another federal patching...

CVE-2026-4893 is a medium-severity information disclosure vulnerability in dnsmasq, published on May 11, 2026, that allows a remote unauthenticated attacker to bypass source checks by sending a crafted DNS packet containing RFC 7871 EDNS Client Subnet information. The bug is not a...

CVE-2026-29518 is a high-severity rsync vulnerability disclosed on May 20, 2026, affecting versions before 3.4.3, in which a daemon running without chroot protection can be raced into following attacker-controlled symlinks and writing files outside the intended module path. It is not the sort of...

Microsoft disclosed on May 26, 2026, that Defender researchers are tracking an active cryptojacking campaign using poisoned search results, AI chatbot-recommended malicious links, fake Windows utility downloads, abused ScreenConnect remote access, and Microsoft-signed .NET utilities to mine...

Microsoft will begin running into the first expirations of its original 2011 Secure Boot certificate chain in June 2026, forcing Windows PCs, servers, recovery media, and firmware ecosystems to move to newer 2023 certificates through a staged Windows Update process. The practical sign for many...

On 7 May 2026, the UK Information Commissioner’s Office fined South Staffordshire Plc and South Staffordshire Water Plc £963,900 after a cyber-attack exposed personal data belonging to roughly 633,887 people, including customers, employees, and some vulnerable service users. The headline number...

Microsoft has issued manual mitigation guidance for YellowKey, a publicly disclosed BitLocker bypass tracked as CVE-2026-45585, after proof-of-concept exploit code appeared online in May 2026 and before the company has shipped a full security update for affected Windows systems. The...

CISA added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog on May 20, 2026, including five legacy Microsoft and Adobe flaws from 2008 through 2010 and two 2026 Microsoft Defender vulnerabilities, after determining that all seven have evidence of active exploitation. The...

Microsoft has published CVE-2026-45585 as a Windows BitLocker security feature bypass vulnerability, with mitigation guidance that tells administrators to mount each device’s Windows Recovery Environment image, remove an autofstx.exe entry from WinRE’s BootExecute registry value, commit the...

A Burger King order-status screen in Sheffield’s Centertainment leisure complex was photographed displaying a Windows Defender Firewall prompt on May 19, 2026, after a foreground application attempted network communication that Windows did not already trust. The gag writes itself, and The...

Microsoft’s Core isolation, introduced with the Windows 10 April 2018 Update and built into Windows 11 from launch, is the security feature many users overlook despite its role in isolating sensitive kernel-level protections through virtualization-based security on compatible PCs. That makes it...

Use Windows Defender Periodic Scanning with a Third-Party Antivirus Difficulty: Beginner | Time Required: 10 minutes Windows includes Microsoft Defender Antivirus, but many users prefer to run a third-party antivirus such as Norton, Bitdefender, Malwarebytes Premium, ESET, Avast, AVG, McAfee, or...

Windows 11 contains dozens of underused tools for customization, multitasking, security, backup, accessibility, gaming, phone integration, file management, and AI-assisted work, and a recent PCMag Australia roundup highlights 32 features that many everyday users and IT pros still overlook. The...

Enterprises are moving AI agents from pilots into production in 2026, with Databricks reporting a 327 percent surge in multi-agent systems in under four months and VentureBeat’s February tracker showing Microsoft leading orchestration-platform adoption among surveyed enterprise decision makers...

Siemens Solid Edge SE2026 versions before V226.0 Update 5 are affected by two newly disclosed PAR file parsing vulnerabilities, published by Siemens ProductCERT on May 12, corrected in title metadata on May 13, and republished by CISA on May 14, 2026. The fix is straightforward: install Update 5...

Siemens Simcenter Femap versions before V2512.0003 are affected by CVE-2025-12659, a high-severity heap-based buffer overflow in the Datakit library that can be triggered when a user opens a malicious Autodesk Inventor IPT file, according to Siemens and CISA advisories published in May 2026. The...

Microsoft released its May 2026 Patch Tuesday updates on May 12 for Windows 11, Windows Server, Microsoft Office, Azure, Dynamics 365, Edge, and related products, fixing roughly 138 reported vulnerabilities, including about 30 rated critical and no flaws Microsoft listed as publicly known or...

Microsoft’s May 2026 Patch Tuesday, released on May 12, delivered fixes for at least 118 documented vulnerabilities across Windows, Office, Azure, Dynamics, SQL Server, Edge, Teams, SharePoint, and related products, while major vendors including Apple, Google, Mozilla, and Oracle also pushed...

Microsoft disclosed CVE-2026-35436 on May 12, 2026, as an Important elevation-of-privilege vulnerability in Microsoft Office Click-to-Run that can let a low-privileged local attacker escape a contained execution environment and gain SYSTEM privileges on affected Office installations. That is the...