Tag

Patch Tuesday

All articles tagged with #patch tuesday

technology10 days ago•85 min saved

Windows 11 May 2026 Patch Tuesday update causes install failures and slow internet on some PCs

Microsoft’s May 2026 Patch Tuesday update for Windows 11 (KB5089549) is reportedly failing to install on some devices and, for a smaller subset, slowing internet speeds after installation. Affected systems may rollback automatically with an “Something didn’t go as planned. Undoing changes.” message, but Microsoft hasn’t publicly acknowledged the issue and there are no known issues listed on the health dashboard yet. Troubleshooting steps include retrying the update, clearing the SoftwareDistribution cache, running the Windows Update troubleshooter, and unplugging nonessential peripherals; for internet slowdowns, restarting the network adapter or updating drivers may help. If the update continues to fail, the recommended course is to wait for the next cumulative update.

via Windows Central|

#installation-failure #kb5089549 #patch-tuesday

technology11 days ago•89 min saved

Windows 11 May Patch Tuesday adds Xbox mode and device haptics

The May Patch Tuesday update for Windows 11 introduces Xbox mode—a console-like fullscreen gaming view—along with haptic feedback support for select peripherals (notably the Logitech MX Master 4) and a range of other improvements across File Explorer, input, voice typing, and system security/performance.

via Windows Central|

#haptics #logitech-mx-master-4 #patch-tuesday

security12 days ago•4 min saved

Rogue researcher unleashes BitLocker bypass and SYSTEM-level Windows zero-days after Patch Tuesday

After Patch Tuesday, a rogue researcher released a third wave of Windows zero-days, including a BitLocker bypass dubbed 'Yellow key' and a privilege-escalation called 'GreenPlasma' that could grant SYSTEM-level access; the flaws affect Windows 11, Windows Server 2022, and Windows Server 2025, with Windows 10 reportedly unaffected. The exploits are publicly available on GitHub, and the researcher frames the disclosures as a backdoor-style challenge and warns of additional releases.

via Cybernews|

#bitlocker #cybersecurity #patch-tuesday

technology13 days ago•2 min saved

MDASH AI uncovers 16 Windows flaws in Patch Tuesday

Microsoft's MDASH is a multi-model AI-powered vulnerability-scanning system (private preview) that orchestrates 100+ specialized agents to automatically discover, validate, and prove exploitable defects in Windows through a pipeline of auditing, debating, and proving steps. In early testing, MDASH identified 16 CVEs fixed in this Patch Tuesday, including two critical remote-code-execution flaws in ikeext.dll and tcpip.sys (CVE-2026-33824 and CVE-2026-33827), highlighting AI-driven vulnerability discovery's production-grade potential.

via The Hacker News|

#ai-cybersecurity #mdash #patch-tuesday

security14 days ago•7 min saved

Microsoft May 2026 Patch Tuesday patches 120 flaws, no zero-days detected

Microsoft's May 2026 Patch Tuesday fixes around 120 vulnerabilities across Windows, Azure, Office, and developer tools, with no zero-day exploits disclosed. The updates address critical and important flaws including remote code execution, privilege escalation, spoofing, and data disclosure across core components like Windows TCP/IP, Netlogon, the DWM core library, Office apps, Visual Studio Code, and Azure services. Administrators should apply updates promptly, especially for exposed remote services and internet-facing apps.

via BleepingComputer|

#microsoft #office #patch-tuesday

technology1 month ago•3 min saved

Unpatched SharePoint spoofing flaw leaves 1,300+ servers at risk

More than 1,300 publicly reachable Microsoft SharePoint servers remain unpatched for CVE-2026-32201, a spoofing vulnerability that was exploited as a zero-day and can let attackers view and alter sensitive data without user interaction. The bug affects SharePoint Server 2016, 2019, and Subscription Edition; Microsoft issued patches in the April 2026 Patch Tuesday, but Shadowserver reports fewer than 200 systems updated so far. CISA added the flaw to its Known Exploited Vulnerabilities catalog and ordered FCEB agencies to patch within two weeks, while Microsoft has not tied attacks to a specific actor. The vulnerability impacts confidentiality and integrity, not availability.

via BleepingComputer|

#cve-2026-32201 #patch-tuesday #sharepoint

cybersecurity1 month ago•4 min saved

Microsoft Rolls Out Record Patch Tuesday: 169 Fixes Including SharePoint Zero-Day Exploited in the Wild

Microsoft released a record Patch Tuesday with 169 fixes across its products, highlighted by a SharePoint Server zero-day (CVE-2026-32201) that is actively exploited in the wild. The bundle also patches a Defender privilege-escalation flaw (CVE-2026-33825) tied to BlueHammer and a high-risk IKEv2 remote-code-execution issue (CVE-2026-33824) rated 9.8, along with extensive Edge updates and other critical/important vulnerabilities. Some of the flaws are listed in the CISA KEV catalog, triggering remediation deadlines for government agencies (by April 28, 2026).

via The Hacker News|

#cybersecurity #defender #ikev2

technology1 month ago•11 min saved

Microsoft fixes 167 vulnerabilities in April 2026 Patch Tuesday, including two zero-days

Microsoft’s April 2026 Patch Tuesday patches 167 vulnerabilities across Windows, Office, .NET, Azure and developer tools, including two zero-days. The fixes address a range of issues from remote code execution and elevation of privilege to information disclosure and denial of service across components such as Windows kernel, Windows TCP/IP, Office apps, the .NET stack, and more. Enterprises should apply the updates promptly to reduce exposure.

via BleepingComputer|

#cybersecurity #microsoft #patch-tuesday

technology2 months ago•6 min saved

Microsoft: Windows 11 KB5079473 not causing BSODs; Galaxy Connect bug locks C drive on some Samsung laptops

Microsoft confirms Windows 11 KB5079473 (March 2026 Patch Tuesday) does not cause BSODs, reboot loops, or major issues; reports of an inaccessible C: drive on some Samsung laptops are linked to a Galaxy Connect app bug, not the Windows update.

via Windows Latest|

#c-drive #kb5079473 #patch-tuesday

technology2 months ago•73 min saved

Windows 11 gets faster wake, faster settings navigation, a built‑in speed test, and a redesigned Widgets panel in March KB5079473

Windows 11’s March Patch Tuesday rollout (KB5079473) adds faster wake from sleep, a built‑in network speed test in the taskbar, a redesigned Widgets panel, Emoji 16.0, new camera controls, native Sysmon‑like monitoring, RSAT on Arm64, and various quality‑of‑life improvements across Settings, File Explorer, and more, with some features arriving gradually through Microsoft’s controlled rollout.

via Windows Central|

#kb5079473 #network-speed-test #patch-tuesday

security2 months ago•3 min saved

Microsoft March 2026 Patch Tuesday Fixes 77+ Flaws, Highlights AI‑Driven Discovery

Microsoft released March 2026 Patch Tuesday with fixes for at least 77 vulnerabilities across Windows and related software; there are no new zero-days, but several high-severity flaws require attention, including CVE-2026-21262 (SQL Server privilege escalation), CVE-2026-26127 (.NET denial of service), and Office remote-code-execution flaws via the Preview Pane (CVE-2026-26113/26110). Additional privilege-escalation CVEs affect Windows components (CVE-2026-24291/24294/24289/25187). An AI-discovered CVE-2026-21536 in the Microsoft Devices Pricing Program is noted as an example of AI-driven vulnerability research. Microsoft also issued an out-of-band patch for Windows Server 2022 to fix a Windows Hello for Business certificate renewal issue; Adobe and Mozilla separately released updates for their products. For full details, see the SANS ISC Patch Tuesday post.

via Krebs on Security|

#ai #cve #microsoft

security2 months ago•3 min saved

Microsoft Patch Tuesday: 84 Fixes, Two Public Zero-Days, and Faster Hotpatching

Microsoft released 84 patches in March Patch Tuesday across its software stack, including two publicly disclosed zero-days: CVE-2026-21262 in SQL Server and CVE-2026-26127 in .NET. Eight flaws are critical and 76 are important, with privilege escalation accounting for 46 fixes. Notable issues include a Winlogon privilege escalation (CVE-2026-25187, 7.8), an Azure MCP server-side request-forgery (CVE-2026-26118, 8.8) that could abuse the server’s identity, and a high-severity RCE in the Microsoft Devices Pricing Program (CVE-2026-21536, 9.8) that Microsoft says is fully mitigated. An Excel information-disclosure flaw (CVE-2026-26144, 7.5) could enable data exfiltration via Copilot Agent in a zero-click attack. Microsoft is also moving toward hotpatch security updates via Windows Autopatch by May 2026 to speed fixes, with XBOW credited for vulnerability discovery and researchers noting such bugs often enable post-compromise activity.

via The Hacker News|

#cve-2026-21262 #microsoft #patch-tuesday

security2 months ago•11 min saved

Microsoft Patch Tuesday March 2026: 79 Flaws Fixed, Two Public Zero-Days

Microsoft's March 2026 Patch Tuesday closes 79 vulnerabilities, including two publicly disclosed zero-days: a SQL Server elevation-of-privilege flaw (CVE-2026-21262) and a .NET denial-of-service flaw (CVE-2026-26127). The update also patches two Office remote-code-execution flaws via the Preview Pane (CVE-2026-26110, CVE-2026-26113) and an Excel information-disclosure flaw potentially exposing Copilot data (CVE-2026-26144). Fixes span Windows, Edge, Azure, and more, with several critical bugs; users should update promptly.

via BleepingComputer|

#cve-2026-21262 #cve-2026-26127 #office

technology2 months ago•11 min saved

Windows 11 March 2026 Patch Adds Emoji 16, Sysmon, and More Features

Microsoft released Windows 11 KB5079473 as part of the March 2026 Patch Tuesday, introducing up to nine new features (including Emoji 16, built-in network speed test, WebP wallpaper support, expanded Windows Backup restore for organizations, and automatic Quick Machine Recovery for many non-domain Pro PCs) along with 58 security fixes (six actively exploited zero-days). Direct offline installers (.msu) are available via the Microsoft Update Catalog for builds 26200.8037 (25H2) and 26100.8037 (24H2). The update can be installed through Windows Update, WSUS, or deployment tools; Sysmon is now built into Windows and must be enabled manually. If install issues arise, a fresh install via Media Creation Tool is recommended.

via Windows Latest|

#emoji-16 #kb5079473 #patch-tuesday

technology2 months ago•6 min saved

Windows 11’s Internet Speed Test Is a Bing Shortcut, Not a Native Feature

A March 2026 Windows 11 update adds a new “Perform speed test” option on the taskbar, but it merely opens Bing’s internet speed test in your default browser instead of a native tool. The feature, tied to a Bing–Speedtest (Ookla) partnership, can’t be removed or redirected yet. Critics say Microsoft should have delivered a true built‑in network diagnostics tool, like the old Windows 8-era solution, rather than a web shortcut.

via Windows Latest|

#bing #internet-speed-test #microsoft