Articles from June 9, 2026
Browse all Windows news articles published on June 9, 2026
CVE-2026-45643 Word RCE: How “Remote” vs “AV:L” Affects Real Enterprise Risk
Microsoft describes CVE-2026-45643 as a Microsoft Word Remote Code Execution vulnerability even though its CVSS attack vector is local because “remote” identifies the attacker’s position, while “local
CVE-2026-45642 Attestation Spoofing: What Windows Azure Teams Must Review
Microsoft’s CVE-2026-45642 is a spoofing vulnerability disclosed for Microsoft Azure Attestation service and Device Health Attestation Service in the June 2026 Security Update Guide, affecting the tru
CVE-2026-45634: Windows DHCP Client/Server Info Disclosure via Out-of-Bounds Read
Microsoft disclosed CVE-2026-45634 on June 9, 2026, as an Important-rated Windows DHCP Client information disclosure vulnerability affecting supported Windows client and server releases, with official
CVE-2026-45641 Hyper-V Flaw: Patch Guest-to-Host RCE Risk Now
Microsoft published CVE-2026-45641 on June 9, 2026, as a critical Windows Hyper-V remote code execution vulnerability affecting supported Windows client and server releases, with official fixes availa
CVE-2026-45607 Hyper-V RCE Patch Tuesday: What Windows Admins Must Do
Microsoft’s Security Update Guide entry for CVE-2026-45607 identifies a Windows Hyper-V remote code execution vulnerability, published in the June 2026 Patch Tuesday window, with the practical concern
CVE-2026-45606 UxTheme DoS: Patch Tuesday Fix for Windows uxtheme.dll
Microsoft disclosed CVE-2026-45606 on June 9, 2026, as a denial-of-service vulnerability in the Windows UxTheme Library, uxtheme.dll, caused by an out-of-bounds read that a local authorized attacker c
CVE-2026-45640 Bluetooth Driver EoP: How to Patch and Defend Windows
CVE-2026-45640 is a Microsoft-tracked Windows Bluetooth Port Driver elevation-of-privilege vulnerability disclosed through the Microsoft Security Response Center, affecting the Windows Bluetooth stack
CVE-2026-45639 RDP Info Disclosure: Confirmed Memory Read—Patch Guidance
Microsoft released CVE-2026-45639 on June 9, 2026 as an Important Windows Remote Desktop Protocol information disclosure vulnerability, describing an out-of-bounds read that can let an unauthenticated
CVE-2026-45605: Windows Bluetooth Use-After-Free Privilege Escalation Patched
Microsoft disclosed CVE-2026-45605 on June 9, 2026, as an Important-rated Windows Bluetooth Service elevation-of-privilege vulnerability caused by a use-after-free flaw and patched it across supported
CVE-2026-45491 .NET Tampering: Patch Priority for Windows Trust Boundaries
Microsoft lists CVE-2026-45491 as a .NET tampering vulnerability in its Security Update Guide, but the public record available on June 9, 2026, appears thin: the advisory confirms the vulnerability cl
CVE-2026-45490 .NET SDK Elevation of Privilege: Patch Tuesday Supply-Chain Risk
Microsoft has listed CVE-2026-45490 as a .NET SDK elevation-of-privilege vulnerability in its Security Update Guide on June 9, 2026, giving developers and administrators a new Patch Tuesday item to ev
CVE-2026-45487: Windows PCA EoP Risk and Why Patch Priority Matters
Microsoft disclosed CVE-2026-45487 on June 9, 2026, as a Windows Program Compatibility Assistant Service elevation-of-privilege vulnerability, a local Windows flaw whose public advisory emphasizes con