Articles from June 9, 2026
Browse all Windows news articles published on June 9, 2026
CVE-2026-45501 Exchange Spoofing: Patch Tuesday Guidance and Action Steps
CVE-2026-45501 is an Important-rated Microsoft Exchange Server spoofing vulnerability disclosed in Microsoft’s June 9, 2026 security updates, affecting on-premises Exchange Server and arriving alongsi
CVE-2026-45599: Windows UPnP Device Host RCE (Use-After-Free) Patched June 9, 2026
Microsoft disclosed CVE-2026-45599 on June 9, 2026, as a high-severity Windows UPnP Device Host remote code execution vulnerability in Universal Plug and Play’s upnp.dll, with an 8.1 CVSS score and pa
CVE-2026-45500 Exchange Spoofing: June 2026 Patch Guidance for Admins
Microsoft disclosed CVE-2026-45500, a Microsoft Exchange Server spoofing vulnerability, as part of the June 9, 2026 Exchange security updates for Exchange Server Subscription Edition and Exchange Serv
CVE-2026-45597: Windows UI Automation Manager Local EoP Fix (June 9, 2026)
Microsoft’s June 9, 2026 security update identifies CVE-2026-45597 as a Windows UI Automation Manager elevation-of-privilege vulnerability in uiamanager.dll, a local Windows component tied to accessib
CVE-2026-11178 WebView Policy Bypass: Chrome Android Cross-Origin Data Leak Risk
CVE-2026-11178 is a medium-severity Chromium WebView policy-bypass vulnerability, published by NVD on June 4, 2026, affecting Google Chrome on Android before version 149.0.7827.53 and potentially allo
CVE-2026-45595 Patch Tuesday: Windows Mark of the Web Bypass (Important)
Microsoft patched CVE-2026-45595, a Windows Mark of the Web security feature bypass vulnerability rated Important, as part of the June 9, 2026 Patch Tuesday release for supported Windows systems. The
CVE-2026-45604 Patch Tuesday: Windows Managed Installer Info Leak & App Control Trust
Microsoft disclosed CVE-2026-45604 on June 9, 2026, as an Important-rated Windows Managed Installer information disclosure vulnerability in the Windows Application Identity subsystem, shipping it insi
CVE-2026-11291 Chrome Android Autofill Bug: Same-Origin Bypass & Patch Guidance
Google Chrome’s CVE-2026-11291 is a low-severity Android Autofill flaw disclosed in June 2026 that affected Chrome for Android before version 149.0.7827.53 and could let a remote attacker bypass same-
June 2026 Patch Tuesday: Prioritize RCE Risks Across Windows, Office, Azure
Microsoft’s June 2026 Patch Tuesday, released on June 9, delivers security fixes for roughly 200 disclosed vulnerabilities across Windows, Office, Azure, Exchange Online, Microsoft Graph, SQL Server,
CVE-2026-10984: Chrome for Android UI Spoofing Fixed in 149.0.7827.53
Google assigned CVE-2026-10984 to a high-severity Chrome for Android accessibility flaw, fixed before version 149.0.7827.53, that allowed a remote attacker to spoof user-interface elements through a c
CVE-2026-45594 AppID Info Disclosure: June 2026 Patch Guidance for Windows Admins
Microsoft disclosed CVE-2026-45594 on June 9, 2026, as an Important-rated Windows Application Identity information disclosure vulnerability in the AppID subsystem that can let an authorized local atta
CVE-2026-45593: Windows SDK EoP—Why Build Systems Must Be Patched Fast
Microsoft disclosed CVE-2026-45593 on June 9, 2026, as a Windows SDK elevation-of-privilege vulnerability in its Security Update Guide, placing a developer-facing component into the same Patch Tuesday