Articles from 2026
Browse all Windows news articles published in 2026
gRPC-Go Missing Slash Flaw Lets Attackers Bypass Auth on Windows Systems
Microsoft's CVE-2026-33186 documents a critical authorization bypass vulnerability in gRPC-Go implementations that stems from a seemingly minor parsing oversight. The flaw allows attackers to bypass...
CVE-2026-23365: Linux Kalmia USB Driver Vulnerability Highlights Critical Endpoint Validation Gap
CVE-2026-23365 exposes a fundamental security flaw in the Linux kernel's kalmia USB network driver that could allow attackers to crash systems by exploiting improper endpoint validation. The...
CVE-2026-23343: Microsoft's Linux Kernel XDP Patch Fixes Critical Signed Tailroom Vulnerability
Microsoft has assigned CVE-2026-23343 to a Linux kernel vulnerability that exposes systems to potential denial-of-service attacks through the XDP (eXpress Data Path) networking subsystem. The...
CVE-2026-23293: Linux Kernel VXLAN Crash When Booting with IPv6 Disabled
A critical vulnerability designated CVE-2026-23293 exposes a dangerous flaw in the Linux kernel's VXLAN networking implementation. When systems boot with the ipv6.disable=1 kernel parameter, a...
Linux CVE-2026-23371: SCHED_DEADLINE Priority Inheritance Bug Exposes Kernel Fragility
The Linux kernel development team has assigned CVE-2026-23371 to a scheduler vulnerability in the SCHED_DEADLINE code path that reveals deeper structural issues in real-time scheduling...
Microsoft delays UEFI memory cleanup to fix Windows x86 boot security flaw
Microsoft has disclosed CVE-2026-23352, a security vulnerability affecting the Windows x86 firmware stack that requires delaying the freeing of boot services memory during system startup. This...
CVE-2026-23378: Linux Kernel Traffic Control Vulnerability Exposes Memory Safety Flaw
A newly disclosed Linux kernel vulnerability, CVE-2026-23378, exposes a critical memory safety flaw in the act_ife traffic-control action that could allow attackers to manipulate kernel memory...
Marks & Spencer Deploys Microsoft 365 Copilot to 11,000 Store Managers in Agentic AI Push
Marks & Spencer has begun rolling out Microsoft 365 Copilot to 11,000 store managers across its UK retail operations. This represents one of the largest enterprise deployments of Microsoft's AI...
CVE-2026-23348: Linux Kernel Race Condition Threatens CXL NVDIMM Security on Windows
Microsoft's Security Response Center has documented CVE-2026-23348, a Linux kernel vulnerability affecting Windows systems through the Compute Express Link (CXL) interface. The race condition in the...
CVE-2026-23383: Linux ARM64 BPF JIT Alignment Flaw Risks Cloud Instances
Microsoft's security advisory for CVE-2026-23383 reveals a critical fix in the Linux BPF subsystem for ARM64 architectures, specifically addressing atomic tearing vulnerabilities through enforced...
CVE-2026-23313: How a Linux Kernel NAPI Tracepoint Bug Impacts Windows Server Virtualization
Microsoft's security team has identified a critical Linux kernel vulnerability that directly affects Windows Server environments running Hyper-V with Linux virtual machines. CVE-2026-23313, a preempt...
CVE-2026-23359: Linux Kernel BPF Devmap Stack Overflow Vulnerability Explained
A critical memory safety vulnerability in the Linux kernel's BPF devmap code has been identified as CVE-2026-23359, exposing systems to potential stack overflow attacks through XDP redirect...