Articles from 2026
Browse all Windows news articles published in 2026
Microsoft Copilot Reaches 1.7 Million Paid Users as Cortana Era Officially Ends
Microsoft has confirmed Copilot now serves 1.7 million paid users across its various implementations, marking a decisive shift from the Cortana era that officially concluded in 2023. The company's...
CVE-2026-4105: Critical Systemd Machined Privilege Escalation Vulnerability Patched
A critical privilege escalation vulnerability in systemd's machine-management component has been disclosed and patched, requiring immediate attention from Linux administrators and users. Tracked as...
CVE-2026-2673: How a TLS 1.3 Key Share Bug Breaks Windows Interoperability
Microsoft has confirmed that Windows systems are experiencing TLS 1.3 interoperability failures due to a cryptographic implementation issue tracked as CVE-2026-2673. The vulnerability stems from how...
Windows 11 C Drive Access Denied After February 2026 Update: Microsoft and Samsung Investigate Critical Bug
Microsoft and Samsung have launched a joint investigation into a critical Windows 11 bug that has left users unable to access their C: system drives following recent cumulative updates. The issue,...
Libarchive RAR5 Infinite Loop Vulnerability: Patch Details and Windows Impact Analysis
A critical vulnerability in libarchive's RAR5 decoder allows attackers to create specially crafted archives that trigger infinite loops, potentially causing denial-of-service conditions on affected...
CVE-2026-23942: Erlang SFTP Server Vulnerability Enables Root Escape via Path Traversal
A critical vulnerability designated CVE-2026-23942 exposes a root escape path in the Erlang/OTP SFTP server implementation (ssh_sftpd). The flaw stems from a component-agnostic prefix check that...
Microsoft's CVE-2025-32777 Mystery: When Security Updates Disappear from the Update Guide
Microsoft's Update Guide returned a \"page not found\" error for CVE-2025-32777, a critical vulnerability affecting Volcano, a Kubernetes batch system. The disappearance of this security advisory...
Microsoft patches CVE-2025-32778: Remote attackers can hijack systems via 9.8 severity API flaw.
Microsoft has confirmed a critical command injection vulnerability in the Web-Check Screenshot API, designated CVE-2025-32778. This security flaw allows attackers to execute arbitrary commands on...
CVE-2025-32776: OpenRazer Driver Vulnerability Exposes Linux Systems to Local Attacks
Microsoft's Security Update Guide returned no usable advisory when queried for CVE-2025-32776, revealing a significant gap in vulnerability tracking for cross-platform security issues. This empty...
Microsoft's Recall Controversy and Copilot Expansion Test Windows Users' Trust
Microsoft's AI-powered Recall feature has ignited a privacy firestorm that threatens to undermine user trust in Windows 11. The feature, which automatically captures screenshots of everything users...
CVE-2026-32249: Critical Vim NFA Regex NULL Pointer Vulnerability Patched in Version 9.2.0137
A newly assigned vulnerability identifier, CVE-2026-32249, exposes a critical NULL pointer dereference flaw in Vim's NFA regular expression engine affecting all versions prior to 9.2.0137. This...
CVE-2026-23943: Critical Pre-Auth SSH Vulnerability Threatens Windows Servers via zlib Inflate
A critical vulnerability designated CVE-2026-23943 exposes Windows servers running SSH services to pre-authentication denial-of-service attacks through an unbounded zlib inflation mechanism. The flaw...