Articles from 2026
Browse all Windows news articles published in 2026
CVE-2026-26144: Excel XSS Vulnerability Enables Zero-Click Data Exfiltration
Microsoft's March 2026 Patch Tuesday addresses a critical Excel vulnerability that fundamentally changes how security researchers view spreadsheet threats. CVE-2026-26144, a cross-site scripting flaw...
Microsoft Patches Critical Arc Hybrid Worker Extension Vulnerability CVE-2026-26141 Affecting Windows VMs
Microsoft has assigned CVE-2026-26141 to a newly disclosed Elevation-of-Privilege (EoP) vulnerability in the Hybrid Worker Extension used on Arc-enabled Windows virtual machines. This security flaw,...
CVE-2026-26130: Critical ASP.NET Core DoS Vulnerability Patched in March 2026 Updates
Microsoft's March 10, 2026 security updates contain a targeted fix for a denial-of-service vulnerability in ASP.NET Core tracked as CVE-2026-26130. This patch addresses a specific weakness that could...
NetApp ONTAP OneLake Integration Enables In-Place NAS AI Analytics Without Data Migration
NetApp's Cloud Volumes ONTAP entered public preview on March 10, 2026, with a specific integration for Microsoft OneLake that allows enterprises to analyze existing NAS-hosted data directly through...
March 2026 Patch Tuesday brings SHA-3 Secure Boot switch and built-in Sysmon to Windows 11
Microsoft's March 2026 Patch Tuesday for Windows 11 delivers more than security fixes. KB5079473, applying to Builds 26200.8037 and 26100.8037, introduces two significant changes: a transition to...
Windows 11 March 2024 Patch Tuesday KB5079473: Sysmon Integration and Secure Boot Changes Analyzed
Microsoft's March 2024 Patch Tuesday delivered KB5079473, a cumulative update that brings System Monitor (Sysmon) directly into Windows 11 while implementing significant Secure Boot changes through...
Microsoft Authenticator Vulnerability CVE-2026-26123: Security Update Analysis and User Impact
Microsoft's March 10, 2026 security update addresses a newly discovered vulnerability in the Microsoft Authenticator mobile application, designated CVE-2026-26123. This information disclosure flaw...
Microsoft Patches Critical Azure MCP SSRF Vulnerability CVE-2026-26118 in March 2026 Security Update
Microsoft released security updates on March 10, 2026 addressing CVE-2026-26118, a high-severity elevation-of-privilege vulnerability in the Azure Model Context Protocol (MCP) Server Tools family....
CVE-2026-26117 lets low-privilege users hijack Azure Arc agents, escalate to SYSTEM, and take over cloud identities.
Microsoft has disclosed a critical vulnerability in the Azure Arc Connected Machine agent for Windows that enables local privilege escalation and cloud identity takeover. CVE-2026-26117 represents a...
Senate Approves ChatGPT and AI Tools for Staff with Security Protocols
The U.S. Senate has authorized staff to use ChatGPT and other generative AI tools in official work, marking a significant shift in government technology policy. This decision follows months of...
Microsoft Office CVE-2026-26110: Remote Code Execution Vulnerability with Local Attack Vector Explained
Microsoft's security advisory for CVE-2026-26110 presents a confusing picture: a Remote Code Execution vulnerability in Microsoft Office with a CVSS Attack Vector listed as Local (AV:L). This...
CVE-2026-26109: Microsoft Excel's Remote Delivery, Local Execution Vulnerability Explained
Microsoft's security advisory for CVE-2026-26109 describes it as a "Microsoft Excel Remote Code Execution Vulnerability" while simultaneously listing the attack vector as "Local" in its CVSS...