Active Directory
The latest Active Directory coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Patches Active Directory DoS Flaw That Needs Only Low-Privilege Account
On July 14, 2026, Microsoft shipped a security update for CVE-2026-50682, a vulnerability in Windows Active Directory that lets an authenticated user with minimal privileges crash or destabilize...
Microsoft’s July 2026 Update Fixes Active Directory Certificate Services Flaw That Allows Remote Takeover—Patch Immediately
Microsoft shipped a critical patch on July 14, 2026, for a privilege-escalation vulnerability in Active Directory Certificate Services (AD CS) that could allow an attacker with a basic domain account...
KB5099536 Fixes a Remote DoS Hole That Can Knock Windows Server 2025 DCs Offline
Microsoft’s July 14, 2026 security update addresses a vulnerability that lets an unauthenticated attacker crash a Windows Server 2025 domain controller from the network. The flaw, tracked as...
Patch Your DCs: July 2026 Windows Update Stops Authenticated DoS Attacks
Microsoft’s July 14, 2026 Patch Tuesday brought a fix for a denial-of-service vulnerability in Active Directory Domain Services that can let an authenticated attacker remotely crash a domain...
Patch Your Domain Controllers Now: Microsoft Fixes Active Directory RCE That Can Hijack Entire Networks
On July 14, 2026, Microsoft released a security update for a critical vulnerability in Windows Active Directory Domain Services (AD DS) that could allow a remote attacker to take over a domain...
Active Directory Denial-of-Service Flaw Emerges: How to Prepare Before Patches Arrive
On July 14, 2026, at 7:00 a.m. Pacific time, Microsoft published CVE-2026-57976, a security vulnerability it describes as "Windows Active Directory Domain Services Denial of Service Vulnerability."...
Unauthenticated Active Directory Loops Force Emergency Patching – CVE-2026-54119
On July 14, 2026, Microsoft released its monthly security update, and among the patches is a fix for CVE-2026-54119, a vulnerability that allows attackers to crash Windows Active Directory servers...
Microsoft Patches Active Directory Flaw That Could Let Attackers Seize Higher Privileges – Why Your Domain Controllers Need the July 2026 Update Now
Microsoft pushed out fixes for a new Active Directory elevation-of-privilege vulnerability on July 14, 2026, tagging it as Important and urging admins to patch domain controllers running Windows...
Microsoft Drops Critical Active Directory Patch — Here’s How to Deploy It Fast and Safely
Microsoft pushed out a critical fix for Windows Active Directory Domain Services on July 14, targeting a remote code execution vulnerability that could hand an attacker the keys to your entire...
Prepare Now: Microsoft Permanently Removes Kerberos RC4 Rollback on July 14
Microsoft’s July 14, 2026 cumulative updates will strip out the long‑standing Kerberos RC4 rollback control from all supported Windows Server domain controllers. At the same time, administrators...
Netwrix 1Secure launches instant Copilot risk scans as AI governance pressures mount
Netwrix, a Frisco, Texas-based cybersecurity vendor specializing in data security and identity governance, today announced a significant expansion of its 1Secure SaaS platform aimed at addressing the...
CVE-2026-42903: Critical Kerberos Denial-of-Service Flaw Patched – Update Windows Domain Controllers Immediately
Microsoft has released a security update that patches CVE-2026-42903, a denial-of-service vulnerability in the Kerberos authentication protocol, as part of the June 2026 Patch Tuesday cycle. The...