Live
When You Delete a File on Windows in 2026, It Might Go to Four Different Places – Here’s How to Get It Back·MSFT +0.1%Microsoft’s 365 Copilot Now Serves Excel, Outlook AI Prompts on Homegrown MAI Models·NVDA +3.0%How Microsoft's Photos App Became Your AI-Powered Image Command Center·GOOGL +1.2%CISA Orders Agencies to Patch Actively Exploited Adobe ColdFusion Path Traversal Flaw·AMZN +2.9%Mesa 26.2 Brings Experimental AV1 Encoding to WSL — Here’s What You Need to Know·MSFT +0.1%OpenSSH 10.4 Security Update Patches 8 Vulnerabilities, Adds Post-Quantum Crypto·NVDA +3.0%Windows 11 26H2 Will Automatically Back Up Settings on Entra PCs — Admins Must Opt Out·GOOGL +1.2%Black Ops 6 Xbox Store Listing Reveals Day-One Game Pass Launch, Round-Based Zombies, and Cross-Gen Confusion·AMZN +2.9%When You Delete a File on Windows in 2026, It Might Go to Four Different Places – Here’s How to Get It Back·MSFT +0.1%Microsoft’s 365 Copilot Now Serves Excel, Outlook AI Prompts on Homegrown MAI Models·NVDA +3.0%How Microsoft's Photos App Became Your AI-Powered Image Command Center·GOOGL +1.2%CISA Orders Agencies to Patch Actively Exploited Adobe ColdFusion Path Traversal Flaw·AMZN +2.9%Mesa 26.2 Brings Experimental AV1 Encoding to WSL — Here’s What You Need to Know·MSFT +0.1%OpenSSH 10.4 Security Update Patches 8 Vulnerabilities, Adds Post-Quantum Crypto·NVDA +3.0%Windows 11 26H2 Will Automatically Back Up Settings on Entra PCs — Admins Must Opt Out·GOOGL +1.2%Black Ops 6 Xbox Store Listing Reveals Day-One Game Pass Launch, Round-Based Zombies, and Cross-Gen Confusion·AMZN +2.9%

Cve 2026 48192

The latest Cve 2026 48192 coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 9:45 PM
Latest Most Read Breaking
Sort
Adobe ColdFusion · CISA KEV

CISA Orders Agencies to Patch Actively Exploited Adobe ColdFusion Path Traversal Flaw

CISA added CVE-2026-48282, a critical path traversal vulnerability in Adobe ColdFusion, to its Known Exploited Vulnerabilities catalog on July 7, 2026, due to active exploitation. Federal agencies must patch within two weeks, but all organizations should treat this as an emergency. The article provides practical steps for system administrators to patch, detect intrusions, and implement compensating controls.

Security

OpenSSH 10.4 Security Update Patches 8 Vulnerabilities, Adds Post-Quantum Crypto

OpenSSH 10.4, released July 6, 2026, contains fixes for eight security vulnerabilities across its client, server, and file transfer tools, and introduces experimental post-quantum signature algorithms. Windows users running the built-in optional feature or standalone Win32-OpenSSH should update immediately to protect against potential exploits, while the quantum-resistant authentication feature offers a preview of future cryptographic defenses.

Security Desk·1h ago ·5 min
Security

Siemens Demands Immediate Patching of RUGGEDCOM Switches as SINEC OS Flaw Gets 9.8 CVSS Score

Siemens has released SINEC OS version 4.0 to fix a critical 9.8 CVSS vulnerability in its RUGGEDCOM RST2428P industrial switches, disclosed June 2, 2026, and republished by CISA on July 7, 2026. The flaw allows remote attackers to compromise unpatched devices, demanding immediate action from OT operators to protect critical infrastructure.

Security Desk·3h ago ·5 min
Security

CISA Warns Engineers: Proteus 9.1 SP4 Memory Bugs Expose Windows Workstations—Update Immediately

CISA's July 7, 2026 advisory highlights critical memory-safety flaws in Labcenter's Proteus 9.1 SP4 design software. The vulnerabilities can lead to information disclosure on Windows workstations, risking intellectual property theft. Users must update to version 9.2 SP0 and apply workstation hardening to mitigate attacks.

Security Desk·3h ago ·5 min
Advertisement
CVE-2026-42945 · NGINX Vulnerability

Critical NGINX Heap Overflow in Hitachi Energy EMS Puts Grid Operators at Risk — What Windows Admins Need to Know

CVE-2026-42945 is a critical heap-based buffer overflow in the NGINX component of Hitachi Energy's e-mesh EMS, affecting versions 4.1.6, 4.4.2, and 4.7.0. Exploitation can crash services and potentially lead to remote code execution, threatening grid monitoring and control. Windows administrators managing OT infrastructure must inventory affected systems, apply vendor patches or mitigations, and harden surrounding defenses to protect critical energy infrastructure.

SE Security Desk·3h ago
CISA Advisory · Hitachi Energy

Energy Sector on Alert: Hitachi Energy’s PROMOD V Exposes Data in Plain Text — Upgrade and Lock Down Now

CISA warned on July 7, 2026, that Hitachi Energy’s PROMOD V asset management software up to version 1.0.10 transmits data over unencrypted HTTP, risking eavesdropping in energy-sector networks. Upgrade to version 1.0.11 and manually enable HTTPS to secure communications.

SE Security Desk·3h ago
CVE-2025-3659 · Digi Device Servers

CISA Issues Urgent Warning on Digi Serial Device Server Authentication Bypass — Patch Now

CISA warns that Digi serial device servers contain a critical authentication bypass allowing unauthenticated administrative access. The flaw affects multiple models running pre-2025 firmware, posing a serious risk to industrial networks. Administrators must immediately check firmware versions and apply updates to prevent potential exploitation.

SE Security Desk·3h ago
CISA Advisory · EV Charging Security

CISA Flags Critical Flaws in Major EV Charging Network — What Drivers and Operators Must Do Now

CISA issued an advisory on July 7, 2026, warning that vulnerabilities in Hydro-Québec's Le Circuit Électrique EV charging backend could lead to privilege escalation or denial-of-service attacks. The flaws affect the cloud platform managing over 3,500 stations in Quebec, with no known exploits yet. Consumers face minimal immediate risk, but operators should prepare for patches and review network security.

SE Security Desk·3h ago
Cve-2026-48192 · Mendix Studio Pro

Critical Mendix Studio Pro Vulnerability Allows Code Execution via Malicious Project Files

Siemens and CISA disclosed CVE-2026-48192, a critical remote code execution flaw in Mendix Studio Pro that can be triggered by opening a malicious project file. All users must update to version 11.12 or specific maintenance hotfixes immediately to prevent compromise of Windows development machines.

SE Security Desk·3h ago
Intune · Defender For Endpoint

Microsoft Intune Extends Security Policies to Unenrolled Defender for Endpoint Devices

Microsoft Intune can now enforce endpoint security policies on devices that are onboarded to Defender for Endpoint but not enrolled in Intune, simplifying security for servers, BYOD, and contractor PCs. The change eliminates the need for full MDM enrollment for antivirus, firewall, and attack surface reduction settings. IT admins can assign policies directly from the Intune admin center and should verify licensing and clean up conflicting Group Policy objects.

SE Security Desk·4h ago
Windows 10 · ESU

Microsoft Slips Windows 10 Another Year: Consumer Security Patches Now Until Late 2027

Microsoft has quietly extended the consumer Windows 10 Extended Security Updates (ESU) program through October 12, 2027—one year beyond the original cutoff. The move gives households and small businesses extra time to patch aging hardware before migrating, but it also raises questions about the company's long-term upgrade strategy.

SE Security Desk·5h ago
Microsoft Partner Merger · Smb It Services

Microsoft Partners Lumen21, L&L, and TechWise Merge Into National IT Powerhouse

Lumen21, L&L Consulting Services, and TechWise Group merged on July 7, 2026, creating a national Microsoft partner that aims to deliver end-to-end IT services for SMB and mid-market businesses. The combined firm brings together cloud migration, cybersecurity, Dynamics 365 ERP, and managed services under one roof, and clients should review their support agreements and explore how the expanded capabilities can simplify their technology stacks.

SE Security Desk·5h ago
Windows 10 · ESU

Windows 10 Home Users Get Security Updates Until October 2027: What the Silent ESU Extension Means for You

Microsoft has extended the Consumer ESU program for Windows 10 until October 12, 2027, giving enrolled users an extra year of security patches. The quiet update means home users can safely delay upgrading for two years total, though they should still plan for eventual migration to a modern OS.

SE Security Desk·6h ago