Live
Microsoft Patches Active Directory DoS Flaw That Needs Only Low-Privilege Account·MSFT +0.1%Windows 11 July Update Patches Decade-Old Secure Boot Bootkit Vulnerability·NVDA +3.0%Microsoft Delivers Post-Quantum TLS to Windows, But Activation Is on You·GOOGL +1.2%Windows 11 25H2: The Official Media Creation Tool Gets You a Bootable USB or ISO — Here’s How·AMZN +2.9%Microsoft’s July 2026 Update Fixes Active Directory Certificate Services Flaw That Allows Remote Takeover—Patch Immediately·MSFT +0.1%New Windows Crypto Flaw Could Leak Sensitive Data Even From a Low-Privilege Account — Patch It Now·NVDA +3.0%Critical Hyper-V EoP Flaw Fixed: Here’s Why You Must Patch Windows Now·GOOGL +1.2%Microsoft Closes Win32k Privilege-Escalation Hole with July 2026 Patches·AMZN +2.9%Microsoft Patches Active Directory DoS Flaw That Needs Only Low-Privilege Account·MSFT +0.1%Windows 11 July Update Patches Decade-Old Secure Boot Bootkit Vulnerability·NVDA +3.0%Microsoft Delivers Post-Quantum TLS to Windows, But Activation Is on You·GOOGL +1.2%Windows 11 25H2: The Official Media Creation Tool Gets You a Bootable USB or ISO — Here’s How·AMZN +2.9%Microsoft’s July 2026 Update Fixes Active Directory Certificate Services Flaw That Allows Remote Takeover—Patch Immediately·MSFT +0.1%New Windows Crypto Flaw Could Leak Sensitive Data Even From a Low-Privilege Account — Patch It Now·NVDA +3.0%Critical Hyper-V EoP Flaw Fixed: Here’s Why You Must Patch Windows Now·GOOGL +1.2%Microsoft Closes Win32k Privilege-Escalation Hole with July 2026 Patches·AMZN +2.9%

Cve 2026 50490

The latest Cve 2026 50490 coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 2:18 PM
Latest Most Read Breaking
Sort
Active Directory · Cve-2026-50682

Microsoft Patches Active Directory DoS Flaw That Needs Only Low-Privilege Account

Microsoft's July 2026 Patch Tuesday addressed CVE-2026-50682, a denial-of-service vulnerability in Windows Active Directory that requires only a low-privilege authenticated account. The flaw can disrupt domain controllers over the network with low complexity and no user interaction. Administrators should prioritize deploying the cumulative updates listed in the article to protect directory services.

Security

Windows 11 July Update Patches Decade-Old Secure Boot Bootkit Vulnerability

Microsoft's July 2026 cumulative update KB5101650 for Windows 11 24H2 and 25H2 closes a decade-old Secure Boot bypass by revoking 11 vulnerable UEFI shim bootloaders. The update adds their hashes to the firmware's forbidden signature database, blocking an attacker technique that could load bootkits before the OS starts. Home users simply need to install the patch and keep Secure Boot on, while admins must check bootable media, deployment images, and offline systems to prevent operational surprises.

Security Desk·1m ago ·5 min
Security

New Windows Crypto Flaw Could Leak Sensitive Data Even From a Low-Privilege Account — Patch It Now

Microsoft's July 2026 Patch Tuesday includes a fix for CVE-2026-50681, a Windows Secure Channel vulnerability that could allow a low-privileged local attacker to leak sensitive information without user interaction. All Windows users should apply the update immediately, especially on shared systems and servers. While no active exploits are known, the high confidentiality impact makes prompt patching critical.

Security Desk·1m ago ·5 min
Security

Microsoft Delivers Post-Quantum TLS to Windows, But Activation Is on You

Microsoft’s July 2026 security update adds hybrid post-quantum key exchange to Windows 11 and Server 2025, but the three new ML-KEM groups ship disabled and require explicit admin configuration and TLS 1.3 to provide any quantum-resistant protection. Organizations must audit their TLS 1.2 footprint before they can use the new capability, making the patch a starting point rather than a finished defense.

Security Desk·1m ago ·5 min
Advertisement
CVE-2026-50688 · Patch Tuesday

Microsoft Closes Win32k Privilege-Escalation Hole with July 2026 Patches

Microsoft’s July 2026 security updates address a critical Win32k elevation-of-privilege flaw (CVE-2026-50688) that could let attackers take complete control of Windows systems. The patch covers all supported Windows versions, including Windows 10, 11, and Server. Home users and IT admins should apply the update immediately to block this local attack vector.

SE Security Desk·6m ago
CVE-2026-50680 · Hyper-V

Critical Hyper-V EoP Flaw Fixed: Here’s Why You Must Patch Windows Now

Microsoft's July 2026 security updates address CVE‑2026‑50680, a critical heap‑based buffer overflow in Windows Hyper‑V that allows a local, authenticated attacker to escalate privileges and potentially compromise the host. With a CVSS score of 8.2, low attack complexity, and high impact, the flaw affects a wide range of Windows client and server versions. This article explains the vulnerability, its practical implications, and provides step‑by‑step patching guidance for home users and enterprise administrators.

SE Security Desk·6m ago
Windows Server · AD FS

July Windows Updates Shut Down XSS Vulnerability in AD FS That Could Aid Identity Spoofing

Microsoft's July 14, 2026 cumulative updates patch CVE-2026-50684, a cross-site scripting flaw in Active Directory Federation Services. The Medium-severity vulnerability requires high privileges but could allow authenticated attackers to spoof AD FS pages and trick users. Administrators should patch all federation server nodes immediately, as the fix is delivered through Windows builds and cannot be achieved through configuration changes alone.

SE Security Desk·11m ago
CVE-2026-50679 · Windows Search Vulnerability

Windows Search Buffer Overflow Threatens Systems — New Patch Fixes Privilege Escalation Risk

CVE-2026-50679 is a heap-based buffer overflow in the Windows Search component that can grant attackers system-level privileges once they have a toehold on a machine. Microsoft's July 2026 patches fix the bug on Windows 11 24H2/25H2/26H1 and Windows Server 2025. The vulnerability requires local access but no user interaction, making it a potent tool for post-compromise escalation. Users should apply the cumulative updates immediately and verify build numbers.

SE Security Desk·11m ago
CVE 2026 54115 · Msmq Vulnerability

CVE-2026-54115: Microsoft Patch Fixes Windows Elevation Flaw With an Identity Crisis

Microsoft's July 2026 Patch Tuesday addresses CVE-2026-54115, a 7.8-rated elevation-of-privilege vulnerability, but conflicting descriptions label it as both an MSMQ and an Active Directory flaw. The fix is inside the latest cumulative updates; administrators must deploy immediately and verify by OS build rather than relying on scanner product names. No active exploitation has been reported, but the confusion demands a broader patching scope until Microsoft clarifies the affected component.

SE Security Desk·16m ago
CVE-2026-50677 · Windows 11

Windows 11 Media Vulnerability Demands Immediate Patch—Low-Privilege Attackers Could Gain Full Control

Microsoft's July 2026 cumulative updates fix a high-severity use-after-free bug (CVE-2026-50677) in Windows Media that allows local low-privilege attackers to gain full system control on Windows 11. Home users should install KB5101650 (24H2/25H2) or KB5101649 (26H1) immediately, while administrators need to prioritize shared workstations and confirm build thresholds. There are no workarounds; the patch is the only fix.

SE Security Desk·16m ago
CVE-2026-50673 · Windows Kernel

Urgent Windows patch blocks kernel flaw that gives attackers SYSTEM access—check your build now

Microsoft's July 2026 security updates fix a high-severity Windows kernel privilege escalation flaw (CVE-2026-50673) that allows local attackers to gain SYSTEM control. The TOCTOU race condition affects all supported Windows and Server versions, and while no in-the-wild exploitation is reported, administrators should verify build numbers and apply the patch promptly, especially on multi-user machines.

SE Security Desk·21m ago
Patch Tuesday · Privilege Escalation

Windows 11 July Update Patches Hidden USB Print Driver Risk—Here’s Why You Must Install It

Microsoft’s July 14, 2026 security update patches CVE-2026-50674, a use-after-free vulnerability in the Windows USB Print Driver that could allow a low-privileged attacker to gain SYSTEM access. The flaw affects Windows 11 and Windows Server 2025, even on machines without a USB printer attached, and the fix is included in July’s cumulative updates. Users and admins should verify their OS build numbers and prioritize patching multi-user systems and print servers.

SE Security Desk·21m ago
CVE-2026-50672 · NTFS Vulnerability

July 2026 Patch Tuesday Kills NTFS Flaw That Gives Attackers Full Control – Update Now

The July 2026 Patch Tuesday updates fix CVE-2026-50672, a critical NTFS privilege escalation vulnerability that allows local attackers to gain full system control. While no exploits have been seen in the wild, the high-impact flaw affects all supported Windows versions and demands immediate patching. Administrators should verify build numbers and prioritize multi-user and server systems to close the attack surface before proof-of-concept code emerges.

SE Security Desk·25m ago