Live
Microsoft Drops a Sparse Windows Admin Center Spoofing Advisory—Here’s What to Do Now·MSFT +0.1%622 Fixes in Microsoft’s July Patch Tuesday, But Two Critical Exploits Require Immediate Action·NVDA +3.0%CVE-2026-47305: Visual Studio Remote Code Execution Threat Demands Immediate Update·GOOGL +1.2%Critical Windows Admin Center Flaw Exposed Servers to Takeover — Update Now·AMZN +2.9%Windows Admin Center 2.7.4 Closes Critical RCE Hole: Here’s Your Urgent Patch Checklist·MSFT +0.1%Microsoft Patches MSXML Flaw That Could Let Attackers Seize Admin Control on Windows·NVDA +3.0%Microsoft’s July Update Resolves Recycle Bin’s Alarming $R Filename Glitch·GOOGL +1.2%July SharePoint Patches Close Critical Auth Bypass; August Will Bring More·AMZN +2.9%Microsoft Drops a Sparse Windows Admin Center Spoofing Advisory—Here’s What to Do Now·MSFT +0.1%622 Fixes in Microsoft’s July Patch Tuesday, But Two Critical Exploits Require Immediate Action·NVDA +3.0%CVE-2026-47305: Visual Studio Remote Code Execution Threat Demands Immediate Update·GOOGL +1.2%Critical Windows Admin Center Flaw Exposed Servers to Takeover — Update Now·AMZN +2.9%Windows Admin Center 2.7.4 Closes Critical RCE Hole: Here’s Your Urgent Patch Checklist·MSFT +0.1%Microsoft Patches MSXML Flaw That Could Let Attackers Seize Admin Control on Windows·NVDA +3.0%Microsoft’s July Update Resolves Recycle Bin’s Alarming $R Filename Glitch·GOOGL +1.2%July SharePoint Patches Close Critical Auth Bypass; August Will Bring More·AMZN +2.9%

Microsoft Security

The latest Microsoft Security coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 3:45 PM
Latest Most Read Breaking
Sort
Cve 2026 58643 · Microsoft Security

Microsoft Drops a Sparse Windows Admin Center Spoofing Advisory—Here’s What to Do Now

On July 16, 2026, Microsoft published CVE-2026-58643, a spoofing vulnerability in Windows Admin Center—but the advisory is strikingly thin on details. The official entry provides no affected...

Advertisement
Cve 2026 56196 · Microsoft Security

Windows Admin Center 2.7.4 Closes Critical RCE Hole: Here’s Your Urgent Patch Checklist

Microsoft has shipped Windows Admin Center build 2.7.4 to shut down CVE-2026-56196, a remote code execution vulnerability that lets an authenticated attacker compromise the management tool and...

SE Security Desk·2d ago
Cve-2026-50359 · Microsoft Security

Microsoft Patches MSXML Flaw That Could Let Attackers Seize Admin Control on Windows

Microsoft shipped a fix on July 14, 2026 for CVE-2026-50359, a high-severity vulnerability in Microsoft XML Core Services that allows a locally authenticated attacker to escalate privileges on...

SE Security Desk·2d ago
Microsoft Security · Recycle Bin

Microsoft’s July Update Resolves Recycle Bin’s Alarming $R Filename Glitch

If you permanently deleted a file from the Recycle Bin last month and saw a prompt asking to confirm deletion of something like “$R7A3B2C.doc” instead of your actual document name, you weren’t...

SE Security Desk·2d ago
Cve 2026 55040 · Microsoft Security

July SharePoint Patches Close Critical Auth Bypass; August Will Bring More

On July 14, 2026, Microsoft pushed out security updates that fix CVE-2026-55040, a critical authentication-bypass vulnerability in on‑premises SharePoint Server. The flaw, rated CVSS 9.1, lets a...

SE Security Desk·2d ago
Excel Vulnerability · Microsoft Security

Microsoft Patches Excel Remote Code Flaw CVE-2026-55137—Here’s What You Need to Do Now

On July 14, 2026, Microsoft shipped security updates that close a heap-based buffer overflow in Excel that lets attackers hijack computers through booby-trapped spreadsheets. The vulnerability,...

SE Security Desk·2d ago
Microsoft Security · Office Updates

Microsoft Patches Office and SharePoint Flaw That Could Leak Confidential Data via Local Attack

Microsoft’s July 14, 2026 security release patches an information-disclosure vulnerability that affects Microsoft 365 Apps, every supported perpetual Office release, Office for Mac, and on-premises...

SE Security Desk·2d ago
Azure Active Directory · Denial Of Service

Microsoft Warns of Azure AD Infinite-Loop Flaw Triggered by Unauthenticated Attackers

Microsoft disclosed CVE-2026-50653 on July 14, 2026, an “Important” denial-of-service vulnerability in Azure Active Directory components that anyone can trigger remotely – no account, password,...

SE Security Desk·3d ago
Cve 2026 58647 · Microsoft Security

Power BI Report Server's XSS Fix Requires a Specific Build—Your Last Update May Not Be Enough

Microsoft has patched an important-rated cross-site scripting vulnerability in Power BI Report Server that could allow an authenticated attacker to inject malicious scripts into the portal. The fix...

SE Security Desk·3d ago