Os Vulnerability
The latest Os Vulnerability coverage — news, analysis, and updates from the WindowsNews.AI desk.
Linux Live USB: Your Emergency Toolkit for Rescuing Windows PCs from Crashes and Malware
A Linux live USB is an essential emergency tool for Windows users, enabling data recovery, offline malware removal, and system repair when Windows fails to boot. This article explains how to create such a rescue disk, boot from it, and use it to access files, scan for viruses, fix bootloaders, and more. With minimal effort, a Linux live USB can save irreplaceable data and neutralize threats that render Windows unusable.
CISA Sounds Alarm on Unpatched Mitsubishi Electric DoS Flaw in All FX5-ENET/IP Modules
CISA has republished an advisory for CVE-2026-8806, a high-severity denial-of-service flaw in all versions of Mitsubishi Electric’s FX5-ENET/IP Ethernet module. With no vendor patch available, attackers can remotely crash the module by sending crafted EtherNet/IP packets, halting industrial processes. Organizations are urged to implement network segmentation, traffic filtering, and strict access controls to mitigate the risk until a firmware fix is released.
CISA Alert: Schneider Electric OT Gear Vulnerable to Session Prediction Attacks (CVE-2026-4827)
On June 18, 2026, CISA released ICS advisory ICSA-26-169-07 detailing CVE-2026-4827, an insufficient session entropy vulnerability affecting Schneider Electric’s Easergy, EcoStruxure, PowerLogic, and Saitel products. The flaw allows attackers to hijack authenticated sessions, potentially disrupting critical power automation operations. Schneider Electric has released firmware updates and mitigations; CISA urges immediate patching.
Mitsubishi Electric Patches Critical CVE-2026-8805 DoS Vulnerability in FX5-EIP EtherNet/IP Modules
On June 18, 2026, Mitsubishi Electric and CISA disclosed a denial-of-service vulnerability (CVE-2026-8805) in MELSEC iQ-F FX5-EIP modules running firmware 1.000 or earlier. The remotely exploitable flaw can disrupt industrial communications; users must upgrade to firmware version 1.001 immediately and implement network defenses to protect operational technology environments.
CISA Flags Critical Authentication Bypass and DoS Flaws in Rockwell FactoryTalk Historian
CISA has republished Rockwell Automation's advisory on three vulnerabilities in FactoryTalk Historian Site Edition, including a critical authentication bypass with a CVSS 9.8 score and two denial-of-service flaws. The vulnerabilities affect version 11 and earlier and could allow remote attackers to gain full control or crash the historian—a core OT data repository. Patches are available, and asset owners are urged to apply them immediately while implementing network segmentation and other defense-in-depth measures.
Unpatched DAQFactory Type-Confusion Bug Turns .ctl Files into Code Execution Weapons
CISA issued advisory ICSA-26-169-02 on June 18, 2026, warning that DAQFactory versions 21.1 and earlier contain a type-confusion flaw (CVE-2026-12390) that allows malicious .ctl project files to execute arbitrary code on Windows. Industrial organizations should immediately apply vendor patches or enforce strict file handling policies to mitigate the risk.
CVE-2026-6865: Schneider Electric’s EasyLogic and Saitel RTUs Exposed to File Theft via Path Traversal Bug
Schneider Electric and CISA have issued a high-severity alert for CVE-2026-6865, a path traversal vulnerability in EasyLogic T150 and Saitel DP RTU firmware that allows authenticated users to read arbitrary files. Patches are available, and critical infrastructure operators are urged to upgrade immediately to prevent file theft and potential network compromise. A low-complexity attack vector and widespread device deployment make this a pressing OT security concern.
CISA Flags Critical 9.8-Severity Code Execution Flaw in AVer PTC Cameras Used Worldwide
CISA has issued an urgent advisory for CVE-2026-40624, a critical 9.8-severity flaw in AVer PTC cameras that enables remote code execution. The cameras are used globally in government, commercial, and healthcare settings, and the vulnerability could allow attackers to take full control of devices, potentially pivoting to Windows-based networks. Organizations are urged to isolate affected cameras and prepare for firmware patches.
Patch Now: CISA Confirms Active Exploitation of Splunk CVE-2026-20253
CISA has added CVE-2026-20253, a critical missing-authentication vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. Federal agencies have a tight deadline to patch, and all Windows-based Splunk deployments should take immediate steps to restrict access, monitor for compromise, and apply the vendor patch as soon as it becomes available.
Apollo Glucose Meter's Bluetooth Holes Could Leak Sensitive Health Data, CISA Warns
CISA's June 2026 medical advisory warns that the Apollo APG-01 BT glucose meter has two Bluetooth vulnerabilities in firmware version 0x0110_v1.1.0 that could expose sensitive health data. Patients and Windows users syncing data with this device should immediately disable Bluetooth, avoid public use, and monitor for a vendor patch to prevent data interception.
KB5094122 Update for Windows Server 2016 Fixed: Prerequisite KB5087537 Required to Prevent 0x80070002 Error
Microsoft fixed a servicing issue that caused KB5094122 installation to fail with error 0x80070002 on Windows Server 2016 when the May 2026 update KB5087537 was missing. The fix enforces the prerequisite order, ensuring seamless patching. Administrators should deploy KB5087537 first to avoid the error.
KB5095051 for Windows 11 26H1 Blocks Office App Launches — Microsoft Rushes Admin Fix
Microsoft confirms that the June 9, 2026 cumulative update KB5095051 for Windows 11 26H1 (build 28000.2269) prevents Microsoft Office applications from launching when invoked programmatically in enterprise configurations. A registry workaround temporarily disables the problematic certificate check, while IT admins are urged to pause deployment and test thoroughly until an official re-release is available.
Server Backup Showdown 2026: Datto SIRIS, Unitrends, and Veeam Lead the Pack
A 2026 industry ranking identifies Datto SIRIS as the top choice for MSP-led business continuity, Unitrends for self-managed SMB and mid-market backup, and Veeam for enterprise-class virtualization recovery. Each platform excels in its operating model, with ransomware resilience and application-aware recovery being critical differentiators.