Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
Secure Boot Certificate Rotation 2023: Critical Windows Update Guide
Microsoft's Secure Boot infrastructure is undergoing a critical trust anchor replacement in 2023, marking one of the most significant security updates to Windows boot processes in nearly a decade....
Microsoft Patches Windows Admin Center Zero-Day CVE-2026-20965 Granting SYSTEM Access
Microsoft has issued a critical security update addressing a newly discovered elevation-of-privilege vulnerability in Windows Admin Center (WAC) that could allow authenticated local attackers to gain...
CVE-2026-20962: Windows DRTM Security Flaw Exposes Local Information Disclosure Risk
Microsoft has disclosed a significant security vulnerability in Windows systems that could allow local attackers to access sensitive information through an uninitialized resource flaw in the Dynamic...
CVE-2026-20803: Critical SQL Server Authentication Bypass Vulnerability Analysis
Microsoft has disclosed a critical elevation-of-privilege vulnerability in SQL Server, designated CVE-2026-20803, that allows attackers to bypass authentication mechanisms and gain unauthorized...
CISA Adds Critical Gogs Vulnerability CVE-2025-8110 to KEV Catalog: Immediate Action Required
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its warning about a critical vulnerability in Gogs, the popular open-source self-hosted Git service, by adding CVE-2025-8110...
Chromium 143 ships CVE-2026-0628 fix for Edge and Chrome WebView bypass.
A critical security vulnerability in the Chromium engine, tracked as CVE-2026-0628, has been patched by Google and Microsoft, affecting millions of users across Chrome, Microsoft Edge, and the...
CVE-2025-1220: Critical Azure Linux & PHP Vulnerability Analysis
Microsoft has disclosed a significant security vulnerability affecting Azure Linux distributions and PHP applications, designated CVE-2025-1220, which exposes systems to potential exploitation...
CVE-2025-9901: Libsoup Cache Vulnerability Threatens Web Security
A critical vulnerability in the GNOME HTTP client library, Libsoup, has been assigned CVE-2025-9901, exposing potential cache confidentiality issues across numerous Linux distributions and...
Critical Hitachi Asset Suite Vulnerability (CVE-2025-10492): JasperReports RCE Threat Analysis
A critical security vulnerability has been discovered in Hitachi Energy's Asset Suite software that could allow attackers to execute arbitrary code on affected systems. Designated as CVE-2025-10492,...