Windows Security Updates
The latest Windows Security Updates coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Patches CVE-2026-48575 Secure Boot Bypass in June 2026 Update
Microsoft has patched a critical Secure Boot bypass vulnerability tracked as CVE-2026-48575, issuing fixes in its June 2026 Patch Tuesday update. The flaw, rated Important, allows a locally...
CVE-2026-48568 Windows Secure Boot Bypass Fixed in June 2026 Patch Tuesday
Microsoft disclosed CVE-2026-48568 on June 9, 2026, an Important-rated Secure Boot security feature bypass that allows a local authenticated attacker to circumvent critical boot-time protections. The...
Microsoft Patches Critical Kinect Flaw Allowing Local Privilege Escalation to SYSTEM
Microsoft released a security update on June 9, 2026, addressing CVE-2026-41092, an Important-rated elevation-of-privilege vulnerability in Microsoft Kinect. The flaw stems from improper access...
Patch CVE-2026-45656 Now: Windows UEFI Secure Boot Bypass Fix Released
Microsoft’s June 2026 Patch Tuesday landed on June 9, bringing with it a critical security fix for a UEFI Secure Boot bypass vulnerability tracked as CVE-2026-45656. Rated Important, the flaw...
CVE-2026-45641: Critical Hyper-V Guest-to-Host RCE Flaw Patched—Apply a Fix Now
Microsoft has released emergency security updates to address CVE-2026-45641, a critical remote code execution vulnerability in Windows Hyper-V that allows an attacker who compromises a single guest...
CVE-2026-45607 Hyper-V RCE: Apply June Patch Tuesday Fix Now
Microsoft patched a critical remote code execution (RCE) vulnerability in Windows Hyper-V during the June 2026 Patch Tuesday release. The flaw, tracked as CVE-2026-45607, allows an attacker to...
Microsoft fixes OpenTelemetry DoS bug with 4 MiB HTTP limit
Microsoft’s Security Update Guide now includes an entry for CVE-2026-39882, a denial-of-service vulnerability that affects the Go implementation of the OpenTelemetry Protocol (OTLP) HTTP exporters....
Classic 7 Reskin Gives Windows 10 LTSC 2021 a Full Windows 7 Makeover
A fan-made project called Classic 7 is turning heads in May 2026 by retrofitting Windows 10 IoT Enterprise LTSC 2021 with the complete look, feel, and workflow of Windows 7. The modification, which...
CVE-2026-40382: Critical Elevation of Privilege Flaw in Windows Telephony Service Patched
Microsoft’s May 2026 Patch Tuesday rollout brought a fix for CVE-2026-40382, an elevation-of-privilege vulnerability buried in the Windows Telephony Service. The disclosure, published in the...
Microsoft Patches High-Severity DWM Information Disclosure Flaw (CVE-2026-34336) in May 2026 Update
Microsoft closed out its May 12, 2026 security update cycle with a fix for CVE-2026-34336, a local information disclosure vulnerability in the Windows Desktop Window Manager (DWM) core library. The...
Windows CLFS Zero-Day Gets Critical Patch: May 2026 Tuesday Fix Now Live
Microsoft's May 2026 Patch Tuesday brought a fix for CVE-2026-40407, a local privilege escalation vulnerability in the Windows Common Log File System (CLFS) driver. The flaw, rated Important, allows...
Patch Now: CVE-2026-40377 CryptoAPI EoP Hits Windows CryptSvc
Microsoft has published CVE-2026-40377, a critical elevation-of-privilege vulnerability in Windows Cryptographic Services, in its Security Update Guide on May 12, 2026. The advisory includes a new...