Zero Day
The latest Zero Day coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft's 570-Fix Patch Tuesday: Two Zero-Days Exploited, BitLocker Bypass Disclosed
On July 14, Microsoft unloaded a record-breaking 570 security fixes across its product portfolio — the largest Patch Tuesday in the company’s history. Two of the vulnerabilities are zero-days...
200 RCE bugs in June Patch Tuesday—patch Windows, Office, Azure now
Microsoft dropped its June 2026 Patch Tuesday release on June 9, packing fixes for roughly 200 disclosed vulnerabilities spanning Windows, Office, Azure, Exchange Online, Microsoft Graph, SQL Server,...
March 2026 Patch Tuesday Delivers Critical Security Updates with Zero-Day Fixes and EoP Vulnerabilities
Microsoft's March 2026 Patch Tuesday has arrived with urgent security updates addressing multiple zero-day vulnerabilities and elevation of privilege flaws. The updates require immediate attention...
Microsoft Patches Critical LNK Shortcut Vulnerability CVE-2025-9491: UI Now Exposes Hidden Commands
Microsoft has finally addressed a critical security vulnerability in Windows shortcut handling that has been exploited by nation-state actors and cybercriminals for years, fundamentally changing how...
Windows 11 24H2 November Update Patches 60 Flaws, Two Zero-Days Exploited
Microsoft's November 2024 Patch Tuesday delivers crucial security updates and stability improvements for Windows 11 24H2 users, addressing multiple vulnerabilities including actively exploited...
Microsoft October 2025 Patch Tuesday: 172 Fixes Including 6 Zero-Day Vulnerabilities
Microsoft's October 2025 Patch Tuesday has arrived with unprecedented scale, addressing a staggering 172 security vulnerabilities across the Windows ecosystem and related products. This massive...
Critical Exchange Hybrid flaw CVE-2025-53786 enables privilege escalation in email systems
A newly discovered elevation of privilege vulnerability in Microsoft Exchange Hybrid environments has security professionals scrambling to understand the implications and implement protective...
Google Patches a High-Severity WebGPU Flaw in Chrome – Here’s Why Edge Users Should Update Immediately
Google’s September 2025 stable update for Chrome fixes a use-after-free vulnerability in the Dawn WebGPU implementation, tracked as CVE-2025-10500. The patch closes a security hole that could let...
Zero-Day Exploit in V8 Engine Triggers Urgent Browser Updates: What Windows Users Need to Know
Google and Microsoft have released critical browser updates to patch a type confusion vulnerability in the V8 JavaScript engine that is already being exploited by attackers. The flaw, tracked as...
Chrome 140 Patches High‑Severity WebRTC Bug – Check Your Edge Version Now
In mid‑September 2025, Google shipped an emergency update to its Chrome browser that fixes a dangerous use‑after‑free vulnerability in the WebRTC engine. Labeled CVE‑2025‑10501, the flaw...
Windows 11 Gains AI Features in September Patches, Two Zero‑Days Fixed, Windows 10’s End Looms
Microsoft’s September Patch Tuesday arrived with 81 security fixes, two actively exploited zero‑day vulnerabilities, and a clear message: Windows 11 is the future, while Windows 10 enters its...
How to Prioritize Patching with Microsoft’s Confidence Metric: Lessons from CVE-2025-54894
A single metric buried inside every Microsoft Security Response Center (MSRC) advisory could be the difference between a patching strategy that works and one that wastes precious time. Security teams...