KLA91048 SUI vulnerability in Microsoft Products (ESU)

A spoofing vulnerability was found in Microsoft Microsoft Products Extended Security Update. Malicious users can exploit this vulnerability to perform cross-site scripting attack, spoof user interface. Original advisories CVE-2026-42897 Exploitation Public exploits exist for this vulnerability...

April 14, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 (KB5082398)

April 14, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 KB5082398 Applies to: Microsoft .NET Framework 3.5 Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows...

KLA90926 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface. Below is a...

Description of the security update for Microsoft Exchange Server 2019 CU15: February 10, 2026 (KB5074993)

Description of the security update for Microsoft Exchange Server 2019 CU15: February 10, 2026 KB5074993 This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2026-21527...

February 10, 2026—KB5075970 (Monthly Rollup)

February 10, 2026—KB5075970 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...

Description of the security update for Microsoft Exchange Server 2016 CU23: February 10, 2026 (KB5074995)

Description of the security update for Microsoft Exchange Server 2016 CU23: February 10, 2026 KB5074995 This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2026-21527...

December 18, 2025—KB5074980 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074980 Monthly Rollup Out-of-band Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints...

December 18, 2025—KB5074978 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074978 Monthly Rollup Out-of-band Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoin...

Description of the security update for Microsoft Exchange Server 2016 CU23: December 9, 2025 (KB5071873)

Description of the security update for Microsoft Exchange Server 2016 CU23: December 9, 2025 KB5071873 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

Description of the security update for Microsoft Exchange Server 2019 CU14: December 9, 2025 (KB5071874)

Description of the security update for Microsoft Exchange Server 2019 CU14: December 9, 2025 KB5071874 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and...

November 11, 2025—KB5068907 (Monthly Rollup)

November 11, 2025—KB5068907 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...

KLA90988 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability can b...

October 14, 2025—KB5066875 (Monthly Rollup)

October 14, 2025—KB5066875 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...

October 23, 2025—KB5070887 (Monthly Rollup) Out-of-band

October 23, 2025—KB5070887 Monthly Rollup Out-of-band Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints f...

October 14, 2025—KB5066873 (Monthly Rollup)

October 14, 2025—KB5066873 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU on...

KLA90884 PE vulnerability in Microsoft Products (ESU)

An elevation of privilege vulnerability was found in Microsoft Products Extended Security Update. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-59220 Exploitation Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-10...

September 9, 2025—KB5065509 (Monthly Rollup)

September 9, 2025—KB5065509 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...

September 9, 2025—KB5065507 (Monthly Rollup)

September 9, 2025—KB5065507 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...

July 8, 2025—KB5062592 (Monthly Rollup)

July 8, 2025—KB5062592 Monthly Rollup Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in time...

KLA90911 DoS vulnerability in Microsoft Products (ESU)

Denial of service vulnerability was found in Microsoft Products Extended Security Update. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2025-6965 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Windows...