Your Windows PC has a security deadline in June 2026

A Secure Boot certificate refresh is rolling out across supported Windows devices through Windows Update. In June 2026, the Secure Boot certificates that have shipped inside Windows since 2011 begin to expire, and Microsoft is replacing them with new 2023-dated certificates. The good news: If you...

KLA91072 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in M365 Copilot can be exploited remotely to obta...

KLA91071 OSI vulnerability in Microsoft Device

An information disclosure vulnerability was found in Microsoft Planetary Computer Pro. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-41104 Exploitation CVE list CVE-2026-41104 critical Solution Install necessary updates from the KB...

KLA91063 SB vulnerability in Microsoft Browser

A security feature bypass vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service, bypass security restrictions. Original advisories CVE-2026-45585 Exploitation Public exploits exist for this vulnerability. Related products...

KLA91055 PE vulnerability in Microsoft Azure

An elevation of privilege vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-42822 Exploitation Related products Microsoft-Azure CVE list CVE-2026-42822 critical KB list Solution Install necessary updates fro...

The vulnerability was exploited in AMD processors

AMD has addressed a vulnerability in certain processor models through a mitigation measure included in the Windows update of May 2026. This vulnerability affects certain AMD processors. A local malicious actor could exploit this vulnerability to execute arbitrary code on the system. The mitigatio...

KLA91046 SUI vulnerability in Microsoft Server Software

A spoofing vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to perform cross-site scripting attack, spoof user interface. Original advisories CVE-2026-42897 Exploitation Public exploits exist for this vulnerability. Related products...

KLA91048 SUI vulnerability in Microsoft Products (ESU)

A spoofing vulnerability was found in Microsoft Microsoft Products Extended Security Update. Malicious users can exploit this vulnerability to perform cross-site scripting attack, spoof user interface. Original advisories CVE-2026-42897 Exploitation Public exploits exist for this vulnerability...

KLA91047 OSI vulnerability in Microsoft Apps

An information disclosure vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-41615 Exploitation Related products Microsoft-Authenticator-for-Android Microsoft-Authenticator-for-IOS CVE list...

AMD: CVE-2025-54518 CPU OP Cache Corruption

This vulnerability was found and addressed by AMD. We are documenting it in the Security Update Guide to encourage customers to install the May 2026 version of Windows as soon as possible. The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for thi...

KB5091158 - Description of the security update for SQL Server 2022 GDR: May 12, 2026

KB5091158 - Description of the security update for SQL Server 2022 GDR: May 12, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information ​​​​​​​Information about protection and security Summary...

KB5090408 - Description of the security update for SQL Server 2019 GDR: May 12, 2026

KB5090408 - Description of the security update for SQL Server 2019 GDR: May 12, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information ​​​​​​​Information about protection and security Summary...

KLA91033 PE vulnerability in Microsoft Dynamics

An elevation of privilege vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-33821 Exploitation Related products Microsoft-Dynamics-365 Microsoft-365 CVE list CVE-2026-33821 critical KB list Solution Insta...

KLA91028 OSI vulnerability in Microsoft Developer Tools

An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-42826 Exploitation Related products Microsoft-Azure CVE list CVE-2026-42826 critical Solution Install...

MAL-2026-3246 Malicious code in win-update-helper-tool-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251972769752a77d15c86627fe078560c49ce79a47bcc4542128386eb5362342 If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

EUVD-2026-26210

Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before stagin...

Important: Red Hat Security Advisory: OpenJDK 8u492 Windows Security Update

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

KLA90998 PE vulnerability in Microsoft Developer Tools

An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-40372 Exploitation Related products .NET CVE list CVE-2026-40372 critical KB list 5091596 Solution Install necessary...

CVE-2026-32224

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally...

2026-04 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5082123)

2026-04 Cumulative Update for Windows 10 Version 1809 for x86-based Systems KB5082123...