KLA91069 ACE vulnerability in Microsoft Dynamics

A remote code execution vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2026-23652 Exploitation CVE list CVE-2026-23652 critical Solution Install necessary updates from the KB section, that are listed...

May 12, 2026—KB5087544 (OS Builds 19045.7291 and 19044.7291)

May 12, 2026—KB5087544 OS Builds 19045.7291 and 19044.7291 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely i...

CVE-2026-42248 Missing Signature Verification for Updates in Ollama

Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before stagin...

CVE-2026-42248

Affected product : Ollama for Windows. Vulnerabilities covered : CVE-2026-42248 (Missing signature verification for updates) and CVE-2026-42249 (Path traversal in update mechanism). Root cause : Windows update flow does not verify integrity/authenticity of downloaded update executables (CVE-2026-...

Ollama 安全漏洞

Ollama is an open-source tool developed by Ollama that can be run locally, used for managing and customizing large language models. Versions of Ollama from 0.12.10 to 0.17.5 have security vulnerabilities. These vulnerabilities stem from the lack of integrity or authenticity verification when...

PT-2026-35911

Name of the Vulnerable Software and Affected Versions Ollama for Windows versions 0.12.10 through 0.17.5 Description Ollama for Windows fails to verify the integrity or authenticity of downloaded update executables. The update verification routine on Windows unconditionally returns success,...

KLA90936 OSI vulnerability in Microsoft Office

An information disclosure vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-26133 Exploitation Related products Microsoft-Outlook Microsoft-Excel Microsoft-Word CVE list CVE-2026-26133 high...

March 10, 2026—KB5078885 (OS Builds 19045.7058 and 19044.7058)

March 10, 2026—KB5078885 OS Builds 19045.7058 and 19044.7058 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely...

February 10, 2026—KB5075912 (OS Builds 19045.6937 and 19044.6937)

February 10, 2026—KB5075912 OS Builds 19045.6937 and 19044.6937 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot...

December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices

These updates from Microsoft fix serious security issues, including three that attackers are already exploiting to take control of Windows systems. In total, the security update resolves 57 Microsoft security vulnerabilities. Microsoft isn't releasing new features for Windows 10 anymore, so Windo...

Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild

These updates fix serious security issues — including one that attackers are already exploiting to take control of Windows systems. By chaining it with other attacks, they can gain full admin access, install malware, steal data, or make deeper changes you wouldn’t normally be able to undo. Run...

Patch Tuesday, October 2025 ‘End of 10’ Edition

Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. October's Patch Tuesday also marks the final month that Microsoft will ship security updates for...

Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation

CVE-2025-2884 is regarding a vulnerability in TCG TPM2.0 Reference implementation's CryptHmacSign helper function that is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. CERT/CC created this CVE on their behalf. The documente...

KLA88413 RCE vulnerability in OmniParser

A remote code execution vulnerability was found in OmniParser. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2025-55322 CVE list CVE-2025-55322 high Solution Install necessary updates from the KB section, that are...

CVE-2022-50238

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is...

CVE-2022-50238

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is...

CVE-2022-50238

CVE-2022-50238 describes that the on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft rules. Some entries have been excluded from the on-endpoint blocklist longer than expected, which can lead to inconsistent enforcement. The documents indicate th...

CVE-2025-32098

An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update process...

June 10, 2025—KB5061010 (OS Build 14393.8148)

June 10, 2025—KB5061010 OS Build 14393.8148 Important Windows updates do not install Microsoft Store application updates. If you are an enterprise user, see Microsoft Store apps - Configuration Manager. If you are a consumer user, see Get updates for apps and games in Microsoft Store. For...

June 11, 2025—KB5063060 (OS Build 26100.4351) Out-of-band

June 11, 2025—KB5063060 OS Build 26100.4351 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview, see the update history page for Windows 11, version 24H2.Follow @WindowsUpdate to find out when new...