Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Webinar Library

Latest Blogs

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Cracking AD Passwords with NTDSXtract, Dsusers.py and John the Ripper

Cracking local windows passwords with Mimikatz, LSA dump and Hashcat

Top Resources

Security Log

Additional Resources

June, 2026: Patch Tuesday - Three Zero Days and 229 (yes 229) Updates!

Welcome to my June 2026 Patch Tuesday newsletter. It's a very busy month from Microsoft. Today, MS released 198 updates and another 31 since last month's Patch Tuesday. So, in total we have 229 updates in the chart below!

This month we have 3 zero-days to tell you about:

CVE-2026-42897 - This spoofing vulnerability affects Exchange Server (see versions in chart below). It is rated critical and MS recommends installing the June 2026 update to your Exchange Server ASAP. A successful attacker could exploit this issue by sending a specially crafted email to a user. If the user opens the email in OWA and certain conditions are met, arbitrary JavaScript can be executed.
CVE-2026-41091 - This elevation of privilege affects the Malware Protection Engine in Defender. It is rated important but is also being exploited and is publicly disclosed. An attacker who is successful could gain SYSTEM privileges. So, you will want to get this updated ASAP as well.
CVE-2026-45498 - This denial of service also affects Defender and is exploited and public too. You will want to make sure you have a version equal to or greater than 4.18.26040.7 to be protected.

Besides these we have 53 "Critical" rated CVE's being pushed out for the month. You will want to peruse the chart below to see if your environment contains any of the affected applications and the vulnerable versions. Microsoft sure did make up for an easy May with over 200 updates this month.??????

Happy patching!

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2004, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations Remote Desktop client for Windows Desktop Windows App Client for Windows Desktop Windows Narrator Braille	Critical	CVE-2026-33828 CVE-2026-34335 CVE-2026-40404 CVE-2026-40409 CVE-2026-41092 CVE-2026-41108 CVE-2026-42828 CVE-2026-42829 CVE-2026-42836 CVE-2026-42837 CVE-2026-42903 CVE-2026-42904 CVE-2026-42905 CVE-2026-42906 CVE-2026-42907 CVE-2026-42908 CVE-2026-42909 CVE-2026-42910 CVE-2026-42911 CVE-2026-42912 CVE-2026-42913 CVE-2026-42914 CVE-2026-42915 CVE-2026-42916 CVE-2026-42968 CVE-2026-42969 CVE-2026-42970 CVE-2026-42971 CVE-2026-42972 CVE-2026-42973 CVE-2026-42974 CVE-2026-42977 CVE-2026-42978 CVE-2026-42979 CVE-2026-42980 CVE-2026-42981 CVE-2026-42983 CVE-2026-42984 CVE-2026-42985 CVE-2026-42986 CVE-2026-42987 CVE-2026-42989 CVE-2026-42991 CVE-2026-42992 CVE-2026-42993 CVE-2026-44799 CVE-2026-44801 CVE-2026-44802 CVE-2026-44803 CVE-2026-44804 CVE-2026-44805 CVE-2026-44807 CVE-2026-44808 CVE-2026-44809 CVE-2026-44810 CVE-2026-44811 CVE-2026-44812 CVE-2026-44813 CVE-2026-44814 CVE-2026-44815 CVE-2026-45487 CVE-2026-45585* CVE-2026-45586* CVE-2026-45588 CVE-2026-45592 CVE-2026-45593 CVE-2026-45594 CVE-2026-45595 CVE-2026-45596 CVE-2026-45597 CVE-2026-45598 CVE-2026-45599 CVE-2026-45600 CVE-2026-45601 CVE-2026-45602 CVE-2026-45603 CVE-2026-45604 CVE-2026-45605 CVE-2026-45606 CVE-2026-45607 CVE-2026-45608 CVE-2026-45634 CVE-2026-45635 CVE-2026-45636 CVE-2026-45637 CVE-2026-45638 CVE-2026-45639 CVE-2026-45640 CVE-2026-45641 CVE-2026-45642 CVE-2026-45648 CVE-2026-45653 CVE-2026-45654 CVE-2026-45655 CVE-2026-45656 CVE-2026-45657 CVE-2026-45658 CVE-2026-47288 CVE-2026-47289 CVE-2026-47291 CVE-2026-47648 CVE-2026-47652 CVE-2026-47653 CVE-2026-47654 CVE-2026-47656 CVE-2026-48563 CVE-2026-48565 CVE-2026-48566 CVE-2026-48568 CVE-2026-48570 CVE-2026-48573 CVE-2026-48574 CVE-2026-48575 CVE-2026-48576 CVE-2026-48578 CVE-2026-48583 CVE-2026-49160* CVE-2026-50507* CVE-2026-50508	Workaround: No Exploited: No Public: Yes*	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing Tampering
Exchange	Server 2016 CU23 Server 2019 CU14, CU15 Server Subscription Edition RTM Exchange Online	Critical	CVE-2026-42897** CVE-2026-45500 CVE-2026-45501 CVE-2026-45502 CVE-2026-45503 CVE-2026-45504 CVE-2026-45583 CVE-2026-47631 CVE-2026-42897	Workaround: No Exploited: Yes** Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
Edge	Edge (Chromium-based) Copilot Chat	Critical	CVE-2026-45492 CVE-2026-45494 CVE-2026-45495 CVE-2026-47644	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Office	365 Apps for Enterprise Excel/Word 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac Office 365 for Mac Office/Excel/ PowerPoint/Teams /Word for Android Office Online Server	Critical	CVE-2026-42835 CVE-2026-44803 CVE-2026-44812 CVE-2026-44817 CVE-2026-44818 CVE-2026-44819 CVE-2026-44820 CVE-2026-44821 CVE-2026-44822 CVE-2026-44823 CVE-2026-44824 CVE-2026-45455 CVE-2026-45456 CVE-2026-45457 CVE-2026-45458 CVE-2026-45459 CVE-2026-45460 CVE-2026-45461 CVE-2026-45463 CVE-2026-45466 CVE-2026-45469 CVE-2026-45471 CVE-2026-45472 CVE-2026-45474 CVE-2026-45475 CVE-2026-45485 CVE-2026-45486 CVE-2026-45643 CVE-2026-45645 CVE-2026-45649 CVE-2026-47293 CVE-2026-47635	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Critical	CVE-2026-33113 CVE-2026-44819 CVE-2026-44821 CVE-2026-44824 CVE-2026-45453 CVE-2026-45454 CVE-2026-45456 CVE-2026-45458 CVE-2026-45462 CVE-2026-45464 CVE-2026-45465 CVE-2026-45467 CVE-2026-45468 CVE-2026-45471 CVE-2026-45475 CVE-2026-45479 CVE-2026-45481 CVE-2026-45483 CVE-2026-45484 CVE-2026-45485 CVE-2026-45659 CVE-2026-47294 CVE-2026-47298 CVE-2026-47634 CVE-2026-47636 CVE-2026-47637 CVE-2026-47638 CVE-2026-47639 CVE-2026-47640 CVE-2026-47641 CVE-2026-48560 CVE-2026-48562	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
Azure	Arc HorizonDB Kubernetes Service Local Orbital Spatio Privileged Identity Management Resource Manager Stack Edge Stack HCI Virtual Network Gateway Entra ID Global Secure Access Graph Admin Center in Azure Portal	Critical	CVE-2026-23663 CVE-2026-26147 CVE-2026-32193 CVE-2026-33843 CVE-2026-35430 CVE-2026-40411 CVE-2026-40412 CVE-2026-41098 CVE-2026-42822 CVE-2026-42834 CVE-2026-42901 CVE-2026-47280 CVE-2026-47643 CVE-2026-47655 CVE-2026-48567	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
Developer Tools	.NET 8, 9, 10 installed on Linux, MacOS and Windows ASP.NET Core 10.0, 9.0, 8.0 Microsoft Live Share Canvas SDK Visual Studio 2026 18.6 Visual Studio Code CoPilot Chat Extension Visual Studio Code including MSSQL Extension	Important	CVE-2026-40376 CVE-2026-45482 CVE-2026-45490 CVE-2026-45491 CVE-2026-45591 CVE-2026-45644 CVE-2026-47281 CVE-2026-47284 CVE-2026-47287 CVE-2026-47292 CVE-2026-48569	Workaround: No Exploited: No Public: No	Denial of Service Elevation of Privilege Information Disclosure Security Feature Bypass Tampering
Dynamics	365 (on-premises) v9.1 Power Pages	Critical	CVE-2026-23652 CVE-2026-40371	Workaround: No Exploited: No Public: No	Remote Code Execution
Device	Planetary Computer Pro (GeoCatalog)	Critical	CVE-2026-41104	Workaround: No Exploited: No Public: No	Information Disclosure
Apps	365 CoPilot 365 CoPilot for iOS Authenticator for iOS and Android Bing Search for Android PC Manager PowerToys	Critical	CVE-2026-41090 CVE-2026-41615 CVE-2026-42824 CVE-2026-42827 CVE-2026-42902 CVE-2026-45497 CVE-2026-45650 CVE-2026-49161	Workaround: No Exploited: No Public: No	Information Disclosure
System Center	Defender for EndPoint for Mac Malware Protection Engine Defender Antimalware Platform	Critical	CVE-2026-41091 CVE-2026-45498**** CVE-2026-45584 CVE-2026-45647	Workaround: No Exploited: Yes** Public: Yes*	Elevation of Privilege
Other	Linux Kernel - MANA Network Driver Nuance PowerScribe 360 versions 4.0 - 4.0.9 Nuance PowerScribe One versions 2019.1 - 2019.9 and 2023.1 SP2 Patch 11 and 2023.1 SP3 Patch 6	Critical	CVE-2026-26142 CVE-2026-45476	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution

Send me this chart next Patch Tuesday.

User name:
Password:
	/ Forgot?
	Register

June 2026 Patch Tuesday	"Patch Tuesday - Three Zero Days and 229 (yes 229) Updates! "

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2026 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.