Threats Tagged 'windows'

RoguePlanet is a newly released Windows zero-day exploit targeting a race condition vulnerability in Microsoft Defender. It enables local privilege escalation (LPE) to SYSTEM privileges on Windows 10 and Windows 11 machines, even those with June 2026 patches installed. The exploit was developed by the researcher Nightmare Eclipse and can be triggered by opening a specially crafted . vhd(x) file or accessing a malicious SMB share. Although mitigations introduced by Microsoft in May 2026 closed some attack vectors, the exploit was reworked to bypass those. It currently does not work reliably on Windows Server, but the researcher believes it could be adapted. There is no official patch specifically addressing RoguePlanet at this time. The exploit is a proof-of-concept and has not been observed in the wild.

Some Windows PCs upgraded to Windows 11 versions 24H2 or 25H2 may fail to install the latest monthly cumulative updates, showing errors 0x80073712 or 0x800f0993. This issue affects a small percentage of devices upgraded from Windows 10 versions 21H2 or 22H2, or Windows 11 version 23H2. Microsoft has identified the problem as related to corrupted or missing component store packages. A fix is available that will roll out automatically after a system restart for most devices. For already affected systems, Microsoft recommends removing a specific update package or performing an in-place upgrade of Windows 11. No new devices upgraded after May 19, 2026, should encounter this issue. This problem does not represent a security vulnerability but an update installation failure.

Microsoft patched three zero-day vulnerabilities in June 2026 affecting Windows systems. Two of these, GreenPlasma and MiniPlasma, allow local attackers to escalate privileges to SYSTEM on fully patched Windows systems. The third, YellowKey, is a backdoor in the Windows Recovery Environment that can be exploited by attackers with physical access to bypass BitLocker protection on unpatched Windows 11 and Windows Server 2022/2025 systems. These vulnerabilities were disclosed by a security researcher who also released proof-of-concept exploits. Microsoft released fixes as part of the June 2026 Patch Tuesday updates and provided mitigation guidance for YellowKey. No known exploits in the wild have been reported for these specific vulnerabilities at the time of disclosure.

Microsoft released a record number of patches in June 2026, addressing nearly 200 security vulnerabilities across Windows and related software. About three dozen of these vulnerabilities are rated critical, with public exploit code available for at least three of them. Notable zero-day vulnerabilities include a denial of service flaw in IIS (CVE-2026-49160) and elevation of privilege bugs in Windows Collaborative Translation Framework and BitLocker. A security researcher known as Nightmare Eclipse has released exploits for some of these vulnerabilities and plans further releases. Microsoft and other major vendors like Adobe and Google also issued large update bundles this month. The volume of patches reflects increased use of AI tools in vulnerability discovery. Users are advised to back up data before applying updates.

Microsoft released the Windows 10 KB5094127 extended security update addressing the June 2026 Patch Tuesday vulnerabilities, which include fixes for 200 vulnerabilities and three publicly disclosed zero-day flaws. The update also adds functionality to monitor the rollout of updated Secure Boot certificates replacing those expiring in June 2026. It improves File Explorer search and introduces a new policy to limit Secure Boot service data sent to Microsoft. A known issue may cause BitLocker recovery prompts on some systems with specific Group Policy and Secure Boot configurations, with a temporary workaround provided by Microsoft.

Microsoft released cumulative updates KB5094126 and KB5093998 for Windows 11 versions 25H2/24H2 and 23H2 to address security vulnerabilities, fix bugs, and introduce new features. These updates include performance improvements, enhancements to Windows Hello, taskbar fixes, and new capabilities such as Shared Audio and Multi-App Camera. The updates are part of the June 2026 Patch Tuesday and are mandatory for affected versions. No known exploitation in the wild has been reported. Microsoft has not indicated any new issues with these updates and continues to work on future quality improvements for Windows 11.

Microsoft has created an open-source fork of Windows Terminal called "Intelligent Terminal," and it allows you to use AI directly inside Terminal without interfering with the regular session. [...]

The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]

On Wednesday, Microsoft fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-updates. [...]

I&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;ve been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows).