Microsoft security patch release for CVE-2025-54100
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft issued KB5071546 as a mandatory security update for Windows 10 Enterprise LTSC and ESU systems, closing 57 vulnerabilities and reducing exposure from three zero-day flaws. The update will auto-install and prompt for a restart when complete. One fixed issue is CVE-2025-54100, a PowerShell remote code execution flaw that could run malicious scripts from a webpage retrieved with Invoke-WebRequest. Systems finish on build 19045.6691 or 19044.6691 depending on edition.
Related Happenings
Progress LoadMaster CVE-2026-8037 patch release
Security Patch Release
H score52
First: 30.06.2026 10:38
Last: 30.06.2026 10:38
Sources 1
About this happening:
**Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
Progress LoadMaster CVE-2026-8037 patch release
Security Patch ReleaseAbout this happening: **Progress** published fixed **LoadMaster** versions for **CVE-2026-8037**, closing a **pre-auth root command execution** path on appliances with the API enabled. Administrators r...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch Release
H score32
First: 17.06.2026 20:36
Last: 17.06.2026 20:36
Sources 1
About this happening:
**Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch ReleaseAbout this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Latest development: 09.07.2026 11:48
Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/Service
H score10
First: 08.06.2026 09:08
Last: 08.06.2026 09:08
Sources 1
About this happening:
**Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/ServiceAbout this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
WP Maps Pro 6.1.1 security patch for CVE-2026-8732
Security Patch Release
H score49
First: 31.05.2026 17:06
Last: 31.05.2026 17:06
Sources 1
About this happening:
**WP Maps Pro 6.1.1** was released to fix **CVE-2026-8732**, giving WordPress administrators a patch for a flaw that enabled **unauthenticated administrator-account creation**. Th...
WP Maps Pro 6.1.1 security patch for CVE-2026-8732
Security Patch ReleaseAbout this happening: **WP Maps Pro 6.1.1** was released to fix **CVE-2026-8732**, giving WordPress administrators a patch for a flaw that enabled **unauthenticated administrator-account creation**. Th...
Pretalx version 2026.1.0 security update for CVE-2026-41241
Security Patch Release
H score34
First: 27.05.2026 17:30
Last: 27.05.2026 17:30
Sources 1
About this happening:
**Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...
Pretalx version 2026.1.0 security update for CVE-2026-41241
Security Patch ReleaseAbout this happening: **Pretalx** released **version 2026.1.0** to patch **CVE-2026-41241**, a **stored XSS** flaw that could compromise organizer accounts in conference deployments. The update closes...
Timeline
-
09.12.2025 21:54 2 articles · 7mo ago
Microsoft releases Windows 10 KB5071546 security update
Initial DisclosureMicrosoft released KB5071546 for Windows 10 Enterprise LTSC and Windows 10 ESU systems, resolving 57 security vulnerabilities including three zero-days and CVE-2025-54100 in PowerShell. The update adds a confirmation warning for Invoke-WebRequest when page content could execute embedded scripts, is mandatory on eligible systems, automatically installs and prompts a restart, and advances devices to build 19045.6691 or build 19044.6691 depending on edition; Microsoft also reported no known issues.
Show sources
- Microsoft releases Windows 10 KB5071546 extended security update — www.bleepingcomputer.com — 09.12.2025 21:54
- Microsoft releases Windows 10 KB5071546 extended security update — www.bleepingcomputer.com — 09.12.2025 21:54