Microsoft Windows Admin Center patch for CVE-2026-26119
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft shipped Windows Admin Center version 2511 to patch CVE-2026-26119, closing an improper authentication flaw that could let an authorized attacker elevate privileges over a network. The fix matters because the issue carried a CVSS 8.8/10.0 rating and affected a locally deployed management tool used to administer Windows Clients, Servers, and Clusters. Microsoft said the vulnerability had not been seen exploited in the wild, but it was still tagged "Exploitation More Likely". The patch was credited to version 2511 released in December 2025, with a public advisory following on February 17, 2026.
Related Happenings
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch Release
H score32
First: 17.06.2026 20:36
Last: 17.06.2026 20:36
Sources 1
About this happening:
**Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch ReleaseAbout this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Latest development: 09.07.2026 11:48
Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.
Microsoft hit by cyberattack
Incident
H score68
First: 09.06.2026 18:42
Last: 09.06.2026 18:42
Sources 1
About this happening:
A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...
Microsoft hit by cyberattack
IncidentAbout this happening: A **Microsoft** GitHub repository removal incident in **June 2026** disrupted **continuous integration pipelines** and briefly broke **Azure/functions-action** workflows used by d...
CCB urgent patch warning for CVE-2026-41089 on Windows servers
Public Sector Action
H score48
First: 01.06.2026 15:30
Last: 01.06.2026 15:30
Sources 1
About this happening:
Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...
CCB urgent patch warning for CVE-2026-41089 on Windows servers
Public Sector ActionAbout this happening: Belgium's **CCB** warned that **CVE-2026-41089** is being **actively exploited in the wild**, urging admins to **immediately patch** vulnerable **Windows servers** because the fla...
Microsoft security patch release for CVE-2026-45659
Security Patch Release
H score23
First: 26.05.2026 14:49
Last: 26.05.2026 14:49
Sources 1
About this happening:
Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Microsoft security patch release for CVE-2026-45659
Security Patch ReleaseAbout this happening: Microsoft released **SharePoint** updates for **CVE-2026-45659**, a **remote code execution** flaw that could let an authenticated attacker run code over the network without eleva...
Azure Backup for AKS Trusted Access permission tightening
Security Patch Release
H score8
First: 16.05.2026 23:55
Last: 16.05.2026 23:55
Sources 1
About this happening:
**Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...
Azure Backup for AKS Trusted Access permission tightening
Security Patch ReleaseAbout this happening: **Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...
Timeline
-
17.02.2026 02:00 2 articles · 4mo ago
Microsoft discloses CVE-2026-26119 in Windows Admin Center
Initial DisclosureMicrosoft disclosed a now-patched Windows Admin Center privilege-escalation flaw, CVE-2026-26119, in an advisory released on February 17, 2026. The high-severity issue carried a CVSS 8.8/10.0 rating and stemmed from improper authentication that could let an authorized attacker elevate privileges over a network and gain the rights of the user running the affected application; Microsoft said the flaw was patched in Windows Admin Center version 2511 released in December 2025 and credited Semperis researcher Andrea Pierini with discovering and reporting it.
Show sources
- Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center — thehackernews.com — 19.02.2026 19:40
- Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center — thehackernews.com — 19.02.2026 19:40