Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft May 2026 Patch Tuesday release

Security Patch Release
First reported
Last updated
Happening score
H score 44
2 unique sources, 2 articles

Summary

Hide ▲

Microsoft's May 13, 2026 Patch Tuesday release fixed 138 vulnerabilities across its product portfolio, including Windows, Azure, and Edge. None of the flaws were listed as publicly known or under active attack. The update spans both Critical and Important issues, making it a broad monthly remediation cycle for Microsoft customers. Administrators also need to watch a separate Windows Secure Boot certificate rollover before the June 26, 2026 deadline.

Related Happenings

Microsoft Defender BlueHammer (CVE-2026-33825) ransomware exploitation wave

Exploitation Wave
H score41 First: 30.06.2026 11:53 Last: 30.06.2026 11:53 Sources 1

About this happening: CISA has flagged **BlueHammer (CVE-2026-33825)** as exploited in **ransomware campaigns**, expanding the risk to **Windows devices** exposed to privilege escalation. The flaw in *...

Microsoft releases RoguePlanet Defender security update for CVE-2026-50656

Security Patch Release
H score32 First: 17.06.2026 20:36 Last: 17.06.2026 20:36 Sources 1

About this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...

Latest development: 09.07.2026 11:48

Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.

Microsoft security patch release for CVE-2026-42897

Security Patch Release
H score44 First: 10.06.2026 16:44 Last: 10.06.2026 16:44 Sources 1

About this happening: **Microsoft** released **June 2026 Security Updates** for **Exchange Server 2016**, **Exchange Server 2019**, and **Exchange Server Subscription Edition (SE)** to fix **CVE-2026-4...

Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)

Security Patch Release
H score40 First: 10.06.2026 12:57 Last: 10.06.2026 12:57 Sources 1

About this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.

Microsoft June 2026 Patch Tuesday record 206-vulnerability update

Security Patch Release
H score55 First: 10.06.2026 12:38 Last: 10.06.2026 12:38 Sources 1

About this happening: Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...

Timeline

  1. 01.06.2026 15:30 1 articles · 1mo ago

    CCB warns of active exploitation of CVE-2026-41089 in Windows Netlogon

    Exploitation Observed

    Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.

    Show sources
  2. 13.05.2026 13:36 2 articles · 1mo ago

    Microsoft releases May 2026 Patch Tuesday updates

    Initial Disclosure

    Microsoft released patches for 138 security vulnerabilities across its product portfolio, including CVE-2026-41096 in Windows DNS, CVE-2026-41089 in Windows Netlogon, and multiple Critical and Important flaws in Azure DevOps, Azure Managed Instance for Apache Cassandra, Microsoft Dynamics 365 (on-premises), Azure Logic Apps, Microsoft Teams, Azure Cloud Shell, Azure Entra ID, Windows Hyper-V, Azure SDK, and Microsoft SSO Plugin for Jira & Confluence; none of the flaws were listed as publicly known or under active attack, and 16 issues were identified through the MDASH AI-driven vulnerability discovery system.

    Show sources
  3. 13.05.2026 13:36 1 articles · 1mo ago

    Windows Secure Boot certificate rollover deadline approaches

    Mitigation Patch Update

    Organizations must rotate Windows Secure Boot certificates to the 2023 counterparts before the June 26, 2026 deadline because the 2011-issued certificates are set to expire; devices that miss the rollover risk degraded security states or catastrophic boot-level security failures.

    Show sources