Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Microsoft security patch release for CVE-2026-45586

Security Patch Release
First reported
Last updated
Happening score
H score 41
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft's June 2026 Patch Tuesday delivers 200 flaw fixes across Windows and related products, including six zero-days and one actively exploited vulnerability. The release covers high-impact bugs such as CVE-2026-45586, CVE-2026-49160, CVE-2026-45585, CVE-2026-50507, CVE-2020-17103, and CVE-2026-42897. The patch bundle requires urgent attention because it spans privilege escalation, denial of service, BitLocker bypass, and Exchange spoofing issues.

Related Happenings

Microsoft June 2026 Patch Tuesday record 206-vulnerability update

Security Patch Release
H score55 First: 10.06.2026 12:38 Last: 10.06.2026 12:38 Sources 1

About this happening: Microsoft shipped a **record 206-vulnerability** update for its software portfolio, including **three publicly disclosed flaws**. The release spans **Critical** and **Important**...

Open Happening

Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes

Security Patch Release
H score15 First: 10.06.2026 02:11 Last: 10.06.2026 02:11 Sources 1

About this happening: **Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...

Open Happening

Microsoft June 2026 Patch Tuesday record security update bundle

Security Patch Release
H score36 First: 10.06.2026 01:07 Last: 10.06.2026 01:07 Sources 1

About this happening: **Microsoft** released a **record Patch Tuesday bundle** for **June 2026** that patches **nearly 200 security holes** across **Windows operating systems and supported software**,...

Open Happening

Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498

Security Patch Release
H score44 First: 21.05.2026 10:49 Last: 21.05.2026 10:49 Sources 1

About this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...

Latest development: 21.05.2026 12:52

Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.

Open Happening

Microsoft May 2026 Patch Tuesday release

Security Patch Release
H score38 First: 13.05.2026 13:36 Last: 13.05.2026 13:36 Sources 1

About this happening: Microsoft's **May 13, 2026 Patch Tuesday** release fixed **138 vulnerabilities** across its product portfolio, including **Windows**, **Azure**, and **Edge**. None of the flaws we...

Latest development: 01.06.2026 15:30

Belgium's Centre for Cybersecurity warned that CVE-2026-41089 in Windows Netlogon is being actively exploited in the wild after Microsoft patched the stack-based buffer overflow during the May 2026 Patch Tuesday. The flaw affects all currently supported Windows Server versions, including Windows Server 2025, and can let an unauthenticated attacker gain remote code execution on targeted domain controllers.

Open Happening

Timeline

  1. 09.06.2026 20:57 2 articles · 1d ago

    Microsoft releases June 2026 Patch Tuesday for 200 flaws and six zero-days

    Initial Disclosure

    Microsoft's June 2026 Patch Tuesday delivers security updates for 200 flaws, including five publicly disclosed zero-days and one actively exploited vulnerability, across Windows and related products.

    Show sources
    Open in new tab
  2. 09.06.2026 20:57 1 articles · 1d ago

    Microsoft patches Windows CTFMON, HTTP.sys, BitLocker, and Mini-Plasma flaws

    Technical Analysis Update

    The June 2026 updates fix CVE-2026-45586 in Windows Collaborative Translation Framework (CTFMON), CVE-2026-49160 in HTTP.sys, CVE-2026-45585 and CVE-2026-50507 in Windows BitLocker Device Encryption, and CVE-2020-17103 in Windows Cloud Files Mini Filter Driver.

    Show sources
    Open in new tab
  3. 09.06.2026 20:57 1 articles · 1d ago

    Microsoft adds MaxHeadersCount and Exchange Emergency Mitigation Service

    Mitigation Patch Update

    Microsoft introduces a new MaxHeadersCount registry setting to limit headers accepted in HTTP/2 and HTTP/3 requests, and it says mitigations for the actively exploited Microsoft Exchange Server spoofing flaw are being pushed through the Exchange Emergency Mitigation Service while a full fix is still in progress.

    Show sources
    Open in new tab
  4. 09.06.2026 20:57 1 articles · 1d ago

    Microsoft and researchers attribute June 2026 zero-days to anonymous, Calif.io, and Nightmare Eclipse disclosures

    Attribution Update

    Microsoft credits CVE-2026-45586 to an anonymous researcher, the HTTP/2 denial-of-service flaw is credited to Quang Luong and Codex of Calif.io, and Nightmare Eclipse is tied to the GreenPlasma, YellowKey, and Mini-Plasma disclosures; CVE-2020-17103 was originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020.

    Show sources
    Open in new tab