Today's Top Windows System Articles for 2026-06-04
Articles for the IT Professional. Today's edition includes 150 articles from 38 sites. We chose these from 7004 articles found on 140 sites.
Today's featured sites are:
HTMD Community Intune Windows Modern Workplace Device Management, Irish Tech News, IEEE Spectrum, Prajwal Desai, Radar, TechPlanet, AppleInsider News, www.theregister.com - Articles, TechRepublic, New blog articles in Microsoft Community Hub, WinBuzzer, GeekWire, BleepingComputer, Office 365 Reports, Windows 10 Help Forums, gHacks, Petri IT Knowledgebase, StarWind Blog, Reddit : K-12 Systems Administrators, VentureBeat, Windows Blog, SecurityWeek, Ciente, Neowin, Microsoft Security Blog, Latest from Windows Central , Fast Company - technology, EU sets out plans to reduce reliance on US cloud providers – Computerworld, Latest stories for ZDNET in Microsoft, Ars Technica - All content, 4sysops, darkreading, RMON Networks, Reddit : Sysadmin, 9to5Mac, Techdirt, EdSurge Articles, MSRC Security Update Guide.
Secure Printer Installations with Intune by Allowing only IPPS Printers using TLS
Hello - Here is the new HTMD Blog Article for you. Enjoy reading it. Subscribe to YouTube Channel https://www.youtube.com/c/AnoopCNairSCCM?sub_confirmation=1 and LinkedIn page for latest updates htt...
HTMD Community Intune Windows Modern Workplace Device Management
Jun 2, 2026 - anoopcnair.com
€20 million call for energy research and innovation projects
The Sustainable Energy Authority Ireland (SEAI) has announced a new round of Government of Ireland funding of €20 million to support energy research and innovation under its 2026 National Energy Resea...
Irish Tech News
Jun 2, 2026 - irishtechnews.ie
Direct-to-Cell Technology: Enabling Satellite Connectivity for Legacy Devices
Direct-to-cell technology uses LEO satellites as spaceborne cell towers. It delivers LTE services to existing smartphones without hardware changes, bridging global coverage gaps.What Attendees will Le...
IEEE Spectrum
Jun 2, 2026 - content.knowledgehub.wiley.com
Microsoft Purview: Create an Alert Policy in Compliance Manager
In this tutorial, I’ll show you how to create an alert policy in Compliance Manager for Microsoft Purview. Alert policies are...
Prajwal Desai
Jun 2, 2026 - prajwaldesai.com
Radar Trends to Watch: June 2026
Coauthored with Claude Agents are making the transition from performing tasks to running operations. The Cloudflare and Stripe partnership ships an agent that opens accounts, registers domains, and de...
Radar
Jun 2, 2026 - oreilly.com
Could the Human Memory Prospect Artificial General Intelligence?
By David Stephen Conceptually, humans have generalized memory. Simply, humans do not have specific memory of everything in the external world, however familiar. There are groups or collections in huma...
Irish Tech News
Jun 2, 2026 - irishtechnews.ie
Meta's AI Support Disaster: How Instagram Accounts Were Hijacked Through Negligent Account Recovery
The Instagram Account Takeover Crisis: A Cautionary Tale of AI-Powered Support Gone Wrong In what can only be described as one of the most embarrassing security failures in recent memory, Meta's AI-po...
TechPlanet
Jun 2, 2026 - techplanet.today
iPhone 18 Pro will have only a fractionally higher capacity battery
A new leak claims to have details of the battery capacity for the forthcoming iPhone 18 Pro, and while it continues the pattern of improving every year, this time Apple has managed only a minor increa...
AppleInsider News
Jun 2, 2026 - appleinsider.com
Intel and pals cram 36,864 CPU cores into a 100kW rack while chasing the agentic AI dragon
Meanwhile, Intel and SambaNova's disaggregated inference blueprint lands its first customer
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Update Now: Apple Rolls Out Critical Fixes for iPhone 17, M5 Macs
Apple released iOS 26.5.1 and macOS 26.5.1 to fix iPhone 17 charging issues and M5 Mac shutdown problems before WWDC. The post Update Now: Apple Rolls Out Critical Fixes for iPhone 17, M5 Macs appeare...
TechRepublic
Jun 2, 2026 - techrepublic.com
Building AI apps and agents with Azure Databricks, Copilot Studio, and GitHub Copilot
A workspace-wide Genie MCP endpoint for Copilot Studio Genie is Azure Databricks’ AI agent that lets any employee chat with their data and get trusted answers instantly. Genie Spaces are curated, bus...
New blog articles in Microsoft Community Hub
Jun 2, 2026 - techcommunity.microsoft.com
Microsoft Backs Off Threats Against Security Researchers For Zero-Day Reveal
Microsoft has ruled out action against security researchers after the Nightmare-Eclipse backlash, narrowing legal risk around its wider disclosure dispute. The post Microsoft Backs Off Threats Against...
WinBuzzer
Jun 2, 2026 - winbuzzer.com
Northern Ireland cops issue PSA after official phone number spoofed by scammers
If you’re going to impersonate an officer, perhaps choose a more sophisticated way to nick cash than asking for gift cards…
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Code.org rebrands as CodeAI, solidifying its shift to AI education
"Nobody knows the jobs of the future, but a sure bet is that every job will involve AI," said Hadi Partovi, who co-founded the nonprofit in 2013. "We have a responsibility to prepare the next generati...
GeekWire
Jun 2, 2026 - geekwire.com
Microsoft Exchange Online outage causes email delays, failures
Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. [...]
BleepingComputer
Jun 2, 2026 - bleepingcomputer.com
FBI Warning: World Cup Scammers Are Spoofing FIFA Tickets, Job Sites
The FBI warns that fake FIFA websites are targeting World Cup fans with phishing, ticket scams, fake merchandise, and job-related fraud. The post FBI Warning: World Cup Scammers Are Spoofing FIFA Tick...
TechRepublic
Jun 2, 2026 - techrepublic.com
All-in-One PowerShell Script to Manage Active Directory Contacts
While Active Directory contacts are essential for maintaining an accurate Global Address List (GAL), managing them natively can be time-consuming and difficult to scale. To simplify the process, we de...
Office 365 Reports
Jun 2, 2026 - o365reports.com
Computer crash maybe ?
Good Afternoon everybody out their. As previously mentioned In Earlier Posts, I have been away for the Weekend. ON Friday 29th May 2026, I had the Following games on my Computer :- Microso...
Windows 10 Help Forums
Jun 2, 2026 - tenforums.com
Microsoft Fixes Windows 11 KB5089549 Install Failures Caused by Limited EFI Partition Space
Microsoft has fixed the known issue that caused installation failures and 0x800f0922 errors when deploying the May 26, 2026, Windows 11 security update KB508954 Thank you for being a Ghacks reader. Th...
gHacks
Jun 2, 2026 - ghacks.net
Microsoft Intune Update Simplifies Device Enrollment, App Deployment, and Certificate Management
Microsoft’s May Intune update introduces several enhancements designed to make endpoint management more streamlined, secure, and efficient. The release delivers improved device onboarding, stronger An...
Petri IT Knowledgebase
Jun 2, 2026 - petri.com
Allen Institute’s big new bet: $400M effort aims to go from mapping the brain to treating disease
The Allen Institute is launching a $400 million initiative, the Brain Health Accelerator, to develop gene therapies for neurodegenerative diseases including Alzheimer's, Parkinson's, Huntington's, and...
GeekWire
Jun 2, 2026 - geekwire.com
Microsoft reaches for olive branch after public dustup with 0-day researcher
Following days of criticism from the security community, Redmond dials back rhetoric, insists vulnerability hunters not in its legal crosshairs
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
ProxCenter: The vCenter-Like Management Tool for Proxmox VE
VMware admins are […]
StarWind Blog
Jun 2, 2026 - starwindsoftware.com
3rd Party Hyper-V support?
$1 submitted by /u/Individual-Unit3470
Reddit : K-12 Systems Administrators
Jun 2, 2026 - reddit.com
Solved Whilost awaiting other replies please
How do I get rid of this Desktop Icon please? "Learn about this picture" This Is something I do not use. have had It before but don't remember how to get rid of It. Thanks
Windows 10 Help Forums
Jun 2, 2026 - tenforums.com
Google Patches Android Zero-Day Vulnerability in June 2026 Security Update
Google’s June 2026 Android update fixes dozens of flaws, including a potentially exploited Framework vulnerability and critical system bugs. The post Google Patches Android Zero-Day Vulnerability in J...
TechRepublic
Jun 2, 2026 - techrepublic.com
OpenAI's Codex update lets agents build interactive enterprise workspaces via Sites and role-specific plugins
Agentic AI is moving rapidly from the developer terminal to the corporate world.On Tuesday, OpenAI announced a major update of its agentic AI platform Codex, introducing domain-specific workflows, a r...
VentureBeat
Jun 2, 2026 - venturebeat.com
AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
BleepingComputer
Jun 2, 2026 - bleepingcomputer.com
Microsoft Remote Desktop, RDS, AVD, VDI: How the Desktop Stack Actually Fits Together
Microsoft’s desktop virtualization ecosystem is a cornerstone of modern IT infrastructure, allowing organizations to deliver secure and scalable access to applications and desktops. However, the termi...
Petri IT Knowledgebase
Jun 2, 2026 - petri.com
Microsoft launches MXC, an OS-level sandbox for AI agents, with OpenAI and Nvidia already on board
For the past two years, the technology industry has raced to make AI agents more capable — teaching them to write code, navigate software interfaces, manage files, and orchestrate multi-step workflows...
VentureBeat
Jun 2, 2026 - venturebeat.com
Microsoft debuts Surface RTX Spark Dev Box to run large AI models without cloud costs
Microsoft on Monday unveiled the Surface RTX Spark Dev Box, a compact desktop computer designed to let software developers run large AI models on their desks instead of paying for cloud computing — a ...
VentureBeat
Jun 2, 2026 - venturebeat.com
Build 2026: Furthering Windows as the trusted platform for development
Build is one of our favorite moments each year - a chance to connect with the global developer community and share what we’ve been building. Over the past year, we have connected with many developers ...
Windows Blog
Jun 2, 2026 - blogs.windows.com
Windows platform security for AI agents
Making Windows the trustworthy OS for agents AI agents are no longer just answering questions, they are taking actions across systems with increasing autonomy. As they become persistent participants i...
Windows Blog
Jun 2, 2026 - blogs.windows.com
Building the next generation of devices for developers: Surface RTX Spark Dev Box
Software developers are some of the most ambitious makers we serve. They push devices harder, ask more of their tools and expect their environment to help define the pace of modern software creation. ...
Windows Blog
Jun 2, 2026 - blogs.windows.com
Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
As AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control. The post Two New Repo...
SecurityWeek
Jun 2, 2026 - securityweek.com
B2B Buying Committee Penetration: Why Marketers Must Adopt the SDR Multi-Threading Approach
Enterprise demand generation is stuck in a self-inflicted bottleneck. Marketing teams spend months optimizing for the single MQL, passing a lone champion’s contact information over the fence to sales,...
Ciente
Jun 2, 2026 - ciente.io
Russian spy agency says foreign spies turned officials' smartphones into surveillance devices
FSB claims large-scale snoop op compromised phones of senior officials, but gives no technical evidence to back allegations
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Save 46% on a 1-Year subscription to ExpressVPN Basic Plan
Browse Safer, Faster & Freer with ExpressVPN! Protect 10 devices, Block Ads & Threats with 10GB MailGuard Monthly. Read more...
Neowin
Jun 2, 2026 - neowin.net
Enhanced performance for server consolidation with Intel Xeon 6+
SPONSORED POST: How Intel’s first 18A data center CPU delivers efficiency and TCO gains, with Intel's Kira Boyko
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Tech Moves: Expedia names SVP; Microsoft AI leader departs for Uber; ZeroAvia CEO steps down
Expedia names SVP in global advertising; a Microsoft AI technical lead departs for Uber; and the CEO of the sustainable aviation startup ZeroAvia steps down. Read More
GeekWire
Jun 2, 2026 - geekwire.com
Inside Microsoft’s Project Solara: A new platform for devices that run AI agents instead of apps
A team inside Microsoft has been quietly building a platform for devices that run AI agents instead of apps, based on Android instead of Windows. The first two concept devices, a desktop hub and a wea...
GeekWire
Jun 2, 2026 - geekwire.com
Build 2026: Microsoft’s MDASH Update Adds Defender Integration to Improve Vulnerability Detection
Microsoft has announced a new update to MDASH that enhances vulnerability detection accuracy and introduces native integration with Microsoft Defender to streamline security operations. The company is...
Petri IT Knowledgebase
Jun 2, 2026 - petri.com
Microsoft Build 2026: Securing code, agents, and models across the development lifecycle
Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities. The post Microsoft Build 2026: Securing code, agents, and models across the development lifecycle a...
Microsoft Security Blog
Jun 2, 2026 - microsoft.com
Microsoft says Windows 11’s Defender is enough for most users but admits some third‑party tools still offer extras
Microsoft says Windows 11’s built‑in Defender offers solid protection for most users, though third‑party antivirus tools provide extra features.
Latest from Windows Central
Jun 2, 2026 - windowscentral.com
Marvell enters the AI network fray with 102.4 Tbps switch silicon
High radix, low latency and low power is what AI datacenters crave, the chipmaker says
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Hackers found a way to make Meta’s AI hand over Instagram accounts
The Instagram account of the Obama White House has not been active for more than nine years, but over the weekend, hackers gained access, defacing the page with pro-Iranian images and messages. And it...
Fast Company - technology
Jun 2, 2026 - fastcompany.com
Enterprise AI agents keep creating data silos. Microsoft's Build answer is Microsoft IQ and Rayfin.
Every new AI agent your team deploys starts from scratch: no memory of how the business works, where data lives, or what rules apply. And as agentic coding tools spin up applications faster than anyon...
VentureBeat
Jun 2, 2026 - venturebeat.com
LAN Network Design for Large School
$1 submitted by /u/MassageGun-Kelly
Reddit : K-12 Systems Administrators
Jun 2, 2026 - reddit.com
Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]...
BleepingComputer
Jun 2, 2026 - bleepingcomputer.com
Microsoft unveils Scout, an autonomous AI agent built on OpenClaw
Microsoft has developed a new AI agent that can run autonomously around the clock to complete tasks across Microsoft 365 applications. Microsoft Scout, unveiled at the company’s Build event Tuesday,...
EU sets out plans to reduce reliance on US cloud providers – Computerworld
Jun 2, 2026 - computerworld.com
Remote work – not AI – is killing job prospects for the youth
Young professionals may be perfectly productive while working from home, says the New York Fed, but the quality of their output isn't so great, so companies don't want to hire them
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
The Agentic Reckoning: Enterprise AI organizations have a runtime problem, not a model problem — and most are building the wrong solution
In Q1 2026, VentureBeat's Pulse Research surfaced the “Governance Mirage”: the gap between the governance org charts enterprises had drawn and the control layers they had actually built. Forty-three p...
VentureBeat
Jun 2, 2026 - venturebeat.com
Build 2026: Microsoft's MDASH exits preview with 100+ specialized threat-hunting AI agents
Microsoft's Build 2026 security news centers on an agentic AI vulnerability system designed to find real exploitable flaws, connect them to Defender and GitHub, and help developers fix them faster.
Latest stories for ZDNET in Microsoft
Jun 2, 2026 - zdnet.com
Feds failing in bid to take a supercomputer from a climate research center
The National Center for Atmospheric Research won't be losing its supercomputer.
Ars Technica - All content
Jun 2, 2026 - arstechnica.com
Cisco leverages AI and eBPF to automate vulnerability shielding and VM migration
Cisco is integrating artificial intelligence and eBPF technology into its infrastructure to fundamentally change how networks are managed and secured. The network is now viewed as a high-performance b...
4sysops
Jun 2, 2026 - 4sysops.com
China Uses Dual-Method Cyberattack on Czech Orgs
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
darkreading
Jun 2, 2026 - darkreading.com
WTIA selects 21 startups for 14th Founder Cohort Accelerator Program
The early stage companies from across Washington state are working in areas such as AI, cybersecurity, healthcare, enterprise software, and other emerging technologies, the WTIA said Tuesday. Read Mo...
GeekWire
Jun 2, 2026 - geekwire.com
The Smartest Tech Decision Might Be “Not Yet”
As an SMB leader, you face immense pressure to modernize your operations. Every week, a new software platform or AI tool promises to fix all your operational headaches. The fear of missing out pushes ...
RMON Networks
Jun 2, 2026 - rmonnetworks.com
Zoom Introduces ‘ZoomMate,’ an AI Teammate for Post-Meeting Work
ZoomMate aims to turn meeting conversations into AI-powered workflows, giving IT leaders new questions around governance, automation, and ROI. The post Zoom Introduces ‘ZoomMate,’ an AI Teammate for P...
TechRepublic
Jun 2, 2026 - techrepublic.com
The Hidden Cost of Tool Sprawl: Why More Apps Mean Less Productivity
It is a common belief in business today: if a process is not working well, the answer is simply to add another tool. You might think you need a new project management system, a new AI assistant, a new...
RMON Networks
Jun 2, 2026 - rmonnetworks.com
Cisco sings Mythos' praises - but doesn't say how many bugs the model uncovered
Meanwhile, Anthropic adds 150 partners to Project Glasswing
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Why is reading the logs and the manual so hard
$1 submitted by /u/Titanium125
Reddit : Sysadmin
Jun 2, 2026 - reddit.com
"A lot of money didn’t go into Destiny": Ex-Bungie dev blames leadership "greed," not Marathon, for funding issues as Destiny 2's final update approaches
As Destiny 2's final content update and end approaches, one former Bungie dev says money that could have supported it "went into leadership pockets."
Latest from Windows Central
Jun 2, 2026 - windowscentral.com
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
darkreading
Jun 2, 2026 - darkreading.com
9to5Mac Daily: June 2, 2026 – iOS 26.5.1, new Apple Wallet rumors
Listen to a recap of the top stories of the day from 9to5Mac. 9to5Mac Daily is available on iTunes and Apple’s Podcasts app, Stitcher, TuneIn, Google Play, or through our dedicated RSS feed for Overca...
9to5Mac
Jun 2, 2026 - 9to5mac.com
One Step Forward, Two Steps Back: CA’s AB 1856 Exempts Open Source But Expands Age-Gating
After public outrage, California lawmakers are moving closer to exempting open-source operating systems from the sweeping age-bracketing regime mandated by last year’s Digital Age Assurance Act (AB 10...
Techdirt
Jun 2, 2026 - techdirt.com
Mary Jo Foley: No Copilot ‘Super App’ at Microsoft Build, but plenty of agentic fodder
Microsoft teased its rumored Copilot "Super App" at Build but didn't demo it. Longtime Microsoft watcher Mary Jo Foley assesses the no-show, explains why the initiative matters, and considers what the...
GeekWire
Jun 2, 2026 - geekwire.com
'Dumbass' criminal breaks the 'first rule of ransomware club'
You don't infect anyone in Russia or other CIS countries
www.theregister.com - Articles
Jun 2, 2026 - theregister.com
Random failure to open network share by PC name
I would appreciate any thoughts on the following please: I have several PCs here, all with almost identical Windows 10 LTSC installs. Just one is doing this (the pc is called tiger). It only starte...
Windows 10 Help Forums
Jun 3, 2026 - tenforums.com
I’m Trying to Teach Humanity Before It Disappears
To be an educator and a writer is to inhabit a rollercoaster world of hope; at times, you are filled with the excitement and power of possibilities, ...
EdSurge Articles
Jun 3, 2026 - edsurge.com
CVE-2021-25740 Holes in EndpointSlice Validation Enable Host Network Hijack
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2020-8561 Webhook redirect in kube-apiserver
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2013-1633 easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6253 proxy credentials leak over redirect-to proxy
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-5928 Static buffer overflow in deprecated nis_local_principal
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-7168 cross-proxy Digest auth state leak
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-5358 Static buffer overflow in deprecated nis_local_principal
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2024-30896 InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-42304 Twisted: Denial of Service (DoS) in twisted.names via Crafted DNS Compression Pointer Chains
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-5450 scanf %mc off-by-one heap buffer overflow
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-4891 CVE-2026-4891
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-4893 CVE-2026-4893
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-3219 pip doesn't reject concatenated ZIP and tar archives
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-2291 CVE-2026-2291
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-5172 CVE-2026-5172
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-4890 CVE-2026-4890
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1150 GNU Binutils ld libbfd.c bfd_malloc memory leak
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1180 GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-40225 In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2024-7598 Network restriction bypass via race condition during namespace termination
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-43969 Cookie Request Header Injection via Unvalidated Encoder in cow_cookie:cookie/1
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-7790 Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-43968 CR Injection in SSE Encoder Enables Event Splitting via cow_sse:event/1
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2024-58251 In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-8368 LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-46394 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-46327 Go Snowflake Driver has race condition when checking access to Easy Logging configuration file
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-3198 GNU Binutils objdump bucomm.c display_info memory leak
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1178 GNU Binutils ld libbfd.c bfd_putl64 memory corruption
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installation
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-1176 GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-41606 Apache Thrift: c_glib dispatch stack overflow
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-5791 Users: `root` appended to group listings
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-41607 Apache Thrift: C++ JSON OOB read
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2024-58266 The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-41526 In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path to handle user input are affected and could be exploited. In particular, because sendInput() sends a string to a terminal, a control character such as \x01 can be used during injection.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-55551 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-40355 In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-55554 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-40356 In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-42502 Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6845 Binutils: binutils: denial of service via crafted elf file
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-11083 GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-9403 jqlang jq JSON jq_test.c run_jq_tests assertion
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-60876 BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-6843 Nano: nano: format string vulnerability leads to denial of service
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-37457 An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Information published.
MSRC Security Update Guide
Jun 3, 2026 - msrc.microsoft.com
CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh
Information published.