security feature

Winsage
July 14, 2026
Microsoft's July Patch Tuesday update addresses 570 vulnerabilities, including three critical zero-days. The vulnerabilities include 254 elevation-of-privilege flaws, 17 security feature bypasses, 145 remote-code-execution issues, 102 information disclosures, 16 spoofing vulnerabilities, and 35 denial-of-service vulnerabilities. Among these, 59 bugs are classified as "critical." The three zero-days patched are CVE-2026-56155 (elevation of privilege in Active Directory Federation Services), CVE-2026-56164 (elevation of privilege in Microsoft SharePoint Server), and CVE-2026-50661 (security bypass in Windows BitLocker). The update is recommended to be installed as soon as possible, and users can check for updates through the Windows Update settings.
Winsage
July 14, 2026
Microsoft's July 2026 security update addresses 622 vulnerabilities, with 57 classified as "critical." Two critical vulnerabilities, CVE-2026-56155 (Active Directory Federation Services) and CVE-2026-56164 (Microsoft SharePoint Server), have been exploited in the wild. The critical vulnerabilities include 48 remote code execution (RCE) vulnerabilities, seven elevation of privilege (EoP) vulnerabilities, one spoofing vulnerability, and one security feature bypass vulnerability. RCE vulnerabilities affect various Microsoft services, including Windows Media, Microsoft Office, and SQL Server, with eleven rated as "more likely" to be exploited. Additional important vulnerabilities include CVE-2026-49170, CVE-2026-49795, and CVE-2026-50325. Talos is releasing a new Snort ruleset to detect these vulnerabilities, and Cisco Security Firewall customers are advised to update their ruleset.
Winsage
July 14, 2026
Microsoft released its July 2026 Patch Tuesday cumulative updates for Windows 11, addressing numerous security vulnerabilities and enhancing Secure Boot functionalities. The updates include: - KB5101650 for Windows 11 25H2 and 24H2, updating systems to builds 26200.8875 and 26100.8875. - KB5101649 for Windows 11 26H1, updating devices to build 28000.2525. The release addresses a total of 622 Microsoft Common Vulnerabilities and Exposures (CVEs), including: - 416 vulnerabilities in Windows. - Fixes for Microsoft Office, Edge, Exchange Server, SharePoint Server, SQL Server, Defender, and Azure services. Key vulnerabilities fixed include: - CVE-2026-50661: A BitLocker Security Feature Bypass vulnerability. - CVE-2026-56155: An AD FS Elevation of Privilege vulnerability that has been exploited. - CVE-2026-56164: A SharePoint Server Elevation of Privilege vulnerability. The updates also introduce new Secure Boot certificates, rectify issues from previous patches affecting third-party applications, and incorporate curl 8.21.0 for security improvements. Users are advised to back up data before installation, which requires a system reboot.
Winsage
July 10, 2026
Microsoft has acknowledged that some Windows 11 PCs are facing issues with Secure Boot certificate updates, which may fail to install or be blocked. The company is working with PC manufacturers to develop a patch, while users may need to take proactive measures if their certificates are obstructed. Microsoft has temporarily halted the rollout of Secure Boot for certain devices due to complications, and affected users will receive detailed error messages in the Windows Security app regarding their Secure Boot certificates. Secure Boot certificates issued in 2011 have expired, and Microsoft is replacing them with new certificates issued in 2023. Most modern hardware is already utilizing the new certificates, but some devices may have disabled Secure Boot or faulty firmware. Users can check their Secure Boot status in the Windows Security app. HP has confirmed that Secure Boot updates are being blocked on some of its PCs due to a BitLocker issue, which prevents the installation of new certificates. Microsoft has paused Secure Boot certificate updates for devices affected by known issues while collaborating with manufacturers to identify specific devices or firmware complications. A firmware update will be necessary for affected devices, but it is not yet available. The majority of PCs have received the Secure Boot certificates via Windows Update, but compatibility issues may prevent some devices from receiving the update. Older devices or those not among the OEM’s top-selling models may not receive updates if the UEFI firmware is unsupported. Secure Boot is a security feature required for Windows 11, preventing unauthorized software from executing at boot. While an expired Secure Boot certificate does not stop a PC from functioning, it may limit long-term security protection. Microsoft advises users not to disable Secure Boot, as it would compromise security further.
Winsage
July 5, 2026
Microsoft has confirmed that Windows 11 version 26H2 will be released in the latter half of 2026, transitioning to a streamlined servicing model with a small enablement package instead of a full installation. Key features expected in this update include: 1. A revamped Copilot that enhances search experiences with AI assistance. 2. Customization options for the Taskbar, allowing repositioning and size adjustments. 3. An option to disable web results in Windows Search for a more focused experience. 4. Improved control over Windows Update, including the ability to pause updates for up to 35 days. 5. An Administrator Protection feature that creates temporary accounts for administrative tasks to enhance security. 6. A modern design refresh for the Run dialog box, featuring rounded corners and a "recent commands" section.
Winsage
June 30, 2026
Chaotic Eclipse, also known as Nightmare-Eclipse, bypassed Windows 11's BitLocker security using a USB stick and claimed Microsoft left a backdoor in the system. Following this, Microsoft patched three zero-day exploits named YellowKey, GreenPlasma, and MiniPlasma. Nightmare-Eclipse then revealed another zero-day vulnerability called RoguePlanet, which affects Microsoft Defender on Windows 10 and 11, potentially allowing attackers full control over compromised systems. Microsoft is tracking this vulnerability as CVE-2026-50656 and is working on a security update. Nightmare-Eclipse provided a proof-of-concept exploit and described it as a race condition with variable success rates. Microsoft has promoted Windows Defender as adequate for most users but acknowledged that third-party tools can offer additional protection. The company initially threatened legal action against Nightmare-Eclipse but later decided not to pursue lawsuits against researchers sharing their findings.
Winsage
June 30, 2026
Security researcher Chaotic Eclipse, known as Nightmare-Eclipse, bypassed Windows 11's BitLocker security using a USB stick and claimed Microsoft intentionally included a backdoor in the feature. Microsoft responded by patching three zero-day exploits disclosed by Nightmare-Eclipse: YellowKey, GreenPlasma, and MiniPlasma, and is monitoring another exploit called RoguePlanet, cataloged as CVE-2026-50656. The RoguePlanet exploit is a race condition with varying success rates on different machines, achieving a 100% success rate on some devices. Microsoft acknowledged that while Windows 11's Defender is generally sufficient for most users, third-party tools can offer additional security features. Tensions between Nightmare-Eclipse and Microsoft have risen, with the company previously considering legal action but now indicating it will not pursue lawsuits against researchers sharing their findings.
Search