惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Archives - TechRepublic
Security Archives - TechRepublic
T
The Exploit Database - CXSecurity.com
P
Proofpoint News Feed
Scott Helme
Scott Helme
NISL@THU
NISL@THU
Cisco Talos Blog
Cisco Talos Blog
C
Cybersecurity and Infrastructure Security Agency CISA
AWS News Blog
AWS News Blog
V
Vulnerabilities – Threatpost
J
Java Code Geeks
U
Unit 42
The GitHub Blog
The GitHub Blog
H
Help Net Security
T
Tenable Blog
aimingoo的专栏
aimingoo的专栏
Jina AI
Jina AI
Spread Privacy
Spread Privacy
Apple Machine Learning Research
Apple Machine Learning Research
人人都是产品经理
人人都是产品经理
L
Lohrmann on Cybersecurity
T
Threatpost
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Engineering at Meta
Engineering at Meta
A
About on SuperTechFans
I
InfoQ
Microsoft Azure Blog
Microsoft Azure Blog
B
Blog
L
LINUX DO - 最新话题
K
Kaspersky official blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
T
Threat Research - Cisco Blogs
C
Check Point Blog
T
The Blog of Author Tim Ferriss
有赞技术团队
有赞技术团队
宝玉的分享
宝玉的分享
Help Net Security
Help Net Security
Google DeepMind News
Google DeepMind News
A
Arctic Wolf
Y
Y Combinator Blog
N
News | PayPal Newsroom
M
MIT News - Artificial intelligence
Latest news
Latest news
H
Hacker News: Front Page
Blog — PlanetScale
Blog — PlanetScale
腾讯CDC
I
Intezer
爱范儿
爱范儿
F
Fortinet All Blogs
P
Palo Alto Networks Blog
C
CERT Recently Published Vulnerability Notes

The Register - Security: Patches

Cisco SD-WAN make-me-root bug under attack Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9 Anthropic to release Mythos-class models to the public Clear your calendar, Drupal user: You have a critically urgent patch to install Welcome to the vulnpocalypse, as vendors use AI to find bugs and patches multiply like rabbits Doozy of a Patch Tuesday includes 30 critical Microsoft CVEs Critical cPanel, WHM flaw probs exploited as 0-day, pros say Microsoft patch fell short. New Windows flaw exploited More Cisco SD-WAN bugs battered in attacks Critical Fortinet sandbox bugs allow auth bypass and RCE Ancient Excel bug comes out of retirement for active attacks Microsoft's massive Patch Tuesday: It's raining bugs Ransomware scum, other crims exploit 4 old Microsoft bugs Attackers exploited the FortiClient EMS bug as a 0-day Citrix NetScaler bug may be multiple flaws in one Ransomware crims abused Cisco 0-day weeks before disclosure Google rushes Chrome update to fix zero-days under attack CISA warns max-severity n8n bug is being exploited in the wild Cisco warns of two more SD-WAN bugs under active attack LexisNexis Legal & Professional confirms data breach Five Eyes warn: Patch your Cisco SD-WAN or risk root takeover Patch these 4 critical, make-me-root SolarWinds bugs ASAP Attacker gets into France's DB listing all bank accounts CISA gives feds 3 days to patch actively exploited Dell bug CISA gives feds 3 days to patch actively exploited Dell bug Google fixes exploited Chrome CSS zero-day Critical Microsoft bug from 2024 under exploitation Apple patches decade-old iOS zero-day exploited in the wild Microsoft's Valentine's gift to admins: 6 zero-day fixes Microsoft's Valentine's gift to admins: 6 zero-day fixes Critical SolarWinds Web Help Desk bug under attack Critical React Native Metro dev server bug under attack Critical React Native Metro dev server bug under attack OpenClaw patches one-click RCE as security Whac-A-Mole continues Ivanti's January bad luck continues as 0-days hit customers Critical VMware vCenter Server bug under attack Critical VMware vCenter Server bug under attack FortiGate SSO bug still exploitable despite December patch Ancient telnet bug happily hands out root to attackers Cisco plugs up Unified Comms zero-day under active exploit Cloudflare whacks WAF bypass bug that opened side door Cloudflare whacks WAF bypass bug that opened side door Anthropic quietly fixed flaws in its Git MCP server Sorry Dave, I’m afraid I can’t do that! PCs refuse to shut down after Microsoft patch Patch Tuesday update makes Windows PCs refuse to shut down Cisco finally fixes max-severity bug under active attack for weeks Cisco finally fixes max-severity bug under attack for weeks Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm Python libraries in AI/ML models can be poisoned w metadata Python libraries in AI/ML models can be poisoned w metadata Ruh-roh, there's a Cisco ISE bug POC on the loose Ruh-roh, there's a Cisco ISE bug POC on the loose CISA flags exploited Office relic alongside fresh HPE flaw Critical n8n bug allows unauthenticated server takeover Logitech mouse mayhem traced to expired dev certificate 'Heartbleed of MongoDB' under active exploit Microsoft fixes Message Queuing issue in new update Microsoft fixes Message Queuing issue in new update Critical-rated WatchGuard Firebox flaw under active attack HPE OneView RCE bug scores a perfect 10 Apple, Google forced to issue emergency 0-day patches Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit Microsoft RasMan 0-day gets an unofficial patch and exploit New React vulns leak secrets, invite DoS attacks Google fixes super-secret 8th Chrome 0-day Microsoft fixes Windows shortcut flaw exploited for years Microsoft fixes Windows shortcut flaw exploited for years Two Android 0-day bugs patched, plus 105 more fixes Fortinet finally cops to critical bug under active exploit Cisco warns of 'new attack variant' battering firewalls Docker Compose vulnerability opens door to host-level writes Microsoft issues out-of-band patch for critical WSUS flaw Vulnerable Rust crate exposes uv Python packager Oracle rushes out another emergency E-Business Suite patch 50K Cisco firewalls remain vulnerable to advanced attacks Exploits using GoAnywhere perfect-10 bug confirmed Critical Cisco firewall holes under active attack SonicWall releases rootkit-busting firmware update SolarWinds patches critical RCE - for the third time Fortra discloses 10/10 severity bug in GoAnywhere MFT OpenAI plugs ShadowLeak bug in ChatGPT Google pushes emergency patch for Chrome 0-day Apple backports patch to older kit after 0-day exploitation
AI is making Patch Tuesday (kinda) fun again
Jessica Lyons Jessica Lyons · 2026-06-10 · via The Register - Security: Patches

PATCHES

Unless you're an admin or vulnerability manager – then you're totally screwed

Microsoft set a record with its June Patch Tuesday release, addressing 206 CVEs across its products and shipping fixes for them, with 38 deemed critical and the rest important. Three are listed as publicly known, but none (so far) have been exploited in the wild.

We have no idea how many of these June bugs were uncovered using AI tools. Unlike last month’s patching event, when Redmond disclosed its agentic bug-hunting system found 16 of the 137 vulnerabilities, there’s no word on any AI assists for new releases. 

Still, it’s safe to assume AI played a major role. As Tom Gallagher, VP of engineering at Microsoft Security Response Center, said about May's Patch Tuesday with a whopping 30 critical flaws: “We expect releases to continue trending larger for some time.”

June’s Patch Tuesday proved Gallagher correct, surpassing May in both overall volume and critical bugs.

“I’ve been counting CVEs on Patch Tuesday since 2017, and this is by far the largest monthly release in that time,” Zero Day Initiative’s bug hunter in chief Dustin Childs said in his review. 

“It is extraordinary that Microsoft can produce so many patches in a single month, but it does raise concerns,” he added, asking, as we did: How many were found via AI?

And: “How many patches were generated using AI to assist in coding or testing? What quality issues may exist in these patches? And likely most importantly, is this the new normal?”

Childs noted that May and April also saw mega releases.

“Should sysadmins adjust their processes for prioritization and patch deployment based on this new volume of updates? Unfortunately, Microsoft is not providing those answers right now,” he wrote, adding in this fun fact: “The current number of CVEs shipped by Microsoft this year exceeds the total number of CVEs shipped in all of 2018.”

Wowza. 

While it’s fun to watch from a purely speculative standpoint, as in: "Will Microsoft top 300 next month?", our thoughts and prayers are nonetheless with sysadmins and vulnerability management teams drowning in the AI-induced vulnpocalypse by now. 

None of the Patch Tuesday security holes are listed as under attack – at least not yet – but three are listed as publicly known. Let’s take a look at those first.

Three known vulnerabilities

CVE-2026-49160 is an HTTP.sys denial of service vulnerability that we wrote about earlier this month. Calif researcher Quang Luong discovered the attack with an assist from OpenAI's Codex agent, named it HTTP/2 Bomb, and said it exploits the HTTP/2 header compression algorithm by sending thousands of tiny messages to the server, forcing it to rapidly allocate memory and ultimately crash.

At the time, a Microsoft spokesperson told The Register that Redmond was “aware and actively investigating appropriate mitigations.” On Tuesday, the tech giant fixed the security issue by introducing a new MaxHeadersCount registry setting, which allows users to limit the number of headers included in HTTP/2 and HTTP/3 requests, and should prevent denial-of-service attacks.

CVE-2026-50507, a security feature bypass bug in Windows BitLocker, is the second CVE listed as publicly disclosed, and “exploitation more likely.” An attacker with physical access to the vulnerable system could bypass the BitLocker Device Encryption feature and gain access to the device's encrypted data, according to the advisory.

This flaw also seems to be a patch for one of the zero-days dropped in the ongoing war between Microsoft and a disgruntled bug hunter known as Nightmare Eclipse - likely the YellowKey vulnerability disclosed in May. Nightmare has published details about and in some cases, full proof-of-concept exploit code for six zero-days, and promised a “bone shattering” release on June 14.

The third publicly known bug, CVE-2026-45586, is a Windows Collaborative Translation Framework (CTFMON) elevation of privilege vulnerability that can be abused by an authorized attacker to elevate privileges locally and gain SYSTEM access. From there, miscreants could deploy malware, steal data, and move laterally through the victim's environment - so patch this one sooner.

Plus these two (of 38) critical bugs

In addition to those three known vulnerabilities that made the rounds before Microsoft issued a patch, a couple of critical-rated 9.8 security flaws are worth highlighting this month.

The first, CVE-2026-45657, is a Windows kernel remote code execution (RCE) bug that allows remote, unauthenticated attackers to run code with system-level privileges without any user interaction. It’s due to an error in how the Windows kernel processes some TCP/IP data, and can be exploited by sending malicious network packets to a vulnerable Windows system, thus triggering the flaw. 

While it’s listed as “exploitation less likely” by Redmond, we like Childs’ response. “Rest assured that every researcher and bug shop on the planet is reversing this patch right now trying to create an exploit,” he said. “Test and deploy this patch quickly.”

CVE-2026-47291, an HTTP.sys RCE vulnerability that also earned a 9.8 CVSS rating, deserves attention as it can also be triggered with zero user interaction and Microsoft says it’s “more likely” to be exploited.

“This vulnerability creates severe business risk because HTTP.sys is used by Windows services that process HTTP traffic,” Alex Vovk, CEO and co-founder of patch-management vendor Action1, told The Register. “A successful attack could lead to server takeover, malware deployment, data theft, service disruption, and lateral movement across the environment. Internet-facing systems are especially exposed.”

The good news: systems using the Windows HTTP stack’s default MaxRequestBytes registry value are not affected. In the advisory, Redmond provides detailed instructions on how to edit registry settings, which can buy admins some time (and security) while deploying the patch. ®