Microsoft has released its newest Patch Tuesday replace, addressing greater than 200 vulnerabilities in Home windows and associated software program. It’s the largest patch package deal within the firm’s month-to-month replace cycle, and exploit code for 3 of the vulnerabilities is already publicly obtainable.
Microsoft has fastened round 200 vulnerabilities in Home windows, Workplace, Visible Studio Code and different merchandise. Almost three dozen safety points have been assigned the very best severity score. The rise within the variety of vulnerabilities found could also be linked to the elevated use of synthetic intelligence instruments by each Microsoft itself and safety researchers.
Among the many fastened points are a number of zero-day vulnerabilities. Considered one of them, CVE-2026-49160, allows a denial-of-service assault on net servers, together with Microsoft IIS. In keeping with the corporate, it was made conscious of the difficulty by OpenAI through Codex.
Individually, Microsoft has fastened a problem in Visible Studio Code that allowed GitHub tokens to be stolen utilizing specifically crafted tasks. The corporate was compelled to launch a brief repair as early as 3 June following the publication of particulars of such an assault.
Researchers estimate that the precise variety of vulnerabilities fastened considerably exceeds 200. Microsoft’s browser elements alone acquired fixes for 360 separate safety points, which aren’t normally included in Patch Tuesday statistics.
Along with Microsoft, different firms have additionally launched main replace packages this month. Adobe has addressed quite a few essential vulnerabilities in Acrobat Reader, Expertise Supervisor and ColdFusion, whereas Google has fastened 429 safety points in Google Chrome.
Learn additionally: Microsoft GitHub open-source instruments breached in hack focusing on AI builders’ passwords
Share: