Microsoft has released a record-breaking update for June 2026, addressing 206 vulnerabilities, with 39 rated as Critical. High-impact flaws include remote code execution (RCE) in the Windows Kernel and DHCP Client, as well as multiple BitLocker security feature bypasses. The volume of patches is attributed to the rise of AI-assisted vulnerability discovery tools.
Notable vulnerabilities include CVE-2026-45657 and CVE-2026-44815, both allowing unauthenticated RCE via network traffic. The update also mitigates the "HTTP2/Bomb" denial-of-service attack and addresses several publicly disclosed zero-days like GreenPlasma and MiniPlasma. Security experts warn that the scale of these updates, exceeding historical annual totals, presents significant challenges for patch management and quality assurance.
Top comments (0)