Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.
Windows Netlogon: critical RCE
Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089, which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges or user interaction are required, and attack complexity is low, which suggests that creation of a reliable exploit might not be especially difficult for anyone with knowledge of the specific mechanism.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Wormable Apple iCloud Bug Allows Automatic Photo Theft
October 9, 2020
A group of ethical hackers cracked open Apple’s infrastructure and systems and, over the course of three months, discovered 55 vulnerabilities, a number of which would have given attackers complete control over customer and employee applications. Of note, a critical, wormable iCloud account takeover bug would allow attackers to automatically steal all of a victim’s documents, ...
- ZeroLogon: Ransomware gang now using critical Windows flaw in attacks
October 9, 2020
Microsoft is warning that cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks. The alert comes after the company noticed ongoing attacks from cyber-espionage group MuddyWater (SeedWorm) in the second half of September. This time, the threat actor is TA505, an adversary who is indiscriminate about the victims it attacks, with ...
- Palo Alto Networks Unit 42 Discovers 27 New Vulnerabilities Across Microsoft Products
October 2, 2020
Palo Alto Networks Unit 42 threat researchers have been credited with discovering 27 new vulnerabilities addressed by the Microsoft Security Response Center (MSRC), as part of its last nine months of security update releases. Vulnerabilities The Microsoft vulnerabilities discovered included 27 vulnerabilities rated “important,” including Remote Code Execution, Privilege Elevation, Information Disclosure and one Denial of Service ...
- Zerologon Attacks Against Microsoft DCs Snowball in a Week
September 29, 2020
A spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, known as the Zerologon bug, continues to plague businesses. That’s according to researchers from Cisco Talos, who warned that cybercriminals are redoubling their efforts to trigger the elevation-of-privilege bug in the Netlogon Remote Protocol, which was addressed in the August Microsoft Patch Tuesday report. Microsoft announced ...
- Why Web Browser Padlocks Shouldn’t Be Trusted
September 29, 2020
For years, Apple, Firefox, Google and Microsoft relentlessly made the point that in order to avoid rogue sites you must make sure your browser “padlock” is either locked, green or is otherwise indicating a site as being “secure.” Now, cybersecurity firms are stressing that those padlocks are not enough. “You must look beyond the lock,” said ...
- Update now: Cisco warns over 25 high-impact flaws in its IOS and IOS XE software
September 25, 2020
Cisco has alerted customers using its IOS and ISO XE networking gear software to apply updates for 34 flaws across 25 high-severity security advisories. The large number of flaws affecting ISO and ISO XE are due to the advisories being announced as part of Cisco’s semi-annual release for the widely used software for Cisco routers and ...