Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.
Windows Netlogon: critical RCE
Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089, which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges or user interaction are required, and attack complexity is low, which suggests that creation of a reliable exploit might not be especially difficult for anyone with knowledge of the specific mechanism.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers are going after Cisco RV320/RV325 routers using a new exploit
January 27, 2019
Security researchers have observed ongoing internet scans and exploitation attempts against Cisco RV320 and RV325 WAN VPN routers, two models very popular among internet service providers and large enterprises. ttacks started on Friday, January 25, after security researcher David Davidson published a proof-of-concept exploit for two Cisco RV320 and RV325 vulnerabilities. The vulnerabilities are: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details ...
- LabKey Vulnerabilities Threaten Medical Research Data
January 25, 2019
LabKey Server version 18.3.0-61806.763, released on January 16, patches all three issues, so users should update as soon as possible. A trio of vulnerabilities in a popular open source medical data collaboration tool leaves important healthcare research data and potentially subject information open to multiple cross site scripting (XSS) attacks. The flaws are serious as they ...
- ‘Chaos’ iPhone X Attack Alleges Remote Jailbreak
January 25, 2019
The attack makes use of previously disclosed critical vulnerabilities in the Apple Safari web browser and iOS. A Chinese security researcher has published what he claims is a proof-of-concept exploit that would allow a remote attacker to jailbreak an iPhoneX, unbeknownst to the user – allowing them to gain access to a victim’s data, processing power ...
- Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems
January 22, 2019
Just in time… Some cybersecurity experts this week arguing over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification, just because APT on Linux also does the same. Ironically, a security researcher just today revealed details of a new critical remote code execution flaw in the apt-get utility that can be exploited by ...
- WiFi firmware bug affects laptops, smartphones, routers, gaming devices
January 18, 2019
Details have been published today about a vulnerability affecting the firmware of a popular WiFi chipset deployed in a wide range of devices, such as laptops, smartphones, gaming rigs, routers, and Internet of Things (IoT) devices. Discovered by Embedi researcher Denis Selianin, the vulnerability impacts ThreadX, a real-time operating system (RTOS) that is used as firmware for ...
- Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open
January 18, 2019
A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small office and home office (SOHO) environments, to manage and control small local area networks with no ...