Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.
Windows Netlogon: critical RCE
Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089, which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges or user interaction are required, and attack complexity is low, which suggests that creation of a reliable exploit might not be especially difficult for anyone with knowledge of the specific mechanism.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Microsoft Programming Error is Behind Dangerous Kernel Bug, Researchers Claim
September 7, 2017
Researchers claim a programming error in the Microsoft Windows kernel cracks the door open for malicious executables to bypass security software. The flaw, according to security firm EnSilo, has been present on previous versions of Windows dating back to Windows 2000 and can be found on Windows 10 as well. “The bug is a programming error ...
- Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound
September 6, 2017
What if your smartphone starts making calls, sending text messages, and browsing malicious websites on the Internet itself without even asking you? This is no imaginations, as hackers can make this possible using your smartphone’s personal assistant like Siri or Google Now. A team of security researchers from China’s Zhejiang University have discovered a clever way of ...
- Multiple Vulnerabilities Found in NVIDIA, Qualcomm, Huawei Bootloaders
September 6, 2017
Six exploitable flaws in chipsets used by Huawei, Qualcomm, MediaTek and NVIDIA were found in popular Android handsets, according to a report by University of California at Santa Barbara computer scientists. Each of the flaws exist in phones sold by Huawei, Sony and Google, and are tied to each of the phones’ bootloader firmware. The vulnerabilities ...
- Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
September 5, 2017
Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON. The vulnerability (CVE-2017-9805) is a ...
- Kurat võtku! Estonia identifies security risk in almost 750,000 ID cards
September 5, 2017
The Estonian government has discovered a security risk in its ID card system, potentially affecting almost 750,000 residents. “When notified, Estonian authorities immediately took precautionary measures, including closing the public key database, in order to minimise the risk while the situation can be fully assessed and a solution developed,” according to an email by Kaspar Korjus, ...
- Alert: AT&T customers with Arris modems at risk of remote hacking, claim infosec bods
September 1, 2017
Infosec consulting firm Nomotion has reported vulnerabilities in Arris broadband modems and which it says are trivial to exploit, and could affect nearly 140,000 devices. The report claims the modems carry hard-coded credentials, serious since a firmware update turned on SSH by default. That would let a remote attacker access the modem’s cshell service and take a ...