پشتیبانی 24/7 :

031-36691964 | 021-88203003

Search
انتشار آپدیت امنیتی ماه ژوئن 2026 مایکروسافت و رفع 200 آسیب پذیری!

انتشار آپدیت امنیتی ماه ژوئن 2026 مایکروسافت و رفع 200 آسیب پذیری!

تیتر مطالب

آپدیت امنیتی ماه ژوئن 2026 مایکروسافت که شامل به‌روزرسانی‌های امنیتی برای ۲۰۰ نقص و سه آسیب‌پذیری Zero-day افشا شده‌ی عمومی است، منتشر شد.

این آپدیت ماهیانه سه شنبه های مایکروسافت، ۳۳ آسیب‌پذیری «بحرانی» را برطرف می‌کند که ۲۸ مورد از آن‌ها اجرای کد از راه دور، ۴ مورد ارتقاء امتیاز و ۱ مورد نقص افشای اطلاعات است.
تعداد آسیب پذیری ها در هر دسته به شکل زیر است:

• 65 Elevation of Privilege Vulnerabilities
• 19 Security Feature Bypass Vulnerabilities
• 55 Remote Code Execution Vulnerabilities
• 30 Information Disclosure Vulnerabilities
• 7 Denial of Service Vulnerabilities
• 27 Spoofing Vulnerabilities

آسیب پذیری های قابل توجه در آپدیت امنیتی ماه ژوئن 2026 مایکروسافت

آپدیت امنیتی ماه ژوئن ، سه آسیب‌پذیری Zero-day افشا شده عمومی را برطرف می‌کند که هیچ‌کدام از آن‌ها در حملات مورد سوءاستفاده قرار نگرفته‌اند.

دو آسیب‌پذیری Zero-day افشا شده عمومی عبارتند از:

CVE-2026-45586 – Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

مایکروسافت یک آسیب‌پذیری CTFMON ویندوز که به‌طور عمومی افشا شده و به یک مهاجم مجاز اجازه می‌دهد تا امتیازات را به‌صورت محلی افزایش دهد و امتیازات SYSTEM را اعطا می‌کند، وصله و رفع کرده است.

CVE-2026-49160 – HTTP.sys Denial of Service Vulnerability

مایکروسافت یک آسیب پذیری DoS HTTP/2 که به طور عمومی افشا شده بود و “HTTP/2 Bomb” نام داشت و این ماه توسط محققان امنیتی را وصله کرده است.

حمله HTTP/2 Bomb یک تکنیک DoS است که از نحوه فشرده‌سازی و مدیریت هدرهای ترافیک وب توسط پروتکل HTTP/2 سوءاستفاده می‌کند و به مهاجمان اجازه می‌دهد مقادیر بسیار کمی از داده‌ها را ارسال کنند که سرورها را مجبور به تخصیص مقادیر نامتناسبی از حافظه می‌کند.

محققان دریافتند که این حمله می‌تواند استفاده از حافظه را در سرورهای آسیب‌دیده به طور چشمگیری افزایش دهد. مهاجمان همچنین می‌توانند با دستکاری تنظیمات کنترل جریان، حافظه را درگیر نگه دارند و از آزاد شدن منابع توسط سرور جلوگیری کنند و به طور بالقوه باعث مشکلات عملکرد یا قطع برق شوند.

برای کمک به کاهش این ریسک، مایکروسافت یک تنظیم جدید برای رجیستری MaxHeadersCount معرفی کرده است. این تنظیم به شما امکان می‌دهد تعداد هدرهای موجود در درخواست‌های HTTP/2 و HTTP/3 که توسط سرور HTTP پذیرفته می‌شوند را محدود کنید. برای اطلاعات بیشتر، به لینک KB5102602 مراجعه کنید.

CVE-2026-50507 – Windows BitLocker Security Feature Bypass Vulnerability

مایکروسافت یک آسیب پذیری دور زدن BitLocker ویندوز که به طور عمومی افشا شده بود و به مهاجمان محلی اجازه دسترسی به یک درایو رمزگذاری شده را می‌داد، وصله کرده است.

این نقص در درجه اول سیستم‌هایی را تحت تأثیر قرار می‌دهد که از محافظت BitLocker فقط با TPM در دستگاه‌های ویندوز 11 و ویندوز سرور 2022/2025 استفاده می‌کردند. مایکروسافت پیش از این، راه حل‌های موقت برای این مشکل، از جمله فعال کردن احراز هویت TPM+PIN به جای تکیه صرف بر محافظت TPM، را به اشتراک گذاشته بود.

آپدیت های منتشر شده از سوی سایر شرکت های بزرگ

  • Acer warned about two maximum-severity unpatched flaws in Acer Wave 7 Routers that could be used to hijack routers.
  • Adobe released security updates for Experience Manager, InDesign, InCopy, Substance 3D Sampler, Dreamweaver, Reader, ColdFusion, and more.
  • Check Point released security updates for a Remote Access VPN and Mobile Access flaw that was exploited in Qilin ransomware attacks.
  • Cisco released security updates for numerous products, including a Unified CM flaw with a PoC exploit and an SD-WAN zero-day exploited in attacks.
  • Fortinet released security updates for numerous flaws in FortiOS, FortiSandbox, and FortiProxy.
  • Google released Android’s June security bulletin, fixing 124 flaws and one actively exploited vulnerability. The company also fixed a new Google Chrome zero-day that was exploited in attacks.
  • Ivanti released security updates for vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) and Ivanti Sentry, with none exploited in the wild.
  • Ubiquiti released security updates for three vulnerabilities with maximum severity ratings that could lead to remote code execution. 
  • SAP released the June security updates, which include fixes for four critical flaws.
  • Veeam released security updates for a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup servers.

لیست کامل آپدیت امنیتی ماه ژوئن 2026 مایکروسافت

Tag CVE ID CVE Title Severity
.NET CVE-2026-45491 .NET Tampering Vulnerability Important
.NET CVE-2026-45490 .NET SDK Elevation of Privilege Vulnerability Important
Active Directory Domain Services CVE-2026-45648 Windows Active Directory Domain Services Remote Code Execution Vulnerability Critical
ASP.NET Core CVE-2026-45591 ASP.NET Core Denial of Service Vulnerability Important
Azure Stack Edge CVE-2026-47643 Azure Stack Edge Remote Code Execution Vulnerability Important
Azure Stack Edge CVE-2026-41098 Azure Stack Edge Spoofing Vulnerability Important
Function Discovery Service (fdwsd.dll) CVE-2026-42836 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Important
GitHub Copilot and Visual Studio Code CVE-2026-45482 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability Important
HTTP/2 CVE-2026-49160 HTTP.sys Denial of Service Vulnerability Important
Linux MANA Driver CVE-2026-45476 Microsoft Azure Network Adapter Elevation of Privilege Vulnerability Critical
Microsoft Azure Attestation service and Device Health Attestation Service CVE-2026-45642 Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability Important
Microsoft Azure Attestation service and Device Health Attestation Service CVE-2026-33828 Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability Critical
Microsoft Azure Kubernetes Service CVE-2026-32193 Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability Critical
Microsoft Bing CVE-2026-45650 Microsoft Bing Search Spoofing Vulnerability Important
Microsoft Defender for Endpoint CVE-2026-45647 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability Important
Microsoft Dynamics 365 (on-premises) CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2026-45500 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2026-45501 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2026-47631 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2026-45503 Microsoft Exchange Server Information Disclosure Vulnerability Important
Microsoft Exchange Server CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2026-45502 Microsoft Exchange Server Information Disclosure Vulnerability Important
Microsoft Exchange Server CVE-2026-45583 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2026-42986 Microsoft Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Kinect CVE-2026-41092 Microsoft Kinect Elevation of Privilege Vulnerability Important
Microsoft Live Share Canvas SDK CVE-2026-45644 Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-44821 Microsoft Office Information Disclosure Vulnerability Important
Microsoft Office CVE-2026-45474 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2026-44824 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability Important
Microsoft Office CVE-2026-45645 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2026-45472 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-45458 Microsoft Outlook and Word Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-45460 Microsoft Office Information Disclosure Vulnerability Critical
Microsoft Office CVE-2026-47635 Microsoft Outlook and Word Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-45461 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office Click-To-Run CVE-2026-47293 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability Important
Microsoft Office Excel CVE-2026-44820 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2026-44818 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2026-44817 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability Important
Microsoft Office Excel CVE-2026-45455 Microsoft Excel Information Disclosure Vulnerability Important
Microsoft Office Excel CVE-2026-44823 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2026-45459 Microsoft Excel Security Feature Bypass Vulnerability Important
Microsoft Office Project CVE-2026-45483 Microsoft Office Project Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45484 Microsoft SharePoint Elevation of Privilege Vulnerability Important
Microsoft Office SharePoint CVE-2026-45465 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47634 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47640 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45481 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45468 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47638 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47639 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47641 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47637 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45467 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45453 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-48560 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-47298 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2026-45454 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2026-33113 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45479 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-48562 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45464 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2026-45462 Microsoft SharePoint Server Spoofing Vulnerability Important
Microsoft Office Word CVE-2026-45643 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2026-45457 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2026-45486 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability Important
Microsoft PC Manager CVE-2026-49161 Microsoft PC Manager Security Feature Bypass Vulnerability Important
Microsoft PowerToys CVE-2026-42902 Microsoft PowerToys Elevation of Privilege Vulnerability Important
Microsoft Teams for Android CVE-2026-42835 Microsoft Teams for Android Information Disclosure Vulnerability Important
Microsoft UxTheme Library (uxtheme.dll) CVE-2026-45606 Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability Important
Microsoft Windows DNS CVE-2026-41108 Windows DNS Client Elevation of Privilege Vulnerability Important
Nuance PowerScribe CVE-2026-26142 Nuance PowerScribe Remote Code Execution Vulnerability Critical
Office for Android CVE-2026-45649 Office for Android Spoofing Vulnerability Important
Remote Desktop Client CVE-2026-42993 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Client CVE-2026-42985 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-47653 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Client CVE-2026-47289 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-42909 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Client CVE-2026-47654 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-42992 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-42913 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Client CVE-2026-44801 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-44799 Remote Desktop Client Remote Code Execution Vulnerability Critical
Remote Desktop Client CVE-2026-48563 Remote Desktop Client Remote Code Execution Vulnerability Critical
Role: Windows Hyper-V CVE-2026-45641 Windows Hyper-V Remote Code Execution Vulnerability Critical
Role: Windows Hyper-V CVE-2026-42972 Windows Hyper-V Information Disclosure Vulnerability Important
UI Automation Manager (uiamanager.dll) CVE-2026-45597 Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability Important
Universal Plug and Play (upnp.dll) CVE-2026-45599 Windows UPnP Device Host Remote Code Execution Vulnerability Important
Universal Plug and Play (upnp.dll) CVE-2026-45635 Windows UPnP Device Host Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2026-47287 Visual Studio Code Tampering Vulnerability Important
Visual Studio Code CVE-2026-47292 Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2026-40376 Visual Studio Code Elevation of Privilege Vulnerability Important
Visual Studio Code CVE-2026-47284 Visual Studio Code Information Disclosure Vulnerability Important
Visual Studio Code CVE-2026-47281 Visual Studio Code Elevation of Privilege Vulnerability Important
Visual Studio Code CVE-2026-48569 Visual Studio Code Security Feature Bypass Vulnerability Important
Windows Administrator Protection CVE-2026-42829 Windows Administrator Protection Secure Feature Bypass Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-42911 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-45598 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-45601 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-45603 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-34335 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-45596 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Application Identity (AppID) Subsystem CVE-2026-45604 Windows Managed Installer Information Disclosure Vulnerability Important
Windows Application Identity (AppID) Subsystem CVE-2026-45594 Windows Application Identity (AppID) Information Disclosure Vulnerability Important
Windows BitLocker CVE-2026-45658 Windows BitLocker Security Feature Bypass Vulnerability Important
Windows BitLocker CVE-2026-50507 Windows BitLocker Security Feature Bypass Vulnerability Important
Windows BitLocker CVE-2026-45655 Windows BitLocker Security Feature Bypass Vulnerability Important
Windows Bluetooth Port Driver CVE-2026-45640 Windows Bluetooth Port Driver Elevation of Privilege Vulnerability Important
Windows Bluetooth Service CVE-2026-45605 Windows Bluetooth Service Elevation of Privilege Vulnerability Important
Windows Boot Manager CVE-2026-47656 Windows Boot Manager Security Feature Bypass Vulnerability Important
Windows Collaborative Translation Framework CVE-2026-45586 Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2026-44809 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Cryptographic Services CVE-2026-44810 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Critical
Windows Deployment Services CVE-2026-42987 Windows Deployment Services (WDS) Remote Code Execution Critical
Windows DHCP Client CVE-2026-44815 DHCP Client Service Remote Code Execution Vulnerability Critical
Windows DHCP Client CVE-2026-45608 Windows DHCP Client Information Disclosure Vulnerability Important
Windows DHCP Server CVE-2026-45634 Windows DHCP Client Information Disclosure Vulnerability Important
Windows DHCP Server CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability Important
Windows DWM Core Library CVE-2026-44807 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-44814 Windows DWM Core Library Information Disclosure Vulnerability Important
Windows DWM Core Library CVE-2026-44811 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-44808 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-48566 Windows DWM Core Library Information Disclosure Vulnerability Important
Windows DWM Core Library CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-42905 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-44813 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-42983 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-44802 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2026-44804 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows Hotpatch Monitoring Service CVE-2026-42910 Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability Important
Windows HTTP.sys CVE-2026-47291 HTTP.sys Remote Code Execution Vulnerability Critical
Windows Hyper-V CVE-2026-47652 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows Hyper-V CVE-2026-45607 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows Internet (wininet.dll) CVE-2026-45592 Windows Internet (wininet.dll) Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2026-47288 Windows Kerberos Key Distribution Center (KDC) Remote Code Execution Critical
Windows Kerberos CVE-2026-42914 Windows Kerberos Denial of Service Vulnerability Important
Windows Kerberos CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability Important
Windows Kernel CVE-2026-42984 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2026-45653 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2026-48583 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2025-10263 ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel] Critical
Windows Kernel CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability Critical
Windows Kernel-Mode Drivers CVE-2026-45600 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important
Windows Mark of the Web (MOTW) CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability Important
Windows Media CVE-2026-48574 Windows Media Remote Code Execution Vulnerability Critical
Windows Narrator Braille CVE-2026-48565 Windows Narrator Braille Elevation of Privilege Vulnerability Important
Windows Network Controller (NC) Host Agent CVE-2026-44805 Windows Network Controller (NC) Host Agent Denial of Service Vulnerability Important
Windows NT OS Kernel CVE-2026-42980 NT OS Kernel Elevation of Privilege Vulnerability Important
Windows NT OS Kernel CVE-2026-42916 NT OS Kernel Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2026-45636 Windows NTFS Remote Code Execution Vulnerability Important
Windows NTLM CVE-2026-50508 Windows NTLM Spoofing Vulnerability Important
Windows Performance Monitor CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability Important
Windows Performance Monitor CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability Important
Windows Program Compatibility Assistant Service CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability Important
Windows Projected File System Filter Driver CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability Important
Windows Projected File System Filter Driver CVE-2026-42837 Windows Projected File System Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2026-42991 Windows Push Notifications Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2026-42977 Windows Push Notifications Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2026-42979 Windows Push Notifications Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2026-42978 Windows Push Notifications Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2026-42973 Windows Push Notification Information Disclosure Vulnerability Important
Windows Push Notifications CVE-2026-42970 Windows Push Notification Information Disclosure Vulnerability Important
Windows Push Notifications CVE-2026-42969 Windows Push Notification Information Disclosure Vulnerability Important
Windows Push Notifications CVE-2026-42971 Windows Push Notification Information Disclosure Vulnerability Important
Windows RDP CVE-2026-45639 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important
Windows RDP CVE-2026-42908 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important
Windows SDK CVE-2026-45593 Windows SDK Elevation of Privilege Vulnerability Important
Windows Secure Boot CVE-2026-45588 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-45654 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48570 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48568 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48575 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48578 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48573 Secure Boot Security Feature Bypass Vulnerability Important
Windows Secure Boot CVE-2026-48576 Secure Boot Security Feature Bypass Vulnerability Important
Windows Shell CVE-2026-42907 Windows Shell Information Disclosure Vulnerability Important
Windows Shell CVE-2026-42906 Windows Shell Information Disclosure Vulnerability Important
Windows Storage CVE-2026-47648 Windows Storage Elevation of Privilege Vulnerability Important
Windows TCP/IP CVE-2026-42904 Windows TCP/IP Elevation of Privilege Vulnerability Important
Windows TCP/IP CVE-2026-42915 Windows TCP/IP Denial of Service Vulnerability Important
Windows Telephony Service CVE-2026-42968 Windows Telephony Server Information Disclosure Vulnerability Important
Windows Telephony Service CVE-2026-42912 Windows Telephony Service Elevation of Privilege Vulnerability Important
Windows UEFI CVE-2026-8863 UEFI Secure Boot Security Feature Bypass Vulnerability Important
Windows UEFI CVE-2026-45656 UEFI Secure Boot Security Feature Bypass Vulnerability Important
Windows Universal Disk Format File System Driver (UDFS) CVE-2026-40404 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Important
Windows Universal Disk Format File System Driver (UDFS) CVE-2026-40409 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Important
Windows Win32K – GRFX CVE-2026-44812 Windows Graphics Component Remote Code Execution Vulnerability Critical
Windows Win32K – GRFX CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability Critical
Winlogon CVE-2026-42989 Winlogon Elevation of Privilege Vulnerability Important

 

منبع: 

bleepingcomputer