< Back to situations

We’ll email you as it develops, and you can follow the whole thread from day one.

[SITUATION] · [ACTIVE]

47 clusters · 196 sources · 58 days · First seen · Last updated

Categories: TECHNOLOGY · CRIME

Microsoft 2026 support deadlines, record patch, Win12 delay

Overview

Microsoft’s June 2026 Patch Tuesday delivered a 208‑fix update, including critical driver and Secure Boot patches and an optional KB5095093 that temporarily mitigated a Windows 11 storage‑file defect. In July, the company first reported a record‑size Patch Tuesday fixing 570 Windows vulnerabilities, then updated the count to 622 flaws – the largest monthly roll‑out to date – spanning elevation‑of‑privilege, remote‑code‑execution, privilege‑escalation and information‑disclosure categories. The July bundle patched three zero‑days, notably CVE‑2026‑56155 (Active Directory Federation Services) and CVE‑2026‑56164 (SharePoint Server), and added a BitLocker security‑feature bypass (CVE‑2026‑50661). An emergency update on 8 July addressed the RoguePlanet zero‑day (CVE‑2026‑50656) in the Microsoft Malware Protection Engine.

Support timelines were clarified. Home and Pro editions of Windows 11 24H2 will cease receiving security updates on 13 October 2026, as will the Office 2021 suite and all its LTSC versions; Microsoft Publisher will be retired. Extended security updates for Windows Server 2012/2012 R2 end 13 October 2026, and support for SQL Server 2016 and SharePoint Server 2016/2019 ends 14 July 2026. Developer tools .NET 8, .NET 9 and PowerShell 7.4 stop receiving updates on 10 November 2026. The Windows 10 ESU programme was extended to 12 October 2027, free for up to ten EU devices on version 22H2.

Microsoft confirmed that a Windows 12 release is not planned before 2027 and will continue to evolve Windows 11 with feature‑pack updates and AI‑driven capabilities such as Copilot‑integrated assistants. Post‑support data show that about 16.9 % of devices still run Windows 10, with an average of 1,903 active CVEs per machine—nearly three times the risk on Windows 11—especially in small‑business and healthcare sectors. Administrators are urged to apply the July patches promptly, migrate away from products reaching end‑of‑support, and prepare for the upcoming Windows 11 26H2 feature pack, which will first appear on x86‑64 devices.

Timeline

  1. about 22 hours ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows legacy devices face nearly three‑fold higher vulnerability risk

    About 17% of Windows PCs still run Windows 10, facing nearly three‑times more vulnerabilities than Windows 11, while Microsoft also blocks alternative browsers, limiting user choice.

  2. 1 day ago

    [TECHNOLOGY] 3 sources
    Microsoft says Windows 12 will not arrive before 2027

    Microsoft confirms no Windows 12 launch before 2027, will keep improving Windows 11 with AI features and similar hardware needs, and no subscription‑only edition is planned.

  3. 1 day ago

    [TECHNOLOGY] 20 sources
    Microsoft releases record July 2026 Patch Tuesday fixing 622 security flaws

    Microsoft’s July 2026 Patch Tuesday fixed a record 622 bugs, including three zero‑days (two actively exploited) and highlighted AI‑driven vulnerability discovery.

  4. 2 days ago

    [TECHNOLOGY] 8 sources
    Microsoft sets 2026 end dates for Windows 11 24H2, Office 2021 and several server products

    Microsoft will end 2026 support for Windows 11 24H2, Office 2021, Publisher, Windows Server 2012, SQL Server 2016 and related products, urging upgrades.

  5. 4 days ago

    [TECHNOLOGY] 2 sources
    WPS Office Expands Multi‑Platform Suite; Microsoft Office Update Errors Prompt Windows 11 Fix Guide

    WPS Office adds multi‑platform features, while Windows 11 users encounter Microsoft Office update errors and a nine‑step fix guide is offered.

  6. 6 days ago

    [TECHNOLOGY] 3 sources
    Microsoft patches critical RoguePlanet zero‑day in Defender

    Microsoft issued a July 8 2026 update (engine 1.1.26060.3008) fixing the RoguePlanet zero‑day (CVE‑2026‑50656) that could grant SYSTEM rights on Windows 10/11. No wild exploitation reported; automatic updates ≈

  7. 8 days ago

    [TECHNOLOGY] 2 sources
    iOS screenshot bug and Windows 11 storage glitch expose user risks

    iOS 27 beta caused cropped screenshots to leak full images, while a Windows 11 file could grow up to 500 GB, both fixed by updates.

  8. 9 days ago

    [TECHNOLOGY] 8 sources
    Microsoft Windows 11 bug inflates system file, consuming up to 500 GB of storage

    Windows 11’s CapabilityAccessManager.db‑wal file can swell to over 500 GB, filling the system drive. Microsoft confirms the bug and ships a fix in optional update KB5095093 and the July 2026 Patch Tuesday.

  9. 10 days ago

    [TECHNOLOGY] 3 sources
    Microsoft Office 2021 support ends Oct 2026; SharePoint RCE vulnerability active

    Microsoft ends Office 2021 support on 13 Oct 2026, stops Store‑version updates Dec 2026, and a critical SharePoint RCE flaw (CVE‑2026‑45659) is being actively exploited.

  10. 13 days ago

    [TECHNOLOGY] 3 sources
    Microsoft ends support for Windows 11 24H2 in October 2026

    Microsoft ends security updates for Windows 11 24H2 on 13 Oct 2026 (Home/Pro) and 12 Oct 2027 (Enterprise/Education), urging upgrades to newer versions and rolling out fixes and new rollout tools.

  11. 13 days ago

    [TECHNOLOGY] 2 sources
    Microsoft Extends Free Windows 10 Security Updates to October 2027

    Microsoft will provide free Windows 10 security updates through October 2027 for EU users, prolonging protection for many PCs and small businesses.

  12. 15 days ago

    [TECHNOLOGY] 4 sources
    Microsoft extends Windows 10 security updates to October 2027

    Microsoft extended its Windows 10 Extended Security Updates programme to October 2027, offering free enrollment via Rewards points or OneDrive backup and paid options for individuals and businesses.

  13. 16 days ago

    [TECHNOLOGY] 3 sources
    Microsoft extends Windows 10 and Server security updates through October 2027

    Microsoft will provide free Windows 10 security updates in the EEA and extend Hotpatch support for Windows Server 2022 Azure Edition until October 2027.

  14. 17 days ago

    [TECHNOLOGY] 3 sources
    Microsoft extends Windows 10 security updates to 2027 as Windows 11 launches

    Microsoft rolls out Windows 11 with new hardware requirements and UI upgrades, and prolongs free Windows 10 security updates for private users in the EU until October 2027.

  15. 18 days ago

    [TECHNOLOGY] 15 sources
    Microsoft extends Windows 10 extended security updates to October 2027

    Microsoft has pushed the Windows 10 Extended Security Updates deadline to 12 Oct 2027, offering free ESU for personal users with a Microsoft account and paid licences for enterprises, citing a large user base +

  16. 19 days ago

    [TECHNOLOGY] 2 sources
    Microsoft Extends Windows 10 Security Updates to 2027 and Improves Windows 11 Built‑in Apps

    Microsoft extends free Windows 10 security updates to 2027 and rolls out a Windows 11 preview update that improves eight built‑in apps.

  17. 20 days ago

    [TECHNOLOGY] 50 sources
    Microsoft extends Windows 10 security updates to October 2027

    Microsoft has pushed the end of free Windows 10 security updates to 12 Oct 2027, extending the ESU program by a year for consumers worldwide.

  18. 21 days ago

    [TECHNOLOGY] 2 sources
    Microsoft prolongs Windows 10 security updates in Europe to October 2027

    Microsoft will keep Windows 10 security updates in Europe until Oct 2027, and steep discounts on Microsoft Office and Windows licences are being offered in Slovakia.

  19. 21 days ago

    [TECHNOLOGY] 2 sources
    Storm-2603 ransomware campaign targets unpatched SharePoint servers with dual threat actors

    Microsoft found two simultaneous threat actors on unpatched SharePoint servers: Storm‑2603 using ransomware and a second actor employing DLL sideloading and AD credential theft.

  20. 21 days ago

    [TECHNOLOGY] 2 sources
    Enterprise IT systems face critical ManageEngine and FortiSandbox vulnerabilities

    Critical flaws in ManageEngine and FortiSandbox products allow unauthenticated account takeover and code execution; active exploitation observed, prompting urgent patching for enterprise systems.

  21. 21 days ago

    [TECHNOLOGY] 3 sources
    Microsoft expands Windows 11 25H2 update to more PCs and plans architecture‑specific 26H2 rollout

    Microsoft broadened the automatic rollout of Windows 11 25H2 to all unmanaged Home/Pro PCs and outlined that the upcoming 26H2 update will be architecture‑specific, targeting x86‑64 devices while ARM and NVIDIA

  22. 23 days ago

    [TECHNOLOGY] 19 sources
    Microsoft forces Windows 11 25H2 update and previews 26H2 enablement upgrade

    Microsoft forced the Windows 11 25H2 update on millions of PCs, announced the lightweight 26H2 enablement upgrade, and acknowledged related Office crashes and a Recycle Bin naming bug.

  23. 24 days ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows KB5094126 Update Triggers Widespread Bugs

    Microsoft's KB5094126 Windows update causes Office automation crashes, Recycle Bin name glitches, BitLocker lockouts and other bugs across Windows 10/11 and Server versions.

  24. 25 days ago

    [TECHNOLOGY] 4 sources
    Critical flaws hit FortiSandbox, Microsoft Edge, Windows and Splunk

    Fortinet, Microsoft and Splunk disclosed critical CVE‑9.8 flaws this June; FortiSandbox faces OS command injection, Edge 149 patches 28 Chromium bugs, Splunk’s CVE‑2026‑20253 triggers a CISA deadline, and a big

  25. 26 days ago

    [TECHNOLOGY] 2 sources
    Microsoft confirms Recycle Bin bug in Windows update KB5094126 across all versions

    Microsoft confirmed a Recycle Bin bug in the June KB5094126 update that shows internal file names in delete confirmations on all Windows versions; a fix is being prepared.

  26. 26 days ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows Update Triggers Recycle Bin Filename Glitch

    Microsoft's June 2026 Windows updates cause a Recycle Bin bug that shows internal filenames in delete confirmations across all supported client and server versions; a fix is pending, with a business workaround.

  27. 27 days ago

    [TECHNOLOGY] 3 sources
    Microsoft Windows 11 update causes Recycle Bin naming glitch and disrupts invisible folder tricks

    A June Windows update (KB5094126) caused odd file names in the Recycle Bin, while Windows 11 24H2's Explorer redesign broke traditional invisible‑folder tricks.

  28. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows 11 update triggers BSODs, OneDrive issues on HP PCs

    Microsoft’s June 2026 Windows 11 updates cause BSODs, system freezes, BitLocker prompts and OneDrive failures, mainly on HP PCs, linked to Secure Boot certificate changes and missing boot.stl files.

  29. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows 11 update triggers blue‑screen crashes

    A June 2026 Windows 11 update (KB5094126) is causing blue‑screen crashes, Secure Boot errors and file‑access issues, while a separate change stops desktop.ini customization for untrusted sources.

  30. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft rolls out Office 2024 and patches long‑standing Windows update installer bug

    Microsoft ends support for older Office versions in Oct 2026, promotes Office 2024, and fixes a year‑old WUSA bug in June 2026 updates for Windows 11 and Server 2025.

  31. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft Issues Critical Outlook, Word and Windows Updates to Patch RCE and Other Flaws

    Microsoft issued critical patches for Outlook/Word RCE flaws and a June rollout of 206 updates fixing Windows, Office, Exchange and other vulnerabilities, urging immediate deployment.

  32. about 1 month ago

    [TECHNOLOGY] 3 sources
    GreatXML Windows Zero-Day Enables BitLocker Bypass

    GreatXML is a new Windows zero‑day that bypasses BitLocker via the recovery partition and Defender Offline scan, offering a SYSTEM shell without a patch or CVE.

  33. about 1 month ago

    [TECHNOLOGY] 4 sources
    Microsoft Windows June 2026 Patch Tuesday updates trigger installation errors on some Windows 11 PCs

    Microsoft's June 2026 Patch Tuesday updates fix over 200 vulnerabilities, but some Windows 11 PCs see install errors (0x80073712, 0x800f0993) requiring manual fixes.

  34. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft issues June 2026 Windows security patch and ExplorerPatcher 26100.8457.70.2 update

    Microsoft's June 2026 Patchday delivers security and quality fixes for Windows 10/11, while ExplorerPatcher 26100.8457.70.2 adds a new start‑menu engine and bug fixes.

  35. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft rolls out June 2026 Windows and Exchange security updates

    Microsoft's June 2026 updates bring Windows feature tweaks, NPU monitoring and separate Defender patches, while Exchange Server receives critical security fixes including a full OWA vulnerability patch.

  36. about 1 month ago

    [TECHNOLOGY] 14 sources
    Microsoft patches record 206 vulnerabilities in June 2026 Patch Tuesday

    Microsoft’s June 2026 Patch Tuesday fixed a record 206 bugs, including 38 critical flaws, three zero‑days, and a wormable kernel exploit, with AI tools speeding discovery and a Secure Boot shim revocation.

  37. about 1 month ago

    [TECHNOLOGY] 2 sources
    Microsoft Windows hit by Nightmare Eclipse zero‑day dump

    Researcher Nightmare Eclipse released six weaponized Windows zero‑day flaws, three already exploited, prompting Microsoft to rush patches and address legal‑disclosure disputes.

  38. about 2 months ago

    [TECHNOLOGY] 5 sources
    Microsoft threatens criminal case against zero‑day researcher over exploit disclosures

    Microsoft may file criminal charges against researcher Nightmare Eclipse for breaching its disclosure policy, sparking debate over responsible vulnerability reporting.

  39. about 2 months ago

    [TECHNOLOGY] 2 sources
    Microsoft Defender Zero-Day Vulnerabilities and Recent Data Breach Alerts Highlight Cybersecurity Risks

    Microsoft disclosed new Defender zero‑day exploits while recent breaches at CTemplar and Mint Mobile underscore ongoing cybersecurity threats.

  40. about 2 months ago

    [TECHNOLOGY] 8 sources
    Microsoft patches critical SharePoint RCE vulnerability (CVE-2026-45659)

    Microsoft patches critical SharePoint RCE (CVE‑2026‑45659), fixes Netlogon RCE (CVE‑2026‑41089), launches Windows 365 input protection preview, and notes a Windows Server 2016 hostname bug.

  41. about 2 months ago

    [TECHNOLOGY] 2 sources
    Critical flaws discovered in Windows 11 and Linux kernels

    Microsoft warned of two zero‑day flaws in Windows Defender that enable SYSTEM‑level attacks, while Linux faced new kernel bugs discovered with AI assistance, prompting rapid patches.

  42. about 2 months ago

    [CRIME] 2 sources
    Microsoft dismantles Fox Tempest code‑signing cybercrime service

    Microsoft seized and dismantled Fox Tempest, a service that sold forged code‑signing certificates to ransomware groups, disrupting attacks that targeted the US, France, India and China.

  43. about 2 months ago

    [TECHNOLOGY] 2 sources
    Microsoft patches critical Windows Defender zero‑day flaws after active exploits

    CISA alerts to two actively exploited zero‑day flaws in Microsoft Defender (CVE‑2026‑41091, CVE‑2026‑45498); Microsoft issues patches, while India warns of related Windows vulnerabilities.

  44. about 2 months ago

    [TECHNOLOGY] 2 sources
    Microsoft Defender Zero-Day Flaws Actively Exploited, Patches Deployed

    Microsoft issued patches for two Defender zero‑day bugs (CVE‑2026‑41091, CVE‑2026‑45498) that are being exploited; CISA ordered U.S. federal agencies to remediate by June 3.

  45. about 2 months ago

    [TECHNOLOGY] 4 sources
    Microsoft issues mitigation for critical Windows BitLocker zero‑day bypass (CVE‑2026‑45585)

    Microsoft warns of a critical BitLocker zero‑day that bypasses encryption via WinRE and provides urgent mitigation steps.

  46. about 2 months ago

    [CRIME] 5 sources
    Microsoft shuts down ransomware code-signing service and uncovers large Azure/M365 breach

    Microsoft dismantles a ransomware code‑signing service and reveals a Storm‑2949 breach of Azure and M365 accounts.

  47. about 2 months ago

    [TECHNOLOGY] 16 sources
    Microsoft Exchange zero‑day (CVE‑2026‑42897) actively exploited, emergency mitigations issued

    A high‑severity zero‑day (CVE‑2026‑42897) in on‑premises Microsoft Exchange is being actively exploited; Microsoft issued temporary mitigation and urges rapid‑p

Sources

24matins.es · ad-hoc-news · all-about-security.de · andrewjtaggart.com · anthemnewsnetwork.com · api.liguenouvelleaquitaine.ffr.fr · au.pcmag.com · b2b-cyber-security.de · bendyworks.com · bleepingcomputer.com · blog.0patch.com · blogs.ilw.com · blogspan.net · borncity.com · bright.nl · bug.hr · business.techpulse.be · cagoldberglaw.com · cert.ug · chip.com.tr · chip.cz · chip.de · cinemagia.wordpress.com · clickx.be · clubic.com · cnmo.com · coinfrenzy.com · compartir-tecnologias.es · computerworld.nl · connect.ro · conterest.de · cooperativa.com · ct.nl · cyber-securite.fr · cyberinsider.com · cybersecurity-news.de · cybersecuritynews.com · dailyguardian.ae · deseretnews.com · deskmodder.de · digitaltrends.com · diit.cz · donanimhaber.com · downloads.tomsguide.com · drweb.de · einfach-eee.de · elbalad.news · elchapuzasinformatico.com