The June 2026 Windows security update will be a standard update requiring a restart on hotpatch-enabled devices due to a disclosed vulnerability (CVE-2026-45585). Hotpatch enrollment continues with no extra configuration needed. Update and restart details will appear in compliance reports as usual.

🚨Major Update: This post contains a significant change that may impact your organisation.

Updated June 9, 2026: This message has been updated to reflect the availability of the June 2026 security update, which addresses CVE‑2026‑45585. If you have applied the temporary mitigations documented prior to this update’s release, you do not need to revert it once you install the update.

Microsoft…

🚨Major Update: This post contains a significant change that may impact your organisation.

What and why:
The June 2026 Windows security update will be released as a [standard update] instead of a [hotpatch update]. As a result, hotpatch-enabled devices will require a restart to complete installation.

This change prioritizes security following public disclosure of a vulnerability outside…

While there weren’t any genuine zero-day vulnerabilities to patch in May’s Patch Tuesday update, the fallout since then has been severe.

The first attacks on Microsoft Exchange Server occurred as early as Patch Tuesday week, abusing a vulnerability that still hasn’t been fixed and continues to be exploited by hackers.

Meanwhile, Microsoft has released security updates for its Malware Protection…

🚨Major Update: This post contains a significant change that may impact your organisation.

Microsoft has updated the mitigation guidance in CVE-2026-45585, a Windows BitLocker security feature bypass vulnerability. The updated guidance replaces previously documented manual mitigation steps with a script that helps reduce exposure while a future security update is developed to address this…

Microsoft says it is considering a patch for a zero-day vulnerability, dubbed YellowKey, that allows attackers with access to a Windows device to bypass Bitlocker encryption protection and read and write files. The flaw was disclosed last week, and there is already a public proof of concept available.

The company issued an advisory Tuesday saying that companies should act to mitigate the issue,…

Microsoft says it is considering a patch for a zero-day vulnerability, dubbed YellowKey, that allows attackers with access to a Windows device to bypass Bitlocker encryption protection and read and write files. The flaw was disclosed last week, and there is already a public proof of concept available.

The company issued an advisory Tuesday saying that companies should act to mitigate the issue,…