Cyber Alert Security News Daily

Microsoft ecosystem exploited

Microsoft ecosystem exploited

Key Questions

What record was set in Microsoft's June Patch Tuesday?

Microsoft addressed 206 vulnerabilities including 39 critical issues, three zero-days, and critical SharePoint RCE, marking one of the largest monthly updates.

What is the RoguePlanet zero-day in Microsoft Defender?

CVE-2026-50656 is a zero-day that grants SYSTEM-level access even with real-time protection disabled, and Microsoft is actively developing a patch.

Which Microsoft products have wormable or high-impact vulnerabilities?

Windows HTTP.sys RCE (CVE-2026-47291) is likely wormable with no patch yet, while SharePoint on-prem RCE and multiple Outlook/Word preview pane flaws require urgent attention.

What zero-day bypasses BitLocker protection?

The 'GreatXML' technique bypasses BitLocker via Defender offline scan and is one of the three zero-days addressed or noted in the June updates.

Are there any end-of-support concerns for SharePoint?

SharePoint on-prem RCE (CVE-2026-45659) has a patch available but reaches end-of-support on July 14, increasing urgency for organizations still running legacy versions.

June Patch Tuesday record – 206 vulns, 39 critical, three zero-days (BitLocker bypass via GreatXML, HTTP.sys DoS, CTF EoP) and critical SharePoint RCE. Netlogon RCE active; Exchange RCE deadline passed; Windows Search URI NTLM leak. Defender RoguePlanet zero-day grants SYSTEM – CVE-2026-50656 assigned, Microsoft working on patch. 'Exploitation More Likely' rating. Works even with real-time protection off. Windows HTTP.sys RCE (CVE-2026-47291) – likely wormable, no patch. 'GreatXML' bypasses BitLocker via Defender offline scan. SharePoint on-prem RCE (CVE-2026-45659) – patch released May 21, end-of-support July 14. Critical Outlook and Word RCEs (CVSS 8.4) – preview pane triggers code execution. Microsoft 365 Copilot SearchLeak flaw (CVE-2026-42824) – patched but highlights AI attack surface. June Patch Tuesday pushed Secure Boot fixes for CVE-2026-8863. Patch immediately.

Sources (3)
Updated Jun 24, 2026
What record was set in Microsoft's June Patch Tuesday? - Cyber Alert Security News Daily | NBot | nbot.ai