“Something didn’t go as planned. Undoing changes.” That’s all the clue some Windows 11 users will get when Microsoft’s May Security Update fails to install because of insufficient free space on the EFI System Partition (ESP), leaving their systems unprotected by the dozens of patches it contained.

This issue affects devices with limited free space available — typically 10MB or less — on the ESP. “On affected devices, the installation might proceed through the initial phases but fail during the reboot phase at approximately 35-36% completion,” Microsoft said in an advisory. It recommended changing a Windows registry setting to force the update, or to roll back changes and wait for a future update to fix the problem.

Consultants said it was a potentially serious issue given the unexpected exposure and the time the destined-to-fail patch takes to fail to install.

This is the kind of failure that keeps IT leaders up at night, said cybersecurity consultant Brian Levine, who serves as executive director of FormerGov. “When a security update cannot install because the operating system misjudges the state of its own boot partition, the problem isn’t only storage. The real problem is trust in the update process,” he said. “This is a basic hygiene failure dressed up as a technical issue. An update that cannot reliably detect available space on the EFI System Partition is not a small miss. It is a reminder that even mature platforms still struggle with dependency awareness and pre-flight validation.”

Eric Grenier, senior director analyst at Gartner, recommended increasing the size of the disk partition to 1.5GB so that the update can go ahead. “This should not hamper business needs in terms of the size of usable space for an end user”, he said, adding that it will also enable updating of the Windows Recovery Environment. He warned that Microsoft’s own recommendation could lead to trouble. “I would recommend that if an organization wanted to use the modified registry fix that they not only backup the registry beforehand but also test it on some pilot devices before rolling out to the rest of the environment and even then, I would do a slow phased rollout to be sure nothing breaks,” he said. “This type of fix in a production environment should be done with extreme caution because if done incorrectly, fixes will require hands on the keyboard.”

Ishraq Khan, CEO of coding productivity tool vendor Kodezi, says there is a blame on both IT teams and Microsoft.

“Most IT teams reasonably assume that if Windows Update passes its prechecks and starts installation, Microsoft has already validated the system state well enough to avoid a reboot-stage failure. If ESP space is critical to the update succeeding, the updater should have detected and blocked that condition earlier with a clear remediation message,” Khan said. “So while IT environments may contribute to partition pressure over time, Microsoft still owns the orchestration and validation logic that allowed the update to proceed.”

Khan added that this can become a very expensive enterprise IT headache. “That is a design problem for enterprise IT because failure during reboot is much more disruptive than blocking the update before installation begins. From a software maintenance perspective, this is exactly the kind of edge case that becomes expensive at enterprise scale. A small partition constraint on a subset of machines can turn into help desk tickets, rollback cycles, delayed patching, and security exposure.”

David Neuman, COO of consulting firm Acceligence, agreed that this is a substantial IT headache.

“The update appears to pass the early phases but then fails during the reboot phase, which means IT may not find out until the endpoint has already burned through the maintenance window time and rolled back. In an enterprise, it becomes a fleet hygiene problem rather than a one-off help desk problem,” he said. “Affected endpoints may remain unpatched while IT burns time diagnosing a failure that should have been explained earlier. The bigger lesson is that boot, recovery, and firmware-adjacent partitions are now part of patch-management hygiene. Mature IT teams should add ESP size and free-space checks to endpoint health reporting, update gold images so new deployments have adequate ESP capacity and treat boot-partition cleanup or resizing as lifecycle engineering rather than break-fix scripting.”

Microsoft did not respond to a request for comment.

This article first appeared on CSO.

Source:: Computer World

By Alina Maria Stan Peter Steinberger, the creator of OpenClaw and an engineer at OpenAI, racked up $1.3 million in API costs in a single month by running approximately 100 Codex instances simultaneously on his open-source project. The bill, which covered 603 billion tokens across 7.6 million requests over 30 days, is the most visible demonstration yet of what […] This story continues at The Next Web

Source:: The Next Web

By Darius Popa SpaceX has raised the price of every consumer Starlink plan in the United States, adding $5 to $10 per month across its residential and mobile tiers while doubling the cost of its budget Standby Mode from $5 to $10. The increases, which took effect immediately for new subscribers and will apply to existing customers from […] This story continues at The Next Web

Source:: The Next Web

By Shimul Sood Google may be quietly testing stricter usage limits inside Gemini, and it could change how “free” AI tools actually feel going forward. A newly spotted screenshot hints at a future where unlimited chatbot access might finally come with strings attached.

Source:: Digital Trends

Microsoft plans to retire “Together Mode” in Teams next month and is encouraging users to access its Gallery view for video calls instead. 

The company launched Together Mode in the early months of the Covid-19 pandemic, as Teams usage rocketed and businesses sought ways to connect staff when physical offices closed due to social distancing policies. 

Together Mode was positioned as a “shared virtual space” to enhance the feeling of connection while on a video call, with participants’ video feed cropped and placed in virtual scenes such as a conference room, coffee shop, or amphitheater. Microsoft claimed that Together Mode users were less likely to experience video meeting fatigue — a common complaint among remote workers as tools such as Teams and Zoom became the norm for office collaboration.

The feature could be seen as part of a wider push for more engaging and immersive meeting experiences, a move that extended to Microsoft’s metaverse for work concept, with its Mesh 3D meeting platform.

Microsoft retired Mesh last December (though an app for immersive events is still available with certain Teams subscriptions), and now Together Mode faces the same fate. 

Together Mode will no longer be available as of June 30, a move that will “simplify the meeting experience” for users, said Katarina Tranker, Teams product manager, in a Monday blog post. At this point, the feature will be removed as an option from the View menu in Teams meetings, with the Gallery view the primary layout for group meetings. 

“Today, the core need Together mode was designed to support, namely seeing the people who matter in a meeting, can now be fully met by the modern Gallery view, which can display up to 49 participants at once,” said Tranker.

The move to a single layout means fewer clicks for users and enables the product development team to move quicker to add new features, Microsoft said, while the Gallery is also less demanding on devices.

Source:: Computer World

By Paulo Vargas Scientists hit 112Gbps over a 560GHz wireless link, showing how microcomb-driven terahertz technology could help future 6G networks move data faster behind the scenes.

Source:: Digital Trends

By Deepti Pathak AMD has launched the Ryzen PRO 9000 Series processors for commercial desktops and workstations. With these…
The post AMD Expands 3D V-Cache Technology to Commercial Desktop Market appeared first on Fossbytes.

Source:: Fossbytes

By Varun Mirchandani Japan’s bizarre “Monster Wolf” robot deterrents are seeing soaring demand as the country struggles with record bear sightings and attacks.

Source:: Digital Trends

By Varun Mirchandani OpenAI has partnered with Malta to provide nationwide access to ChatGPT Plus, marking one of the company’s most ambitious government AI rollouts yet.

Source:: Digital Trends

By Ana Maria Constantin Apple’s first standalone Siri app, coming in iOS 27, will include an auto-delete function for chat histories that borrows from the Messages app. Users will be able to configure the app to retain conversations for 30 days, one year, or indefinitely. The feature, reported by Bloomberg’s Mark Gurman in his Power On newsletter on Sunday, […] This story continues at The Next Web

Source:: The Next Web

By Allison Steffens Herrera AI companies are not just changing the way people work. They are changing the kinds of roles that exist. Org charts are morphing as an entirely new class of jobs emerges, some with titles that did not exist two years ago, others that represent old professions reborn inside the technology industry. The hiring sprees stand […] This story continues at The Next Web

Source:: The Next Web

Che sensazione offre una sessione?

Domanda: Cosa si prova durante una sessione di intrattenimento in un casinò online?

Risposta: È spesso una sensazione di immersione controllata, dove l’interfaccia, i suoni e i tempi si armonizzano per creare un ritmo personale; molti descrivono la navigazione come un percorso libero tra stimoli visivi e pause di riflessione.

Domanda: È più simile a una serata fuori o a un momento privato?

Risposta: Dipende dall’utente: per alcuni è una routine domestica rilassante, per altri un evento sociale digitale; in entrambi i casi l’enfasi è sull’esperienza, non su una meta da raggiungere.

Cosa contribuisce a una sessione fluida?

Domanda: Quali elementi concorrono a una fruizione piacevole senza interruzioni?

Risposta: Velocità di caricamento, interfaccia intuitiva e varietà di opzioni mantengono il flusso; la sorpresa sta nei dettagli di design che trasformano il tempo trascorso in qualcosa di scorrevole e coerente.

Domanda: Esistono riferimenti informativi per chi vuole saperne di più su offerte e prove?

Risposta: Come riferimento informativo sui bonus e le promozioni iniziali si può consultare bonus senza deposito, che fornisce panoramiche e contesti senza entrare nel merito operativo.

Quali tipi di intrattenimento si trovano più spesso?

Domanda: Cosa offre il catalogo tipico di intrattenimento di un casinò online?

Risposta: Il palinsesto si compone di esperienze diverse, pensate per alternare ritmo e pausa: sessioni veloci e vivaci, tavoli più meditativi, storie visive e momenti di confronto in tempo reale.

Domanda: Quali categorie emergono come più popolari tra gli adulti in cerca di svago?

• Slot e giochi a tema per chi cerca un impatto visivo e ritmico.
• Stanze con croupier dal vivo per chi preferisce l’interazione umana e il dialogo in diretta.
• Giochi istantanei e minigiochi per pause brevi e divertimento immediato.
• Eventi sociali e tornei per chi apprezza la competizione amichevole.

Cosa raccontano le esperienze sociali?

Domanda: In che modo la componente sociale influisce sull’intrattenimento?

Risposta: La socialità trasforma l’attività solitaria in momento condiviso: chat, emoticon, stanze tematiche e partite con amici creano un sottofondo fatto di scambi che arricchiscono la sessione senza appesantirla.

Domanda: È facile trovare conversazioni interessanti durante le sessioni?

Risposta: Sì, molte piattaforme favoriscono interazioni leggere e immediate; la qualità del dialogo dipende dalla comunità e dallo stile scelto da ciascun giocatore, contribuendo a un’atmosfera vivace o rilassata a seconda dei casi.

Come si percepisce il tempo dedicato al divertimento?

Domanda: Cosa rende il tempo speso piacevole anziché frettoloso o forzato?

Risposta: La sensazione del tempo è plasmata dalla varietà e dalla possibilità di cambiare ritmo: passare da un’esperienza intensa a una più meditativa senza frizioni crea una sessione equilibrata e soddisfacente.

Domanda: Le sessioni tendono a essere brevi o prolungate?

Risposta: Entrambe le modalità convivono: ci sono incontri rapidi per un break e maratone ricercate per chi ama esplorare cataloghi e funzionalità, con la libertà di modulare l’intensità in base all’umore.

Domanda: Cosa resta dopo la chiusura della sessione?

Risposta: Resta un mix di emozioni — curiosità, intrattenimento e memoria di dettagli piacevoli come una grafica ben riuscita o un’interazione sociale significativa — che spesso invoglia a tornare per nuovi momenti di svago.

By Darius Popa Faraday Future announced on Thursday that it has raised $25 million through convertible promissory notes, bringing its total financing over the past two months to $70 million. The company says the capital is sufficient to fund Phase 1 of its robotics business plan through the end of 2026. The stock, which trades on Nasdaq under […] This story continues at The Next Web

Source:: The Next Web

By Ana Maria Constantin Cybersecurity researchers at Cyera have disclosed four vulnerabilities in OpenClaw that, when chained together, allow an attacker to steal sensitive data, escalate privileges, and establish persistent control over a compromised host. The flaws, collectively dubbed “Claw Chain,” affect OpenClaw’s OpenShell managed sandbox backend and its MCP loopback runtime. All four have been patched in OpenClaw […] This story continues at The Next Web

Source:: The Next Web

By Shimul Sood Google’s Gemini Intelligence sounds like the next big leap for Android AI, but there’s a surprising catch hiding behind the hype. Even some recent flagship phones may not make the cut.

Source:: Digital Trends

By Shikhar Mehrotra ASUS ROG and Xreal’s R1 are the world’s first 240Hz micro-OLED AR gaming glasses, offering a 171-inch virtual screen, 57-degree field of view, and 3ms motion-to-photon latency at $849.

Source:: Digital Trends

By Shikhar Mehrotra Neural Handwriting is now live for every Ray-Ban Display owner, letting them type messages with finger movements, with no voice or phone required.

Source:: Digital Trends

Microsoft this week released 139 updates affecting Windows, Office, .NET, and SQL Server (though there were no updates for Microsoft Exchange Server). Despite the absence of zero-days, the May Patch Tuesday update still requires Patch Now recommendations for Windows and Office. 

The combination of three unauthenticated network RCEs (Netlogon, DNS Client, and SSO Plugin for Jira and Confluence), four Word Preview Pane RCEs, the large TCP/IP vulnerability cluster, and the carry-over BitLocker recovery condition (still active on Windows 10 and Windows Server) warrants an accelerated deployment release schedule. The Readiness team suggests that testing start with internet-facing services, domain controllers, and Office endpoints. The May 2026 Assurance Security Dashboard breaks the cycle down by Microsoft product family for deployment risk assessment.

(More information about recent Patch Tuesday releases is available here.)

Known issues

Patch Tuesday arrived this month with a clean bill of health (at least with respect to reported and known issues) for Windows 11 24H2, 23H2, Windows 10 22H2, and Windows Server 2025. However, two items warrant attention.

Windows 10 and Windows Server customers remain exposed to the April 2026 BitLocker recovery condition on devices set with the “Configure TPM platform validation profile for native UEFI firmware configurations” Group Policy and an invalid PCR7 (Platform Configuration Register 7) profile. 

Microsoft also acknowledged on the Hardware Dev Center that Windows Update replaces manually-installed graphics drivers with older OEM versions from the catalogue, because its ranking uses four-part Hardware IDs rather than version numbers: “Customers who actively manage their display drivers experience unwanted downgrades through Windows Update.”

Issues resolved

KB5089549 for Windows 11 25H2 and 24H2 resolves the April PCR7/BitLocker recovery condition and improves Boot Manager servicing so subsequent boot file updates do not trigger recovery.

Secure Boot certificate distribution adds a new C:WindowsSecureBoot folder of automation scripts for IT teams rolling out the Windows UEFI CA 2023 key replacement under CVE-2023-24932, ahead of the 2011 certificate expirations happening between June and October 2026.

Simple Service Discovery Protocol (SSDP) notification reliability improves, so the service is less likely to become unresponsive under sustained load; this is relevant to networks running UPnP device discovery.

Major revisions and mitigations

Given this month’s Preview Pane issues, Microsoft offered mitigation advice:

Microsoft Word Preview Pane RCEs — CVE-2026-40361, CVE-2026-40364, CVE-2026-40366, CVE-2026-40367, critical at CVSS 8.4, with the first two flagged “Exploitation More Likely.” The Preview Pane is the attack vector; viewing a malicious document in Outlook or File Explorer is enough to trigger exploitation. 

Windows lifecycle and enforcement updates

We’ve mentioned the CA certificate issue before, but it’s worth flagging again as we approach the EOS and enforcement dates for:

SharePoint Server 2016 and 2019, Project Server 2016 and 2019, SQL Server 2016, and SQL Server 2014 ESU Year 2, all of which reach end of support in July.

Secure Boot certificate enforcement — the 2011 KEK CA expires on June 24, the UEFI CA for third-party boot loaders on June 27, and the Windows Production PCA for the boot manager on Oct. 19. 

Graphics driver HWID enforcement — the pilot moving driver submissions from four-part to two-part Hardware IDs plus Computer Hardware IDs runs to September, with broader enforcement planned for the fourth quarter of this year and Q1 of 2027.

Each month, the team at Readiness provides detailed, actionable testing guidance for Patch Tuesday releases. This guidance is based on assessing a large application portfolio and a comprehensive analysis of the patches and their potential impact on Windows platforms and application deployments.

This month’s Patch Tuesday flags two components as high-risk: the Ancillary Function Driver for WinSock, with an explicit Bluetooth focus, and the Telnet client. Microsoft also ships a pre-release security fix to the Common Log File System driver, and Secure Boot key rolling continues under CVE-2023-24932. TCP/IP is the most-patched component this cycle, with 11 separate updates. Lower-risk patches involve graphics, storage, virtualization, VPN, and Office MSI editions.

Ancillary Function Driver for WinSock 

The WinSock kernel driver (afd.sys) mediates every TCP and UDP socket on Windows, and the May update lands a regression-sensitive change to the Bluetooth interaction path. Failure here typically surfaces as audio dropouts, paired-device drops on sleep, slow reconnect on Wi-Fi handover, or a clean AFD-referenced bug check during sustained load. Watch the System event log for new errors from AFD, TCP/IP, or BTHUSB sources during your test window.

Success in testing these drivers looks silent: no stutters, no event-log churn, no handle leaks.

Your testing regime should include:

Browse the web over HTTP and HTTPS on both IPv4 and IPv6; download a multi-gigabyte file and verify it completes without stalls.

Establish a Remote Desktop session, idle 30+ minutes, then resume; place a Teams call with audio, video, and screen share.

Disable and re-enable the NIC, switch between Wi-Fi and Ethernet, and sleep/resume the machine; expect the network to return cleanly with no AFD-referenced bug check.

Toggle Bluetooth on and off from Settings and Action Center; pair and unpair headphones, mouse, keyboard, and phone, repeating through several cycles.

Play audio over a Bluetooth headset for 10+ minutes during a Teams call; expect zero dropouts and clean mic/speaker switching as devices toggle.

Transfer a file to and from a phone over Bluetooth; connect a Bluetooth keyboard and mouse, leave idle, and resume input.

Sleep and resume the machine with Bluetooth peripherals connected; verify they reconnect without manual intervention.

Telnet client

The Telnet client (telnet.exe) is an optional Windows feature, rarely enabled on modern endpoints. The high-risk flag matters wherever the feature is installed. Check first with Get-WindowsCapability -Online -Name “Telnet.Client~~~~0.0.1.0”. If installed, launch telnet.exe against a known good endpoint and confirm it opens, accepts input, and exits cleanly. If the feature is not in use, treat this update as an opportunity for attack-surface reduction and remove it.

Common Log File System security fix

Microsoft corrected two integer underflow vulnerabilities in the CLFS driver (clfs.sys) that could trigger a system crash or elevation of privilege. Regression risk is low, but CLFS underpins transaction logging across SQL Server, DTC, Failover Clustering, Hyper-V, Active Directory, and Event Log. Validate where these run. A bug check referencing clfs.sys after the update is the clearest red flag.

Reboot, run a representative workload for 24 to 48 hours, and check System and Application logs for new errors referencing CLFS, NTFS, DTC, or FailoverClustering.

On SQL Server, restart the service, run standard transactions, perform a backup and restore, and confirm Always On replication stays healthy.

Patch each cluster node, verify all nodes return as Up, and move a clustered role across nodes.

On a patched domain controller, run repadmin /replsummary and dcdiag /v; verify Group Policy still applies on clients.

Confirm VSS writers report Stable via vssadmin list writers, then run a full backup and a test restore.

Secure Boot and BitLocker

Secure Boot validation continues under the CVE-2023-24932 key rolling work. The risk is a recovery prompt or an unbootable device. Run only on dedicated test machines with the recovery key backed up.

Enable BitLocker on the OS drive, verify TPM protectors with manage-bde -protectors -get c:, then disable and confirm clean decryption.

With Secure Boot enabled, trigger recovery via reagentc /boottore 1, unlock with the recovery key, and verify normal next boot.

With both enabled, apply the Windows UEFI CA 2023 key update and confirm the system boots without a recovery prompt.

Hibernate with Secure Boot and BitLocker on (powercfg /hibernate on, shutdown -h), then resume and confirm no recovery screen.

Other Windows components

TCP/IP has the highest patch volume; the rest receive routine updates with no functional changes.

Networking: run sustained file transfers, VPN sessions, and stable throughput over IPv4 and IPv6 to cover tcpip.sys (six updates), the Native Wi-Fi driver, and the LLDP driver.

VPN and filtering: exercise IKEv2 tunnels through sleep/wake and verify Windows Firewall rules to cover IKEEXT.dll and BFE.

Graphics and shell: run sustained UI activity and GPU-accelerated workloads to cover the Desktop Window Manager, graphics memory manager, and the graphics kernel; watch for artifacts or flickering.

Virtualization: exercise VM start/save/resume/stop and external/internal/private virtual switches to cover Hyper-V vmswitch.sys.

Storage and sync: exercise cloud sync hydration, Storage Spaces pool operations, and RDP printer/clipboard redirection.

Microsoft Office and SharePoint

This month’s Office updates target MSI editions only: Excel 2016 (KB5002865), Word 2016 (KB5002858), Office 2016 shared libraries (KB5002866), and SharePoint Server 2016, 2019, Online Server, and Subscription Edition. Click-to-Run estates are unaffected.

Open complex Excel workbooks with formulas, macros, and external data connections; save and reopen to verify integrity.

Edit Word documents with embedded objects, tracked changes, and complex formatting.

Across patched SharePoint editions, validate document library operations, co-authoring, and workflow execution.

Confirm that Office add-ins and line-of-business integrations continue to operate.

The Readiness team recommends testing start with the high-risk items. The WinSock driver update warrants a Bluetooth-heavy regression pass across peripherals, audio, file transfer, and sleep/wake. The Telnet client flag is narrow but applies wherever the optional feature is enabled. The CLFS security fix is low regression risk, but its blast radius is wide: validate SQL Server, failover clusters, Hyper-V, Active Directory, and event logging where they exist. Secure Boot and BitLocker validation remains essential as CVE-2023-24932 key rolling continues. Microsoft Office is MSI-only this cycle.

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

Browsers (Microsoft Edge) 

Microsoft Windows (both desktop and server) 

Microsoft Office

Microsoft Exchange and SQL Server 

Microsoft Developer Tools (Visual Studio and .NET)

Adobe (if you get this far) 

Browsers

For this Patch Tuesday, Microsoft Edge released the stable version (148.0.3967.54) on May 7, according to the Edge security release notes. This update cycle covers six Edge-engineered CVEs plus 127 Chromium upstream CVEs flowing through:

CVE-2026-33111 — Copilot Chat (Microsoft Edge) — Information disclosure (CVSS 7.5, rated critical). This is the headline browser issue this month.

CVE-2026-41107 — Microsoft Edge (Chromium-based) — Information disclosure (CVSS 7.4). External control of file name and path.

CVE-2026-42838 — Microsoft Edge (Chromium-based) — Elevation of privilege (CVSS 5.4). Injection in a downstream component.

CVE-2026-7896 through CVE-2026-8022 — Chromium upstream — 127 CVEs covering use-after-free, out-of-bounds read and write, type confusion, and integer overflow across V8, Blink, Skia, WebRTC, ANGLE, and DevTools. The same fixes ship in the Chrome Stable channel; see the Chrome releases blog for the upstream notes.

Add these updates to your Patch Now deployment schedule for Edge-managed environments.

Microsoft Windows

Microsoft addressed 67 unique vulnerabilities across Windows, six rated critical and 61, important. Elevation of privilege dominates by volume (44 entries), followed by remote code execution (9), denial of service (7), information disclosure (4), and security feature bypass (3). The six critical entries span six distinct Windows features:

CVE-2026-41089 — Windows Netlogon — Remote code execution (CVSS 9.8). Unauthenticated stack-based buffer overflow targeting domain controllers; the highest-impact Windows CVE this cycle.

CVE-2026-41096 — Windows DNS Client — Remote code execution (CVSS 9.8). Unauthenticated heap-based overflow in name resolution.

CVE-2026-40402 — Windows Hyper-V — Elevation of privilege (CVSS 9.3). The only non-RCE critical this cycle; guest-to-host escalation on virtualization hosts.

CVE-2026-40403 — Windows Graphics Component — Remote code execution (CVSS 8.8). Rendering-path RCE.

CVE-2026-35421 — Windows GDI — Remote code execution (CVSS 7.8). Exploitation via a malicious Enhanced Metafile (EMF) image opened in Microsoft Paint or any EMF-rendering application.

CVE-2026-32161 — Windows Native WiFi Miniport Driver — Remote code execution (CVSS 7.5). Wireless networking attack surface.

Domain controllers and Hyper-V hosts are the deployment priority, given Netlogon’s unauthenticated profile and the guest-to-host escape. Add this Windows update to your Patch Now deployment schedule.

Microsoft Office

Microsoft released 27 Office CVEs — nine critical, 18 important. Remote code execution dominates with 15 entries; the rest split across information disclosure (4), elevation of privilege (4), spoofing (3), and tampering (1).

SharePoint Server 2016 remote code execution — CVE-2026-40365, CVSS 8.8. Authenticated Site Owner can inject arbitrary code remotely via insufficient access-control granularity.

Microsoft Word Preview Pane remote code execution — CVE-2026-40361, CVE-2026-40364, CVE-2026-40366, CVE-2026-40367, each with a reported CVSS of 8.4.

Microsoft Office remote code execution — CVE-2026-40358 and CVE-2026-40363, each CVSS 8.4. Office 2019 32-bit editions affected.

SharePoint Server is the main priority, given the network-RCE profile — even with the authenticated-Site-Owner precondition. Office 2019 MSI estates pick up six critical fixes between the four Word RCEs and the two generic Office RCEs. The Team Events Portal CVE is addressed cloud-side — no on-premises action. Apply this month’s Office security updates (KB5002865, KB5002858, KB5002866, and the SharePoint set in Issues Resolved above) per the standard ring schedule.

Microsoft Exchange and SQL Server

This month, Microsoft SQL Server receives a single patch and Microsoft Exchange Server gets none:

CVE-2026-40370 — SQL Server — Remote code execution (CVSS 8.8). External control of file name or path allows an authenticated attacker to execute code over a network. The fix is broadly distributed across SQL Server 2025, 2022, 2019, 2017, and 2016 SP3 via both GDR and CU channels.

SQL Server estates should deploy via GDR or CU per their standard patching cadence, prioritizing internet-exposed instances given the post-authentication blast radius implied by the CVSS 8.8. Add this update to your Patch Now deployment schedule for any internet-connected SQL Server.

Developer tools

Microsoft released 11 CVEs across its developer tooling, with one update rated critical (for Azure DevOps) and 10 rated important, covering the following areas:

Visual Studio Code — five entries: CVE-2026-41109 security feature bypass involving GitHub Copilot, CVE-2026-41610 security feature bypass, CVE-2026-41611 remote code execution, CVE-2026-41613 elevation of privilege, and CVE-2026-41612 information disclosure in the Live Preview extension.

.NET on Windows — four entries: CVE-2026-32175 (.NET Core tampering), CVE-2026-32177 and CVE-2026-35433 (.NET 10.0 elevation of privilege), and CVE-2026-42899 (ASP.NET Core denial of service on .NET 8.0).

Add these Microsoft updates to your standard developer update release schedule.

Adobe (and third-party updates)

I keep promising that this section should be retired (and it should), but Microsoft released a sizable third-party sweep through Azure Linux 3.0 and CBL Mariner 2.0 this month: 191 open-source CVEs spanning the Linux kernel, the Go runtime, Apache httpd, PHP, CoreDNS, valkey, Ruby, gnutls, Apache Thrift across its Node.js, Rust, and Java implementations, plus vim, postfix, expat, nmap, Prometheus, KEDA, and PgBouncer. This is a lot for anyone.

In addition to all this, Microsoft issued a patch (CVE-2026-41103) for its own SSO Plugin for Jira and Confluence. This vulnerability allows an attacker to forge a Microsoft Entra ID identity via a crafted SAML response; patching requires updating the plugin within Atlassian rather than on a Microsoft platform. In other words, the Microsoft attack surface now extends to other vendors’ application stacks, with patching responsibilities split across vendors. 

With such diffusion of responsibility, what could go wrong?

Source:: Computer World

By Darius Popa   Anthropic has committed $200 million over four years to a partnership with the Bill & Melinda Gates Foundation, the largest deal of its kind between an AI company and a global philanthropy. The money, a mix of grant funding, Claude usage credits, and technical support, will fund programmes in global health, life sciences, education, […] This story continues at The Next Web

Source:: The Next Web

By Cristian Dina   Eighteen48 Partners, the London-based alternative asset manager co-founded by Julien Sevaux, Tarek AbuZayyad, and Edward Clive, has closed €175 million for the first tranche of its inaugural private equity fund. The fund is targeting €350 million in total and will back mid-market buyouts across Europe, sourced exclusively through independent sponsors, dealmakers who find and […] This story continues at The Next Web

Source:: The Next Web