Live

Cve 2026 50368

The latest Cve 2026 50368 coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 7:45 AM
Latest Most Read Breaking
Sort
Windows Security · Patch Tuesday

Microsoft Patches Windows Media Flaw That Lets Attackers Escalate Privileges Over a Network

Microsoft's July 2026 Patch Tuesday fixes CVE-2026-50414, a high-severity privilege escalation vulnerability in Windows Media. The race-condition flaw (CVSS 7.5) allows an authenticated attacker to escalate privileges over a network without user interaction. Affected Windows 11 and Server 2025 builds should be updated immediately as no workaround exists.

Security

Microsoft Ships Patch for Network-Exploitable Windows Media Privilege Escalation Bug

Microsoft released a fix for CVE-2026-50398, an Important-rated privilege-escalation vulnerability in Windows Media with a CVSS score of 8.8. The flaw, which involves a race condition and use-after-free, affects Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. Users and administrators should deploy the July 2026 cumulative update and verify their build numbers to close the attack vector.

Security Desk·4m ago ·5 min
Security

Windows 11 July Update Seals a Privilege Escalation Flaw in Windows Media—Time to Patch

Microsoft's July 2026 Patch Tuesday included a fix for CVE-2026-50336, a heap-based buffer overflow in Windows Media that enables elevation of privilege on Windows 11. The flaw requires a local foothold but is easy to exploit and could give attackers full system control. All supported Windows 11 versions need the update, but some Dell systems face a temporary compatibility block.

Security Desk·14m ago ·5 min
Security

Windows July Patches Close a Driver Flaw That Turns a Standard Account Into System-Level Control

CVE-2026-50371 is a local privilege-escalation vulnerability in the Windows LUAFV driver, patched July 14, 2026. The flaw affects all supported Windows versions and could give an attacker system control from a standard account. While no active exploits are known, administrators should prioritize shared and multiuser systems for patching.

Security Desk·14m ago ·5 min
Advertisement
CVE-2026-50410 · Windows Security

July 2026 Windows Update Patches Use-After-Free Privilege Escalation Bug — Update Now

Microsoft released July 2026 security updates to fix a Windows Runtime elevation-of-privilege vulnerability (CVE-2026-50410). The use-after-free bug, rated Important with a 7.0 CVSS score, allows authenticated local attackers to gain SYSTEM-level control. All supported Windows versions are affected, and no workaround exists—immediate patching is essential.

SE Security Desk·19m ago
CVE-2026-50353 · Windows DirectX

Microsoft Fixes DirectX Flaw That Can Give Attackers Total Control of Your PC — Here’s the Update

Microsoft's July 2026 security updates fix a high-severity privilege escalation bug (CVE-2026-50353) in Windows DirectX. The use-after-free flaw in the graphics kernel can give attackers full system control after gaining any local foothold. All Windows 11 24H2, 25H2, 26H1, and Server 2025 users should install KB5101650 or KB5099536 and verify their build number. No active exploitation is known, but the local-attack vector makes it a potent tool for advanced threats. This article explains the risk, who is affected, and exactly how to confirm you're protected.

SE Security Desk·23m ago
CVE-2026-50388 · NTFS Vulnerability

July 2026 Windows Updates Fix NTFS Vulnerability That Enables Remote Code Execution

Microsoft's July 2026 Patch Tuesday updates fix CVE-2026-50388, a high-severity NTFS vulnerability that could allow local code execution after a user opens a malicious file. The flaw affects all supported Windows versions. This article explains the risk, provides patching instructions, and offers mitigation advice until updates are applied.

SE Security Desk·24m ago
CVE-2026-50373 · Windows Search

Microsoft Patches Windows Search Privilege Escalation—Update Now to Prevent Takeovers

Microsoft’s July 2026 Patch Tuesday fixes a high-rated Windows Search privilege escalation (CVE-2026-50373) that could let a local attacker gain full system control. All supported Windows versions need the cumulative update. No active exploits are known yet, but the low-complexity flaw demands immediate patching to prevent post-compromise takeovers.

SE Security Desk·29m ago
CVE-2026-50428 · Windows 11

Urgent Patch for Windows 11 26H1: KB5101649 Fixes unionfs.sys Data Leak

Microsoft’s July 2026 Patch Tuesday includes a fix for CVE-2026-50428, an information disclosure vulnerability in the unionfs.sys driver on Windows 11 26H1. Because 26H1 is only found on very new hardware, the impact is limited, but affected systems need immediate patching to prevent data leaks. The correction is in KB5101649 (build 28000.2525), though the June update already resolved the issue for those who installed it.

SE Security Desk·29m ago
Cve-2026-50416 · Patch Tuesday

Windows 11’s July Update Closes a Win32k Leak That Could Aid Bigger Attacks

Microsoft’s July 2026 Patch Tuesday includes a fix for CVE-2026-50416, a low-severity Win32k information-disclosure vulnerability in Windows 11 and Server 2025. While not actively exploited, the bug lets a local attacker read kernel data and could assist larger attacks. Windows 10 and older Server versions are unaffected; the patch arrives via three cumulative updates that elevate build numbers to specific thresholds. Home users get the fix automatically, and admins should prioritize shared or high-risk machines despite the low CVSS score.

SE Security Desk·34m ago
CVE-2026-50358 · Windows Media Vulnerability

Hidden Danger in Windows Media: How CVE-2026-50358 Lets Attackers Escalate Privileges

CVE-2026-50358 is a privilege escalation flaw in Windows Media that was patched in Microsoft’s July 2026 updates. It allows a local attacker with low privileges to gain SYSTEM control, though it requires high timing precision. All supported Windows versions are affected, and the only reliable fix is to install the cumulative update and verify the build number.

SE Security Desk·34m ago
Active Directory · Cve-2026-50366

Patch Your DCs: July 2026 Windows Update Stops Authenticated DoS Attacks

Microsoft’s July 14, 2026 security release patches CVE-2026-50366, a medium-severity denial-of-service vulnerability in Active Directory Domain Services. Authenticated attackers can crash domain controllers, disrupting authentication across the network. Administrators should prioritize patching domain controllers using the provided build numbers and follow a staged rollout.

SE Security Desk·39m ago
CVE-2026-50340 · Windows 11

High-Severity Windows Runtime Flaw Allows Network Privilege Escalation – Here’s What to Do

Microsoft’s July 14, 2026 patches fix CVE-2026-50340, a use-after-free in Windows Runtime that lets an authenticated attacker escalate privileges over a network. The update affects Windows 11 24H2, 25H2, 26H1, and Windows Server 2025, with corrected builds detailed by product. While no active exploits exist, the unusual network vector raises the priority for shared systems and servers.

SE Security Desk·39m ago