Edge Extensions Security
The latest Edge Extensions Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
South Africa's SITA Issues 5-Year Tender for SD-WAN and Wireless Networks, Putting Windows Security and POPIA in Focus
South Africa's SITA has issued a five-year transversal networking tender covering LAN, wireless, WAN, and SD-WAN, raising critical implications for Windows network administration, POPIA data masking compliance, and security risks. The contract demands zero-trust integration with Windows Server and Active Directory, rigorous data protection measures, and governance frameworks that will challenge legacy government IT systems.
WSL 2.7.10 Ships with Critical TOCTOU Fix for SYSTEM Token Impersonation in VHD Restore
Microsoft released WSL 2.7.10 on June 26, 2026, fixing a TOCTOU vulnerability that allowed SYSTEM token impersonation via path re-resolution during VHD restore. The update hardens the restore process to prevent race condition attacks, and users are urged to apply it immediately.
Microsoft Purges 119 Edge Extensions in StegoAd Takedown: The Steganography Malware Campaign Exposed
Microsoft removed 119 malicious Edge extensions on June 16, 2026, as part of the StegoAd campaign takedown. The extensions used steganography to hide malware in images, evading detection and compromising over 2.5 million devices. The incident highlights the growing risk of browser supply chain attacks and prompted Microsoft to implement stricter extension security policies.
Reboot-Free Security Continues: Microsoft Extends Hotpatching for Windows Server 2022 Azure Edition
Microsoft has unexpectedly prolonged hotpatching support for Windows Server 2022 Datacenter: Azure Edition, delaying the end-of-life that many administrators had anticipated. The move ensures that Azure VMs can continue receiving monthly security updates without reboots, reducing operational overhead and downtime.
Riot Vanguard On-Demand Mode Ends Always-On Kernel Anti-Cheat, Requires TPM 2.0 and Secure Boot
Riot Games is rolling out Vanguard On-Demand, a new mode for its kernel-level anti-cheat that only loads the driver when you launch supported games like Valorant, ending the controversial always-on approach. The feature requires a Windows 11 PC with TPM 2.0 and Secure Boot enabled, leveraging hardware-backed security to maintain anti-tamper integrity. This shift addresses long-standing privacy and performance concerns while aligning with Microsoft's push for a hardened Windows ecosystem.
Microsoft Extends Hotpatching for Windows Server 2022 Azure Edition Into 2027, Delaying Reboot Worries
Microsoft has confirmed that hotpatching for Windows Server 2022 Datacenter: Azure Edition will continue past its October 2026 mainstream support end date, remaining available at least into 2027. The extension gives IT teams extra months of reboot-less security updates, delaying the need for an immediate migration to Windows Server 2025 and preserving the Azure Edition’s key value proposition. Administrators should still plan their OS transitions before the extension window closes, but the announcement eases immediate maintenance pressure.
Mphasis Joins Microsoft Intelligent Security Association to Fortify Sentinel-Based Cyber Defense
Mphasis has joined the Microsoft Intelligent Security Association (MISA), deepening its integration with Microsoft Sentinel and the broader security ecosystem. The move allows Mphasis to offer enhanced managed security, cyber fusion, and advisory services, leveraging privileged access to Microsoft’s threat intelligence and engineering resources. Enterprises using Microsoft Sentinel will benefit from faster threat response, co-engineered solutions, and a unified managed security experience aligned with Zero Trust principles.
Westpac Poaches Macquarie Tech Chief Richard Heeley as CIO to Fortify Cyber Defenses and Drive Azure-Powered Overhaul
Westpac has appointed Richard Heeley, a senior technology executive from Macquarie Group, as its new CIO. Heeley’s deep cyber security and engineering background will shape the bank’s multi-year digital transformation, driving adoption of Microsoft Azure, Windows 11, and advanced security tools while fortifying operational resilience.
Linux Kernel 7.2: 43.9 Million Lines of Code Reveal Driver Bloat and Security Risks
The Linux 7.2 kernel has reached 43,898,743 total lines of code during its June 2026 merge window, according to Phoronix. Driver complexity, especially from GPU and other hardware support, fuels this growth, raising concerns about security vulnerabilities and the increasing cost of maintenance. For Windows users, this milestone highlights the trade-offs in kernel design and the importance of rigorous driver management.
Microsoft Officially Extends Windows 10 Consumer Security Updates to October 12, 2027
Microsoft has extended its Windows 10 Extended Security Updates for consumers through October 12, 2027, with an optional third year to 2028, in a multi-year subscription model. The program provides critical security patches to users unable or unwilling to upgrade to Windows 11, at escalating annual fees starting at $30. This move addresses millions of incompatible PCs and gives consumers a secure bridge while planning hardware or software upgrades.
Microsoft Adds a Surprise Year to Windows 10 Security Updates, but Home Users Face a Catch
Microsoft has extended Windows 10 consumer Extended Security Updates through October 2027, adding a second $30 year for Home and Pro users. The move grants millions of PCs continued critical patches but raises concerns over patch quality, mandatory Microsoft Account sign-in, and Microsoft's Windows 11 migration push. Enterprises face a separate, pricier ESU scheme, while all users must weigh short-term cost savings against the eventual forced hardware refresh.
Critical Request Smuggling Flaw in nghttpx Proxy Enables HTTP Desync Attacks
A medium-severity vulnerability (CVE-2026-58055) in the nghttpx proxy allows HTTP request smuggling via Upgrade and Content-Length desync, potentially enabling cache poisoning, ACL bypass, and session hijacking. The flaw affects versions through 1.69.0 and was patched in version 1.69.1 on June 27, 2026. All users should update immediately or apply header-stripping workarounds while hardening backend servers against traffic parsing abuse.
Linux Kernel’s CVE-2026-52910 Patches Dangerous Race Condition in BPF Reuseport Cleanup
CVE-2026-52910 is a race condition in the Linux kernel’s cBPF reuseport cleanup that could allow use-after-free exploits. The fix implements safe RCU-based freeing to protect against concurrent readers. Administrators should apply updates immediately, especially on systems using SO_REUSEPORT with custom BPF programs.