Live

Swiss Cybersecurity

The latest Swiss Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 12:10 AM
Latest Most Read Breaking
Sort
Windows Admin Center · CVE-2026-56169

Microsoft Fixes Network-Elevation Flaw in Windows Admin Center – Patch Now

Microsoft has released Windows Admin Center 2.7.4 to fix CVE-2026-56169, an 8.1-severity elevation-of-privilege flaw that can let a low-privilege attacker take over network management. This service-journalism piece explains what the vulnerability is, who is affected, and provides a step-by-step upgrade guide for IT admins. It also covers temporary risk controls and audit strategies until the patch is applied.

Advertisement
Cve-2026-55899 · Microsoft Excel

Excel Patch for July 2026 Closes Remote Code Execution Hole Exploited via Malicious Files

Microsoft’s July 2026 Patch Tuesday includes a fix for CVE-2026-55899, an Important-rated stack buffer overflow in Excel that allows remote code execution when a user opens a malicious file. The advisory clarifies that although the attacker can be remote, exploitation requires local interaction, and urges users to apply the update immediately.

SE Security Desk·13m ago
CVE-2026-50675 · Microsoft Excel

Microsoft Patches Excel Flaw That Turns a Simple Spreadsheet into a Backdoor

Microsoft released a security update on July 14, 2026, fixing a high-severity heap-based buffer overflow in Excel (CVE-2026-50675). The vulnerability allows remote code execution when a user opens a malicious spreadsheet, affecting nearly all modern Office versions on Windows and macOS. Administrators and home users alike should apply the patch immediately and consider additional defenses like Protected View, email filtering, and user training.

SE Security Desk·18m ago
CVE-2026-54108 · SharePoint Server Spoofing

Microsoft Patches SharePoint Spoofing Flaw That Can Leak Data Without a Click

Microsoft has patched a SharePoint Server spoofing vulnerability (CVE-2026-54108) that lets authenticated attackers leak sensitive information without user interaction. Affecting on-premises editions, the July 2026 updates require manual deployment across all farm servers. While not actively exploited, the bug’s low complexity and high confidentiality impact warrant swift patching.

SE Security Desk·19m ago
CVE-2026-55144 · Windows CNG

CVE-2026-55144: Windows Crypto Bug Exposes Confidential Data to Local Attackers – July 2026 Fix Urged

Microsoft’s July 14, 2026 Patch Tuesday includes a fix for CVE-2026-55144, an Important-rated vulnerability in Windows CNG that allows a low-privileged local attacker to tamper with protected data. The update, delivered via KB5101650 for Windows 11 24H2/25H2 and KB5099540 for Server 2022, closes a missing cryptographic step that could lead to complete loss of confidentiality and integrity. While no active exploitation is reported, the lack of any workaround and the high value of cryptographic data make immediate patching essential, especially on multi-user systems and servers.

SE Security Desk·23m ago
Visual Studio Code · CVE-2026-50520

Visual Studio Code 1.128.1 Fixes Command Injection Flaw; Update Now to Block Code Execution Attacks

Microsoft has patched a high-severity command-injection vulnerability (CVE-2026-50520) in Visual Studio Code with version 1.128.1. The flaw can let attackers run commands with the victim's privileges, posing a serious risk to developers and IT environments. All users should update immediately, and organizations must check for user-level installations that escape standard patch management.

SE Security Desk·24m ago
CVE-2026-55002 · SQL Server

Microsoft Fixes SQL Server Privilege Escalation Bug on 2016's End-of-Support Date

Microsoft released a patch for CVE-2026-55002, a CVSS 7.8 privilege escalation vulnerability in SQL Server, as part of July 2026 Patch Tuesday. The flaw affects versions 2016 through 2025 and requires local access, but its disclosure coincides with the end-of-support for SQL Server 2016, adding urgency for organizations to apply the fix and plan migrations.

SE Security Desk·28m ago
SQL Server · CVE-2026-54118

Your SQL Servers Are Vulnerable: Apply Microsoft’s July 2026 Fix for CVE-2026-54118 Now

Microsoft’s July 2026 security update fixes CVE-2026-54118, a critical remote code execution vulnerability in SQL Server with a CVSS 8.8 score. The flaw requires an authenticated attacker but can be exploited over a network with low complexity. Administrators must apply the patch promptly, verify build numbers, and harden network access.

SE Security Desk·28m ago
.NET Security · CVE-2026-50524

Microsoft's .NET DoS patch is more urgent than its 'Framework' label suggests

Microsoft's July 2026 .NET patches fix a network-exploitable denial-of-service vulnerability (CVE-2026-50524) with a CVSS score of 7.5. The flaw affects modern .NET releases and Visual Studio, but the advisory's \

SE Security Desk·33m ago
CVE-2026-15409 · CVE-2026-15410

Emergency Fix: SonicWall SMA1000 Zero-Days Under Attack, CISA Sets July 17 Deadline

SonicWall released emergency patches for two actively exploited zero-day vulnerabilities (CVE-2026-15409 and CVE-2026-15410) in its SMA1000 series appliances. Administrators must update to builds 12.4.3-03453 or 12.5.0-02835 immediately and conduct an indicator-of-compromise review, as patching alone does not confirm the appliance is clean. CISA has given federal agencies a July 17 deadline to remediate or disconnect affected devices.

SE Security Desk·43m ago