Zero Knowledge Security
The latest Zero Knowledge Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
NVD Finally Catalogs Vulnerable Linux Kernels in MediaTek Bluetooth CVE-2026-46140
The NVD has added CPE coverage for CVE-2026-46140, a MediaTek btmtk Bluetooth driver flaw in the Linux kernel. The update specifies vulnerable version ranges across multiple kernel series, enabling automated vulnerability scanners to detect affected systems. Administrators should update to fixed kernel versions or apply mitigations immediately.
Keeper Security Launches Teams App for Just-in-Time Privileged Access Management
Keeper Security has launched a Microsoft Teams app for its Privileged Access Management platform, enabling users to request, approve, and revoke time-limited privileged access directly within Teams. The integration reduces context switching, enforces least privilege with just-in-time access, and upholds zero-knowledge encryption, making it suitable for compliance-driven organizations. It is available now to existing KeeperPAM customers at no extra cost.
RedCastle V6.0 Earns EAL4 Certification, Bolstering Windows Server 2025 Security for Government Deployments
SGA Solutions' RedCastle V6.0 has achieved Common Criteria EAL4 certification for Windows Server 2025 R3, making it an approved solution for government and defense networks worldwide. The certification validates its zero trust microsegmentation and kernel-level protections, positioning the Korean vendor competitively in the enterprise server security market.
CVE-2026-45585: Windows Recovery Environment Exploit Bypasses UEFI Passwords, Threatens BitLocker Encryption
Microsoft has patched CVE-2026-45585, a high-severity vulnerability in Windows Recovery Environment that allows attackers to bypass UEFI/BIOS passwords by manipulating the BootNext variable. Exploitation can lead to BitLocker decryption and persistent malware, even on physically secured devices. Users must update both their operating system and WinRE images immediately.
Commvault Cloud Now an Azure-Native ISV Service, Bringing Data Sovereignty to New Zealand
Commvault Cloud has become an Azure-native ISV service, enabling deep integration with Azure’s portal, billing, and security frameworks. The launch includes immediate availability in Microsoft’s New Zealand North region, addressing local data sovereignty demands. The move simplifies cyber resilience for enterprises, offering automated ransomware recovery, immutable backups, and seamless operations for Windows and Azure workloads.
Microsoft Targets August 2026 for Unattended Remote Help Sign-ins in Intune
Microsoft has placed 'Unattended Remote Help for Windows — Remote Sign-in' on the Microsoft 365 roadmap, targeting general availability in August 2026 for Intune Suite. This feature will allow IT admins to sign into a Windows device remotely without any user interaction, revolutionizing remote troubleshooting and management while demanding careful security governance.
Microsoft Teams to Turn Every Blocked External User into a Real-Time Admin Security Alert
Microsoft Teams will introduce a feature in June 2026 that allows users to report suspicious external accounts directly from the app. Reports are sent to the Teams admin center, turning individual blocks into organizational security alerts, and enabling admins to respond to potential threats in real time.
Billion-Device Secure Boot Transition Begins: What the 2026 Certificate Expiration Means for Windows and Linux
On June 24, 2026, Microsoft initiated a phased replacement of its 2011-era Secure Boot certificates, impacting over a billion Windows PCs and dual-boot systems. IT administrators must ensure updated firmware and bootloader configurations to avoid boot failures, especially for Linux installations relying on the expiring Microsoft UEFI CA 2011. The transition exposes the fragility of long-lived trust anchors and demands proactive auditing before the certificate's final revocation in December 2026.
Microsoft CNAPP Earns Frost & Sullivan’s Top Nod as Cloud Security Shifts to Attack-Path Risk Control
Microsoft has been named a leader in Frost & Sullivan’s 2026 Frost Radar for CNAPP, reflecting a market shift from static cloud findings to dynamic attack-path risk control. Microsoft Defender for Cloud’s graph-based attack path analysis and multicloud support are key differentiators, enabling enterprises to focus on the most critical cloud risks and automate remediation.
Microsoft Teams Android Flaw Leaks Sensitive Data Without User Interaction – Patch Immediately
Microsoft disclosed CVE-2026-42835, an Important-rated information disclosure vulnerability in Teams for Android that can leak sensitive data without user interaction. The patch, released June 9, 2026, must be applied immediately. All users and administrators should update to the latest version via the Google Play Store and review audit logs for potential exploitation.
Azure Certifications 2026: Your Practical Guide to AZ-900, AZ-104, AZ-500, and AZ-305
Microsoft Azure certifications remain critical for cloud careers in 2026, with AZ-900, AZ-104, AZ-500, and AZ-305 offering clear pathways from fundamentals to expert. This guide breaks down exam changes, preparation strategies, and career mapping to help you choose the right certification path.
Silent Breach: Microsoft Teams for Android Leaks Data Without a Click—Update Now (CVE-2026-42835)
Microsoft disclosed CVE-2026-42835, an Important-rated information disclosure vulnerability in Teams for Android that allows an authenticated attacker to silently exfiltrate sensitive user data without any user interaction. The zero-click flaw affects all versions prior to the June 9, 2026 patch and highlights the growing attack surface of mobile collaboration apps. Users and enterprises must update immediately to prevent exploitation.
Riot's Vanguard anti-cheat goes on-demand, requiring TPM attestation on Windows 11 25H2.
Riot Games is rolling out an on-demand mode for its Vanguard kernel anti-cheat, initially available on Windows 11 25H2 PCs that pass TPM attestation. The feature allows League of Legends and VALORANT players to run Vanguard only during gameplay, reducing system overhead while maintaining strong cheat detection. This shift leverages hardware-backed trust mechanisms and could influence broader anti-cheat industry practices.