Microsoft Patches 200 Vulnerabilities – SecurityWeek

https://www.securityweek.com/microsoft-patches-200-vulnerabilities/

Publish Date: 2026-06-09 15:04:08

Largest Patch Tuesday Update for Microsoft Addresses Over 200 Vulnerabilities

Microsoft’s June 2026 Patch Tuesday update tackles approximately 200 security vulnerabilities across its suite of products, marking the largest such update to date. Although none of the flaws had been exploited in the wild at the time of release, three key vulnerabilities were publicly disclosed before they were patched. These include CVE-2026-49160, an HTTP2/Bomb denial-of-service issue affecting Windows, CVE-2026-50507, which is a security bypass flaw affecting Windows BitLocker allowing unauthorized access to encrypted data, and CVE-2026-45586, a Windows Collaborative Translation Framework bug that could elevate an attacker’s privilege to System. Nearly 40 of the addressed vulnerabilities are rated ‘critical’ and can lead to remote code execution, privilege escalation, or information disclosure. The record number of patches comes shortly after Microsoft highlighted its success in finding vulnerabilities using AI.

Key Points:

Microsoft’s June 2026 Patch Tuesday addressed over 200 vulnerabilities across products.
Three vulnerabilities were publicly disclosed before the release: a DoS issue, a BitLocker security bypass, and a privileged escalation flaw.
Nearly 40 of the vulnerabilities are rated ‘critical’ and affect products like Windows, Azure, and Office.
The June update is the largest Patch Tuesday update Microsoft has released, reflecting notable success in vulnerability discovery using AI.
Microsoft also published advisories for issues in third-party components used in its software.