Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available.
The software giant said in a blog post last month that both its engineers and the security community are increasing using artificial intelligence tools to find bugs, meaning this month’s heavy Patch Tuesday may start to become the norm, said Satnam Narang, senior staff research engineer at Tenable.
“Some surveys put AI usage among security professionals generally at 90%, so it’s unsurprising that this volume of patches may be the norm,” Narang said. “Pandora’s proverbial box has been opened, and as more advanced AI models become available, we expect the norm to continue upward across the board, not just for Patch Tuesday.”
June’s zero-day bugs include CVE-2026-49160, a denial of service vulnerability affecting a range of web servers, including Microsoft Internet Information Services (IIS). Microsoft says the flaw was reported by OpenAI’s Codex.
Two of the zero-days addressed this month appear to stem from recent vulnerability disclosures by Nightmare Eclipse, the nickname chosen by a security researcher who has been dropping exploits for various Windows flaws. One of those, dubbed “GreenPlasma,” leverages an elevation of privilege weakness in the Windows Collaborative Translation Framework, the same framework patched today in CVE-2026-45586.
Nightmare Eclipse also last month released “YellowKey,” an exploit for a Windows BitLocker vulnerability that allows an attacker with physical access to view encrypted data, and CVE-2026-50507 is a patch for an elevation of privilege bug in BitLocker.
Microsoft received heavy blowback on social media last month after it said in a blog post that it was considering taking legal action against the security researcher. The company later clarified on Twitter/X that while it has no intention of pursuing legal actions against researchers, it would report them to authorities if they break the law. The advisories for CVE-2026-49160 and CVE-2026-50507 do not credit any researchers in the acknowledgement section, saying only that “Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.”
Nightmare Eclipse claims to be a former employee of Microsoft, although Microsoft has not responded to questions about this claim. Rapid7 notes that a recent blog post by Nightmare Eclipse included an image of Albert Wesker, a character from the Resident Evil video game series who formerly worked as a researcher for a technology company before going rogue.
Nightmare Eclipse has pledged to release even more zero-day exploits for Windows in what they called a “bone shattering” drop planned for July 14 (the same day as next month’s Patch Tuesday). Immediately following the release of Microsoft patches today, the researcher published an exploit for what they claimed was a zero-day bug in Windows Defender.
While 200 vulnerabilities may be a record for Patch Tuesday, the actual number of security flaws Microsoft addressed this month is far higher, said Rapid7’s Adam Barnett.
“So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been typical in any given month over the past few years,” Barnett wrote. “As usual, browser [flaws] are not included in the Patch Tuesday count above. Indeed, the vast, and presumably sustained, uptick in the number of browser vulnerabilities has led to Microsoft no longer enumerating Chromium CVEs in the Security Update Guide.”
Microsoft also patched a zero-day vulnerability in Visual Studio Code that allows attackers to steal GitHub tokens with a single click. The company was forced to push a stopgap fix for the flaw on June 3, after a researcher published instructions showing how to exploit it. The researcher said they opted not to work with Microsoft because of a recent experience wherein Redmond silently patched a flaw they reported without offering credit or recognition.
Microsoft battled its own internal zero-day emergencies last week, after at least 72 of the company’s public code repositories were infected with a variant of the Shai-Hulud worm. Researchers found that all of the affected packages were connected to Microsoft official Azure Durable Task SDK, which got hit by the same Shai-Hulud worm in May.
Other major software makers are also shipping outsized update bundles this month. Adobe has released updates to fix a massive number of critical vulnerabilities across a range of products, including Adobe Experience Manager, Acrobat Reader and Cold Fusion. On June 3, Google resolved a whopping 429 vulnerabilities in its latest Chrome browser update (Chrome automatically downloads updates but installing them usually requires a complete restart of the browser).
As ever, please consider backing up your data before applying operating system updates, and drop a note in the comments if you run into any problems with this month’s patches.
Further reading:
Microsoft’s Security Update Guide
I suspect some of the exploits were found by Claude Mythos from Anthropic. That advanced version of Claude was only shared with some key tech firms including Microsoft.
I forgot. Today was Microsoft Update Tuesday. It’s been like 40 years, how could one forget? It’s like forgetting your wedding anniversary. That shows how much Windows 10 is being used., and only for business at that. Windows 11 isn’t installed at all, that partition became the E-File Archive. Ubuntu/Kali/FreeBSD, and I’m starting to think that BSD is the way to go, IMHO.
I remember FreeBSD back in 1998, when I had to use PAO to install drivers for stuff like networking on my 1996 laptop. As far ass I can tell, browsers from back then aren’t very useful unless people are patching an out of date installation of qmail from 1997. I did experiment with a branch of BSD in spring of 2009, but most of the software needed to run a proper desktop isn’t there, and don’t get me started on trying to develop anything, especially without a decent Virtualization software.
But still, it existed side-by-side with Windows 7 for at least a season. I killed off any instance in running an installation of a BSD-based operating system long ago and finally said farewell to my last existing version of it in 2019. The box was named Jonathan, like the character in the classic tv series Seven Days.
The constantly increasing updates per update gives the perception of winning the security war.
Especially if you don’t think about it beyond number of vulns ‘patched’ for all values of patched.
‘We hit them hard yesterday and we’re going to hit them hard again today.’ I feel safer already.
Interesting update June 2026 Patch Tuesday looks like a major one, especially with so many security fixes and system improvements.
Keeping Windows updated is really important for stability and protection. For users who are still looking for setup information, I’ve also shared a guide about Windows 11 download and installation steps here:
What do you think — are these monthly patches becoming more critical for everyday users now?
The number of bugs being fixed by all vendors shows the overall poor quality of human created code. Heads should be rolling everywhere! It’s time to turn all coding and QA over to the machines.
So what about Win10 now, where even the extended support version dies in Oct? MS should extend Win10 support for another year of security patches.
Meanwhile, Microsoft AI should be given the task to write a complete new OS (call it Win12) from the ground up, with new code and almost no bugs.
Thanks to you Brian for continuing to cover this topic of Windows Updates. As I’ve been following your recent posts about AI-based vulnerability detection, I’m not surprised that there were so many updates. We are truly in a new threat environment era. Keep up the great work!
The intersect is not real.
That should be Albert Wesker, not Vesker.
Thanks!
Your welkum.
> “Pandora’s proverbial box has been opened, and as more advanced AI models become available, we expect the norm to continue upward across the board, not just for Patch Tuesday.”
Does not compute. If the use of LLMs to help find vulnerabilities is greater than the vulnerabilities introduced by the use of LLMs to write code, surely that would mean only a short spike to fix the backlog of human generated errors. Otherwise, this is just another net negative of this stupid bubble.
*albert Wesker btw 😉
well, it’s that or Wexler.
Waiting for a reboot of Castle involving Bill Gates and the Chair Company hanging out with Norm drinking apple spyder.
Could someone remind me why I have to buy hardware that supports secure boot and upgrade to Windows 11? It seems kind of pointless except to make Microsoft richer.
Are there any PCs on the market that don’t support Secure Boot..? It has been the gold standard for security for a long time now, ever since UEFI began to dominate the legacy BIOS.
25 years ago, after Windows 2000 was found to be fullof security do many security holes whole books were published about how to hack it, Microsoft vowed a new effort to offer more secure products. Even if they ever accomplished that, they have lost sight of the effort. The term “Microslop” is very accurate.
There’s no secure code on our planet, the more code we write, the more vulnerabilities appear. This is an axiom. One way or another, Microsoft has already proved that it takes security of its products seriously. But the amount of code increases so drastically that keeping up with its security is a non-trivial task.
YellowKey, GreenPlasma, MiniPlasma have been fixed as part of this Patch Tuesday. MS didn’t issue a new CVE for MiniPlasma, instead updated the existing record, CVE-2020-17103 (Last updated: Jun 9, 2026).
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17103
The growing role of AI in vulnerability discovery is both encouraging and concerning. Finding and fixing more bugs is great, but patch volumes like this will make it increasingly difficult for IT teams to keep up. It may be time for organizations to rethink how they prioritize and automate patch management.
http://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-june-2026/#comments https://solitaireio.com
To be honest, the duty of researching software vulnerabilities and producing fixes for them belongs to product security and product development teams rather than IT ones.
To be, uh, honest, most patching is automated, and the quantity of patches doesn’t add that much ‘work’, just ‘time’. The real fundamental risk is merely patches breaking something; that is, indeed, a task IT is both suitable and responsible for.
AI assisted vulnerability research creates many more challenges and more pain for product security and software development teams than for IT folks. Security backlogs for open source software such as the Linux kernel, Curl, are full of requests to fix potential vulnerabilities that have yet to be verified. Not to mention Microsoft, which highlighted similar points in a recent blog post. Triaging these vulnerability reports is a major bottleneck… Also handling this volume of reports requires x2 x3 more workforce to meet the necessary timeframes.
I was replying in regards to patch management, which ironically is one od those things AI will most likely take over quite soon, with some degree of appropriateness (which is unfortunate, as this used to be a favourite task of many system administrators for decades, when it meant a chance to do other things while working (just as builds that used to take a long time in IDEs such as Visual Studio and the like were somewhat good to deal with small distracting tasks in the nineties)).
Clearly many bugs are found accidentally, not solely as a result of auditing (whomever or whatever you consider responsible for doing that). Clearly only people with advanced knowledge of the software are going to have any appropriateness in creating patches for things like operating systems vulnerabilities.
There will always be differences between scientists and technicians. With AI such a burden now to the future of employment, I would be curious to see which will wind up the technicians and which the scientists — salaried employees or things people anthropomorphize. Honestly neither seem safe soon. How much control and power do you really want to allow either? I used to be in favour of open source, but it is being mined so much I have realised closed source is safer for most things (I mean to the general public, not amongst “friends”). Especially given how much ease is now involved in appearing to be far more skilled than many practitioners are on any side of vulnerability research and management and language models. Of course, YMMV.
This narrative that AI agents/bots/assistants will replace humans in many spheres is a misconception. If some trivial routine tasks can be executed by AI bots (physical or virtual), we need to bring them in asap, because this will benefit our daily lives, right? But that’s all… when we begin talking about concrete things and the agentic workflow that is required to perform complex, specific tasks, and not just a simple summary of existing data, everything changes. Let’s take a look at an example.
Those unbelievable numbers of vulnerabilities recently found by Mythos in Firefox and Curl look great and were presented as a breakthrough in utilizing AI agents for automated vulnerability research in source code. The power of Mythos is that it provides an agentic workflow, i.e., when an AI model doesn’t need to be supplied with prompts for each iteration. A week ago, Anthropic released a Mythos-like model for Claude, Fable 5. When some guys tried to use it to find vulnerabilities in their projects, Fable 5 consumed their monthly token quota worth $400 in half an hour. Crazy, right? This is the real cost of using an agentic workflow.
But, if a skilled human is involved, it plays out differently. One security researcher found a severe RCE vulnerability on the Airbnb site and earned $20k from them. Instead of using an agentic workflow, he used his custom MCP server and a bunch of Claude skills. He won. Humans still matter and they will, just because we are too far away from affordable agentic workflow.
Your point about future security patches reflecting both the large size and broad scope of Tuesday’s update from Microsoft has value and traction. This is what I am seeing in my research as well.