Windows Admin Center (WAC) is a convenient, browser-based management hub for administrators to manage servers, clients, and clusters from a centralized interface. A recent Cymulate Research Labs disclosure describes a critical chain of flaws that let an attacker achieve unauthenticated, one-click remote code execution (RCE) against both Azure-integrated and on-premises WAC deployments. The exploit requires little user interaction—a maliciously crafted
Category: Microsoft
Windows, Windows Server, Microsoft 365, Word, Excel, PowerPoint, Outlook, OneNote, Teams, SharePoint, OneDrive, Edge, Bing, SQL Server, Visual Studio, Active Directory, Dynamics 365, Power BI, Power Apps, Xbox, Game Pass, Surface, Intune, Defender, Exchange, Hyper-V, .NET, Dataverse, Microsoft Copilot, Copilot Studio, Microsoft Fabric, Power Platform, Windows 11, Windows 10, WSL, Windows Subsystem for Linux
Microsoft Confirms Reboot Loops on Windows Server 2025 After April Patch KB5082063
Microsoft has confirmed a critical stability problem affecting some Windows Server 2025 domain controllers following the April 2026 cumulative update (KB5082063). Administrators around the world reported domain controllers entering repeated reboot cycles after installing the update released on April 14, 2026, and Microsoft’s release notes were updated to acknowledge the issue and a related installation failure affecting a subset of
How the Windows Snipping Tool’s CVE-2026-33829 Opens the Door to NTLM Hash Theft
Microsoft patched a moderate-severity flaw in the Windows Snipping Tool in the April 14, 2026 security updates that could let attackers trick the application into leaking authentication material. Tracked as CVE-2026-33829 and reported by Blackarrow (Tarlogic), the issue stems from how Snipping Tool handles certain deep links and can result in an authenticated Server Message Block (SMB) connection to an
Windows Secure Boot: A practical playbook for certificates expiring in 2026
Microsoft’s Secure Boot certificates issued in 2011 are approaching their expiration window in 2026. While affected devices will continue to boot and receive regular Windows updates, they will stop receiving new protections for the pre-boot environment — updates to Windows Boot Manager, Secure Boot DB/DBX revocations, and mitigations for newly discovered boot-level vulnerabilities. Many newer PCs already include the 2023
Microsoft Patch Tuesday — April 2026: 168 Vulnerabilities Fixed, Including an Actively Exploited SharePoint Zero-Day
Microsoft’s April 2026 Patch Tuesday delivers a heavy set of fixes: 168 vulnerabilities across Windows, Office, Azure components and developer tools. The release includes one confirmed actively exploited zero-day in SharePoint Server (CVE-2026-32201) and a publicly disclosed elevation-of-privilege flaw in Microsoft Defender (CVE-2026-33825). Beyond those high-visibility issues, eight vulnerabilities are rated Critical — most of them Remote Code Execution (RCE)
Micropatches for Windows Shell Bypass (CVE-2026-21510): What 0patch Fixed and Why It Matters
Microsoft released fixes earlier this year for CVE-2026-21510, a security feature bypass in Windows Explorer that let specially crafted shortcut (LNK) files execute a remotely hosted DLL without the usual security warning. Researchers observed exploitation in the wild and uploaded a sample to malware repositories, enabling vendors and defenders to reproduce the issue and protect legacy systems that no longer