Home/News/A Record-Breaking Patch Tuesday for June 2026
Krebs on Security3 min read

A Record-Breaking Patch Tuesday for June 2026

Microsoft released a record-breaking number of software updates on June 11, 2026, to address nearly 200 security vulnerabilities across its Windows operating systems and related software. This Patch Tuesday update included approximately three dozen "critical" vulnerabilities, with exploit code already publicly available for at least three of them. Microsoft indicated in a blog post that the increasing use of artificial intelligence tools by both its engineers and the security community is contributing to this higher volume of patches, suggesting this trend may become the new norm. Satnam Narang, senior staff research engineer at Tenable, noted that AI usage among security professionals is reportedly around 90%, making such extensive patch releases unsurprising and likely to continue as AI models advance. Among the zero-day vulnerabilities addressed is CVE-2026-49160, a denial-of-service flaw affecting Microsoft Internet Information Services (IIS), which Microsoft stated was reported by OpenAI's Codex. Additionally, two zero-days appear to be linked to recent disclosures by a security researcher known as Nightmare Eclipse. One of these, "GreenPlasma," exploits an elevation of privilege vulnerability in the Windows Collaborative Translation Framework, which was also patched in CVE-2026-45586. Nightmare Eclipse also previously released "YellowKey," an exploit for a Windows BitLocker vulnerability allowing attackers with physical access to view encrypted data; CVE-2026-50507 is a patch for an elevation of privilege bug within BitLocker.

Original source — read the full reporting at the publisher:

Read on Krebs on Security

Read next