Microsoft Patch Tuesday for June 2026 , Snort rules and prominent vulnerabilities
Strategic summary
Microsoft's June 2026 Patch Tuesday addresses 206 vulnerabilities, including 32 critical ones, mostly remote code execution flaws in Windows services. Talos highlights four vulnerabilities as more likely to be exploited: a Remote Desktop Client buffer overflow, an HTTP Protocol Stack integer overflow, and two Windows Graphics component issues. Another 23 critical vulnerabilities, deemed less likely, affect Hyper-V, Remote Desktop, and other core components. Immediate patching is crucial to mitigate these risks.
Key findings
- 32 critical vulnerabilities, predominantly RCEs in Windows services such as Active Directory, Kerberos, Hyper-V, and Office.
- Four more-likely-to-be-exploited flaws: CVE-2026-42985, CVE-2026-47291, CVE-2026-44803, and CVE-2026-44812.
- CVE-2026-47291 allows unauthenticated RCE via the HTTP Protocol Stack with a specially crafted packet.
- 23 additional critical RCEs require specific attack conditions, e.g., in Hyper-V guest-to-host or via a malicious Remote Desktop Server.
- For manufacturing companies like Joel Traber AG, systems running Windows, Office, and SQL Server are affected: immediate patching is recommended.
Relevance for you
Monthly patch rollup with 32 critical vulnerabilities; 28 are RCE flaws in Windows services, AD, Kerberos, RDP and SQL Server , directly relevant for productive infrastructure.
Risk score
- cvss base
- 45.00
- kev bonus
- 0.00
- epss bonus
- 0.00
- poc bonus
- 15.00
- raw before weight
- 60.00
- industry weight
- 1.21
- freshness factor
- 1.00
- exploitability factor
- 1.00
- days old
- 0.00
- vendor mismatch penalty
- 0.00
- consensus penalty
- -3.00
Path: operational
Consensus check
The pipeline self-checks before delivery. These rules lowered the score:
-
TTP_SKIPPEDTTP mapping skipped (placeholder or aggregation article) −3
- Consensus penalty:
- −3.0
- Total penalty:
- −3.0