While there weren’t any genuine zero-day vulnerabilities to patch in May’s Patch Tuesday update, the fallout since then has been severe.
The first attacks on Microsoft Exchange Server occurred as early as Patch Tuesday week, abusing a vulnerability that still hasn’t been fixed and continues to be exploited by hackers.
Meanwhile, Microsoft has released security updates for its Malware Protection Engine to fix critical flaws, backtracked on its design decision to store passwords as plaintext in Edge, and more. Plus, a security researcher released another proof-of-concept exploit, this time targeting a vulnerability in BitLocker security.
The next scheduled Patch Tuesday is June 9th, 2026.
Microsoft Exchange Server flaws
The spoofing vulnerability CVE-2026-42897 in Exchange Server (2016, 2019, and Subscription Edition), which is classified as critical by Microsoft, is being exploited for attacks in the wild.
Microsoft doesn’t yet have any updates ready to address this security flaw. The Exchange Emergency Mitigation (EM) service can provide automatic relief, provided it’s active. In a blog post, Microsoft’s Exchange team explains how enterprise admins can minimize the attack surface—and also what side effects this may have.
YellowKey outwits BitLocker
A security researcher known as Nightmare-Eclipse—previously responsible for his RedSun and MiniPlasma proof-of-concept exploits—has continued his dispute with Microsoft by publishing another proof-of-concept exploit for a BitLocker vulnerability.
This one is called YellowKey and it allows an attacker who has physical access to a BitLocker-encrypted PC to get around BitLocker protection using a USB flash drive. This works if BitLocker is used on the device in TPM-only mode without a PIN. Microsoft has assigned a high risk level to this vulnerability, listing it as CVE-2026-45585 (BitLocker Security Feature Bypass), and released updates for Windows 11 and Server 2025.
Microsoft Edge and Authenticator
We previously reported that Microsoft’s Edge browser loads saved passwords into memory in plaintext so they’re immediately available as needed. Since the Edge update on May 15th (version 148.0.3967.70), the browser has been handling passwords more carefully. As of May 21st, Edge for Android is also at this version.
Microsoft’s Authenticator apps for Android and iOS have also been found to disclose sensitive information, allowing attackers to access everything—files, services, information—using the permissions of the currently logged-in user. Microsoft classifies the vulnerability CVE-2026-41615 as critical and has released fixed versions of the apps.
Microsoft Defender is vulnerable
Microsoft’s malware defense for Windows PCs has three vulnerabilities that need patching. Attackers can exploit these flaws to sneak malicious code past Defender undetected. They appear to be doing just that, as Microsoft reports that elevation-of-privilege vulnerability CVE-2026-41091 has publicly known exploit code. Exploiting this security vulnerability grants the attacker system privileges.
The DoS vulnerability CVE-2026-45498 in Microsoft Defender is also being exploited. The RCE vulnerability CVE-2026-45584, however, isn’t yet being exploited, although it could be used to execute code.
The vulnerabilities are present in Microsoft’s Malware Protection Engine up to and including version 1.1.26030.3008. Microsoft has already rolled out patched versions as part of the automatic daily updates for Defender. In version 1.1.26040.8 and later, all three vulnerabilities have been fixed.
To be on the safe side, check whether you have received this patched version by opening Windows Settings > Privacy & security → Windows Security → Virus & threat protection → Settings (⚙ icon bottom left) → About. The “Engine Version” is what you want to look at.
Tip: Whether you keep your Windows up to date, you need proper antivirus protections if you want your PC to remain secure and private. Check out our picks for the best antivirus software for Windows as well as best VPN services to stay ahead of security problems.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.