Microsoft breaks Patch Tuesday record with fixes for over 200 security flaws

News
By published

AI use is really starting to show

rendre Windows 10 plus rapide
  • June 2026 Patch Tuesday release fixes nearly 200 Windows vulnerabilities, Microsoft’s largest release to date
  • It includes Chaotic Eclipse’s GreenPlasma (CVE‑2026‑45586) and YellowKey (CVE‑2026‑45585), disclosed without coordination
  • AI‑driven bug discovery fueling record‑high patch volumes, expected to continue growing

The June 2026 Patch Tuesday cumulative update for Microsoft’s Windows operating system has been released - and is, by far, the biggest one the company has ever released.

The update addresses almost 200 security vulnerabilities across Windows systems, as well as supported software, dozens of which are labeled as “critical”, meaning they could cause serious damage to the users.

Among the flaws are two vulnerabilities disclosed by Chaotic Eclipse, a mysterious researcher who conflicted with Microsoft recently over how vulnerabilities were reported, and researchers credited/compensated.

Latest Videos From

Using AI to spot security issues

By fixing almost 200 flaws, Microsoft essentially broke its own record - partly due to the use of Artificial Intelligence (AI).

The first major issue is GreenPlasma, an elevation-of-privilege vulnerability in the Windows Collaborative Translation Framework (CTF). This bug, tracked as CVE-2026-45586, and given a severity score of 7.8/10 (high), allows a local attacker to gain higher privileges on Windows systems.

The second is YellowKey, a Windows BitLocker Security Feature Bypass vulnerability tracked as CVE-2026-45585, and given a severity score of 6.8/10 (medium). The proof of concept (PoC) for this vulnerability has been made public, NVD said, which is in violation of coordinated vulnerability best practices.

As a result, Microsoft said it was considering legal action against Chaotic Eclipse if they had been found to be breaking the law. In its follow-up advisory to Patch Tuesday, the company did not credit any researchers for these two flaws, only saying that it “recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.”

Via Krebs on Security

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.