- The June 2026 Patch Tuesday release fixes nearly 200 Windows vulnerabilities, Microsoft’s largest release to date.
- It includes GreenPlasma (CVE‑2026‑45586) and YellowKey (CVE‑2026‑45585) from Chaotic Eclipse, leaked without coordination
- AI-Driven Bug Discovery Fuels Record Patch Volumes, Expected to Continue to Grow
The June 2026 Patch Tuesday cumulative update for Microsoft’s Windows operating system has been released – and is, by far, the largest ever released by the company.
The update fixes nearly 200 security vulnerabilities on Windows systems, as well as supported software, dozens of which are labeled as “critical,” meaning they could cause serious harm to users.
Among the flaws are two vulnerabilities revealed by Chaotic Eclipse, a mysterious researcher who was recently in conflict with Microsoft over how vulnerabilities were reported and how researchers were credited/compensated.
Use AI to detect security issues
By fixing nearly 200 flaws, Microsoft essentially broke its own record, thanks in part to the use of artificial intelligence (AI).
The first major issue is GreenPlasma, an elevation of privilege vulnerability in Windows Collaborative Translation Framework (CTF). This bug, tracked as CVE-2026-45586 and given a severity score of 7.8/10 (high), allows a local attacker to gain elevated privileges on Windows systems.
The second is YellowKey, a Windows BitLocker security feature bypass vulnerability, tracked as CVE-2026-45585 and having a severity score of 6.8/10 (medium). The proof of concept (PoC) for this vulnerability has been made public, NVD said, which is a violation of coordinated vulnerability best practices.
As a result, Microsoft said it plans to take legal action against Chaotic Eclipse if it is found to be breaking the law. In its Patch Tuesday follow-up notice, the company did not credit any researchers for these two flaws, saying only that it “recognizes the efforts of members of the security community who help us protect customers through coordinated vulnerability disclosure.”
Via Krebs on safety
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
