Patch/Configuration Management

Archive

Related Videos

Patch/Configuration Management

Critical Quest KACE SMA flaw exploited after 10 months

SC StaffMay 14, 2026

The critical vulnerability CVE-2025-32975 in Quest KACE Systems Management Appliance (SMA) was actively exploited by attackers who had not patched the system for 10 months after a fix was released in May 2025.

Patch/Configuration Management

Microsoft addresses BitLocker recovery issue in Windows 11

SC StaffMay 14, 2026

The issue, acknowledged on April 14, impacts Windows 10, Windows 11, and Windows Server devices configured with an "unrecommended" BitLocker Group Policy.

Patch/Configuration Management

Microsoft fixes Windows Autopatch bug affecting EU devices

SC StaffMay 14, 2026

The bug affected a limited number of Windows 11 devices (versions 25H2, 24H2, and 23H2) within the EU region.

(Credit: theartofpics – stock.adobe.com)

Vulnerability Management

Patch Tuesday: No zero days among 137 Microsoft CVEs, 4 Word RCEs

Laura FrenchMay 12, 2026

The May 2026 Microsoft security update included no zero days for the first time since June 2024.

Vulnerability Management

Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days

Laura FrenchMay 8, 2026

The actively exploited flaw enables remote admin users to execute arbitrary code.

Vulnerability Management

‘Dirty Frag’ Linux zero-day exposes most distributions to LPE

Steve ZurierMay 8, 2026

Dirty Frag Linux zero-day exposes most distributions to root privilege escalation.

Homepage of Apache website on the display of PC

Vulnerability Management

Apache fixes critical HTTP/2 vulnerability allowing remote code execution

SC StaffMay 8, 2026

The vulnerability, identified as CVE-2026-23918 with a CVSS score of 8.8, is a double-free error within the HTTP/2 implementation.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.