https://hackingpassion.com/tags/patch-tuesday/Recent content in Patch Tuesday on HackingPassion.com : root@HackingPassion.com-[~]HugoenWed, 10 Jun 2026 12:01:36 +0200https://hackingpassion.com/rogueplanet-windows-defender-zero-day/Wed, 10 Jun 2026 12:01:36 +0200https://hackingpassion.com/rogueplanet-windows-defender-zero-day/<p>Nightmare-Eclipse is back, with a new exploit called <strong>RoguePlanet</strong>. Windows 10 and 11 have a new zero-day that lets a user with no rights take complete control of a fully updated machine, and Microsoft has no patch for it. He dropped it on Patch Tuesday, June 9th, a few hours after Microsoft shipped its largest Patch Tuesday yet, nearly 200 fixes in a single day.</p> <p>Some of those fixes closed his own earlier bugs. So while Microsoft was busy sealing the gaps he had already found, he opened a new one in public. For weeks he had been vague about whether anything was coming in June, switching between yes and no, and then he just did it.</p>https://hackingpassion.com/miniplasma-windows-zero-day-system-access/Mon, 18 May 2026 13:59:38 +0200https://hackingpassion.com/miniplasma-windows-zero-day-system-access/<p>A Windows zero-day called <strong>MiniPlasma</strong> gives any standard user full <strong>SYSTEM</strong> access on a fully patched machine. Microsoft patched it in December 2020, assigned it <strong>CVE-2020-17103</strong>, and marked it as fixed. Five and a half years later, the original Google proof-of-concept runs on a machine with all current updates installed without changing a single line of code and opens a SYSTEM shell. Microsoft patched this in 2020. It&rsquo;s still there.</p>https://hackingpassion.com/windows-dns-rce-2026/Wed, 13 May 2026 11:35:57 +0200https://hackingpassion.com/windows-dns-rce-2026/<p>Microsoft patched a critical heap buffer overflow in the Windows DNS Client. An attacker needs no account and no help from the person sitting at the machine to trigger it. Every Windows machine that performs DNS lookups is potentially in scope, and every Windows machine performs DNS lookups constantly.</p> <p>The vulnerability is tracked as <strong>CVE-2026-41096</strong> with a <strong>CVSS score of 9.8</strong>. It sits in a component called <code>dnsapi.dll</code>, the file that handles DNS lookups on every Windows machine. DNS, which stands for Domain Name System, is the system that translates domain names into IP addresses so computers know where to connect. Every time a browser loads a page, an application connects to a server, a VPN establishes, or Windows checks for updates, the system sends out a DNS query asking what IP address belongs to a given name. The DNS Client receives the answer, processes it, and passes it along.</p>https://hackingpassion.com/windows-one-update-ten-problems/Wed, 28 Jan 2026 14:10:10 +0100https://hackingpassion.com/windows-one-update-ten-problems/<p>Microsoft pushed one security update. It broke at least 10 different things. 114 security fixes. Two emergency patches. PCs that won&rsquo;t boot. Outlook that crashes. Remote Desktop that fails. Shutdown buttons that do nothing. And Microsoft is still investigating why some systems show a black screen and never start again. 🧐</p> <p><strong>A Windows and Microsoft story that keeps getting worse.</strong></p> <p>This was one of the largest Patch Tuesday releases in history. 114 vulnerabilities fixed, 8 rated Critical, 106 Important. The breakdown: 57 privilege escalation flaws, 22 remote code execution bugs, and 22 information disclosure vulnerabilities. Three zero-days in total, one actively exploited in the wild and two publicly known before Microsoft could patch them. In 2025 alone, Microsoft patched 1,130 CVEs across the year, 12% more than 2024.</p>https://hackingpassion.com/cve-2023-31096-microsoft-modem-driver-exploit/Wed, 14 Jan 2026 15:11:28 +0100https://hackingpassion.com/cve-2023-31096-microsoft-modem-driver-exploit/<p>In January 2026, Microsoft had already patched 114 vulnerabilities! Four modem drivers deleted since October. Companies that wrote them: gone. Source code: inaccessible. Microsoft&rsquo;s only option: remove them entirely. Meanwhile, ransomware groups are loading over 900 other vulnerable drivers that still ship with Windows. 😱 Hackers discovered they could use a 20-year-old telephone code to take over any Windows machine. No hardware required.</p> <p>One vulnerability stood out: CVE-2023-31096. A CVE number from 2023. Fixed in 2026. Three years later.</p>https://hackingpassion.com/sap-patch-tuesday-four-critical-vulnerabilities-cve-2026-0501/Tue, 13 Jan 2026 14:03:32 +0100https://hackingpassion.com/sap-patch-tuesday-four-critical-vulnerabilities-cve-2026-0501/<h1 id="sap-just-patched-four-critical-vulnerabilities">SAP just patched four critical vulnerabilities</h1> <p>SAP just patched four critical vulnerabilities. CVSS scores up to 9.9. One lets attackers run code with nothing but a malicious link. 425,000 companies run SAP. Over 85% of Fortune 500. The patches dropped today, January 13, 2026. 🧐</p> <p>SAP Patch Tuesday just landed with seventeen security notes. Four are HotNews - SAP&rsquo;s term for patch immediately or accept the consequences.</p> <p>The most severe vulnerability lets someone with a basic user account run arbitrary SQL queries against the entire financial database.</p>