Feed›Vulnerability›Critical Patches Issued for Microsoft Products, June 9, 2026...

VulnerabilityCIS Advisories

9.0 — CRITICAL

Critical Patches Issued for Microsoft Products, June 9, 2026

📅 9 June 2026 at 17:53 UTC📰 CIS AdvisoriesView original source ↗

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

Multiple vulnerabilities have been discovered in Microsoft products, with the most severe allowing for remote code execution, potentially leading to privilege escalation and system compromise.

⚙️Technical Details

Affected Systems

NETActive Directory Domain ServicesASP.NET CoreAzure HorizonDBAzure Stack EdgeCopilot Chat (Microsoft Edge)Function Discovery Service (fdwsd.dll)GitHub Copilot and Visual Studio CodeHTTP/2Linux MANA DriverM365 CopilotMicrosoft Azure Attestation service and Device Health Attestation ServiceMicrosoft Azure Kubernetes ServiceMicrosoft BingMicrosoft CopilotMicrosoft Defender for EndpointMicrosoft Dynamics 365 (on-premises)Microsoft Exchange OnlineMicrosoft Exchange ServerMicrosoft GraphMicrosoft Graphics ComponentMicrosoft KinectMicrosoft Live Share Canvas SDKMicrosoft OfficeMicrosoft Office Click-To-RunMicrosoft Office ExcelMicrosoft Office ProjectMicrosoft Office SharePointMicrosoft Office WordMicrosoft PC ManagerMicrosoft PowerToysMicrosoft Teams for AndroidMicrosoft UxTheme Library (uxtheme.dll)Microsoft Windows DNSOffice for AndroidRemote Desktop ClientRole: Windows Hyper-VUI Automation Manager (uiamanager.dll)Universal Plug and Play (upnp.dll)Visual Studio CodeWindows Administrator ProtectionWindows Ancillary Function Driver for WinSockWindows Application Identity (AppID) SubsystemWindows BitLockerWindows Bluetooth Port DriverWindows Bluetooth ServiceWindows Boot ManagerWindows Collaborative Translation FrameworkWindows Common Log File System DriverWindows Cryptographic ServicesWindows Deployment ServicesWindows DHCP ClientWindows DHCP ServerWindows DWM Core LibraryWindows Hotpatch Monitoring ServiceWindows HTTP.sysWindows Hyper-VWindows Internet (wininet.dll)Windows KerberosWindows KernelWindows Kernel-Mode DriversWindows Mark of the Web (MOTW)Windows MediaWindows Narrator BrailleWindows Network Controller (NC) Host AgentWindows NT OS KernelWindows NTFSWindows NTLMWindows Performance MonitorWindows Program Compatibility Assistant ServiceWindows Projected File System Filter DriverWindows Push NotificationsWindows RDPWindows SDKWindows Secure BootWindows ShellWindows StorageWindows TCP/IPWindows Telephony ServiceWindows UEFIWindows Universal Disk Format File System Driver (UDFS)Windows Win32K - GRFXWinlogon

Attack Vectors

Remote code executionPrivilege escalation

💥Impact Assessment

Severity: High

🛡️Recommended Actions

1Apply appropriate updates provided by Microsoft to vulnerable systems immediately after appropriate testing.

2Establish and maintain a documented vulnerability management process for enterprise assets.

3Perform automated vulnerability scans of internal enterprise assets on a quarterly, or more frequent, basis.

📦Affected Products

Microsoft products

Read the full article

This is a curated summary. The complete article is available at CIS Advisories.

Read on CIS Advisories ↗

← Back to feed