Three Zero-Days, 206 Flaws Fixed: Microsoft Delivers Record-Breaking June 2026 Patch Tuesday

In total, Microsoft addressed 206 vulnerabilities, including three publicly disclosed zero-day vulnerabilities. The update includes 33 Critical vulnerabilities, with a heavy concentration of remote code execution (RCE) and elevation of privilege flaws that could significantly impact enterprise environments if left unpatched. Additionally, Microsoft Edge incorporated fixes for approximately 360 Chromium-related vulnerabilities released by Google.

The June release includes vulnerabilities spanning privilege escalation, remote code execution, information disclosure, spoofing, denial-of-service, and security feature bypass categories, reinforcing the need for rapid patch deployment across endpoints, servers, cloud workloads, and hybrid infrastructures.

Microsoft's June 2026 Patch Tuesday addressed three publicly disclosed zero-day vulnerabilities. Although Microsoft did not report active exploitation at release, public disclosure substantially increases the likelihood of near-term exploitation attempts.

This vulnerability affects the Windows HTTP protocol stack (HTTP.sys) and results from uncontrolled resource consumption in HTTP/2 processing. An unauthenticated attacker can exploit the flaw remotely by sending specially crafted network requests that exhaust system resources and trigger a denial-of-service condition. Because HTTP.sys is used extensively across Windows Server environments, web services, and enterprise applications, successful exploitation could disrupt critical business services and infrastructure. Organizations exposing HTTP-based services should prioritize patching affected systems.

This elevation-of-privilege vulnerability exists within the Windows Collaborative Translation Framework and involves improper handling of link-following operations. An authenticated attacker with local access can exploit the flaw to obtain SYSTEM-level privileges.The vulnerability is particularly dangerous in post-compromise scenarios, where attackers can leverage it to gain complete control of affected systems, disable security controls, and establish persistence.

This vulnerability impacts Windows BitLocker and allows attackers with physical access to bypass encryption-related security protections. The flaw stems from a failure in BitLocker's protection mechanisms and could potentially enable unauthorized access to encrypted data. Organizations relying on BitLocker to protect sensitive information on laptops and portable devices should prioritize patch deployment and verify physical security controls.

The June 2026 updates affect a broad range of products and services, including:

.NET

Active Directory Domain Services

ASP.NET Core

Azure Stack Edge

Function Discovery Service (fdwsd.dll)

GitHub Copilot and Visual Studio Code

HTTP/2

Linux MANA Driver

Microsoft Azure Attestation service and Device Health Attestation Service

Microsoft Azure Kubernetes Service

Microsoft Bing

Microsoft Defender for Endpoint

Microsoft Dynamics 365 (on-premises)

Microsoft Exchange Server

Microsoft Graphics Component

Microsoft Kinect

Microsoft Live Share Canvas SDK

Microsoft Office

Microsoft Office Click-To-Run

Microsoft Office Excel

Microsoft Office Project

Microsoft Office SharePoint

Microsoft Office Word

Microsoft PC Manager

Microsoft PowerToys

Microsoft Teams for Android

Microsoft UxTheme Library (uxtheme.dll)

Microsoft Windows DNS

Nuance PowerScribe

Office for Android

Remote Desktop Client

Role: Windows Hyper-V

UI Automation Manager (uiamanager.dll)

Universal Plug and Play (upnp.dll)

Visual Studio Code

Windows Administrator Protection

Windows Ancillary Function Driver for WinSock

Windows Application Identity (AppID) Subsystem

Windows BitLocker

Windows Bluetooth Port Driver

Windows Bluetooth Service

Windows Boot Manager

Windows Collaborative Translation Framework

Windows Common Log File System Driver

Windows Cryptographic Services

Windows Deployment Services

Windows DHCP Client

Windows DHCP Server

Windows DWM Core Library

Windows Hotpatch Monitoring Service

Windows HTTP.sys

Windows Hyper-V

Windows Internet (wininet.dll)

Windows Kerberos

Windows Kernel

Windows Kernel-Mode Drivers

Windows Mark of the Web (MOTW)

Windows Media

Windows Narrator Braille

Windows Network Controller (NC) Host Agent

Windows NT OS Kernel

Windows NTFS

Windows NTLM

Windows Performance Monitor

Windows Program Compatibility Assistant Service

Windows Projected File System Filter Driver

Windows Push Notifications

Windows RDP

Windows SDK

Windows Secure Boot

Windows Shell

Windows Storage

Windows TCP/IP

Windows Telephony Service

Windows UEFI

Windows Universal Disk Format File System Driver (UDFS)

Windows Win32K - GRFX

Winlogon

Prioritize publicly disclosed zero-days

Address critical RCE vulnerabilities first

Review Active Directory and Identity Infrastructure

Verify BitLocker and Secure Boot Protections

Ensure Consistent Patching Across Hybrid Environments

Saner patch management is a continuous, automated, and integrated software that instantly fixes risks exploited in the wild. The software supports major operating systems like Windows, Linux, and macOS, as well as 550+ third-party applications.

It also allows you to set up a safe testing area to test patches before deploying them in a primary production environment. Saner patch management additionally supports a patch rollback feature in case of patch failure or a system malfunction.

Experience the fastest and most accurate patching software here.