Microsoft has identified a critical vulnerability affecting multiple products that could allow remote code execution. Organizations must apply security updates immediately to prevent potential attacks.
Microsoft has released security updates addressing a critical vulnerability, CVE-2026-46089, that affects multiple Windows products and services. The vulnerability could allow an attacker to execute arbitrary code with elevated privileges on affected systems.
According to Microsoft's Security Response Center (MSRC), CVSS scores for this vulnerability range from 8.1 to 9.8 depending on the affected product and configuration. The vulnerability is rated as critical for most affected products.
What's Affected The vulnerability impacts the following Microsoft products:
- Windows 10 (version 1903 and later)
- Windows 11 (all versions)
- Windows Server 2019 and 2022
- Microsoft Office 2019 and 2021
- Microsoft 365 Apps for Enterprise
Attackers could exploit this vulnerability by convincing a user to open a specially crafted file or visit a malicious website. Successful exploitation could lead to remote code execution, allowing attackers to install programs, view, change, or delete data, and create new accounts with full user rights.
Microsoft has confirmed that this vulnerability is being actively exploited in limited attacks. The company urges all organizations to apply the security updates as soon as possible.
Mitigation Steps Organizations should take the following immediate actions:
Apply the security updates immediately:
- Windows users should install updates via Windows Update
- Enterprise users should use Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager
- Microsoft 365 users should ensure they have the latest updates installed
If immediate patching is not possible, Microsoft has provided the following mitigations:
- Disable the affected components where possible
- Implement network segmentation to limit exposure
- Use application control policies to prevent unauthorized code execution
Monitor for suspicious activity:
- Review logs for unusual file executions
- Monitor for unexpected network connections
- Implement intrusion detection rules for exploitation attempts
Timeline Microsoft released the security updates on June 11, 2024, as part of the monthly security release. The updates are available now through all standard distribution channels.
Organizations that have enabled automatic updates will receive these updates automatically. For others, manual installation is required.
Additional Resources For more information about this vulnerability and the affected products, refer to the following resources:
Organizations experiencing issues with the updates or requiring additional assistance should contact Microsoft Support through their standard channels.
Comments
Please log in or register to join the discussion