Microsoft has released a critical security update addressing CVE-2026-28390, a severe vulnerability affecting multiple Windows versions. Users must install patches immediately to prevent potential exploitation.
Microsoft has issued an urgent security update to address CVE-2026-28390, a critical vulnerability that could allow attackers to execute arbitrary code on affected systems. The vulnerability affects multiple Windows operating systems and has been assigned a CVSS score of 9.8, indicating its severe nature.
Vulnerability Details
The CVE-2026-28390 vulnerability exists in the Windows kernel component, specifically in how it handles certain memory operations. An attacker who successfully exploits this vulnerability could gain the same user rights as the local user, potentially leading to complete system compromise.
Affected Products
Microsoft has confirmed that the following products are affected:
- Windows 10 Version 1809 and later
- Windows 11 (all versions)
- Windows Server 2019 and 2022
- Windows Server (Semi-Annual Channel)
Severity and Risk
With a CVSS v3.1 base score of 9.8 (Critical), this vulnerability poses a significant risk to organizations and individual users. The high severity rating reflects the potential for remote code execution without requiring user interaction.
Mitigation Steps
Microsoft strongly recommends that all affected users apply the security update immediately. The update can be installed through Windows Update or by downloading the specific patch from the Microsoft Update Catalog.
Installation Instructions
- Automatic Update: Ensure Windows Update is enabled and check for updates
- Manual Update: Visit Microsoft Update Catalog and search for KBXXXXXXX (specific patch ID)
- Enterprise Deployment: Use WSUS or SCCM for centralized deployment
Timeline
- Vulnerability Discovery: March 15, 2026
- Patch Release: March 16, 2026
- Public Disclosure: March 16, 2026
Additional Resources
For more information about this vulnerability and the security update, visit:
Protection Measures
While applying the patch is the primary mitigation, organizations should also:
- Monitor network traffic for suspicious activity
- Review system logs for signs of exploitation attempts
- Ensure endpoint protection solutions are updated
- Consider temporary network segmentation if immediate patching isn't possible
Microsoft has not observed any active exploitation of this vulnerability in the wild at the time of patch release, but the critical nature of the flaw warrants immediate action.
Comments
Please log in or register to join the discussion