Dug a 2001 Aquaplus P/ECE out of a closet and got my own C game running on it: WinUSB/Zadig for the dead driver, a from-source S1C33 LLVM toolchain, and a 15GB-RAM OOM.
RedSun (CVE-2026-41091) and UnDefend (CVE-2026-45498) are confirmed exploited and in CISA KEV. A patched Windows isn't enough: how to check your Defender engine 1.1.26040.8 / platform 4.18.26040.7.
Microsoft's 2011 Secure Boot CAs expire June and October 2026. Secure Score check MC1293483 tracks fleet readiness; KB5025885 applies a two-phase rollover via the AvailableUpdates registry (0x140 → 0x280). BlackLotus-driven 2023 CA migration finally collides with the natural 15-year cert expiry.
Microsoft assigned CVE-2026-45585 to YellowKey: strip autofstx.exe from WinRE BootExecute and move TPM-only BitLocker to TPM+PIN. No patch ETA; Chaotic Eclipse claims a TPM+PIN bypass PoC.
Chaotic Eclipse's MiniPlasma takes SYSTEM on fully patched Windows 11 May 2026 by re-triggering CVE-2020-17103 in cldflt.sys, the same bug James Forshaw reported in 2020 and Microsoft supposedly fixed that December. Will Dormann confirmed the PoC works; the latest Insider Canary blocks it. No new CVE assigned yet, and the regression sits next to the actively exploited CVE-2025-62221 in the same driver.
Chaotic Eclipse released YellowKey and GreenPlasma PoCs one day after May 2026 Patch Tuesday. A USB-borne FsTx folder plus a Ctrl-key reboot drops cmd.exe inside WinRE on a BitLocker-protected machine. Covers WinRE-only behavior, the CTFMON SYSTEM elevation path, the RedSun silent-patch dispute, and what defenders can actually do while unpatched.
137 CVEs, no zero-days. Netlogon and DNS Client RCEs (both CVSS 9.8) lead — compared against ZeroLogon/SIGRed, with patch priority tiers and detection notes for SOC teams.
CreateFileW dwShareMode=0 locks 500K SMB files in 8 min with no encryption. Detection key: NAS session exclusive handle counts, not write-based indicators.
Design notes for centrally managing 3 play PCs at an exhibition booth. Mix the management UI into HDMI multiview to fit everything on one monitor, with a Stream Deck physical console so a relief operator can take over without breaking anything.
Tested WAI-Anima v1 on Windows + RTX 4060 Laptop GPU (8GB VRAM). Headless execution via ComfyUI API hit a tqdm OSError on startup, but launching ComfyUI normally generates a single image in 55 seconds. Includes the workaround and timing notes.
Microsoft's second-largest Patch Tuesday ever. SharePoint Server XSS zero-day (CVSS 6.5) confirmed in active exploitation and added to CISA KEV. Windows Defender BlueHammer LPE (CVSS 7.8) has a full public PoC. Also includes a wormable IKE RCE at CVSS 9.8.
Adobe CC's WAM component silently adds a detect-ccd.creativecloud.adobe.com entry to the Windows hosts file and uses it to detect installations from the browser. A breakdown of the mechanism and the broader pattern of major software taking control away from the OS and the user.