Microsoft Monthly Security Update – 10 June 2026

In Cyber Security by Matsco Engineering Team

 

Microsoft has released a security advisory on the 10th of June 2026 in line with their regular monthly patch schedule which includes a number of updates to address vulnerabilities in nine (9) medium risk products. 

These updates address vulnerabilities which may impact services through Spoofing, Remote Code Execution, Elevation of Privilege, Security Restriction Bypass, Information Disclosure, Data Manipulation, and Denial of Service. 

For more information please see: : Microsoft Security Update

This release consists of security updates for the following products, features and roles:

  • .NET
  • Active Directory Domain Services
  • ASP.NET Core
  • Azure HorizonDB
  • Azure Stack Edge
  • Copilot Chat (Microsoft Edge)
  • Function Discovery Service (fdwsd.dll)
  • GitHub Copilot and Visual Studio Code
  • HTTP/2
  • Linux MANA Driver
  • M365 Copilot
  • Microsoft Azure Attestation service and Device Health Attestation Service
  • Microsoft Azure Kubernetes Service
  • Microsoft Bing
  • Microsoft Copilot
  • Microsoft Defender for Endpoint
  • Dynamics Business Central
  • GitHub Copilot and Visual Studio
  • M365 Copilot
  • Microsoft Defender for Endpoint
  • Microsoft Dynamics 365 (on-premises)
  • Microsoft Exchange Online
  • Microsoft Exchange Server
  • Microsoft Graph
  • Microsoft Graphics Component
  • Microsoft Kinect
  • Microsoft Live Share Canvas SDK
  • Microsoft Office
  • Microsoft Office Click-To-Run
  • Microsoft Office Excel
  • Microsoft Office Project
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft PC Manager
  • Microsoft PowerToys
  • Microsoft Teams for Android
  • Microsoft UxTheme Library (uxtheme.dll)
  • Microsoft Windows DNS
  • Nuance PowerScribe
  • Office for Android
  • Remote Desktop Client
  • Role: Windows Hyper-V
  • UI Automation Manager (uiamanager.dll)
  • Universal Plug and Play (upnp.dll)
  • Visual Studio Code
  • Windows Administrator Protection
  • Windows Ancillary Function Driver for WinSock
  • Windows Application Identity (AppID) Subsystem
  • Windows BitLocker
  • Windows Bluetooth Port Driver
  • Windows Bluetooth Service
  • Windows Boot Manager
  • Windows Collaborative Translation Framework
  • Windows Common Log File System Driver
  • Windows Cryptographic Services
  • Windows Deployment Services
  • Windows DHCP Client
  • Windows DHCP Server
  • Windows DWM Core Library
  • Windows Hotpatch Monitoring Service
  • Windows HTTP.sys
  • Windows Hyper-V
  • Windows Internet (wininet.dll)
  • Windows Kerberos
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows Mark of the Web (MOTW)
  • Windows Media
  • Windows Narrator Braille
  • Windows Network Controller (NC) Host Agent
  • Windows NT OS Kernel
  • Windows NTFS
  • Windows NTLM
  • Windows Performance Monitor
  • Windows Program Compatibility Assistant Service
  • Windows Projected File System Filter Driver
  • Windows Push Notifications
  • Windows RDP
  • Windows SDK
  • Windows Secure Boot
  • Windows Shell
  • Windows Storage
  • Windows TCP/IP
  • Windows Telephony Service
  • Windows UEFI
  • Windows Universal Disk Format File System Driver (UDFS)
  • Windows Win32K - GRFX
  • Winlogon

 

A Proof of Concept exploit code is publicly available for CVE-2026-45585. This vulnerability allows a local attacker to bypass Microsoft BitLocker encryption to access data and is also known as “YellowKey”.

Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090

Share this Post