Automox

⚠️ The big one this month: CVE-2026-21265 Microsoft's 2011 Secure Boot certificates expire in June and October 2026.

If you have hardware from 2012-2025, you need both OS patches and BIOS updates. Miss either one, and you're still vulnerable to boot-level attacks. Start auditing your BIOS versions now. You’ve got 6 months.

Also on the radar:

⚠️ CVE-2026-20816 (CVSS 7.8) - Windows Installer elevation of privilege. TOCTOU race condition that can take a local user to SYSTEM. Not exploited yet, but a likely candidate.

⚠️ CVE-2026-20805 (CVSS 5.5) - Desktop Window Manager info disclosure. Already exploited in the wild. No admin rights needed. Can break sandbox isolation in virtualized environments. Patch this one first.

Full breakdown on our podcast: https://okt.to/PiHJt5 Happy patching!