Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32

The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let that fool you.

In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list.

They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month.

What's covered:

CVE-2026-41089: Windows NetLogon RCE (CVSS 9.8) and CVE-2026-41096: Windows DNS Client RCE (CVSS 9.8)
CVE-2026-40402: Hyper-V guest-to-host escalation (CVSS 9.3)
macOS Tahoe 26.5: Wi-Fi kernel RCE, nine kernel CVEs, 20 WebKit vulnerabilities
Dirty Frag Linux privilege escalation chain and the Copy Fail connection
AI-credited discoveries from Anthropic, calif.io, Theori, and NIST's Center for AI Standards and Innovation

- Patch Tuesday Blog
- DirtyFrag Blog
- What "Mythos Ready" Means

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(220)

Patch [FIX] Tuesday – [Emergency Episode: DirtyFrag Exploit Before Patch], Ep. 31

Breaking from the normal Patch Tuesday cadence for an emergency drop. On May 7, security researcher Hyunwoo Kim published a working proof-of-concept for DirtyFrag - a Linux kernel local privilege esca...

8 Mai 10min

Autonomous IT, Live! The Math of Modern Attacks, E07

In this episode of Autonomous IT, Live!, we break down the widening gap between exploitation speed and remediation reality. Disclosed vulnerabilities keep climbing, exploitation windows keep shrinking...

28 Apr 33min

Secure IT – Claude Mythos: AI Vulnerability Hype vs. Evidence, E23

Claude Mythos dominated the AI security conversation for two weeks straight, from the Cloud Security Alliance's strategy briefing to sharp public skepticism to yesterday's Bloomberg report that unauth...

23 Apr 7min

Patch [FIX] Tuesday – April 2026 [Double Feature: SQL Another Day + XSS Never Dies], E30

This month's Patch Tuesday drops a SQL Server elevation of privilege that hands attackers sysadmin access and an actively exploited SharePoint XSS flaw that requires no authentication. SQL injection i...

14 Apr 8min

Automox Insiders – The Magic of Automox: Emily Pace on Building Smarter IT Tools, E11

In this episode of IT Insiders, Maddie Regis speaks with Emily Pace, a Senior Product Manager at Automox. Emily shares her career journey, her role in product management, and the collaborative environ...

9 Apr 14min

Product Talk – From Click to Fix: Bringing Automox Actions to Zendesk, E25

What if your IT team could troubleshoot and remediate endpoint issues without ever leaving their service desk? In this episode, Steph Rizzuto and Katherine Chipdey break down the new Automox + Zendesk...

2 Apr 19min

Automox Insiders – Tidy Endpoints, Tidy Mind: Spring Cleaning with Adam Whitman, E17

In this episode of Automox Insiders, host Maddie Regis chats with Adam Whitman, Manager of Solutions Engineering at Automox, about all things IT spring cleaning. From patch management and software aud...

31 Mar 13min