Microsoft breaks Patch Tuesday record with fixes for over 200 security flaws (www.techradar.com)

In its June 2026 Patch Tuesday release, Microsoft addressed nearly 200 security vulnerabilities across its Windows systems and supported software—the largest patch rollout in its history. This substantial update is significant for the AI/ML community as it highlights the increasing reliance on AI-driven bug discovery, which is contributing to record-high patch volumes. Two critical vulnerabilities, GreenPlasma (CVE‑2026‑45586) and YellowKey (CVE‑2026‑45585), were particularly notable. GreenPlasma allows local attackers to gain elevated privileges, while YellowKey enables a security feature bypass in Windows BitLocker, with the latter's proof of concept already public, raising serious security concerns. The incident surrounding these vulnerabilities underscores ongoing tensions between security researchers and companies regarding the disclosure and reporting of vulnerabilities. The involvement of a researcher known as Chaotic Eclipse, who recently clashed with Microsoft over reporting practices, has added complexity to the situation. This update not only underscores the importance of coordinated vulnerability disclosure but also sets the stage for potential legal action by Microsoft against researchers who do not follow best practices, emphasizing the critical balance between vulnerability research and industry responsibility in cybersecurity.