June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days

___ Blog Featured Recent Video Category Start Free Trial June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days June 09, 2026 • Falcon Exposure Management Team • Exposure Management Microsoft has addressed 206 vulnerabilities in its June 2026 security update release. This month's patches include fixes for three publicly disclosed zero-day vulnerabilities and 37 Critical vulnerabilities, along with 166 additional vulnerabilities of varying severity levels. June 2026 Risk Analysis This month's leading risk types by exploitation technique are elevation of privilege with 65 patches (32%), remote code execution (RCE) with 55 patches (27%), and information disclosure with 29 (13%). Figure 1. Breakdown of June 2026 Patch Tuesday exploitation techniques Microsoft Windows received the most patches this month with 120, followed by Extended Security Updates (ESU) with 103, and Microsoft Office with 54. Figure 2. Breakdown of product families affected by June 2026 Patch Tuesday Publicly Disclosed Elevation of Privilege Vulnerability in Windows Collaborative Translation Framework CVE-2026-45586 is an Important elevation of privilege vulnerability affecting Windows Collaborative Translation Framework (CTFMON) and has a CVSS score of 7.8. CTFMON is a core Windows component that manages text input, handwriting recognition, and language services. A link following flaw (CWE-59) allows a low-privileged local attacker to elevate privileges with no user interaction and low attack complexity. Successful exploitation could grant an attacker SYSTEM privileges. This vulnerability was publicly disclosed, though there is no evidence of exploitation in the wild. Microsoft assesses exploitation as more likely. Table 1. Publicly disclosed zero-day vulnerability in Microsoft Windows Collaborative Translation Framework (CTFMON) Severity CVSS Score CVE Description Action Required? Important 7.8 CVE-2026-45586 Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability Yes Publicly Disclosed Security Feature Bypass Vulnerability in Windows BitLocker CVE-2026-50507 is an Important security feature bypass vulnerability affecting Windows BitLocker and has a CVSS score of 6.8. A missing authentication for a critical function flaw (CWE-306) allows an unauthenticated attacker with physical access to bypass BitLocker Device Encryption and gain access to encrypted data on the system storage device. While physical access is required, the attack requires no privileges or user interaction and has low attack complexity. This vulnerability was publicly disclosed and proof-of-concept exploit code exists, though there is no evidence of exploitation in the wild. Microsoft assesses exploitation as more likely. Table 2. Publicly disclosed zero-day security feature bypass vulnerability in Windows BitLocker Severity CVSS Score CVE Description Action Required? Important 6.8 CVE-2026-50507 Windows BitLocker Security Feature Bypass Vulnerability Yes Publicly Disclosed and Critical Vulnerabilities in HTTP.sys HTTP.sys is the kernel-mode HTTP server driver in Windows that handles HTTP and HTTPS requests directly at the OS level, used by IIS and other Windows web services; vulnerabilities here can be exploited remotely against any Windows server exposing web services without requiring authentication. CVE-2026-49160 is a publicly disclosed Important denial of service vulnerability affecting HTTP.sys and has a CVSS score of 7.5. An uncontrolled resource consumption flaw (CWE-400) in HTTP/2 allows unauthenticated remote attackers to deny service with no user interaction and low attack complexity. As part of the available fix, Microsoft has introduced a new MaxHeadersCount registry setting that allows administrators to limit the number of headers accepted in HTTP/2 and HTTP/3 requests. There is no evidence of exploitation in the wild, though Microsoft assesses exploitation as more likely. CVE-2026-47291 is a Critical RCE vulnerability affecting HTTP.sys with a CVSS score of 9.8. Integer overflow and heap-based buffer overflow flaws (CWE-190, CWE-122) allow unauthenticated remote attackers to execute code with no user interaction and low attack complexity. An attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack to trigger the vulnerability. Systems using the default MaxRequestBytes registry value of 16,384 bytes (16 KB) are not impacted. As a pre-patch mitigation, administrators can ensure this value is set to no higher than 65,534 bytes to avoid exposure. Table 3. Publicly disclosed zero-day vulnerability and Critical vulnerability in HTTP.sys Severity CVSS Score CVE Description Action Required? Critical 9.8 CVE-2026-47291 HTTP.sys Remote Code Execution Vulnerability Yes Important 7.5 CVE-2026-49160 HTTP.sys Denial of Service Vulnerability Yes Critical Vulnerability in Windows Kernel CVE-2026-45657 is a Critical RCE vulnerability affecting the Windows kernel and has a CVSS score of 9.8. Use-after-free and heap-based buffer overflow flaws (CWE-416, CWE-122) allow unauthenticated remote attackers to execute code with no user interaction and low attack complexity. An attacker could send specially crafted network traffic to trigger a flaw in how the Windows kernel processes TCP/IP data, potentially enabling code execution with SYSTEM-level privileges without requiring authentication or user interaction. Table 4. Critical vulnerability in Windows kernel Severity CVSS Score CVE Description Action Required? Critical 9.8 CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability Yes Critical Vulnerability in Nuance PowerScribe CVE-2026-26142 is a Critical RCE vulnerability affecting Nuance PowerScribe and has a CVSS score of 9.8. Nuance PowerScribe is a radiology reporting and workflow platform widely used in healthcare environments. This deserialization of untrusted data flaw (CWE-502) allows unauthenticated remote attackers to execute code and compromise sensitive medical data and clinical infrastructure with no user interaction and low attack complexity. Table 5. Critical vulnerability in Microsoft Nuance PowerScribe Severity CVSS Score CVE Description Action Required? Critical 9.8 CVE-2026-26142 Nuance PowerScribe Remote Code Execution Vulnerability Yes Critical Vulnerability in DHCP Client Service CVE-2026-44815 is a Critical RCE vulnerability affecting the Windows DHCP Client Service and has a CVSS score of 9.8. A stack-based buffer overflow flaw (CWE-121) allows unauthenticated remote attackers to execute code with no user interaction and low attack complexity. An attacker could exploit this by operating a rogue DHCP server on the network and responding to DHCP requests from vulnerable clients with specially crafted data. Exploitation is contingent on the target calling the DhcpGetOriginalSubnetMask API; as a pre-patch mitigation, administrators should audit and, where possible, restrict applications that call this API. Table 6. Critical vulnerability in Windows DHCP Client Service Severity CVSS Score CVE Description Action Required? Critical 9.8 CVE-2026-44815 DHCP Client Service Remote Code Execution Vulnerability Yes Critical Vulnerability in Windows Active Directory Domain Services CVE-2026-45648 is a Critical RCE vulnerability affecting Windows Active Directory Domain Services and has a CVSS score of 8.8. A stack-based buffer overflow flaw (CWE-121) allows any domain-authenticated attacker to execute code over a network with no user interaction and low attack complexity. An attacker with access to the NSPI RPC interface could provide crafted inputs that trigger an out-of-bounds write in the directory service process, leading to memory corruption and RCE. Standard domain credentials are sufficient to trigger this vulnerability. Table 7. Critical vulnerability in Windows Active Directory Domain Services Severity CVSS Score CVE Description Action Required? Critical 8.8 CVE-2026-45648 Windows Active Directory Domain Services Remote Code Execution Vulnerability Yes Critical Vulnerability in Azure Kubernetes Service CVE-2026-32193 is a Critical RCE vulnerability affecting Azure Kubernetes Service (AKS) and has a CVSS score of 8.8. A path traversal flaw (CWE-22) allows a low-privileged local attacker to execute code with no user interaction and low attack complexity. An attacker that can run an untrusted container configured with hostNetwork could send specially crafted requests to a host-level service not intended for unauthenticated access, potentially break out of the container, and gain control of the AKS worker node. Successful exploitation has a changed scope, meaning impact could extend beyond the container to resources managed by a different security authority. Table 8. Critical vulnerability in Microsoft Azure Kubernetes Service Severity CVSS Score CVE Description Action Required? Critical 8.8 CVE-2026-32193 Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability Yes Critical Remote Code Execution Vulnerabilities in Remote Desktop Client Seven Critical RCE vulnerabilities affecting the Remote Desktop Client were patched this month, with CVSS scores ranging from 7.5 to 8.8. All seven share a common exploitation theme: An attacker with control of a malicious Remote Desktop server could execute code on a victim's machine when the victim connects using a vulnerable Remote Desktop Client. CVE-2026-47289, CVE-2026-42992, and CVE-2026-44799 stem from heap-based buffer overflow flaws (CWE-122). CVE-2026-47289 has low attack complexity and exploits the connection process by presenting a specially crafted RDP certificate; when the client processes the malformed certificate, the attacker could execute code on the user's device with the same privileges as the connecting user. CVE-2026-42992 and CVE-2026-44799 have high attack complexity, requiring an attacker to take additional preparatory actions before exploitation. CVE-2026-42985, CVE-2026-44801, CVE-2026-47654, and CVE-2026-48563 stem from use-after-free flaws (CWE-416). In all four cases, an attacker with control of a Remote Desktop server could trigger RCE on a victim's machine upon connection. CVE-2026-47654 and CVE-2026-48563 additionally require an attacker to win a race condition, while CVE-2026-44801 requires additional preparatory actions prior to exploitation. Table 9. Critical vulnerabilities in Remote Desktop Client Severity CVSS Score CVE Description Action Required? Critical 8.8 CVE-2026-42985 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 8.8 CVE-2026-47289 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 7.5 CVE-2026-42992 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 7.5 CVE-2026-44799 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 7.5 CVE-2026-44801 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 7.5 CVE-2026-47654 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical 7.5 CVE-2026-48563 Remote Desktop Client Remote Code Execution Vulnerability Yes Critical Vulnerability in Microsoft Cryptographic Services CVE-2026-44810 is a Critical elevation of privilege vulnerability affecting Microsoft Cryptographic Services and has a CVSS score of 8.4. This improper authentication flaw (CWE-287) allows an unauthenticated local attacker to elevate privileges with no user interaction and low attack complexity. An attacker could exploit this either by logging on to the system and running a specially crafted application, or by convincing a local user to open a malicious file. Successful exploitation could grant an attacker SYSTEM privileges. Table 10. Critical vulnerability in Microsoft Cryptographic Services Severity CVSS Score CVE Description Action Required? Critical 8.4 CVE-2026-44810 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Yes Critical Vulnerabilities in Microsoft Office  CVE-2026-45461, CVE-2026-45463, CVE-2026-45472, and CVE-2026-45474 are Critical RCE vulnerabilities in Microsoft Office, all with a CVSS score of 8.4. These vulnerabilities allow unauthorized attackers to execute arbitrary code locally through use-after-free flaws (CVE-2026-45461, CVE-2026-45472, CVE-2026-45474) and an integer underflow flaw (CVE-2026-45463).  CVE-2026-45460 is a Critical information disclosure vulnerability affecting Microsoft Office and has a CVSS score of 4.7. A buffer over-read flaw (CWE-126) could allow an unauthorized attacker to disclose information locally. An attacker that successfully exploited this vulnerability could potentially read small portions of heap memory. The Preview Pane is an attack vector for all five vulnerabilities. Table 11. Critical vulnerabilities in Microsoft Office Severity CVSS Score CVE Description Action Required? Critical 8.4 CVE-2026-45461 Microsoft Office Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-45472 Microsoft Office Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-45474 Microsoft Office Remote Code Execution Vulnerability Yes Critical 4.7 CVE-2026-45460 Microsoft Office Information Disclosure Vulnerability Yes Critical Vulnerabilities in Windows Hyper-V CVE-2026-45607 and CVE-2026-45641 are Critical RCE vulnerabilities affecting Windows Hyper-V, both with a CVSS score of 8.4. Both share a common exploitation path: An authenticated attacker on a guest VM could send specially crafted file operation requests to hardware resources on the VM, resulting in RCE on the host server. CVE-2026-45607 stems from an out-of-bounds read flaw (CWE-125), while CVE-2026-45641 stems from a type confusion flaw (CWE-843). Both require no user interaction and have low attack complexity. CVE-2026-47652 is a Critical RCE vulnerability affecting Windows Hyper-V and has a CVSS score of 8.2, stemming from a heap-based buffer overflow flaw (CWE-122). An attacker could issue a specially crafted hypercall with a maliciously large or malformed payload size from within a virtualized environment, triggering a buffer overflow in the hypervisor during memory operations. Unlike the other two, this vulnerability requires high privileges to exploit. Table 12. Critical vulnerabilities in Windows Hyper-V Severity CVSS Score CVE Description Action Required? Critical 8.4 CVE-2026-45607 Windows Hyper-V Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-45641 Windows Hyper-V Remote Code Execution Vulnerability Yes Critical 8.2 CVE-2026-47652 Windows Hyper-V Remote Code Execution Vulnerability Yes Critical Vulnerabilities in Microsoft Outlook and Word CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635 are Critical RCE vulnerabilities affecting Microsoft Outlook and Word, all with a CVSS score of 8.4. These vulnerabilities allow unauthorized attackers to execute arbitrary code locally through a type confusion flaw (CVE-2026-45456), a use-after-free flaw (CVE-2026-45458), and a heap-based buffer overflow flaw (CVE-2026-47635). The Preview Pane is an attack vector for all three vulnerabilities. Table 13. Critical vulnerabilities in Microsoft Outlook and Word Severity CVSS Score CVE Description Action Required? Critical 8.4 CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-45458 Microsoft Outlook and Word Remote Code Execution Vulnerability Yes Critical 8.4 CVE-2026-47635 Microsoft Outlook and Word Remote Code Execution Vulnerability Yes Critical Vulnerability in Windows Deployment Services CVE-2026-42987 is a Critical RCE vulnerability affecting Windows Deployment Services (WDS) and has a CVSS score of 8.1. This use-after-free flaw (CWE-416) could allow an unauthorized remote attacker to execute arbitrary code over a network. Successful exploitation requires an attacker to win a race condition. An attacker could exploit this vulnerability by sending specially crafted network requests to a Windows Server system with the WDS role enabled that is listening for TFTP traffic. By triggering an error in how the server handles simultaneous requests, an unauthenticated remote attacker could cause the service to use invalid memory, potentially allowing code execution on the affected server. Table 14. Critical vulnerability in Windows Deployment Services Severity CVSS Score CVE Description Action Required? Critical 8.1 CVE-2026-42987 Windows Deployment Services (WDS) Remote Code Execution Vulnerability Yes Critical Vulnerability in Windows Device Health Attestation CVE-2026-33828 is a Critical elevation of privilege vulnerability affecting Windows Device Health Attestation (DHA) and has a CVSS score of 7.8. DHA is a Windows security feature that verifies the integrity of a device's boot process and security configuration. This trust boundary violation flaw (CWE-501) allows a low-privileged local attacker to undermine the trustworthiness of attestation reports and elevate privileges to gain SYSTEM-level control with no user interaction and low attack complexity. Table 15. Critical vulnerability in Windows Device Health Attestation Severity CVSS Score CVE Description Action Required? Critical 7.8 CVE-2026-33828 Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability Yes Critical Vulnerability in Windows Media CVE-2026-48574 is a Critical RCE vulnerability affecting Windows Media and has a CVSS score of 7.8. This heap-based buffer overflow flaw (CWE-122) allows an attacker to execute arbitrary code on a target system by convincing a user to interact with a specially crafted file. Despite the RCE classification, the attack vector is local, meaning the attacker must rely on user interaction to trigger the vulnerability rather than reaching the target directly over a network. Table 16. Critical vulnerability in Windows Media Severity CVSS Score CVE Description Action Required? Critical 7.8 CVE-2026-48574 Windows Media Remote Code Execution Vulnerability Yes Critical Vulnerabilities in Windows Graphics Component CVE-2026-44803 and CVE-2026-44812 are Critical RCE vulnerabilities affecting the Windows Graphics Component, both with a CVSS score of 7.8. Both stem from integer overflow flaws (CWE-190) in Windows Win32K - GRFX and require user interaction to exploit. An attacker could trigger code execution by convincing a user to view a specially crafted file in the Windows File Explorer Preview Pane or by opening the file directly. Despite the RCE classification, the attack vector is local, meaning the attacker must rely on user interaction rather than reaching the target directly over a network. Table 17. Critical vulnerabilities in Windows Graphics Component Severity CVSS Score CVE Description Action Required? Critical 7.8 CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability Yes Critical 7.8 CVE-2026-44812 Windows Graphics Component Remote Code Execution Vulnerability Yes Critical Vulnerability in Windows Kerberos Key Distribution Center CVE-2026-47288 is a Critical RCE vulnerability affecting the Windows Kerberos Key Distribution Center (KDC) and has a CVSS score of 7.1. The KDC is the authentication service that runs on every Active Directory domain controller; it’s responsible for issuing Kerberos tickets across the domain. A vulnerability here could allow attackers to target the most sensitive servers in an enterprise environment. This integer overflow or wraparound flaw (CWE-190) in Windows Kerberos could allow an authorized attacker to execute code over an adjacent network. Successful exploitation requires an attacker to prepare the target environment to improve exploit reliability. An attacker already authenticated to the domain could send specially crafted authentication-related data to a domain controller, causing the affected Windows component to incorrectly handle memory. This could allow the attacker to disrupt the service or gain higher privileges on the domain controller without any user interaction. Table 18. Critical vulnerability in Windows Kerberos Key Distribution Center Severity CVSS Score CVE Description Action Required? Critical 7.1 CVE-2026-47288 Windows Kerberos Key Distribution Center (KDC) Remote Code Execution Vulnerability Yes Critical Vulnerability in Azure HorizonDB CVE-2026-48567 is a Critical elevation of privilege vulnerability affecting Azure HorizonDB and has a CVSS score of 10.0. Azure HorizonDB is a cloud-native distributed database service; an authentication bypass here could allow attackers to gain unauthorized control over database resources and potentially the data they host.  Microsoft has proactively remediated this vulnerability within its cloud infrastructure without requiring any customer intervention. Table 19. Critical vulnerability in Azure HorizonDB Severity CVSS Score CVE Description Action Required? Critical 10.0 CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability No Critical Vulnerability in Microsoft Exchange Online CVE-2026-48579 is a Critical information disclosure vulnerability affecting Microsoft Exchange Online and has a CVSS score of 9.1. An improper authorization flaw (CWE-285) allows unauthenticated remote attackers to disclose sensitive information over a network with no user interaction and low attack complexity, with high confidentiality and integrity impact. Microsoft has proactively remediated this vulnerability within its cloud infrastructure without requiring any customer intervention. Table 20. Critical vulnerability in Microsoft Exchange Online Severity CVSS Score CVE Description Action Required? Critical 9.1 CVE-2026-48579 Microsoft Exchange Online Information Disclosure Vulnerability No Critical Vulnerabilities in Microsoft M365 Copilot CVE-2026-45497 and CVE-2026-42824 are Critical vulnerabilities affecting Microsoft M365 Copilot, with CVSS scores of 7.7 and 6.5, respectively. Both stem from command injection flaws (CWE-77). CVE-2026-45497 is an RCE vulnerability that allows low-privileged remote attackers to execute code over a network with high attack complexity and a changed scope. CVE-2026-42824 is an information disclosure vulnerability that allows unauthenticated remote attackers to disclose sensitive information over a network, requiring user interaction to exploit. Microsoft has proactively remediated these vulnerabilities within its cloud infrastructure without requiring any customer intervention. Table 21. Critical vulnerabilities in Microsoft M365 Copilot Severity CVSS Score CVE Description Action Required? Critical 7.7 CVE-2026-45497 Microsoft M365 Copilot Remote Code Execution Vulnerability No Critical 6.5 CVE-2026-42824 Microsoft M365 Copilot Information Disclosure Vulnerability No Critical Vulnerability in Copilot Chat (Microsoft Edge) CVE-2026-47644 is a Critical information disclosure vulnerability affecting Copilot Chat in Microsoft Edge and has a CVSS score of 6.5. An injection flaw (CWE-74) allows unauthenticated remote attackers to disclose sensitive information over a network. User interaction is required for exploitation. Microsoft has proactively remediated this vulnerability within its cloud infrastructure without requiring any customer intervention. Table 22. Critical vulnerability in Copilot Chat (Microsoft Edge) Severity CVSS Score CVE Description Action Required? Critical 6.5 CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability No Critical Vulnerability in Microsoft Graph CVE-2026-47655 is a Critical information disclosure vulnerability affecting Microsoft Graph and has a CVSS score of 6.5. Microsoft Graph is the API platform that connects Microsoft 365 services and data; an information disclosure vulnerability here could expose sensitive organizational data across connected Microsoft cloud services. This exposure of sensitive information flaw (CWE-200) allows low-privileged remote attackers to disclose sensitive information over a network with no user interaction required. Microsoft has proactively remediated this vulnerability within its cloud infrastructure without requiring any customer intervention. Table 23. Critical vulnerability in Microsoft Graph Severity CVSS Score CVE Description Action Required? Critical 6.5 CVE-2026-47655 Microsoft Graph Information Disclosure Vulnerability No Patch Tuesday Dashboard in the Falcon Platform For a visual overview of the systems impacted by this month’s vulnerabilities, you can use our Patch Tuesday dashboard. This can be found in the CrowdStrike Falcon® platform within the Exposure Management > Vulnerability Management > Dashboards page. The preset dashboards show the most recent three months of Patch Tuesday vulnerabilities. New AI-Powered Capabilities in Falcon Exposure Management  With CrowdStrike Falcon® Exposure Management, you can automatically classify and prioritize assets, show attack paths targeting client-side exploitation of devices, and integrate with CrowdStrike Falcon® Next-Gen SIEM. Learn more in this blog post: Falcon Exposure Management’s AI-Powered Risk Prioritization Shows Organizations What to Fix First Not All Relevant Vulnerabilities Have Patches: Consider Mitigation Strategies As we have learned with other notable vulnerabilities, such as Log4j, not every highly exploitable vulnerability can be easily patched. As is the case for the ProxyNotShell vulnerabilities, it’s critically important to develop a response plan for how to defend your environments when no patching protocol exists.  Regular review of your patching strategy should still be a part of your program, but you should also look more holistically at your organization's methods for cybersecurity and improve your overall security posture. Learn More The CrowdStrike Falcon platform regularly collects and analyzes trillions of endpoint events every day from millions of sensors deployed across 176 countries. Watch this demo to see the Falcon platform in action. Learn more about how CrowdStrike Falcon® Exposure Management can help you quickly and easily discover and prioritize vulnerabilities and other types of exposures here. About CVSS Scores The Common Vulnerability Scoring System (CVSS) is a free and open industry standard that CrowdStrike and many other cybersecurity organizations use to assess and communicate software vulnerabilities’ severity and characteristics. The CVSS Base Score ranges from 0.0 to 10.0, and the National Vulnerability Database (NVD) adds a severity rating for CVSS scores. Learn more about vulnerability scoring in this article. Additional Resources For more information on which products are in Microsoft’s Extended Security Updates program, refer to the vendor guidance here. Learn how Falcon Exposure Management can help you discover and manage vulnerabilities and other exposures in your environments.  Make prioritization painless and efficient. Watch how Falcon Exposure Management enables IT staff to improve visibility with custom filters and team dashboards. Find out how CrowdStrike Falcon® Next-Gen Identity Security products can stop workforce identity threats faster. Test CrowdStrike next-gen antivirus for yourself with a free trial of CrowdStrike® Falcon Prevent™. Be part of Fal.Con 2026 and connect with 10,000+ cybersecurity professionals shaping the future of the industry. CrowdStrike 2026 Global Threat Report AI threats have reached a critical turning point. Access the definitive look at the cyber threat landscape. Download Related Content Exposure Management | May 12, 2026 May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs Exposure Management | Apr 14, 2026 April 2026 Patch Tuesday: Two Zero-Days and Eight Critical Vulnerabilities Among 164 CVEs Exposure Management | Apr 05, 2026 How CrowdStrike Is Accelerating Exposure Evaluation as Adversaries Gain Speed Categories Agentic SOC 52 Cloud & Application Security 144 Data Security 24 Endpoint Security & XDR 357 Engineering & Tech 87 Executive Viewpoint 180 Exposure Management 120 From The Front Lines 204 Next-Gen Identity Security 71 Next-Gen SIEM & Log Management 113 Public Sector 42 Securing AI 36 Threat Hunting & Intel 219 CrowdStrike Falcon Platform Ready to protect your business? Try CrowdStrike free today Start free trial Subscribe Sign up now to receive the latest notifications and updates from CrowdStrike Subscribe See CrowdStrike Falcon in action Explore demos Copyright © 2026 CrowdStrike Privacy Request Info Blog Contact Us 1.888.512.8906 Accessibility Privacy Preference Center Privacy Preference Center Your Privacy Strictly Necessary Cookies Performance Cookies Functional Cookies Targeting Cookies Your Privacy When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device, and is mostly used to make the site work as you expect. The information does not usually identify you directly, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to learn more and change our default settings. Blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Strictly Necessary Cookies Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They may be set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies may process limited personal information, such as technical or device identifiers, where necessary to ensure the security, functionality, and integrity of the website or web portal. Such processing is strictly limited to what is required for these purposes and is not used for advertising or marketing. Cookies Details Performance Cookies Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore does not identify you. If you do not allow these cookies, your visit to our website will not be included in our analytics, and our ability to monitor website performance and make improvements will be reduced. Cookies Details Functional Cookies Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details Targeting Cookies Targeting Cookies These cookies may be set on our site by our advertising partners. They assign a unique identifier to your browser or device and may track your activity across sites to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will still see ads, but they may be less relevant to you. Cookies Details Cookie List Consent Leg.Interest checkbox label label checkbox label label checkbox label label Clear checkbox label label Apply Cancel Confirm My Choices Allow All