June 2026 SECURITY PATCH ROUNDUP – Windows, iOS, macOS, Android, Linux

Leave a Comment / Patch Management / By
Patch Management Series logo featuring a metallic shield with two interlocking gears and a digital circuit background.

June’s Patch Tuesday delivers a heavy month across all major platforms, with critical kernel vulnerabilities, remote code execution risks, and multiple privilege‑escalation vectors affecting Windows, Apple, Android, and Ubuntu systems. This month’s updates include several container‑escape paths, Secure Boot certificate changes, and high‑impact vendor component fixes across mobile ecosystems.

Below is the full breakdown for June 2026.

Windows Updates – June 2026

Windows Server 2025

KB5094125 – OS Build 26100.32995 Release date: 9 June 2026

Key improvements

  • Secure Boot certificate updates
    Expanded targeting for devices eligible to receive new Secure Boot certificates. New Group Policy/MDM setting: LimitSecureBootRequiredServiceData.
  • BitLocker Recovery fix
    Addresses devices entering BitLocker Recovery due to invalid PCR7 configurations after April updates.
  • File Explorer improvements
    Better search reliability, improved UTF‑8 handling, clearer text rendering.
  • DNS over HTTPS (DoH)
    Windows Server 2025 DNS Server now supports encrypted DNS communication with clients.
  • Reliability improvements
    Better resource handling during user profile load.
  • WUSA installation fix
    Resolves ERROR_BAD_PATHNAME when installing .msu files from network shares.
  • Folder customization hardening
    Changes to desktop.ini processing may cause missing custom icons or localized folder names.

Servicing Stack Update

KB5094137 – OS Build 26100.32985

Windows 11 (26H1)

KB5095051 – OS Build 28000.2269 Release date: 9 June 2026

Key improvements

  • BitLocker reliability
    Ensures required files are available during USB BIOS logo testing.
  • Folder customization hardening
    Same desktop.ini security change as Server 2025.
  • AI component updates
    Image Search, Content Extraction, Semantic Analysis, and Settings Model updated to 1.2604.515.0.

Servicing Stack Update

KB5101277 – OS Build 28000.2263

Known issues

None reported.

Apple Security Updates – June 2026

iOS 26.5.1

Release date: 1 June 2026 Devices: iPhone 17 (all models), iPhone Air Security notes:

  • No published CVE entries.
  • Stability and maintenance release.

macOS Tahoe 26.5.1

Release date: 1 June 2026 Security notes:

  • No published CVE entries.
  • Maintenance update with no documented security vulnerabilities.

Android Security Bulletin – June 2026

Google’s June bulletin is extensive, covering Framework, System, Kernel, and multiple vendor components. The most severe issues include remote escalation of privilege and critical DoS vulnerabilities requiring no user interaction.

2026‑06‑01 Patch Level

Framework

Most severe: Remote EoP with no user interaction (CVE‑2025‑65018).

Critical

  • CVE‑2025‑65018 – Remote EoP
  • CVE‑2025‑64720 – Remote DoS

High – EoP Large set affecting Android 14–16 and QPR2, including CVE‑2025‑22424, CVE‑2025‑48595, CVE‑2026‑0048, CVE‑2026‑0076, CVE‑2026‑0100, and others.

High – Information Disclosure CVE‑2026‑0016, CVE‑2026‑0036, CVE‑2026‑0056, CVE‑2026‑28586

High – DoS CVE‑2025‑32348, CVE‑2026‑0018, CVE‑2026‑0069, CVE‑2026‑0070, CVE‑2026‑28578

System

Most severe: Local EoP with no user interaction.

Critical – EoP CVE‑2026‑0043, CVE‑2026‑0097, CVE‑2026‑21352, CVE‑2026‑21353

Critical – DoS Multiple issues including CVE‑2025‑64505, CVE‑2026‑0039, CVE‑2026‑0040, CVE‑2026‑0051

High – RCE

  • CVE‑2026‑0059

High – EoP / ID / DoS Broad set across Android 14–16 and QPR2.

Project Mainline

  • MediaProvider – CVE‑2026‑0009
  • DocumentsUI – CVE‑2026‑0098

2026‑06‑05 Patch Level

Kernel

  • CVE‑2025‑40214 – High severity EoP (Net subsystem)

Vendor Components

Imagination Technologies (PowerVR GPU)

High severity GPU vulnerabilities: CVE‑2026‑21736, CVE‑2026‑22163, CVE‑2026‑22167

MediaTek

High severity issues across Modem, Geniezone, Preloader: CVE‑2026‑20432 through CVE‑2026‑20455

Unisoc

High severity Modem vulnerabilities: CVE‑2025‑71251 through CVE‑2026‑21547

Qualcomm

High severity Display vulnerabilities: CVE‑2026‑24085, CVE‑2026‑24089

Qualcomm Closed‑Source Components

Critical: CVE‑2025‑47392, CVE‑2026‑25276, CVE‑2026‑25277 High: Multiple issues across closed‑source drivers

Ubuntu Security Notices – June 2026

USN‑8426‑1 – Linux Kernel (Azure)

Major kernel vulnerabilities including:

  • Copy Fail (CVE‑2026‑31431) – Privilege escalation / container escape
  • Dirty Frag (CVE‑2026‑43284, CVE‑2026‑43500) – Fragment handling flaws
  • Fragnesia (CVE‑2026‑43503, CVE‑2026‑46300) – XFRM fragment logic flaw
  • ptrace race condition (CVE‑2026‑46333) – Information disclosure

Additional fixes across: Netfilter, io_uring, SMB, RDS, TLS, packet sockets.

USN‑8423‑1 – lwIP

Affects Ubuntu 20.04 LTS. Buffer overflows and SNMPv3 validation flaws leading to RCE, DoS, or information disclosure.

USN‑8424‑1 – Ubuntu Kylin Software Center

Local privilege escalation via D‑Bus input handling.

USN‑8422‑1 – Mistral

Improper access policy enforcement enabling code execution and credential exposure.

USN‑8421‑1 – Ironic

Path traversal, kernel command line injection, and unauthorized file access.

USN‑8420‑1 – .NET

Unauthorized file writes and DoS via MessagePack handling.

USN‑8419‑1 – HTTP‑Daemon

Remote command execution and file manipulation.

USN‑6455‑2 – Exim Regression Fix

Addresses regression introduced in prior Exim security update.

USN‑8130‑3 – GStreamer Base Plugins

AVI parsing flaw enabling DoS or possible RCE.

USN‑8418‑1 – Crypt‑SaltedHash

Weak PRNG used for salt generation.

Recommended Actions

For Individuals

  • Apply Windows 11 and iOS/macOS updates immediately
  • Update Android devices to 2026‑06‑05 patch level
  • Install Ubuntu kernel updates, especially on Azure systems

For Businesses

  • Prioritise kernel updates across Windows Server 2025 and Ubuntu
  • Patch Android fleets via MDM to enforce June patch compliance
  • Review cloud workloads using Mistral, Ironic, .NET, and HTTP‑Daemon

For Admins

  • Validate Secure Boot certificate rollout on Windows
  • Patch DNS servers to enable DoH
  • Review Ubuntu kernel variants (generic, HWE, Azure, GCP)
  • Monitor vendor‑specific Android risks (Qualcomm, MediaTek, Unisoc)

Closing Thoughts

June 2026 is a high‑impact month, especially for kernel‑level vulnerabilities across Windows, Android, and Ubuntu. Container escape vectors, remote EoP flaws, and vendor component issues make this a month where patching should be prioritised across all environments.

Explore the full Patch Management Series

Explore The Patch Management Series

MAY 2026 SECURITY PATCH ROUNDUP – Windows, iOS, macOS, Android, Linux

APRIL 2026 SECURITY PATCH ROUNDUP – Windows, iOS, macOS, Android, Linux

New Patch Roundup published every Patch Tuesday.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe
Subscribe