A critical vulnerability (CVE-2025-32975, CVSS 10.0) in Quest KACE Systems Management Appliance allows for remote exploitation. Affected versions are Quest KACE SMA 13.0 to 13.0.384, 13.1 to 13.1.80, 13.2 to 13.2.182, 14.0 to 14.0.340, and 14.1 to 14.1.100. The fix requires upgrading to versions 13.0.385, 13.1.81, 13.2.183, 14.0.341, or 14.1.101 respectively.
Patch/Configuration Management Microsoft addresses BitLocker recovery issue in Windows 11 May 14, 2026 Share By SC Staff (Adobe Stock) Per Bleeping Computer, Microsoft has acknowledged a problem affecting some Windows 11 systems that caused them to enter BitLocker recovery mode after installing the April 2026 security updates. BitLocker is a Windows feature designed to encrypt storage drives for data protection, and it can trigger recovery mode after hardware changes or TPM updates. The issue, acknowledged on April 14, impacts Windows 10, Windows 11, and Windows Server devices configured with an "unrecommended" BitLocker Group Policy. Microsoft stated that affected devices would prompt users for their BitLocker recovery key upon the first restart post-update. While client platforms like Windows 10 and 11 are affected, Microsoft indicated that personal devices are unlikely to encounter this problem, as the problematic configurations are typically found on enterprise systems managed by IT departments. A fix has been released for Windows 11 25H2 via the KB5089549 cumulative update. However, Windows 10 and Windows Server users will need to wait for future updates. Administrators are advised to remove the "Configure TPM platform validation profile for native UEFI firmware configurations" Group Policy before deploying the April 2026 updates and ensure BitLocker bindings use the PCR7 profile to mitigate the issue. Source: Bleeping Computer SC Staff Related Patch/Configuration Management Critical Quest KACE SMA flaw exploited after 10 months SC Staff May 14, 2026 The critical vulnerability CVE-2025-32975 in Quest KACE Systems Management Appliance (SMA) was actively exploited by attackers who had not patched the system for 10 months after a fix was released in May 2025. Patch/Configuration Management Microsoft fixes Windows Autopatch bug affecting EU devices SC Staff May 14, 2026 The bug affected a limited number of Windows 11 devices (versions 25H2, 24H2, and 23H2) within the EU region. Vulnerability Management Patch Tuesday: No zero days among 137 Microsoft CVEs, 4 Word RCEs Laura French May 12, 2026 The May 2026 Microsoft security update included no zero days for the first time since June 2024. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds