CSIRT Toscana

Aggiornamenti Mensili Microsoft (AL02/260716/CSIRT-ITA)

Data:
16 Luglio 2026

Impatto Sistemico

Critico (79.35)

Sintesi

Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 622 nuove vulnerabilità, di cui 2 di tipo 0-day.

Tipologia

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Security Feature Bypass
  • Spoofing
  • Tampering

Descrizione e potenziali impatti

Nel dettaglio le vulnerabilità sfruttate attivamente e/o per alcune delle quali risulta disponibile in rete anche un “proof of concept”, riguardano:

Active Directory Federation Services (AD FS): identificata tramite la CVE-2026-56155, di tipo “Elevation of Privilege” e con score CVSS v3.1 pari a 7.8. Questa vulnerabilità è dovuta a una definizione non adeguata dei permessi nel controllo degli accessi in Active Directory Federation Services (AD FS), che consente a un utente autorizzato di elevare i privilegi localmente. Un attaccante non autenticato potrebbe sfruttare tale vulnerabilità al fine di ottenere privilegi amministrativi sui sistemi interessati.

Microsoft Office SharePoint: identificata tramite la CVE-2026-56164, di tipo “Elevation of Privilege” e con score CVSS v3.1 pari a 5.3. Questa vulnerabilità è dovuta alla mancata autenticazione per funzioni critiche in Microsoft Office SharePoint, che consente a un utente non autorizzato di elevare i privilegi attraverso la rete. Un attaccante remoto potrebbe sfruttare tale vulnerabilità inviando richieste HTTP opportunamente predisposte al dispositivo interessato al fine di ottenere privilegi elevati sul sistema.

Windows BitLocker: identificata tramite la CVE-2026-50661, di tipo “Security Feature Bypass” e con score CVSS v3.1 pari a 6.1. Questa vulnerabilità deriva da un’anomalia presente nel meccanismo di protezione di Windows BitLocker, che consente a un utente non autorizzato di bypassare una funzionalità di sicurezza. Un attaccante con accesso fisico al dispositivo potrebbe sfruttare tale vulnerabilità al fine di eludere il dispositivo di cifratura BitLocker e accedere ai dati protetti.

Prodotti e/o versioni affette

  • .NET
  • .NET Core
  • .NET Framework
  • ASP.NET Core
  • Active Directory Certificate Services (AD CS)
  • Active Directory Domain Services
  • Active Directory Federation Services (AD FS)
  • Age of Empires II: Definitive Edition Game
  • Azure Active Directory
  • Azure CycleCloud
  • Azure Monitor Agent
  • Azure OpenAI
  • Azure Spring Apps
  • Azure Synapse
  • Code Integrity DLL (ci.dll)
  • Composite Image File System Driver
  • Content Delivery Manager
  • Desktop Window Manager
  • Extensible Storage Engine (ESENT)
  • GitHub Copilot and Visual Studio
  • GitHub Copilot and Visual Studio Code
  • Github Copilot
  • HTTP/2
  • M365 Copilot
  • Microsoft 365 Copilot for iOS
  • Microsoft Bing App for IOS
  • Microsoft Configuration Manager
  • Microsoft Copilot
  • Microsoft Defender
  • Microsoft Defender for Endpoint
  • Microsoft Dynamics NAV
  • Microsoft Edge (Chromium-based)
  • Microsoft Edge for Android
  • Microsoft Entra Provisioning Service (SyncFabric)
  • Microsoft Exchange Online
  • Microsoft Exchange Server
  • Microsoft Fabric Data Warehouse
  • Microsoft Graphics Component
  • Microsoft Input Method Editor (IME)
  • Microsoft Install Service
  • Microsoft NAT Helper Components (ipnathlp.dll)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office OneNote
  • Microsoft Office PowerPoint
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft Printer Drivers
  • Microsoft Surface
  • Microsoft Windows
  • Microsoft Windows App Store
  • Microsoft Windows Codecs Library
  • Microsoft Windows Media Foundation
  • Microsoft Windows Search Component
  • Microsoft Windows Speech
  • Microsoft XML
  • Microsoft XML Core Services
  • Minecraft Bedrock Dedicated Server
  • Outlook Copilot
  • Power BI
  • Quality Windows Audio/Video Experience (QWAVE) service
  • RPC Runtime
  • Reliable Multicast Transport Driver (RMCAST)
  • Remote Desktop Client
  • Role: DNS Server
  • SQL Server
  • SQL Server ODBC driver
  • Universal Plug and Play (upnp.dll)
  • Virtual Hard Disk (VHD) Miniport Driver
  • Visual Studio
  • Visual Studio Code
  • Window PC Manager
  • Windows Active Directory
  • Windows Admin Center
  • Windows Ancillary Function Driver for WinSock
  • Windows App Installer
  • Windows AppX Deployment Service
  • Windows Application Model
  • Windows Audio Compression Manager (ACM)
  • Windows Audio Service
  • Windows Backup Engine
  • Windows BitLocker
  • Windows Bluetooth Port Driver
  • Windows Bluetooth Service
  • Windows Boot Loader
  • Windows Brokering File System
  • Windows Client-Side Caching (CSC) Service
  • Windows Clip Service
  • Windows Clipboard Server
  • Windows Clipboard User Service
  • Windows Cloud Files Mini Filter Driver
  • Windows Common Log File System Driver
  • Windows Connected User Experiences and Telemetry
  • Windows Container Isolation FS Filter Driver (unionfs.sys)
  • Windows CryptoAPI
  • Windows Cryptographic Services
  • Windows DHCP Client
  • Windows DHCP Server
  • Windows DNS
  • Windows DWM
  • Windows DWM Core Library
  • Windows Data.dll
  • Windows Devices Human Interface
  • Windows DirectX
  • Windows Domain Controller
  • Windows Event Logging Service
  • Windows FTP Service
  • Windows File Explorer
  • Windows File History Service
  • Windows Filtering Platform (WFP)
  • Windows GDI
  • Windows GDI+
  • Windows Graphics Kernel
  • Windows Group Policy
  • Windows HTTP.sys
  • Windows Hyper-V
  • Windows Image Acquisition
  • Windows Installer
  • Windows Internal System User Profile
  • Windows Internal Task Bar
  • Windows Internet Key Exchange (IKE) Protocol
  • Windows Kernel
  • Windows Kernel Mode Driver
  • Windows Kernel-Mode Drivers
  • Windows Key Guard
  • Windows LUAFV
  • Windows Local Security Authority Subsystem Service (LSASS)
  • Windows MIDI Service Module
  • Windows Management Services
  • Windows Media
  • Windows Message Queuing
  • Windows Message Queuing Queue Manager
  • Windows NTFS
  • Windows Narrator Braille
  • Windows Netlogon
  • Windows Network Address Translation (NAT)
  • Windows Network File System
  • Windows Network Policy Server SNMP
  • Windows Notification
  • Windows OLE
  • Windows Operating Systems
  • Windows Overlay Filter
  • Windows PowerShell
  • Windows Print Spooler Components
  • Windows Projected File System
  • Windows Push Notifications
  • Windows Quality of Service (QoS) Packet Scheduler
  • Windows RDP
  • Windows RPC API
  • Windows Redirected Drive Buffering
  • Windows Remote Access Connection Manager
  • Windows Remote Access Service Infrastructure
  • Windows Remote Desktop Protocol
  • Windows Remote Desktop Services
  • Windows Remote Help Defense
  • Windows Resilient File System (ReFS)
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Runtime
  • Windows SMB
  • Windows SMB Server
  • Windows SMB Server Network Transport Driver (srvnet.sys)
  • Windows Schannel
  • Windows Secure Boot
  • Windows Secure Kernel Mode
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows Sensor Data Service
  • Windows Server
  • Windows Server Backup
  • Windows Server Network driver
  • Windows Server Update Service
  • Windows Spaceport.sys
  • Windows StateRepository API
  • Windows Storage
  • Windows Storage Spaces Direct
  • Windows Subsystem for Linux
  • Windows System
  • Windows TCP/IP
  • Windows Telephony Service
  • Windows Terminal
  • Windows Trusted Runtime Interface Driver
  • Windows USB Audio Class driver (usbaudio.sys)
  • Windows USB Driver
  • Windows USB Hub Driver
  • Windows USB Print Driver
  • Windows USB Video Driver
  • Windows Unified Consent System
  • Windows Universal Disk Format File System Driver (UDFS)
  • Windows User Interface Core
  • Windows VMSwitch
  • Windows Virtual Filtering Platform (VFP)
  • Windows WalletService
  • Windows Web Proxy Auto-Discovery Protocol (WPAD)
  • Windows WebView
  • Windows Win32K
  • Windows Win32K – GRFX
  • Windows Wireless Networking
  • Windows Wireless Wide Area Network Service

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si raccomanda di procedere all’aggiornamento dei prodotti impattati attraverso l’apposita funzione di Windows Update.

Riferimenti

CVE

CVE-ID
CVE-2026-56155 CVE-2026-56164 CVE-2026-54982 CVE-2026-50661
CVE-2026-55019 CVE-2026-58528 CVE-2026-58529 CVE-2026-55134
CVE-2026-58524 CVE-2026-55014 CVE-2026-55135 CVE-2026-58525
CVE-2026-55011 CVE-2026-58526 CVE-2026-58647 CVE-2026-55132
CVE-2026-55012 CVE-2026-55133 CVE-2026-58527 CVE-2026-55017
CVE-2026-55138 CVE-2026-55018 CVE-2026-55139 CVE-2026-55136
CVE-2026-58522 CVE-2026-55016 CVE-2026-55137 CVE-2026-58644
CVE-2026-58523 CVE-2026-58530 CVE-2026-49807 CVE-2026-55020
CVE-2026-55141 CVE-2026-49808 CVE-2026-55021 CVE-2026-55142
CVE-2026-49805 CVE-2026-49806 CVE-2026-55140 CVE-2026-41087
CVE-2026-49803 CVE-2026-49804 CVE-2026-49801 CVE-2026-49802
CVE-2026-49800 CVE-2026-55129 CVE-2026-55008 CVE-2026-55009
CVE-2026-58638 CVE-2026-34328 CVE-2026-55002 CVE-2026-55123
CVE-2026-58634 CVE-2026-55003 CVE-2026-58635 CVE-2026-55124
CVE-2026-55000 CVE-2026-58636 CVE-2026-55121 CVE-2026-55001
CVE-2026-55122 CVE-2026-58637 CVE-2026-55006 CVE-2026-55127
CVE-2026-58631 CVE-2026-55128 CVE-2026-55004 CVE-2026-55125
CVE-2026-58632 CVE-2026-55005 CVE-2026-55126 CVE-2026-58633
CVE-2026-58640 CVE-2026-55130 CVE-2026-55010 CVE-2026-55131
CVE-2026-47632 CVE-2026-55035 CVE-2026-58546 CVE-2026-55036
CVE-2026-58547 CVE-2026-55033 CVE-2026-55034 CVE-2026-55039
CVE-2026-58300 CVE-2026-58542 CVE-2026-58543 CVE-2026-55037
CVE-2026-58544 CVE-2026-55038 CVE-2026-58545 CVE-2026-57100
CVE-2026-55042 CVE-2026-55043 CVE-2026-55040 CVE-2026-55041
CVE-2026-47642 CVE-2026-58539 CVE-2026-55024 CVE-2026-34348
CVE-2026-55145 CVE-2026-58535 CVE-2026-34349 CVE-2026-55025
CVE-2026-58536 CVE-2026-34346 CVE-2026-55022 CVE-2026-58537
CVE-2026-55144 CVE-2026-55023 CVE-2026-58538 CVE-2026-58531
CVE-2026-55028 CVE-2026-55029 CVE-2026-58532 CVE-2026-55026
CVE-2026-58533 CVE-2026-55027 CVE-2026-58534 CVE-2026-58540
CVE-2026-58541 CVE-2026-55031 CVE-2026-55032 CVE-2026-55030
CVE-2026-58609 CVE-2026-54128 CVE-2026-54129 CVE-2026-58608
CVE-2026-54122 CVE-2026-58601 CVE-2026-58602 CVE-2026-57993
CVE-2026-57992 CVE-2026-54121 CVE-2026-54126 CVE-2026-54127
CVE-2026-54124 CVE-2026-54125 CVE-2026-45646 CVE-2026-54119
CVE-2026-54117 CVE-2026-54118 CVE-2026-54111 CVE-2026-57984
CVE-2026-54112 CVE-2026-57983 CVE-2026-57982 CVE-2026-57981
CVE-2026-56650 CVE-2026-57988 CVE-2026-54115 CVE-2026-57987
CVE-2026-54116 CVE-2026-57986 CVE-2026-54114 CVE-2026-57985
CVE-2026-57991 CVE-2026-58627 CVE-2026-58628 CVE-2026-58629
CVE-2026-58626 CVE-2026-55120 CVE-2026-58617 CVE-2026-58618
CVE-2026-58619 CVE-2026-58613 CVE-2026-58614 CVE-2026-54131
CVE-2026-54132 CVE-2026-58610 CVE-2026-55899 CVE-2026-55898
CVE-2026-54108 CVE-2026-54109 CVE-2026-56649 CVE-2026-57979
CVE-2026-56648 CVE-2026-54107 CVE-2026-56647 CVE-2026-56642
CVE-2026-57973 CVE-2026-56646 CVE-2026-57977 CVE-2026-57976
CVE-2026-56645 CVE-2026-56644 CVE-2026-57975 CVE-2026-56643
CVE-2026-57974 CVE-2026-57969 CVE-2026-57968 CVE-2026-49177
CVE-2026-49178 CVE-2026-49175 CVE-2026-49176 CVE-2026-49173
CVE-2026-49174 CVE-2026-49171 CVE-2026-49172 CVE-2026-49170
CVE-2026-54999 CVE-2026-50399 CVE-2026-54997 CVE-2026-54998
CVE-2026-49184 CVE-2026-54991 CVE-2026-50391 CVE-2026-54992
CVE-2026-49183 CVE-2026-50392 CVE-2026-49180 CVE-2026-50393
CVE-2026-54990 CVE-2026-49181 CVE-2026-50394 CVE-2026-54995
CVE-2026-54996 CVE-2026-50396 CVE-2026-54993 CVE-2026-50397
CVE-2026-50398 CVE-2026-33842 CVE-2026-41106 CVE-2026-40378
CVE-2026-41109 CVE-2026-50293 CVE-2026-50294 CVE-2026-50295
CVE-2026-50296 CVE-2026-50297 CVE-2026-50298 CVE-2026-50299
CVE-2026-50366 CVE-2026-50487 CVE-2026-50367 CVE-2026-50488
CVE-2026-50368 CVE-2026-50489 CVE-2026-50369 CVE-2026-50480
CVE-2026-50360 CVE-2026-50361 CVE-2026-50482 CVE-2026-50362
CVE-2026-50483 CVE-2026-50363 CVE-2026-50484 CVE-2026-50364
CVE-2026-50485 CVE-2026-50365 CVE-2026-50486 CVE-2026-42975
CVE-2026-26145 CVE-2026-50355 CVE-2026-50476 CVE-2026-50356
CVE-2026-50477 CVE-2026-50357 CVE-2026-50478 CVE-2026-50358
CVE-2026-50479 CVE-2026-50359 CVE-2026-50470 CVE-2026-50350
CVE-2026-50471 CVE-2026-50351 CVE-2026-50352 CVE-2026-50473
CVE-2026-50353 CVE-2026-50474 CVE-2026-50354 CVE-2026-50475
CVE-2026-44806 CVE-2026-44800 CVE-2026-42982 CVE-2026-54988
CVE-2026-50388 CVE-2026-54989 CVE-2026-50389 CVE-2026-54986
CVE-2026-54987 CVE-2026-50380 CVE-2026-50381 CVE-2026-50382
CVE-2026-50383 CVE-2026-50384 CVE-2026-50385 CVE-2026-50386
CVE-2026-54983 CVE-2026-50387 CVE-2026-50390 CVE-2026-42990
CVE-2026-49168 CVE-2026-50377 CVE-2026-50498 CVE-2026-49169
CVE-2026-49164 CVE-2026-55945 CVE-2026-50378 CVE-2026-50499
CVE-2026-49165 CVE-2026-49166 CVE-2026-50379 CVE-2026-55944
CVE-2026-55949 CVE-2026-49167 CVE-2026-49162 CVE-2026-55948
CVE-2026-58298 CVE-2026-55947 CVE-2026-50490 CVE-2026-50370
CVE-2026-50491 CVE-2026-50371 CVE-2026-50492 CVE-2026-50372
CVE-2026-50493 CVE-2026-50373 CVE-2026-50494 CVE-2026-50374
CVE-2026-50495 CVE-2026-50375 CVE-2026-50496 CVE-2026-58299
CVE-2026-50376 CVE-2026-50497 CVE-2026-50322 CVE-2026-57089
CVE-2026-58292 CVE-2026-57088 CVE-2026-50685 CVE-2026-50323
CVE-2026-50444 CVE-2026-58293 CVE-2026-50686 CVE-2026-50324
CVE-2026-50445 CVE-2026-50687 CVE-2026-57087 CVE-2026-50325
CVE-2026-50688 CVE-2026-58294 CVE-2026-50326 CVE-2026-58295
CVE-2026-50447 CVE-2026-50689 CVE-2026-58290 CVE-2026-50327
CVE-2026-58291 CVE-2026-50311 CVE-2026-50448 CVE-2026-50432
CVE-2026-50328 CVE-2026-50449 CVE-2026-50674 CVE-2026-50329
CVE-2026-50680 CVE-2026-50675 CVE-2026-50681 CVE-2026-50312
CVE-2026-58289 CVE-2026-50433 CVE-2026-50313 CVE-2026-50440
CVE-2026-50682 CVE-2026-50441 CVE-2026-50434 CVE-2026-50683
CVE-2026-50321 CVE-2026-50676 CVE-2026-50435 CVE-2026-50442
CVE-2026-50677 CVE-2026-50684 CVE-2026-50314 CVE-2026-57085
CVE-2026-58296 CVE-2026-57084 CVE-2026-58297 CVE-2026-47282
CVE-2026-57083 CVE-2026-50678 CVE-2026-50315 CVE-2026-50436
CVE-2026-50316 CVE-2026-50469 CVE-2026-50437 CVE-2026-50679
CVE-2026-50317 CVE-2026-47295 CVE-2026-50438 CVE-2026-50318
CVE-2026-50460 CVE-2026-50439 CVE-2026-47290 CVE-2026-50340
CVE-2026-50461 CVE-2026-50341 CVE-2026-58278 CVE-2026-50462
CVE-2026-50670 CVE-2026-50342 CVE-2026-58279 CVE-2026-50463
CVE-2026-50343 CVE-2026-50696 CVE-2026-50333 CVE-2026-50430
CVE-2026-50454 CVE-2026-50697 CVE-2026-50672 CVE-2026-50310
CVE-2026-50334 CVE-2026-50431 CVE-2026-50455 CVE-2026-50673
CVE-2026-50335 CVE-2026-50456 CVE-2026-58285 CVE-2026-58286
CVE-2026-40400 CVE-2026-50336 CVE-2026-50457 CVE-2026-50337
CVE-2026-50458 CVE-2026-50338 CVE-2026-50459 CVE-2026-58287
CVE-2026-50339 CVE-2026-58288 CVE-2026-50690 CVE-2026-58281
CVE-2026-50450 CVE-2026-50692 CVE-2026-58282 CVE-2026-50330
CVE-2026-58283 CVE-2026-50451 CVE-2026-50694 CVE-2026-58284
CVE-2026-50331 CVE-2026-50452 CVE-2026-50344 CVE-2026-50695
CVE-2026-50332 CVE-2026-50465 CVE-2026-50453 CVE-2026-47296
CVE-2026-57096 CVE-2026-50345 CVE-2026-57095 CVE-2026-50466
CVE-2026-50346 CVE-2026-50467 CVE-2026-50347 CVE-2026-50468
CVE-2026-40422 CVE-2026-50348 CVE-2026-57094 CVE-2026-57093
CVE-2026-50406 CVE-2026-57097 CVE-2026-57092 CVE-2026-57091
CVE-2026-57090 CVE-2026-50520 CVE-2026-48564 CVE-2026-50400
CVE-2026-48561 CVE-2026-50527 CVE-2026-50522 CVE-2026-50401
CVE-2026-50402 CVE-2026-50524 CVE-2026-50648 CVE-2026-56189
CVE-2026-50403 CVE-2026-50404 CVE-2026-56188 CVE-2026-50525
CVE-2026-50646 CVE-2026-56194 CVE-2026-50405 CVE-2026-50526
CVE-2026-56193 CVE-2026-50647 CVE-2026-56192 CVE-2026-56197
CVE-2026-56196 CVE-2026-50427 CVE-2026-50669 CVE-2026-56195
CVE-2026-49790 CVE-2026-50307 CVE-2026-50407 CVE-2026-50428
CVE-2026-50528 CVE-2026-48580 CVE-2026-50649 CVE-2026-50420
CVE-2026-58276 CVE-2026-50408 CVE-2026-58277 CVE-2026-50308
CVE-2026-50409 CVE-2026-50429 CVE-2026-50309 CVE-2026-56190
CVE-2026-49788 CVE-2026-49784 CVE-2026-49789 CVE-2026-49787
CVE-2026-50510 CVE-2026-50652 CVE-2026-50410 CVE-2026-48572
CVE-2026-50653 CVE-2026-49783 CVE-2026-50411 CVE-2026-50412
CVE-2026-48571 CVE-2026-50413 CVE-2026-50655 CVE-2026-50414
CVE-2026-56178 CVE-2026-58597 CVE-2026-50415 CVE-2026-42900
CVE-2026-50657 CVE-2026-56183 CVE-2026-50416 CVE-2026-50658
CVE-2026-56182 CVE-2026-50417 CVE-2026-50659 CVE-2026-56181
CVE-2026-50650 CVE-2026-50651 CVE-2026-50418 CVE-2026-50419
CVE-2026-49799 CVE-2026-49797 CVE-2026-56187 CVE-2026-56186
CVE-2026-49798 CVE-2026-55057 CVE-2026-56185 CVE-2026-55058
CVE-2026-56184 CVE-2026-55055 CVE-2026-55056 CVE-2026-50518
CVE-2026-50663 CVE-2026-49795 CVE-2026-45489 CVE-2026-50300
CVE-2026-50421 CVE-2026-47305 CVE-2026-47304 CVE-2026-47301
CVE-2026-47300 CVE-2026-49796 CVE-2026-47303 CVE-2026-45488
CVE-2026-47302 CVE-2026-50422 CVE-2026-55046 CVE-2026-55047
CVE-2026-50301 CVE-2026-55044 CVE-2026-49793 CVE-2026-50302
CVE-2026-57102 CVE-2026-55045 CVE-2026-50423 CVE-2026-57101
CVE-2026-50665 CVE-2026-49794 CVE-2026-57108 CVE-2026-57107
CVE-2026-55048 CVE-2026-55049 CVE-2026-55050 CVE-2026-50303
CVE-2026-55053 CVE-2026-55054 CVE-2026-50424 CVE-2026-55051
CVE-2026-50666 CVE-2026-48581 CVE-2026-55052 CVE-2026-45496
CVE-2026-49791 CVE-2026-45499 CVE-2026-50500 CVE-2026-50304
CVE-2026-50501 CVE-2026-50425 CVE-2026-50667 CVE-2026-50502
CVE-2026-49792 CVE-2026-50503 CVE-2026-50504 CVE-2026-50505
CVE-2026-50305 CVE-2026-56169 CVE-2026-56168 CVE-2026-50426
CVE-2026-50668 CVE-2026-58594 CVE-2026-50306 CVE-2026-56170
CVE-2026-58595 CVE-2026-58596 CVE-2026-56176 CVE-2026-56175
CVE-2026-56173 CVE-2026-50506 CVE-2026-50509 CVE-2026-56157
CVE-2026-56156 CVE-2026-56159

Change log

Versione Note Data
1.0 Pubblicato il 16-07-2026 16/07/2026

Il presente articolo è un prodotto originale di csirt.gov.it, riproposto qui a solo scopo di aumentarne la visibilità. Può essere visualizzato in versione originale al seguente link

Ultimo aggiornamento

16 Luglio 2026, 10:26