“Next time you get an 'it's not really IT' request, don't just silently do it or bluntly refuse. Explain the line — make sure it works vs. use it for you. Clients respect the boundary once they understand it.”
Android Zero-Day CVE-2025-48595 Actively Exploited — Google Patches 124 Flaws in June 2026 Update
Google's June 2026 Android security update patches 124 vulnerabilities including actively exploited zero-day CVE-2025-48595, a high-severity (CVSS 8.4) integer overflow in the Android Framework enabling local privilege escalation with no user interaction required, affecting Android 14, 15, and 16. Google confirmed limited, targeted exploitation — a pattern associated with commercial spyware or nation-state actors. Workaround: enforce a minimum patch level of 2026-06-05 via MDM policy and restrict sensitive corporate apps to compliant devices.
Read more →Oracle WebLogic CVE-2024-21182 Added to CISA KEV — Federal Deadline Passed, Active Exploitation Ongoing
CISA added CVE-2024-21182 (CVSS 7.5) affecting Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 to its Known Exploited Vulnerabilities catalog on 1 June 2026; the federal remediation deadline was 4 June 2026. The flaw allows unauthenticated network access via T3/IIOP protocols and can result in full server compromise; its KEV addition nearly two years after patching indicates sustained exploitation of unpatched instances. Apply Oracle's July 2024 Critical Patch Update immediately and audit WebLogic inventory for unpatched versions.
Read more →June 2026 Patch Tuesday: Secure Boot Certificate Deadline 26 June — Emergency Conditions for Unpatched Orgs
Microsoft's June 2026 Patch Tuesday marks the final opportunity to deploy Secure Boot certificate updates before the absolute 26 June 2026 deadline; organisations that deferred May deployment now face emergency-condition patching with minimal testing time. Notable patches include CVE-2026-40361 (Outlook/Word Remote Code Execution) and CVE-2026-2673 (OpenSSL TLS 1.3). Run the PowerShell check for UEFICA2023Status on all devices immediately; any result other than 'updated' requires emergency remediation before 27 June.
Read more →Palo Alto PAN-OS CVE-2026-0257 (CVSS 9.1) — CISA KEV Deadline Passed, Active Exploitation Confirmed
CVE-2026-0257 is an authentication bypass in PAN-OS GlobalProtect portal and gateway that allows attackers to forge authentication override cookies and establish unauthorised VPN connections; Palo Alto raised severity from Medium to High after Rapid7 confirmed exploitation across multiple customer environments in two distinct attack waves. The CISA KEV remediation deadline passed on 1 June 2026, and organisations remain at confirmed, direct risk if unpatched. Apply the PAN-OS patch immediately and audit GlobalProtect gateway logs for sessions authenticated with override cookies, particularly from Vultr and Dromatics Systems IP ranges.
Read more →FortiOS Missing Authentication Vulnerability Patched — FortiOS 7.6.x and FortiSwitchManager Affected
Fortinet's PSIRT has published an advisory for a missing authentication for critical function vulnerability (CWE-306) in FortiOS 7.6.3 through 7.6.0 and 7.4.8, as well as FortiSwitchManager. The flaw could allow unauthorised access to critical management functions. Upgrade to a fixed FortiOS version per Fortinet's upgrade path tool; also review recent FortiAnalyzer Cloud and FortiManager Cloud heap-overflow advisories (FG-IR-26-series) disclosed in the same advisory batch.
Read more →SonicWall SMA1000 Series — High-Severity SQL Injection and VPN Credential Enumeration Flaws Patched
SonicWall released patches for four vulnerabilities in its SMA1000 series firewalls, including CVE-2026-4112, a high-severity SQL injection flaw that could let an attacker with read-only admin rights escalate to primary admin. Three additional issues allow remote enumeration of SSL VPN credentials or bypass of TOTP authentication. SonicWall reports no in-the-wild exploitation but urges immediate firmware updates; refer to psirt.sonicwall.com for affected versions and upgrade paths.
Read more →CompTIA 2026 MSP Benchmark: 68% of MSPs Have Adopted AI Automation — 27% Planning Full Integration Within 12 Months
CompTIA's 2026 MSP Benchmark Study finds that 68% of MSPs have adopted at least one AI automation tool, with 27% planning full integration within 12 months, reflecting a rapid shift in the market. PSA-embedded AI tools such as HaloPSA Copilot and Atera AI are cited as delivering the fastest ROI through ticket triage and billing automation, with MSPs reporting average ticket resolution time reductions of 35%. MSPs not yet using AI triage risk falling behind peers on margin and SLA metrics.
Read more →This is what you get — every weekday, free.
Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.