“Email your entire client list TODAY asking which systems run ColdFusion, which rely on Kerberos RC4 auth, and which haven't patched Defender — prioritize responses by business criticality and start remediation tomorrow.”
July 14 Kerberos RC4 Hardening Enforcement Deadline — Authentication Failures Risk for Unprepared Orgs
The July 14, 2026 Kerberos RC4 hardening enforcement deadline is described as non-negotiable and will impact all domain-joined systems. Organisations that have not completed remediation will experience authentication failures and potentially significant business disruption on or after Patch Tuesday. MSPs should audit any remaining RC4-dependent configurations and apply relevant June/July updates before the deadline.
Read more →Microsoft Defender Elevation-of-Privilege CVE-2026-41091 Exploited in the Wild
CVE-2026-41091, an actively exploited Elevation of Privilege flaw in Microsoft Defender, allows an attacker to gain SYSTEM privileges and was included in the June 2026 Patch Tuesday. Microsoft has already pushed a remediated Malware Protection Engine (version 1.1.26040.8 or later) via automatic Defender updates. Verify the engine version under Settings → Privacy & Security → Windows Security → About to confirm protection.
Read more →Microsoft 365 Suffers Fifth Major Outage in Six Months — Email, Teams & Copilot Down 9+ Hours
Microsoft 365 has experienced its fifth significant cloud outage in six months, with the latest incident knocking email, Teams, and Copilot offline for more than nine hours. The pattern is attributed to Azure absorbing unprecedented AI workloads, with Microsoft having publicly committed tens of billions of dollars to AI infrastructure expansion in 2026. MSPs should ensure clients have an independent communication channel and a written outage playbook as a workaround during M365 unavailability.
Read more →Adobe ColdFusion CVE-2026-48282 (CVSS 10.0) Exploited Within Hours of Disclosure
A path traversal vulnerability in Adobe ColdFusion tracked as CVE-2026-48282 came under active exploitation within hours of its public disclosure, with an attacker attempting to read sensitive Windows system files. Adobe has patched the issue in ColdFusion 2023 Update 21 and ColdFusion 2025 Update 10, and CISA has added it to the KEV catalog. Any internet-facing ColdFusion instance should be updated immediately; Adobe-hosted Campaign instances require no action.
Read more →SonicWall SMA1000 SQL Injection CVE-2026-4112 Patched — Privilege Escalation to Primary Admin
SonicWall has patched four vulnerabilities in SMA1000 series firewalls including a high-severity SQL injection flaw (CVE-2026-4112) that allows an attacker with read-only admin credentials to escalate to primary administrator rights. Three additional issues enable SSL VPN credential enumeration and TOTP authentication bypass. SonicWall says no in-the-wild exploitation has been confirmed but urges immediate patching of all SMA1000 appliances.
Read more →Fortinet Leads 2026 Firewall Vendors in Unauthenticated CVE Count — Eight Flaws Including Active Exploits
A mid-year analysis of vendor advisories and CISA KEV entries through June 2026 shows Fortinet has disclosed the most unauthenticated vulnerabilities of any firewall vendor, with eight across its portfolio and several under active exploitation including a notable 27-CVE April release. Palo Alto Networks had the most dangerous exploited flaws in the firewall OS itself, while Cisco demonstrated that a patched firewall is not necessarily a clean one. MSPs should track FortiGuard PSIRT and the CISA KEV catalog and treat any 'unauthenticated + internet-facing' advisory as a same-week emergency.
Read more →AI Hallucinations Are Breaking MSP Helpdesk Escalations — New Analysis (Published 7 July 2026)
A 7 July 2026 feature from ChannelPro/ITPro finds that AI-driven ticket routing tools trained on historical data rather than live endpoint state are generating incorrect diagnoses at escalation, with technicians identifying AI hallucinations in support recommendations as a systemic problem. L1 teams spend excessive time re-gathering context because RMM, PSA, and monitoring tools do not share a unified real-time endpoint record. The recommended fix is creating a single shared endpoint health record accessible across L1–L3 tiers before bolting on additional AI layers.
Read more →CISA KEV July 2026 Week 1: One New Actively Exploited CVE Added — SharePoint Visibility Gap a Cautionary Tale
CISA added one new KEV entry in the first week of July 2026 (CVE-2026-45659, SharePoint RCE), with the incident highlighting a broader process risk: Microsoft inadvertently omitted the CVE from its initial May Patch Tuesday release logs, leaving defenders unaware for days. The delayed advisory enabled a longer window for exploit development and is now associated with Storm-2603/Warlock ransomware. Australian MSPs should ensure their patch validation process cross-references CISA KEV additions, not just MSRC release notes.
Read more →Inaugural CRN Channel Awards Australia 2026 Shortlist Announced — MSP and MSSP Categories Expanded
CRN Australia has announced the shortlist for the inaugural CRN Channel Awards Australia 2026, co-presented with the GTIA ANZ Spotlight Awards, spanning 29 categories across managed services, cybersecurity, cloud, AI, and channel leadership. Due to record application volumes, the MSP of the Year and Service Provider of the Year categories have been split by headcount to better represent the market. The awards night is scheduled for 17 September 2026 at the Hyatt Regency Sydney.
Read more →Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.