// DAILY INTELLIGENCE FEED · MSP & HELPDESK
ARCHIVEBLOGSUBSCRIBE FREE →
← back to archive
// ARCHIVED ISSUE

Thursday, July 9, 2026

2 CRITICAL1 WARNING6 storiesin𝕏
// FROM THE FLOOR
RISK_LEVEL: 🔴 HIGH

Inventory every on-premises Exchange Server in your entire estate today and begin immediate patching for CVE-2026-42897 — don't wait for change windows, treat it as emergency maintenance.

// full analysis + daily context delivered to subscribers → subscribe free
🔐 SECURITY2 items
CRITICAL🔐 Security

Microsoft Exchange Server CVE-2026-42897 Spoofing Flaw on CISA KEV — Only Actively Exploited Issue in June Patch Cycle

CVE-2026-42897, a CVSS 8.1 Exchange Server spoofing vulnerability, is confirmed as actively exploited and listed on the CISA KEV catalog — making it the sole actively exploited issue in the June 2026 Patch Tuesday cycle. MSPs managing on-premises Exchange must patch this before any other June update. No vendor-supplied workaround; apply the June 2026 Exchange CU immediately.

Read more →
CRITICAL🔐 Security

Microsoft Edge CVE-2026-11645: Chromium Zero-Day with In-the-Wild Exploit Fixed in Edge 149

Microsoft released Edge Stable Channel 149.0.4022.62 containing a fix for CVE-2026-11645, a Chromium vulnerability confirmed by the Chromium team to have an active in-the-wild exploit. MSPs managing browser fleets should push the Edge update immediately via Intune or group policy. No workaround exists — patching to 149.0.4022.62 or later is the only remediation.

Read more →
🔥 NETWORKING1 item
WARNING🔥 Networking

SonicWall SMA1000 SQL Injection CVE-2026-4112 and Three Additional Flaws Patched

SonicWall released patches for four vulnerabilities in SMA1000 series firewalls, led by CVE-2026-4112 — a high-severity SQL injection bug allowing read-only admins to escalate to primary admin rights. Three further issues enable SSL VPN credential enumeration and TOTP authentication bypass. SonicWall reports no evidence of in-the-wild exploitation but urges immediate updates; update SMA1000 firmware as soon as possible.

Read more →
🤖 AI/TOOLING2 items
INFO🤖 AI/Tooling

MSP AI Operationalisation Gap: 97% Plan More Automation, Only 4% Have Actually Deployed It

A July 2026 report from Rev.io found that while 97% of MSPs plan to increase AI automation, only 4% have operationalised it — meaning AI suggests actions but humans still execute them. The platforms pulling ahead are those where AI agents run manual processes autonomously, with technicians only reviewing exceptions. MSPs are advised to evaluate whether their current tools act or merely advise, and identify workflows ready for full handoff.

Read more →
INFO🤖 AI/Tooling

AI Helpdesk Automation Reality Check: Only 4% of MSPs Have Actually Operationalised AI

A July 2026 analysis found that while 97% of MSPs plan to use AI to automate more this year, only 4% have actually operationalised it — with most teams still manually acting on AI suggestions rather than letting agents run processes autonomously. The gap is attributed to AI tools sitting outside core RMM/PSA systems and lacking real-time endpoint context, causing hallucinated diagnoses and escalation failures. MSPs looking to bridge the gap are advised to unify endpoint health data across L1/L2/L3 before adding more AI tooling.

Read more →
📡 INDUSTRY1 item
INFO📡 Industry

Inaugural CRN Channel Awards Australia 2026 Shortlist Announced — MSP and MSSP of the Year Categories Expanded

CRN Australia has announced the finalists for the inaugural CRN Channel Awards Australia 2026, co-presented with the GTIA ANZ Spotlight Awards, to be held on 17 September at the Hyatt Regency Sydney. Due to an overwhelming number of MSP and Service Provider applications, CRN has split MSP of the Year into headcount-based sub-categories for the first time. The 29-category programme covers managed services, cybersecurity, cloud, AI, and channel leadership.

Read more →
Wednesday, July 8, 2026
// this lands in your inbox every weekday

This is what you get — every weekday, free.

Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.

// no spam · every weekday morning · unsubscribe anytime

LATESTARCHIVEBLOGSUBSCRIBE

// AI-assisted · always verify before acting · not professional security advice