“Immediately identify any Cisco Unified CM instances in your environment and check CISA's KEV for affected versions — this one's being actively exploited.”
M365 Copilot CVE-2026-26129 Patched in June Security Update
Microsoft's June 2026 security update bundle included a fix for CVE-2026-26129 affecting M365 Copilot, part of a record 244-CVE release cycle. While this specific CVE is not yet listed as actively exploited, the broader June release included one KEV-listed actively exploited issue (CVE-2026-42897, Exchange spoofing). Ensure June cumulative updates have been fully deployed across all M365 tenants before the July 14 Patch Tuesday.
Read more →CVE-2026-50656: Windows Defender LPE 'RoguePlanet' Flaw Fixed — Exploitation Assessed as Likely
Microsoft released an out-of-band fix for CVE-2026-50656, a Windows Defender Local Privilege Escalation vulnerability affecting Windows 10 and Windows 11 that allows authenticated attackers to achieve SYSTEM-level privileges via a low-complexity attack. Microsoft assesses exploitation as likely, and the flaw was publicised by the 'Nightmare Eclipse' researcher group that has been releasing PoC exploits for undisclosed Windows bugs since March 2026. Workaround: Ensure the Microsoft Malware Protection Engine has auto-updated to version 1.1.26060.3008 or trigger a manual definition update if automatic updates are disabled.
Read more →Cisco Unified CM Added to CISA KEV: SSRF Flaw Allows Unauthenticated Root File Write
CISA added a Server-Side Request Forgery vulnerability in Cisco Unified Communications Manager (and Unified CM SME) to its Known Exploited Vulnerabilities catalog, noting that an unauthenticated remote attacker can write arbitrary files to the underlying OS which can later be leveraged to escalate to root. The advisory is linked to CISA's new BOD 26-04 directive requiring risk-based prioritisation of security updates. MSPs managing Cisco UC environments should apply Cisco's patch per the advisory at cisco-sa-cucm-ssrf-cXPnHcW and check for forensic triage indicators per BOD 26-04 guidance.
Read more →Microsoft Copilot Remains Key AI Entry Point for MSPs Already Standardised on M365
For MSPs with clients standardised on Microsoft 365, Copilot continues to be the lowest-friction AI entry point, surfacing value in Outlook, Teams, Word, Excel, and PowerPoint through ticket summarisation, meeting recaps, action item extraction, and proposal drafting. Industry analysts note that while Copilot does not perform autonomous remediation, the cumulative time savings across a service team's administrative drag are significant for profitability. MSPs should ensure Copilot licences are being actively used by technicians rather than sitting idle post-deployment.
Read more →Australian Channel Chiefs: AI Monetisation Gap, Margin Pressure, and Skills Shortages Are Top 2026 Challenges
CRN Australia's inaugural Channel Chiefs list for 2026 reveals that Australia's top channel leaders see three converging threats: inability to monetise AI beyond pilots, commoditisation-driven margin compression on core services, and acute skills shortages in engineering, data science, and security. Procurement is also shifting toward hyperscaler marketplaces (AWS, Azure) and bundled solution packages, threatening traditional reseller margins. MSPs are advised to differentiate through vertical specialisation and outcome-led managed services to remain competitive.
Read more →Microsoft Launches Frontier Division for Enterprise AI; Logicalis AU Awarded Frontier Partner Status
Microsoft has created a dedicated Frontier Division targeting enterprise-scale AI deployments, and Australian technology services provider Logicalis has been awarded Microsoft Frontier Partner status — one of the first in the APAC region. The Frontier Partner programme is designed for partners demonstrating deep AI implementation capability beyond standard M365 Copilot licensing. Australian MSPs seeking to differentiate on AI should investigate the requirements for Microsoft AI Cloud Partner Program advanced specialisations as a pathway.
Read more →Inaugural CRN Channel Awards Australia 2026 — Shortlist Announced, MSP Category Expanded
CRN Australia announced the shortlist for the inaugural CRN Channel Awards Australia 2026, spanning 29 categories across managed services, cybersecurity, cloud, AI, and channel leadership. Due to record nominations, the MSP of the Year and Solution Provider of the Year categories were split into headcount tiers. The awards ceremony will formally benchmark Australian MSP excellence for the first time under the CRN brand.
Read more →Logicalis AP Named MSP & MSSP of the Year at CRN Channel Awards Asia — APAC Security Focus
Logicalis Asia Pacific took out both MSP of the Year and MSSP of the Year at the CRN Channel Awards Asia, citing 50% year-on-year growth in Managed Security Services. The company has become the first global Cisco partner in APAC to launch Cisco XDR as a Managed Service. Australian MSPs competing for enterprise security clients should note the benchmark being set by larger regional players in XDR and SOC services.
Read more →Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.