MSP Threat Radar Weekly Briefing — Week of 2026-05-18

This week’s briefing tracks 12 recent watch items across 4 vendors, with emphasis on active service incidents and high-priority operational issues.

Top items

Microsoft Internet Explorer Use-After-Free Vulnerability

• Vendor: Microsoft
• Published: 2026-05-20
• Status: active
• Source: cisa-kev
• Official advisory: https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374

Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-06-03.

Microsoft Internet Explorer Use-After-Free Vulnerability

• Vendor: Microsoft
• Published: 2026-05-20
• Status: active
• Source: cisa-kev
• Official advisory: https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352

Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-06-03.

Microsoft DirectX NULL Byte Overwrite Vulnerability

• Vendor: Microsoft
• Published: 2026-05-20
• Status: active
• Source: cisa-kev
• Official advisory: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028

Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-06-03.

Microsoft Windows Buffer Overflow Vulnerability

• Vendor: Microsoft
• Published: 2026-05-20
• Status: active
• Source: cisa-kev
• Official advisory: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067

Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-06-03.

Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability

• Vendor: Adobe
• Published: 2026-05-20
• Status: active
• Source: cisa-kev
• Official advisory: https://www.cisa.gov/news-events/alerts/2009/10/13/adobe-reader-and-acrobat-vulnerabilities

Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date: 2026-06-03.