This Week in Security: Another Record Patch Tuesday, LAME is More Secure, Secure Boot is Less Secure, and Milk Malware
tech
Microsoft delivered a historic month for security patches, releasing over sixty critical updates in July's Patch Tuesday—breaking its own record for the second straight month. Per Hackaday, the patches address BitLocker bypasses, prompt injection vulnerabilities in Microsoft Edge for Android that could trigger arbitrary commands, and DHCP privilege escalation affecting Windows systems on shared networks. The volume, Microsoft credits, comes from AI-assisted tooling accelerating vulnerability discovery. But even as Microsoft patches accelerate, researchers from ESET disclosed that eleven boot loaders signed by Microsoft remain vulnerable to attacks that could circumvent Secure Boot protections—allowing attackers to replace modern signed code with older, vulnerable versions still considered legitimate by the firmware. The vulnerability is particularly serious for corporate systems relying on Secure Boot to enforce disk encryption and prevent malware installation. Elsewhere in the roundup, Fairlife Dairy—owned by Coca-Cola—has suspended US production following a ransomware attack, with no estimated restoration timeline, and the LAME MP3 encoder released its first update in nearly a decade, fixing critical buffer overflow and integer underflow vulnerabilities discovered in code still widely used throughout audio software.
Source: https://hackaday.com/2026/07/17/this-week-in-security-ano...
Listen to this story
Hear this and more stories in a personalized audio briefing.
Open The Chonkerton