Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32
Download MP3The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let that fool you.
In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list.
They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month.
What's covered:
In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list.
They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month.
What's covered:
- CVE-2026-41089: Windows NetLogon RCE (CVSS 9.8) and CVE-2026-41096: Windows DNS Client RCE (CVSS 9.8)
- CVE-2026-40402: Hyper-V guest-to-host escalation (CVSS 9.3)
- macOS Tahoe 26.5: Wi-Fi kernel RCE, nine kernel CVEs, 20 WebKit vulnerabilities
- Dirty Frag Linux privilege escalation chain and the Copy Fail connection
- AI-credited discoveries from Anthropic, calif.io, Theori, and NIST's Center for AI Standards and Innovation
Creators and Guests
Host
Jason Kikta
Jason Kikta is the Chief Technology Officer at Automox, where he leads the Product, Engineering, and IT/Security organizations. He has over 30 years of experience in IT, beginning with independent consulting and spanning more than two decades of military service, building and operating communications networks across the globe. During seven years at US Cyber Command’s Cyber National Mission Force, he focused on countering state actors and ransomware threats to critical infrastructure. Jason is an adjunct lecturer for the Alperovitch Institute at Johns Hopkins SAIS and an adjunct senior technical advisor to the Institute for Security and Technology, focused on AI, cybersecurity, and ransomware.
Host
Landon Miles
Landon Miles is the host of the Hands-On IT podcast. Landon’s profound passion for technology isn't just evident in his voice, it’s apparent in how he breaks down cutting-edge tech trends, formats user-friendly tutorials, and gets into the weeds of the complexities of IT technologies. His approach makes the Hands-On IT podcast an essential resource for both seasoned IT pros and those new to the field, looking to enrich their tech experience. With a background that spans various facets of technology, Landon brings a wealth of knowledge and practical insights to each episode.
![Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32](https://img.transistorcdn.com/hAclDwleqbqgHFCHBDOeOoYiz4c7-tjSKYC425mb2XY/rs:fill:0:0:1/w:800/h:800/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS80N2Ex/YTNkMTFkM2FkYmY3/ZGZjZWNlMzMyZTdk/NWZjZS5wbmc.webp)