Security Digest - April 22, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

Generated (UTC): 2026-04-22 15:06:56 +00:00
Lookback window: 7 days

🚀 Top Research & Advisories

Microsoft releases emergency patches for critical ASP.NET flaw - (BleepingComputer) System.Xml.XmlElement

Action: Review .NET runtime vulnerabilities and apply patches.

💻 AppSec

How to protect .git, when I let coding agent work on repo in VM? - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.
Microsoft Shipped a Broken ASP.NET Patch - (Reddit r/cybersecurity) Review .NET runtime vulnerabilities and apply patches.
The axios supply chain affected my server. Here is the log file and what I figured out. - (Reddit r/cybersecurity) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

Cisco UCS C220 M5 Window server 2025 - (Reddit r/sysadmin) Review server hardening and AD security posture.
How does policy review work (palo alto firewalls) ? - (Reddit r/cybersecurity) Review VPN client version and deployment.
Linux Station as backup DNS and DHCP - (Reddit r/sysadmin) Review server hardening and AD security posture.
Major lawsuit claims Microsoft overcharged for Windows Server on rival cloud platforms - (Neowin) Review server hardening and AD security posture.
Where to find entry level intern/jobs - (Reddit r/cybersecurity) Review server hardening and AD security posture.

🛡 Security Ops

CrowdStrike LogScale Vulnerability Allows Remote Attackers to Read Arbitrary Files from Server - (CybersecurityNews) Review sensor guidance and deployment posture.

🛠 Infrastructure & Endpoint Control

“TotalRecall Reloaded” tool finds a side entrance to Windows 11’s Recall database - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
[New] Save 72% on Microsoft Office 2024 Home & Business with a Certification Training Bundle - (Neowin) Review Office update channel health and security baseline compliance.
Brendan Gregg’s 55-minute outage story has a missing piece — the sos command - (Reddit r/sysadmin) Review security controls and policy updates.
Do I use Bitlocker for my USB? - (Reddit r/Windows11) Review encryption policy and remediation gaps.
Exploits Turn Windows Defender into Attacker Tool - (Reddit r/Windows11) Review security controls and policy updates.
Feature request: Open apps directly on a specific virtual desktop - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
How do you handle SharePoint storage creep? - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.
I built a modern, open-source photo manager for Windows (supports 100K+ files and local AI search) - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
I don’t get hate towards Windows - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Intune is very reliable and good. (I need help) - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.
Maingear launches MG-1 Mk.II AMD Ryzen 9950X3D2 PC with “bloatware-free Windows 11” - (Neowin) Validate workstation security baseline and update compliance.
Microsoft confirms Windows 11 KB5083769, KB5082052 wrongly forcing BitLocker recovery - (Neowin) Review encryption policy and remediation gaps. Validate workstation security baseline and update compliance.
Microsoft extends rare handshake to Google with upcoming Edge feature - (Neowin) Validate Edge/WebView2 coverage; refresh managed package.
Microsoft is giving Windows 11 File Explorer a speed boost, dark mode fix, and reducing explorer.exe crashes - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Microsoft officially says you don’t need extra antivirus on Windows 11 - (Reddit r/Windows11) Review security controls and policy updates. Validate workstation security baseline and update compliance.
Microsoft Password Manager on Windows 11 as a standalone app? - (Reddit r/Windows11) Validate Edge/WebView2 coverage; refresh managed package. Validate workstation security baseline and update compliance.
Microsoft releases emergency out-of-band .NET update to patch severe bug - (Neowin) Evaluate update rings and expedite actions if needed.
Microsoft shared simple fix for Windows 11/10 bug that seemingly broke a vital OS feature - (Neowin) Validate workstation security baseline and update compliance.
Microsoft teases new customization features for Windows 11’s Start menu after years of criticism - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
My first MSP had the same local admin password on every customers machines. 8 chars.Then I learned what LAPS was. - (Reddit r/sysadmin) Confirm Adobe exposure; push updated deployment. Evaluate update rings and expedite actions if needed. Validate LAPS scope and rotation posture. Validate workstation security baseline and update compliance.
my windows 11 desktop - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Retriving password from RDP file (or from credential manager) on Windows 10 - (Reddit r/sysadmin) Review encryption policy and remediation gaps. Validate workstation security baseline and update compliance.
Switching firewall for the first time - (Reddit r/sysadmin) Review security controls and policy updates.
Win 2025 RDP host - users get booted and cannot reconnect until an admin changes security groups. - (Reddit r/sysadmin) Review security controls and policy updates.
Windows 11 does not honor DNS over HTTPS privacy settings - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Windows 11 finally fixes inconsistent folder views in File Explorer - (Reddit r/Windows11) Validate workstation security baseline and update compliance.
Windows 11 KB5083769 brings built-in internet speed test to all 25H2, 24H2 users - (Neowin) Validate workstation security baseline and update compliance.
Windows 11 to get a major reliability update in May with faster clipboard, stable taskbar, storage and more - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

🩹 Patch Tuesday & Update Experience

Microsoft confirms Windows 11 KB5083769, KB5082052 wrongly forcing BitLocker recovery - (Neowin) Microsoft has confirmed that a new BitLocker recovery issue is affecting all supported versions of Windows 11, 10, and Server. Read more…
Microsoft releases emergency out-of-band .NET update to patch severe bug - (Neowin) A serious flaw in recent .NET builds has forced an urgent patch, with Microsoft warning impacted apps could grant attackers SYSTEM privileges. Read more…
My first MSP had the same local admin password on every customers machines. 8 chars.Then I learned what LAPS was. - (Reddit r/sysadmin) My first real IT job was at a small MSP, maybe forty customers across a mix of industries, a few thousand endpoints between them, and in my second week I was shadowing one of the senior techs on a tic…

🔍 Quick Links (Watch Items)

I asked an AI to research the most dangerous unreleased model. - (Reddit r/cybersecurity)
Trying to do automatic certs for printer login pages. - (Reddit r/sysadmin)
Win 2025 RDP host - users get booted and cannot reconnect until an admin changes security groups. - (Reddit r/sysadmin)
Penetration Testing Pricing Explained: What Determines Cost and Scope in 2026 - (Reddit r/cybersecurity)
YOU are responsible for security. And you need to be diligent about it. - (Reddit r/sysadmin)
H.R. 8250 (Parents Decide Act) would require age verification at the OS level - (Reddit r/cybersecurity)
Guidance on Certifications - (Reddit r/cybersecurity)
Need Opinions on Certs - (Reddit r/cybersecurity)
Microsoft Shipped a Broken ASP.NET Patch - (Reddit r/cybersecurity)
Interesting read on Darksword chain and How browser exploits work - (Reddit r/cybersecurity)