![Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32](https://img.transistorcdn.com/EemNaOGP18B4xDYpyXXY5ghrHDoXxAyCSWGjNwzB1UE/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS80N2Ex/YTNkMTFkM2FkYmY3/ZGZjZWNlMzMyZTdk/NWZjZS5wbmc.jpg)
Patch [FIX] Tuesday – [AI Hits the Hat Trick], Ep. 32
From Autonomous IT by Automox
May 12, 2026 · 34 min · Episode 32
About this episode
The episode discusses the May 2026 Microsoft Patch Tuesday release and significant vulnerabilities across major operating systems, highlighting AI's role in vulnerability research.
The May 2026 Microsoft Patch Tuesday release looks quiet on the surface – no actively exploited zero-days, no public disclosures at release, and a CVE count below the four-month average. Don't let that fool you. In this episode, Jason Kikta and Landon Miles break down everything that happened between April and May patch cycles, including Apple's macOS Tahoe 26.5 release with 79 CVEs, the Dirty Frag Linux kernel privilege escalation chain, and two pre-authenticated network remote code execution vulnerabilities in Windows core services that belong at the top of your patch list. They also dig into one of the month's most significant trends: AI-assisted vulnerability research showing up by name in Microsoft, Apple, and Linux acknowledgments in the same patch cycle – including Anthropic researchers credited on a critical Windows graphics component RCE. Ten AI-attributed vulnerability discoveries shipped fixes across all three major operating systems this month. What's covered: CVE-2026-41089: Windows NetLogon RCE (CVSS 9.8) and CVE-2026-41096: Windows DNS Client RCE (CVSS 9.8) CVE-2026-40402: Hyper-V guest-to-host escalation (CVSS 9.3) macOS Tahoe 26.5: Wi-Fi kernel RCE, nine kernel…
People in this episode
Hosts: Jason Kikta, Landon Miles
Topics covered
- Microsoft Patch Tuesday
- AI-assisted vulnerability research
- CVE analysis
- macOS vulnerabilities
- Linux kernel exploits
- Windows remote code execution
Keywords
- CVE-2026-41089
- CVE-2026-41096
- CVE-2026-40402
- Windows RCE
- macOS vulnerabilities
- Linux privilege escalation
- AI vulnerability research
Mentioned in this episode
Organizations: Microsoft, Apple, Linux, Anthropic, calif.io, Theori, NIST's Center for AI Standards and Innovation
Products: macOS Tahoe 26.5
More episodes of Autonomous IT
- Product Talk – CISA's BOD 26-04 Directive Explained, E26 · June 11, 2026 · 27 min
- Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33 · June 9, 2026 · 24 min
- Patch [FIX] Tuesday – [Emergency Episode: DirtyFrag Exploit Before Patch], Ep. 31 · May 8, 2026 · 11 min
- Autonomous IT, Live! The Math of Modern Attacks, E07 · April 28, 2026 · 33 min
- Secure IT – Claude Mythos: AI Vulnerability Hype vs. Evidence, E23 · April 23, 2026 · 8 min
- Patch [FIX] Tuesday – April 2026 [Double Feature: SQL Another Day + XSS Never Dies], E30 · April 14, 2026 · 8 min
Explore listener stats, chart rankings, contacts and more on the Autonomous IT podcast page.