AWS Security Digest·Week 18 of 2026·Apr 28 - May 4, 2026·8 items
Five FreeRTOS CVEs, One ECS RCE, One WorkSpaces LPE
Heavy patch week if you ship IoT on FreeRTOS or run Windows containers: five FreeRTOS CVEs across three bulletins, an ECS Agent command injection to SYSTEM, a WorkSpaces local-privilege escalation. AWS CIRT publishes the March 2026 attacker-technique catalog with three notable new entries. Audit Manager officially closes to new customers. The What's Next with AWS 2026 event lands with the OpenAI partnership.
In this issue4high2medium2info
Highlights
8 items
$ tail -f /var/log/aws-security.log
high/Threat Intel/
CIRT Catalogs Three New Attacker Moves
AWS Customer Incident Response Team published its analysis of the March 2026 Threat Technique Catalog update, with three notable additions.
First: Cognito refresh-token abuse for long-term persistence. Second: AMI image deletion as an anti-recovery and counter-forensics step, parallel to backup deletion. Third: trust-policy modifications on cross-account roles to maintain access after credential rotation.
The post includes detection guidance for each, particularly valuable for teams writing Security Hub correlation rules and CloudTrail Lake queries.
A command injection in the ECS Agent's FSx for Windows File Server volume mounting allows code execution with SYSTEM privileges via crafted credentials in ECS task definitions.
Windows EC2 instances only. Fargate is unaffected.
AWS recommends moving to the latest ECS-optimized Windows AMI.
A TOCTOU race condition in the Windows Amazon Skylight Workspace Config Service (slwsconfigservice) log file archival path lets a non-admin authenticated local user escalate to SYSTEM.
Impacts Windows WorkSpaces customers who have not enabled the Local Administrator Setting on their directory.
Self-service patch via WorkSpace reboot once the patched version is rolled out.
AWS issued three bulletins covering five vulnerabilities in the FreeRTOS-Plus-TCP networking stack on the same day.
The issues split into three categories: a MAC validation bypass plus an ICMP echo reply integer underflow (bulletin 2026-021-AWS), a DHCPv6 sub-option parser integer underflow (2026-022-AWS), and IPv6 Router Advertisement memory safety flaws (2026-023-AWS).
Relevant for any team shipping AWS IoT-connected devices that depend on the FreeRTOS networking stack.
Affected
FreeRTOS-Plus-TCP 4.0.0-4.2.5
FreeRTOS-Plus-TCP 4.3.0-4.4.0
Fixed In
FreeRTOS-Plus-TCP V4.4.1
FreeRTOS-Plus-TCP V4.2.6
FreeRTOSIoT
medium/Service Update/
Identity Center ABAC via Entra ID
AWS published a how-to on combining IAM Identity Center permission sets with session tags propagated from Microsoft Entra ID to implement attribute-based access control across multiple accounts. The pattern matters for any organization standardizing on Entra ID as the source of truth and trying to push policy decisions out of inline IAM policies.
IAM Identity CenterIAM
info/Service Update/
A Bedrock Trust & Safety Reference
AWS Security Blog published a reference architecture for designing trust and safety into Bedrock-powered applications: integrating responsible-AI controls including abuse detection, CloudWatch monitoring, and Bedrock Guardrails configuration. The shape of these controls is converging across providers, so this works as a checklist regardless of which models you ship.
BedrockCloudWatch
medium/Service Update/
The Audit Manager Cutoff Hits Today
The April 30, 2026 cutoff announced earlier in the month went into effect. New customers can no longer onboard to AWS Audit Manager; single-account deployments cannot deploy across an Organization. Existing customers continue normally. Compliance teams running Audit Manager assessments for SOC 2 or PCI evidence collection should now be actively migrating off. Security Hub Extended is the most-cited path.
Audit Manager
info/Feature Launch/
"What's Next with AWS 2026" + OpenAI Deal
AWS held its "What's Next with AWS 2026" event on May 4 with major announcements: a deeper AWS-OpenAI partnership (GPT-5.5/5.4 on Amazon Bedrock, Codex access, managed agents under Bedrock's "unified security, governance, and cost controls"), Amazon Quick desktop app preview, and Amazon Connect agentic AI expansions (Decisions, Talent, Customer, Health). For security architects the relevant subtext is centralization: more model providers, fewer governance surfaces.
BedrockConnect
Key Takeaway
1 item
$ cat WEEKLY_SUMMARY.md
Heavy CVE week: ECS Agent on Windows hits SYSTEM, WorkSpaces Skylight does too, FreeRTOS gets a five-CVE patch wave. None of these are wormable, but if you operate Windows ECS or unmanaged WorkSpaces directories, this is your reminder that "managed" is not the same as "patched." The CIRT catalog is the most useful artifact of the week. Cognito refresh-token persistence is exactly the kind of low-noise threat people miss.
These weekly digests are a starting point. Contact us for tailored threat briefings, security assessments, and architectural guidance for your AWS environment.
