Microsoft's May 2026 Patch Tuesday addresses 120 security vulnerabilities across Windows, Office, Azure, and developer tools with no zero-days disclosed. The update includes 17 Critical-severity flaws covering remote code execution in Windows GDI, Netlogon, WiFi Miniport Driver, DNS Client, SharePoint, Office Word, Hyper-V, and Windows Graphics Component. Notable fixes also cover Visual Studio Code, GitHub Copilot, .NET, SQL Server, and multiple Azure services. The majority of remaining vulnerabilities are rated Important and span elevation of privilege, information disclosure, denial of service, and security feature bypass categories.
Table of contents
Noteworthy vulnerabilitiesRecent updates from other companiesThe May 2026 Patch Tuesday Security Updates99% of What Mythos Found Is Still Unpatched.Sort: