The Microsoft May 2026 security updates have been released and consist of 132 new CVEs to Microsoft products and 128 non-Microsoft CVEs for Chromium.
Of the Microsoft CVEs released, 30 are rated Critical, 3 are rated Moderate and the rest are rated Low in severity. At the time of release, none are listed as publicly known or as being actively exploited.
The security updates apply to the following products, features and roles: Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, .NET and Visual Studio, Copilot Chat, Github Copilot, M365 Copilot, SQL Server, TCP/IP, and the Telnet Client.
Information regarding known issues with KBs included in the security updates can be found at the bottom of the page at May 2026 Security Updates - Release Notes - Security Update Guide - Microsoft.
Recommended Reading: See Dustin Childs complete review and analysis in Zero Day Initiative -- The May 2026 Security Update Review.
Additional Update Notes:
- Windows 10 -- See Windows 10 Extended Security Updates (ESU).
- Servicing Stack Updates -- Microsoft now combines the latest servicing stack update (SSU) for your operating system with the Latest Cumulative Updates (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
- Windows updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows, in addition to non-security updates. The updates are also available via search for the KB number in the Microsoft Update Catalog.
- For information on lifecycle and support dates for Windows 11 operating systems, please see Windows 11 Home and Pro.
- Windows Update History: Windows 11, Windows 10
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
