Patch Tuesday
Coverage of Patch Tuesday in the Nexus archive.
- Microsoft ships largest Patch Tuesday on record, with one bug under active attack
Microsoft released its largest Patch Tuesday update on record, addressing vulnerabilities, including one currently under active attack. The company's security leadership noted that AI tools are accelerating vulnerability discovery in the industry.
- Blame AI: Patch Tuesday Hits Record 206 CVEs
Patch Tuesday saw a record 206 CVEs addressed, with artificial intelligence accelerating vulnerability discovery and potentially leading to more frequent large-scale patch updates.
- Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft has introduced MDASH, a multi-model AI system for vulnerability discovery and remediation. The system is being tested by some customers as part of a limited private preview. MDASH has already found 16 Windows flaws that were fixed in Patch Tuesday.
- It's Patch Tuesday for Microsoft and Not a Zero-Day In Sight
Microsoft's Patch Tuesday has 137 flaws to patch, including nine critical ones, but no zero-day exploits are in sight, a first in two years. Admins have plenty of work to do despite the lack of zero-days. The patches address various security issues.
- Microsoft releases Windows 10 KB5087544 extended security update
Microsoft has released the Windows 10 KB5087544 extended security update to fix May 2026 Patch Tuesday vulnerabilities and resolve an issue with Remote Desktop warnings. This update aims to improve security and stability. The release is part of Microsoft's regular updates to protect its operating system.
- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Microsoft's May 2026 Patch Tuesday security updates fixed 120 flaws with no zero-days disclosed. The patches address various vulnerabilities in Microsoft's products. This update is part of Microsoft's regular Patch Tuesday cycle.
- Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft confirmed active exploitation of a high-severity spoofing vulnerability (CVE-2026-32202) in Windows Shell, which could allow attackers to access sensitive information. The flaw was patched in its latest Patch Tuesday update, but malicious actors are already exploiting it in the wild.
- Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft has introduced a new policy setting allowing IT administrators to uninstall the AI-powered Copilot digital assistant from enterprise devices. The feature became broadly available following the April 2026 Patch Tuesday update.
- Ancient Excel bug comes out of retirement for active attacks
A 17-year-old critical Excel vulnerability is being actively exploited, prompting CISA to issue an alert. Microsoft addressed the flaw via Patch Tuesday updates, but the outdated bug remains a target for cyberattacks.
- Microsoft releases Windows 10 KB5082200 extended security update
Microsoft has released the Windows 10 KB5082200 extended security update to address vulnerabilities from April 2026 Patch Tuesday, including two zero-day flaws. The update aims to enhance system security by fixing critical issues identified in the patch cycle.
- Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Microsoft released security updates in April 2026, addressing 167 flaws and two zero-day vulnerabilities. The patches are part of their regular Patch Tuesday updates, aimed at improving system security.