On May 12, Microsoft released its May 2026 Patch Tuesday release which patched 118 CVEs with 16 rated critical and 102 rated as important.

This month's updates include CVE-2026-41103, an elevation of privilege vulnerability affecting Microsoft Single-Sign-On (SSO) Plugin for Jira & Confluence. It was assigned a CVSSv3 score of 9.1 and is rated as critical. It was assessed as "Exploitation More Likely" according to Microsoft's Exploitability Index. 

An unauthorized attacker could exploit this vulnerability during the process of logging in by sending a specially crafted response message. Successful exploitation would allow the attacker to sign-in using a forged identity without Microsoft Entra ID authentication, enabling access to or allowing an attacker to modify data in Jira and Confluence. However, the accessible information is not unfettered, as it is limited by the access defined by the targeted servers for the authorized user.

In addition, several Microsoft Office applications were patched, including updates to address three remote code execution (RCE) vulnerabilities in Microsoft Word. CVE-2026-33841, CVE-2026-35420 and CVE-2026-40369 are EoP vulnerabilities affecting the Windows Kernel. Each of the flaws have been assigned CVSSv3 scores of 7.8 and rated as important. Both CVE-2026-33841 and CVE-2026-40369 were assessed as "Exploitation More Likely," which could be abused by a local attacker to elevate to SYSTEM or Medium/High integrity level in the case of CVE-2026-33841.

This month’s update includes patches for:

• .NET
• ASP.NET Core
• Azure AI Foundry M365 published agents
• Azure Cloud Shell
• Azure Connected Machine Agent
• Azure DevOps
• Azure Entra ID
• Azure Logic Apps
• Azure Machine Learning
• Azure Managed Instance for Apache Cassandra
• Azure Monitor Agent
• Azure Notification Service
• Azure SDK
• Copilot Chat (Microsoft Edge)
• Data Deduplication
• Dynamics Business Central
• GitHub Copilot and Visual Studio
• M365 Copilot
• M365 Copilot for Desktop
• Microsoft Data Formulator
• Microsoft Dynamics 365 (on-premises)
• Microsoft Dynamics 365 Customer Insights
• Microsoft Edge (Chromium-based)
• Microsoft Edge for Android
• Microsoft Office
• Microsoft Office Click-To-Run
• Microsoft Office Excel
• Microsoft Office PowerPoint
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Partner Center
• Microsoft SSO Plugin for Jira & Confluence
• Microsoft Teams
• Microsoft Windows DNS
• Power Automate
• SQL Server
• Telnet Client
• Visual Studio Code
• Windows Admin Center
• Windows Ancillary Function Driver for WinSock
• Windows Application Identity (AppID) Subsystem
• Windows Cloud Files Mini Filter Driver
• Windows Common Log File System Driver
• Windows Cryptographic Services
• Windows DWM Core Library
• Windows Event Logging Service
• Windows Filtering Platform (WFP)
• Windows GDI
• Windows Hyper-V
• Windows Internet Key Exchange (IKE) Protocol
• Windows Kernel
• Windows Kernel-Mode Drivers
• Windows LDAP - Lightweight Directory Access Protocol
• Windows Link-Layer Discovery Protocol (LLDP)
• Windows Message Queuing
• Windows Native WiFi Miniport Driver
• Windows Netlogon
• Windows Print Spooler Components
• Windows Projected File System
• Windows Remote Desktop
• Windows Rich Text Edit
• Windows Rich Text Edit Control
• Windows SMB Client
• Windows Secure Boot
• Windows Storage Spaces Controller
• Windows Storport Miniport Driver
• Windows TCP/IP
• Windows Telephony Service
• Windows Volume Manager Extension Driver
• Windows Win32K - GRFX
• Windows Win32K - ICOMP

For more information, please visit our blog.