Microsoft Patches 137 Vulnerabilities
Microsoft on Tuesday announced patching 137 vulnerabilities across its products, none of which have been flagged as exploited in the wild.
Roughly a dozen of the bugs addressed with the latest Patch Tuesday updates have an exploitability rating of ‘exploitation more likely’, indicating that threat actors could start abusing them in attacks.
The most severe of these is CVE-2026-41103, a critical-severity flaw in the Microsoft SSO Plugin for Jira & Confluence that could lead to elevation of privilege. The issue is rooted in the incorrect implementation of the authentication algorithm.
High-severity privilege escalation issues in Windows Remote Desktop, Windows Common Log File System Driver, Windows Kernel, Azure AI Foundry, Windows Win32k, Windows Ancillary Function Driver for WinSock, Windows TCP/IP, and Windows Cloud Files Mini Filter Driver are also prone to exploitation, Microsoft says.
The company also draws attention to two high-severity remote code execution defects in Microsoft Word (CVE-2026-40364 and...
Copyright of this story solely belongs to securityweek.com. To see the full text click HERE
.jpg)