Microsoft выпустила майский набор обновлений патчей. В этот раз корпорация закрыла 120 уязвимостей, при этом новых 0-day среди них нет. Из общего числа 17 уязвимостей получили критический статус. Большая часть из них связана с удалённым выполнением кода: таких критических проблем насчитывается 14.
Ещё две позволяют повысить привилегии, а одна связана с раскрытием информации.
Всего в майском пакете исправлены 61 уязвимость повышения привилегий, 31 проблема удалённого выполнения кода, 14 уязвимостей раскрытия информации, 13 проблем подмены, 8 отказов в обслуживании и 6 обходов функций безопасности.
Отдельного внимания заслуживают патчи для Microsoft Office, Word и Excel. Несколько закрытых уязвимостей могут привести к удалённому выполнению кода при открытии специально подготовленного файла.
Часть таких атак может сработать даже через область предварительного просмотра, поэтому обновления Office лучше не откладывать, особенно если пользователи часто получают вложения по почте.
Среди заметных проблем также есть уязвимость CVE-2026-35421 в Windows GDI. Её можно было эксплуатировать через вредоносный EMF-файл, открытый в Microsoft Paint.
Ещё одна важная проблема — CVE-2026-40365 в Microsoft SharePoint Server. Аутентифицированный злоумышленник мог провести сетевую атаку и удалённо выполнить код на сервере SharePoint.
Также Microsoft закрыла CVE-2026-41096 в Windows DNS Client. В этом случае контролируемый атакующим DNS-сервер мог отправить специально сформированный ответ уязвимой Windows-системе, вызвать повреждение памяти и добиться удалённого выполнения кода.
Список пропатченных дыр приводим ниже:
| Затронутый компонент | CVE-идентификаторов | CVE-наименование | Степень риска |
| .NET | CVE-2026-35433 | .NET Elevation of Privilege Vulnerability | Важная |
| .NET | CVE-2026-32177 | .NET Elevation of Privilege Vulnerability | Важная |
| .NET | CVE-2026-32175 | .NET Core Tampering Vulnerability | Важная |
| AMD CPU Branch | CVE-2025-54518 | AMD: CVE-2025-54518 CPU OP Cache Corruption | Важная |
| ASP.NET Core | CVE-2026-42899 | ASP.NET Core Denial of Service Vulnerability | Важная |
| Azure Connected Machine Agent | CVE-2026-40381 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Важная |
| Azure Logic Apps | CVE-2026-42823 | Azure Logic Apps Elevation of Privilege Vulnerability | Важная |
| Azure Machine Learning | CVE-2026-33833 | Azure Machine Learning Notebook Spoofing Vulnerability | Важная |
| Azure Monitor Agent | CVE-2026-32204 | Azure Monitor Agent Elevation of Privilege Vulnerability | Важная |
| Azure Monitor Agent | CVE-2026-42830 | Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability | Важная |
| Azure SDK | CVE-2026-33117 | Azure SDK for Java Security Feature Bypass Vulnerability | Важная |
| Data Deduplication | CVE-2026-41095 | Data Deduplication Elevation of Privilege Vulnerability | Важная |
| Dynamics Business Central | CVE-2026-40417 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | Важная |
| GitHub Copilot and Visual Studio | CVE-2026-41109 | GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability | Важная |
| M365 Copilot | CVE-2026-41100 | Microsoft 365 Copilot for Android Spoofing Vulnerability | Важная |
| M365 Copilot | CVE-2026-42893 | Microsoft Outlook for iOS Tampering Vulnerability | Важная |
| M365 Copilot | CVE-2026-26164 | M365 Copilot Information Disclosure Vulnerability | Критическая |
| M365 Copilot for Desktop | CVE-2026-41614 | M365 Copilot for Desktop Spoofing Vulnerability | Важная |
| Microsoft Data Formulator | CVE-2026-41094 | Microsoft Data Formulator Remote Code Execution Vulnerability | Важная |
| Microsoft Dynamics 365 (on-premises) | CVE-2026-42898 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | Критическая |
| Microsoft Dynamics 365 (on-premises) | CVE-2026-42833 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | Важная |
| Microsoft Office | CVE-2026-42832 | Microsoft Office Spoofing Vulnerability | Важная |
| Microsoft Office | CVE-2026-42831 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office | CVE-2026-40363 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office | CVE-2026-40419 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Важная |
| Microsoft Office | CVE-2026-40358 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office Click-To-Run | CVE-2026-35436 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Важная |
| Microsoft Office Click-To-Run | CVE-2026-40420 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Важная |
| Microsoft Office Click-To-Run | CVE-2026-40418 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Важная |
| Microsoft Office Excel | CVE-2026-40360 | Microsoft Excel Information Disclosure Vulnerability | Важная |
| Microsoft Office Excel | CVE-2026-40362 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2026-40359 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office PowerPoint | CVE-2026-41102 | Microsoft PowerPoint for Android Spoofing Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2026-40368 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2026-35439 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2026-33112 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2026-40365 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Критическая |
| Microsoft Office SharePoint | CVE-2026-40357 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2026-33110 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Важная |
| Microsoft Office Word | CVE-2026-40361 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
| Microsoft Office Word | CVE-2026-40367 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
| Microsoft Office Word | CVE-2026-35440 | Microsoft Word Information Disclosure Vulnerability | Важная |
| Microsoft Office Word | CVE-2026-40421 | Microsoft Word Information Disclosure Vulnerability | Важная |
| Microsoft Office Word | CVE-2026-41101 | Microsoft Word for Android Spoofing Vulnerability | Важная |
| Microsoft Office Word | CVE-2026-40366 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
| Microsoft Office Word | CVE-2026-40364 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
| Microsoft SSO Plugin for Jira & Confluence | CVE-2026-41103 | Microsoft SSO Plugin for Jira & Confluence Elevation of Privilege Vulnerability | Критическая |
| Microsoft Teams | CVE-2026-32185 | Microsoft Teams Spoofing Vulnerability | Важная |
| Microsoft Windows DNS | CVE-2026-41096 | Windows DNS Client Remote Code Execution Vulnerability | Критическая |
| Power Automate | CVE-2026-40374 | Microsoft Power Automate Desktop Information Disclosure Vulnerability | Важная |
| SQL Server | CVE-2026-40370 | SQL Server Remote Code Execution Vulnerability | Важная |
| Telnet Client | CVE-2026-35423 | Windows 11 Telnet Client Information Disclosure Vulnerability | Важная |
| Visual Studio Code | CVE-2026-41613 | Visual Studio Code Elevation of Privilege Vulnerability | Важная |
| Visual Studio Code | CVE-2026-41612 | Visual Studio Code Information Disclosure Vulnerability | Важная |
| Visual Studio Code | CVE-2026-41610 | Visual Studio Code Security Feature Bypass Vulnerability | Важная |
| Visual Studio Code | CVE-2026-41611 | Visual Studio Code Remote Code Execution Vulnerability | Важная |
| Windows Admin Center | CVE-2026-41086 | Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability | Важная |
| Windows Admin Center | CVE-2026-35438 | Windows Admin Center Elevation of Privilege Vulnerability | Важная |
| Windows Ancillary Function Driver for WinSock | CVE-2026-35416 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Важная |
| Windows Ancillary Function Driver for WinSock | CVE-2026-41088 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Важная |
| Windows Ancillary Function Driver for WinSock | CVE-2026-34345 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Важная |
| Windows Ancillary Function Driver for WinSock | CVE-2026-34344 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Важная |
| Windows Application Identity (AppID) Subsystem | CVE-2026-34343 | Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability | Важная |
| Windows Cloud Files Mini Filter Driver | CVE-2026-34337 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Важная |
| Windows Cloud Files Mini Filter Driver | CVE-2026-35418 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Важная |
| Windows Cloud Files Mini Filter Driver | CVE-2026-33835 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Важная |
| Windows Common Log File System Driver | CVE-2026-40397 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Важная |
| Windows Common Log File System Driver | CVE-2026-40407 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Важная |
| Windows Cryptographic Services | CVE-2026-40377 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2026-34336 | Windows DWM Core Library Information Disclosure Vulnerability | Важная |
| Windows DWM Core Library | CVE-2026-42896 | Windows DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2026-35419 | Windows DWM Core Library Information Disclosure Vulnerability | Важная |
| Windows Event Logging Service | CVE-2026-33834 | Windows Event Logging Service Elevation of Privilege Vulnerability | Важная |
| Windows Filtering Platform (WFP) | CVE-2026-32209 | Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability | Важная |
| Windows GDI | CVE-2026-35421 | Windows GDI Remote Code Execution Vulnerability | Критическая |
| Windows Hyper-V | CVE-2026-40402 | Windows Hyper-V Elevation of Privilege Vulnerability | Критическая |
| Windows Internet Key Exchange (IKE) Protocol | CVE-2026-35424 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | Важная |
| Windows Kernel | CVE-2026-40369 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2026-33841 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2026-35420 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel-Mode Drivers | CVE-2026-34332 | Windows Kernel-Mode Driver Remote Code Execution Vulnerability | Важная |
| Windows Kernel-Mode Drivers | CVE-2026-40408 | Windows WAN ARP Driver Elevation of Privilege Vulnerability | Важная |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2026-34339 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Важная |
| Windows Link-Layer Discovery Protocol (LLDP) | CVE-2026-34341 | Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability | Важная |
| Windows Message Queuing | CVE-2026-34329 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | Важная |
| Windows Message Queuing | CVE-2026-33838 | Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Важная |
| Windows Native WiFi Miniport Driver | CVE-2026-32161 | Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability | Критическая |
| Windows Netlogon | CVE-2026-41089 | Windows Netlogon Remote Code Execution Vulnerability | Критическая |
| Windows Print Spooler Components | CVE-2026-34342 | Windows Print Spooler Elevation of Privilege Vulnerability | Важная |
| Windows Projected File System | CVE-2026-34340 | Windows Projected File System Elevation of Privilege Vulnerability | Важная |
| Windows Remote Desktop | CVE-2026-40398 | Windows Remote Desktop Services Elevation of Privilege Vulnerability | Важная |
| Windows Rich Text Edit | CVE-2026-21530 | Windows Rich Text Edit Elevation of Privilege Vulnerability | Важная |
| Windows Rich Text Edit Control | CVE-2026-32170 | Windows Rich Text Edit Elevation of Privilege Vulnerability | Важная |
| Windows Secure Boot | CVE-2026-41097 | Secure Boot Security Feature Bypass Vulnerability | Важная |
| Windows SMB Client | CVE-2026-40410 | Windows SMB Client Elevation of Privilege Vulnerability | Важная |
| Windows Storage Spaces Controller | CVE-2026-35415 | Windows Storage Spaces Controller Elevation of Privilege Vulnerability | Важная |
| Windows Storport Miniport Driver | CVE-2026-34350 | Windows Storport Miniport Driver Denial of Service Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-34351 | Windows TCP/IP Elevation of Privilege Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-33837 | Windows TCP/IP Local Elevation of Privilege Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40406 | Windows TCP/IP Information Disclosure Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40414 | Windows TCP/IP Denial of Service Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-34334 | Windows TCP/IP Elevation of Privilege Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40399 | Windows TCP/IP Elevation of Privilege Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-35422 | Windows TCP/IP Driver Security Feature Bypass Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40413 | Windows TCP/IP Denial of Service Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40415 | Windows TCP/IP Remote Code Execution Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40401 | Windows TCP/IP Denial of Service Vulnerability | Важная |
| Windows TCP/IP | CVE-2026-40405 | Windows TCP/IP Denial of Service Vulnerability | Важная |
| Windows Telephony Service | CVE-2026-40382 | Windows Telephony Service Elevation of Privilege Vulnerability | Важная |
| Windows Telephony Service | CVE-2026-34338 | Windows Telephony Service Elevation of Privilege Vulnerability | Важная |
| Windows Telephony Service | CVE-2026-42825 | Windows Telephony Service Elevation of Privilege Vulnerability | Важная |
| Windows Volume Manager Extension Driver | CVE-2026-40380 | Windows Volume Manager Extension Driver Remote Code Execution Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2026-33839 | Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2026-40403 | Windows Graphics Component Remote Code Execution Vulnerability | Критическая |
| Windows Win32K - GRFX | CVE-2026-34347 | Windows Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2026-34333 | Windows Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2026-34330 | Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2026-34331 | Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - ICOMP | CVE-2026-35417 | Windows Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - ICOMP | CVE-2026-33840 | Win32k Elevation of Privilege Vulnerability | Важная |