Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed.This Patch Tuesday addresses 17 "Critical" vulnerabilities, 14 of which are remote code execution, 2 are elevation of privilege, and 1 is an information disclosure flaw.When BleepingComputer reports on Patch Tuesday security updates, we only count those released by Microsoft today.Therefore, the number of flaws does not include flaws in Mariner, Azure, Copilot, Microsoft Teams, and Microsoft Partner Center that were fixed by Microsoft earlier this month. There were also 131 Microsoft Edge/Chromium flaws that were fixed by Google this month, which were excluded.Microsoft has not disclosed any zero-day vulnerabilities in this month's Patch Tuesday. However, there are some vulnerabilities fixed today that IT and security admins should be aware of.As part of today's updates, Microsoft has fixed numerous vulnerabilities in Microsoft Office, Word, and Excel that could lead to remote code execution.These flaws are exploited by opening malicious files, which can result in remote code execution. As many of these can be exploited via the preview pane, it is strongly advised to update Microsoft Office as soon as possible, especially if they commonly receive attachments.Below is the complete list of resolved vulnerabilities in the May 2026 Patch Tuesday updates.To access the full description of each vulnerability and the systems it affects, you can view the full report here.