Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • Resources
  • 2026 Microsoft Vulnerabilities Report current page
Link copied

2026 Microsoft Vulnerabilities Report

The latest Microsoft Vulnerabilities data, analyzed

Resource Card MS vulns 2026
2026 Microsoft Vulnerabilities Report

Get Instant Access to this Content

Learn more about how to secure your business from threats in places you didn't even know existed.

The 13th Edition of the Microsoft Vulnerabilities Report

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

The 2026 edition of our annual Microsoft Vulnerabilities Report dissects Microsoft's vulnerability and security landscape, breaking down key trends, security shifts, emerging risks—and what it all means for you. Also benefit from expert insights for securing your Microsoft estate.

Key Findings from the 2026 Report

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • The number of critical vulnerabilities doubled year over year, from 78 to 157
  • Total vulnerabilities in 2025 decreased by 6% to 1,273 (down from 1,360)
  • Elevation of Privilege category accounted for 40% (509) of the total vulnerabilities last year
  • Microsoft Azure and Dynamics 365 experienced a 9x rise in critical vulnerabilities, from 4 to 37
  • Microsoft Edge experienced 50 vulnerabilities last year, 83% less YoY
  • Microsoft Office experienced 157 vulnerabilities in 2025, over 3x that of 2024
  • There were 612 Windows vulnerabilities published in 2025, 36 were critical
  • Windows Server had 780 vulnerabilities in 2025, 50 were critical

Read the full report for a deeper dive into these findings so you can better understand, identify, and address Microsoft ecosystem risks.

 "The true risk in modern environments is not the presence of vulnerabilities, but the presence of unnecessary privilege... Those that embrace least privilege as a foundational design principle will not eliminate vulnerabilities, but they will dramatically reduce their ability to cause harm."

—Sami Laiho, Senior Technical Fellow at Adminize & Microsoft MVP

"AI agents inherit identity, access, and privilege...The Azure critical vulnerability spike matters here as this is the infrastructure layer where AI services live, authenticate, and interact with your data. A near-10x increase in critical vulns in that environment, combined with ungoverned machine identities operating autonomously within it, is a converging risk, not a theoretical one."

—Jane Frankland, MBE, Founder of the IN Security Movement, CEO of KnewStart & Best-Selling Author

"The ultimate factor here is trust...Zero Trust matters because modern defense is no longer about assuming trust and then reacting. It is about continuously validating trust, constraining privilege, and governing every identity (human and non-human)...That is the lesson this report should leave with every security leader."

—David (DJ) Morimanno, Field CTO at Xalient

Topics Covered in the Report Include:

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Vulnerabilities Data Deep Dive: Explore Microsoft vulnerability data, broken down by category and product. Learn why these vulnerabilities exist and how attackers take advantage of them. This report also calls out notable CVEs within each product and offers a look at each product's security trends over the past 5 years.

Expert Opinions and Advice: Hear from notable industry experts, including Sami Laiho, Senior Technical Fellow at Adminize & Microsoft MVP; Paula Januszkiewicz, CEO of CQURE Inc. and CQURE Academy, Security Expert, Penetration Tester and Trainer, Microsoft MVP on Security and Microsoft Regional Director; Jane Frankland, MBE, Founder of the IN Security Movement, CEO of KnewStart & Best-Selling Author; Katie Moussouris, Founder and CEO at Luta Security; David (DJ) Morimanno, Field CTO at Xalient; the BeyondTrust Phantom Labs™ Research Team; Bradley Smith, SVP and Deputy CISO at BeyondTrust; Kevin E. Greene, Public Sector Chief Cybersecurity Technology at BeyondTrust; and Marc Maiffret, CTO at BeyondTrust.

Why the Security Fundamentals Remain Essential: Gain expert insights into how practices such as enforcing least privilege and zero trust, prioritizing vulnerability management, and securing remote access pathways can make all the difference in defending your Microsoft estate against present and future threats.

"Most organizations do not fail because of groundbreaking techniques, but because their environments allow attacks to succeed. This is a pattern consistently observed in real-world incidents and reinforced by the latest Microsoft Vulnerabilities Report."

—Paula Januszkiewicz, CEO of CQURE Inc. and CQURE Academy, Security Expert, Penetration Tester and Trainer, Microsoft MVP on Security and Microsoft Regional Director

"This report is a reminder that all software has vulnerabilities and weaknesses — which is why removing Elevation of Privilege and Remote Code Execution vulnerability classes through secure-by-design activities, and disrupting them when they appear, is essential to shrinking the window of exposure for weaponized CVEs."

—Kevin E. Greene, Public Sector Chief Cybersecurity Technologist at BeyondTrust

"CVE counts have always been an incomplete picture. Identity misconfigurations, over-privileged machine accounts, AI agents with unconstrained access: these don't get CVEs, but they have the same critical consequences. Instead, we need to connect the data to how attacks actually happen. 'Thinking like an attacker' is the lens security leaders need to be operating though."

—Marc Maiffet, CTO at BeyondTrust

BeyondTrust Mitigates Traditional Vulnerabilities & Modern Identity-Based Risks

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

BeyondTrust can help you proactively mitigate Microsoft vulnerabilities and secure human and non-human identities across every domain. The BeyondTrust Pathfinder Platform cohesively unifies privilege-centric identity security capabilities to deliver a multilayered least privilege defense via a single console.

Our multicategory identity security leadership spans Privileged Access Management (PAM), Identity Threat Detection and Response (ITDR), Cloud Infrastructure Entitlement Management (CIEM), and Enterprise Secrets Management.

Resource Card MS vulns 2026
Research
2026 Microsoft Vulnerabilities Report
Share this Article
  • Link

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.