“The other common thread across these vulnerabilities is that a target doesn’t need to even open the document to trigger the exploit. Exploitation is possible just by viewing a malicious document in the Preview Pane. Therefore, patching is the most reliable way to protect against flaws like these,” Narang added.Two other high-severity Word weaknesses were also resolved this month, but they are less likely or unlikely to be exploited, Microsoft says. More than two dozen vulnerabilities were resolved in the Office suite.On Tuesday, Microsoft also rolled out fixes for critical-severity bugs in Dynamics 365 (on-premises), Azure Logic Apps, Windows DNS, Windows Netlogon, Windows Hyper-V, and Azure SDK.The security updates also address high-severity flaws in Copilot, .NET, Azure services, Windows kernel and kernel mode drivers, Win32K, LDAP, SQL Server, Edge, Visual Studio Code, and various Windows components and services.Adobe on Tuesday releasedpatches for 52 vulnerabilitiesacross 10 products, including a couple of critical-severity code execution flaws.Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Two other high-severity Word weaknesses were also resolved this month, but they are less likely or unlikely to be exploited, Microsoft says. More than two dozen vulnerabilities were resolved in the Office suite.On Tuesday, Microsoft also rolled out fixes for critical-severity bugs in Dynamics 365 (on-premises), Azure Logic Apps, Windows DNS, Windows Netlogon, Windows Hyper-V, and Azure SDK.The security updates also address high-severity flaws in Copilot, .NET, Azure services, Windows kernel and kernel mode drivers, Win32K, LDAP, SQL Server, Edge, Visual Studio Code, and various Windows components and services.Adobe on Tuesday releasedpatches for 52 vulnerabilitiesacross 10 products, including a couple of critical-severity code execution flaws.Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
On Tuesday, Microsoft also rolled out fixes for critical-severity bugs in Dynamics 365 (on-premises), Azure Logic Apps, Windows DNS, Windows Netlogon, Windows Hyper-V, and Azure SDK.The security updates also address high-severity flaws in Copilot, .NET, Azure services, Windows kernel and kernel mode drivers, Win32K, LDAP, SQL Server, Edge, Visual Studio Code, and various Windows components and services.Adobe on Tuesday releasedpatches for 52 vulnerabilitiesacross 10 products, including a couple of critical-severity code execution flaws.Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
The security updates also address high-severity flaws in Copilot, .NET, Azure services, Windows kernel and kernel mode drivers, Win32K, LDAP, SQL Server, Edge, Visual Studio Code, and various Windows components and services.Adobe on Tuesday releasedpatches for 52 vulnerabilitiesacross 10 products, including a couple of critical-severity code execution flaws.Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Adobe on Tuesday releasedpatches for 52 vulnerabilitiesacross 10 products, including a couple of critical-severity code execution flaws.Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Related:SAP Patches Critical S/4HANA, Commerce VulnerabilitiesRelated:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Related:Cisco Patches High-Severity Vulnerabilities in Enterprise ProductsRelated:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Related:Oracle Patches 450 Vulnerabilities With April 2026 CPURelated:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Related:Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Ionut Arghire is an international correspondent for SecurityWeek.
Source: SecurityWeek
