Major Tech Vendors Release Record Security Patches Fueled by AI Discovery Tools
Microsoft addressed 118 vulnerabilities this month, while partners like Apple and Mozilla reported massive surges in security fixes attributed to Anthropic’s Project Glasswing.
Primary source: Krebs on Security. Full source links and update notes are below.
Fast summary
Start here
- Microsoft fixed 118 vulnerabilities in May 2026, including 16 critical flaws, with no active zero-days reported for the first time in two years.
- Anthropic’s Project Glasswing AI is credited with helping vendors like Mozilla and Google identify hundreds of new bugs, leading to higher-than-average patch volumes.
- Major software makers including Apple and Oracle have increased their patch frequency and volume in response to the accelerated pace of vulnerability discovery.
What happened
Microsoft released its May 2026 Patch Tuesday updates, addressing at least 118 security vulnerabilities across its Windows operating systems and related products. Notably, this month marks the first time in nearly two years that Microsoft's monthly update does not include fixes for zero-day flaws already being exploited in the wild. Of the vulnerabilities addressed, 16 were classified as "critical," indicating they could be used to seize remote control over devices with minimal user interaction.
What's new in this update
A significant shift in this month's security cycle is the visible impact of "Project Glasswing," an AI capability developed by Anthropic. Designed to unearth security vulnerabilities in human-made code, the tool has been used by several tech giants to drastically increase their discovery rates. Mozilla's Firefox 150 recently resolved 271 vulnerabilities discovered during its evaluation of the AI, while Google Chrome's latest update addressed 127 flaws— a sharp increase from the 30 flaws reported the previous month.
Key details
Among the most concerning vulnerabilities addressed by Microsoft is CVE-2026-41089, a critical stack-based buffer overflow in Windows Netlogon that allows attackers to obtain SYSTEM privileges on a domain controller. Additionally, CVE-2026-41103 fixes a critical elevation of privilege flaw that could allow unauthorized actors to bypass Entra ID by impersonating existing users through forged credentials. Microsoft has indicated that exploitation of the latter is considered more likely.
Background and context
The surge in security fixes follows a near-record volume in April, where Microsoft addressed 167 flaws. The increased tempo is not limited to Microsoft; Apple recently shipped updates for 52 vulnerabilities, backporting fixes to devices as old as the iPhone 6s. Oracle has also responded to the changing security landscape by announcing a move from a quarterly update cycle to a monthly schedule for critical security issues.
What to watch next
As AI tools like Project Glasswing become standard in the security development lifecycle, the industry can expect a sustained increase in the volume of CVEs reported each month. Mozilla has already moved to a more aggressive weekly cadence for security updates, a trend other vendors may follow to prevent backlogs of unpatched flaws. Users are advised to maintain current backups before applying this month's unusually large updates.
Why it matters
The integration of AI into security auditing is drastically increasing the volume of discovered vulnerabilities, forcing major software vendors to adopt more aggressive and frequent patching schedules.
Read next
Follow this story through the topic hub, more security coverage, and the latest updates.
Weekly briefing
Get the week's key developments in one concise email.
Get a fast catch-up on the biggest stories, the context behind them, and the links worth your time.
Cadence
Weekly, for a quick catch-up
Coverage
AI, business, world, security, sports
Format
Clear takeaways and useful context
Request the briefing
Leave your email to open a prepared request and get on the list for the weekly briefing.
Author
See who assembled this story and follow more of their work.
Sources and methodology