Critical Microsoft Vulnerabilities Double; Privilege Risk
🔍 The BeyondTrust 2026 Microsoft Vulnerabilities Report shows Microsoft disclosed 1,273 vulnerabilities in 2025, while critical flaws doubled from 78 to 157 year‑over‑year. The data highlights a concentration in Elevation of Privilege (40% of CVEs) and a 73% increase in Information Disclosure, signaling attacker focus on stealth and reconnaissance. Cloud and Office-critical bugs spiked, expanding potential blast radii beyond mere data leaks. Authors recommend prioritizing privilege reduction, identity visibility, and contextual remediation over patching alone.
