Microsoft's urgent Window 11 patch fixes 30 'critical' bugs — update your PC now

Now is the perfect time to update your laptop or desktop PC as Microsoft has released its May Patch Tuesday updates which contain fixes for 30 flaws rated as important or critical severity.

In total, the latest security patch applies fixes to 138 bugs including many that made network privileges vulnerable. Fortunately, none of the bugs are listed as publicly known or under active attack.

The patch was released at the same time as one from Google that addressed 127 security flaws in Chromium, which undergirds the Microsoft Edge browser.

Latest Videos From

Many of the flaws appear to be related to Azure and more business-focused Microsoft products. However, one of the more severe bugs impacts Windows DNS via a heap-based buffer overflow flaw that would let a malicious actor execute code over a network.

"An attacker could exploit this vulnerability by sending a specially crafted DNS response to a vulnerable Windows system, causing the DNS Client to incorrectly process the response and corrupt memory," Microsoft said in its patch notes. "In certain configurations, this could allow the attacker to run code remotely on the affected system without authentication."

Hundreds of flaws fixed this year

Since January, when the first patch Tuesday of 2026 fixed 114 flaws, Microsoft has apparently fixed more than 500 CVE bugs already this year.

According to Hacker News, this can be attributed to a greater focus by Microsoft on vulnerability discovery, some of which is heavily assisted by AI-based flagging. Microsoft claimed as much in a recent Microsoft Security Response Center report released this week.

"Microsoft engineers and the wider security community alike are increasingly using AI to examine software more carefully and more often than was practical even a few years ago," Tom Gallagher said in the report.

How to stay safe with Patch Tuesday

First and foremost, update your Windows laptop or desktop with the latest system update or patches. You also want to make sure that Windows Defender is enabled so that it can scan your system for dangerous malware.

Of course, we always recommend using one of the best antivirus software packages for extra protection.

In the MSRC report, Gallagher recommends practicing good cyber hygiene, which we wholeheartedly agree with. This includes enabling multi-factor authentication, creating strong passwords, and using one of the best password managers

As always, and in general, don't click links or attachments from unknown senders, as they could contain malware or send you to phishing sites designed to steal your personal information.

By practicing good cyber hygiene and regularly updating your computer, you should be safe from most attacks.

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Subscribe to Tom's Guide on YouTube and follow us on TikTok. Finally, you can visit our dedicated Tom's Guide Savings Squad hub for expert help on getting the best products for less.

More from Tom's Guide

• Is your personal information public? The simple step to securing your privacy online
• Android alert: 7 million users downloaded ‘stalking’ apps that were actually scams
• What is AgeGO, and is it safe to use?