Microsoft’s May Patch Tuesday is a large one, even without a zero-day fire drill. The company patched 120 vulnerabilities across Windows and other Microsoft products, including 31 remote code execution flaws and 61 privilege escalation flaws. Microsoft did not list any of the vulnerabilities as actively exploited at the time of release, but IT teams should still treat the update as a priority. That matters because attackers often move quickly after patches land, using the fixes themselves as a map to build working exploits against unpatched systems. Details of May’s Patch Tuesday Microsoft released both security and feature updates for Windows 11 versions 24H2/25H2 (KB5089549) and 23H2 (KB5087420) , while eligible Windows 10 devices received only security updates. In general, Microsoft’s May cumulative updates include a mix of security patches, reliability improvements, and user-facing changes.…