Two hundred and six. That is the number of security vulnerabilities Microsoft patched this month—a record so large that even security researchers initially disagreed on the count. Some reported 198, but the discrepancy stemmed from a debate over which bugs qualified. Regardless, the previous record was shattered by a significant margin.
Three Zero-Days Patched
Among the 206 flaws, three were zero-days, meaning their details were publicly known before Microsoft released fixes. One zero-day could grant an attacker full system privileges. Another could take down a server over HTTP. The third—arguably the most concerning—allows someone with physical access to a laptop to extract data from a BitLocker-encrypted drive, undermining the encryption's core promise.
AI Driving Larger Patch Tuesdays
The rising patch counts are not due to Windows becoming less secure, but because AI is increasingly effective at finding bugs. Microsoft uses AI-assisted tools to scan its own code, as do independent researchers—and presumably malicious actors. Mozilla patched 271 Firefox flaws in April. Security firm Action1 noted that AI is surfacing vulnerabilities faster than ever before, ensuring Patch Tuesday will continue to grow.
Start Menu Speed Boost Coming in 2026
Amid the security news, a long-awaited feature for Windows users is on the horizon. Low Latency Profile—a deceptively mundane name for a practical improvement—makes the CPU spike to maximum speed the moment a user clicks the Start menu, Action Center, or launches an app, then immediately dials back. While it sounds like a workaround, it is effective. The update also includes shared audio, multi-app webcam support, and a two-character search trigger, offering more than just security fixes.
