Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are. Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to Office to SQL Server, developer tools to browsers.

The practice, which happens on the second Tuesday of the month, was initiated to streamline the patch distribution process and make it easier for users and IT system administrators to manage updates. Like tacos, Patch Tuesday is here to stay.

In a blog post celebrating the 20th anniversary of Patch Tuesday, the Microsoft Security Response Center wrote: “The concept of Patch Tuesday was conceived and implemented in 2003. Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner.”

Patch Tuesday will continue to be an “important part of our strategy to keep users secure,” Microsoft said, adding that it’s now an important part of the cybersecurity industry. As a case in point, Adobe, among others, follows a similar patch cadence.

Patch Tuesday coverage has also long been a staple of Computerworld’s commitment to provide critical information to the IT industry. That’s why we’ve gathered together this collection of recent patches, a rolling list we’ll keep updated each month.

In case you missed a recent Patch Tuesday announcement, here are the latest six months of updates.

Ho ho ho! December’s Patch Tuesday delivers three zero-days

The December Patch Tuesday update addresses three zero-days (CVE-2025-64671, CVE-2025-54100, and CVE-2025-62221) but includes surprisingly few total patches (just 57). Notably, Microsoft has not published any critical updates for the Windows platform this month. That said, given the zero-days, we recommend a “Patch Now” release schedule for Windows and Microsoft Office. More info on Microsoft Security updates for December 2025.

Be thankful: November’s Patch Tuesday has just one zero-day

This November Patch Tuesday release offers a much reduced set of updates, with just 63 Microsoft patches and (only) one zero-day (CVE-2025-62215) affecting the Windows desktop platform. Windows desktops this month require a “Patch Now” plan, and while the severity of these security vulnerabilities is less than it was in October, the testing requirements are still extensive. More info on Microsoft Security updates for November 2025.

For October’s Patch Tuesday, a scary number of fixes

Microsoft this week released 175 updates affecting Windows and Office and .NET, including server-based updates for Microsoft SQL Server and Exchange server. There are also four zero-day fixes (CVE-2025-24052, CVE-2025-24990, CVE-2025-2884 and CVE-2025-59230), leading to a “Patch Now” recommendation for Windows.

General support for Windows 10 ended Oct. 14, with Microsoft advising: “At this point technical assistance, feature updates and security updates are no longer provided. If you have devices running Windows 10, we recommend upgrading them to Windows 11.” More info on Microsoft Security updates for October 2025.

For September, Patch Tuesday means fixes for Windows, Office and SQL Server

Microsoft released 86 patches this week with updates for Office, Windows, and SQL Server. But there were no zero-days, so there’s no “patch now” recommendation from the Readiness team this month. This is an incredible sign of success for the Microsoft update group. To reinforce this fact, we have patches for Microsoft’s browser platform that have (perhaps for the first time) been rated at a much lower “moderate” security rating (as opposed to critical or important). More info on Microsoft Security updates for September 2025.

For August, a ‘complex’ Patch Tuesday with 111 updates

Microsoft’s August Patch Tuesday release offers a rather complex set of updates, with 111 fixes affecting Windows, Office, SQL Server and Exchange Server — and several “Patch Now” recommendations.

Publicly disclosed vulnerabilities in Windows Kerberos (CVE-2025-53779) and Microsoft SQL Server (CVE-2025-49719) require immediate attention. In addition, a CISA directive about a severe Microsoft Exchange vulnerability (CVE-2025-53786) also requires immediate attention for government systems. And Office is on the “Patch Now” update calendar due to a “preview pane” vulnerability (CVE-2025-53740). More info on Microsoft Security updates for August 2025.

For July, a ‘big, broad’ Patch Tuesday release

With 133 patches in its Patch Tuesday update this month, Microsoft delivered a big, broad and important release that requires a Patch Now plan for Windows, Microsoft Office and SQL Server. A zero-day (CVE-2025-49719) in SQL Server requires urgent action, as do Git extensions to Microsoft Visual Studio. More info on Microsoft Security updates for July 2025.

June Patch Tuesday: 68 fixes — and two zero-day flaws

Microsoft offered up a fairly light Patch Tuesday release for June, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. But two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) mean IT admins need to get busy with quick patching plans. More info on Microsoft Security updates for June 2025.