Loading article…
Microsoft’s July Patch Tuesday patches a record 570 vulnerabilities, with three zero‑days (two actively exploited) targeting AD FS and SharePoint – see why the
Microsoft rolled out a July Patch Tuesday that patched a record‑breaking 570 CVEs, including three zero‑day flaws of which two have already been seen in the wild [1]. The sheer volume and the active exploitation of identity‑related bugs raise the urgency for enterprises to accelerate their patching cadence.
| At a glance | |
|---|---|
| Patch count | 570 CVEs |
| Zero‑days | 3 (2 exploited) |
| Affected products | Windows 10, Windows 11, Active Directory, SharePoint, BitLocker |
| Critical rating | 59 CVEs rated critical |
Microsoft’s July update eclipses its previous monthly record of 569 CVEs reported in June [2]. Tenable’s Satnam Narang attributes the surge to “the latest AI models” that can discover flaws faster than before, suggesting the volume of patches could keep rising, potentially exceeding 3,000 CVEs for the year [2]. The three zero‑days—CVE‑2026‑56155 (Active Directory Federation Services elevation‑of‑privilege), CVE‑2026‑56164 (SharePoint Server elevation‑of‑privilege), and CVE‑2026‑50661 (BitLocker security‑feature bypass)—were highlighted as the most pressing, with the first two already exploited in the wild [2][3].
The exploited vulnerabilities focus on identity and collaboration platforms that sit at the core of enterprise trust. Active Directory Federation Services and SharePoint serve as primary access control points; their compromise can enable attackers to elevate privileges or move laterally across networks [2][3]. Security leaders, such as AJ Grotto, warn that the concentration of risk around these systems is the biggest concern, not merely the headline number of flaws [2]. Moreover, 26 of the patched CVEs carry a CVSS base score above 9.0, with 13 scoring 9.8, underscoring the high severity of many of the fixes [2].
The unprecedented patch volume signals a shift in the vulnerability‑management landscape. As AI lowers the cost of finding bugs, organizations must treat patching as a fixed operating expense rather than an occasional surprise, according to Bugcrowd’s Trey Ford [3]. This change pressures IT teams to build scalable processes that can handle a rising baseline of monthly updates. Vendors may also feel compelled to enhance their own AI‑driven security tooling to keep pace with Microsoft’s accelerated discovery rate.
The July release demonstrates that AI‑enhanced vulnerability discovery is reshaping the security update cadence, turning what was once an occasional surge into a new baseline that enterprises must accommodate.
Coverage is mostly measured — 109 of 109 reports stay neutral.
Every Monday — the token unlocks, Fed dates & catalysts set to move crypto and markets this week. So you’re never blindsided.
Free · 3-min read · one-click unsubscribe
AI-assisted synthesis by the TrendWatcher Editorial Desk · sourced from 3 outlets · Jul 15, 2026 · How we report
Internal emails indicated fear that OpenAI might shift to competitors like Amazon and a desire to keep Azure as the preferred platform, prompting a $10 billion investment.
It fixed a record 570 Windows bugs, including three zero‑day flaws, two of which had already been exploited in the wild.
Microsoft attributes the increased number of discovered vulnerabilities to AI tools that can scan code faster than human researchers, using systems like the MDASH multi‑model scanning harness.
A user reported that Microsoft permanently suspended a 25‑year‑old account after a hack, deleting associated data despite acknowledging ownership.
Analysts note that while AI accelerates vulnerability discovery, existing risk rating systems may lag behind AI‑assisted exploit capabilities.