Microsoft Fixes Record 570 Security Flaws

Microsoft Fixes Record 570 Security Flaws in Biggest Patch Tuesday Ever

Microsoft Fixes Record 570 Security Flaws in Biggest Patch Tuesday Ever

Microsoft released fixes for a record 570 security vulnerabilities in its largest Patch Tuesday update ever. Image: CROCOTHERY/Adobe Stock

Microsoft fixed a record 570 security flaws in July 2026 Patch Tuesday, including three zero-days and two exploited bugs.

Jul 15, 2026

The bug apocalypse has officially descended upon Redmond.

Microsoft’s July 2026 Patch Tuesday fixes a record 570 security vulnerabilities, including three zero-day flaws, two of which were already being exploited before patches became available.

The update addresses 59 critical vulnerabilities, with remote code execution (RCE) flaws accounting for the majority of the highest-risk issues. Microsoft also fixed hundreds of elevation of privilege, information disclosure, denial-of-service, spoofing, and security bypass vulnerabilities affecting Windows and other products.

The release continues a sharp upward trend in vulnerability disclosures. Windows Latest noted that Microsoft has patched 1,308 vulnerabilities during the first seven months of 2026, almost double the same period last year, after Microsoft expanded its use of AI-assisted vulnerability discovery..

Two exploited zero-days demand immediate attention

The most urgent fixes cover two vulnerabilities Microsoft confirmed were under active attack.

The first, CVE-2026-56155, affects Active Directory Federation Services (AD FS) and allows an authenticated attacker to elevate privileges to administrator level.

The second, CVE-2026-56164, impacts Microsoft SharePoint Server, where missing authentication for a critical function enables an attacker to elevate privileges remotely. Microsoft recommends enabling the Antimalware Scan Interface (AMSI) and configuring Request Body Scan mode to Full as a mitigation measure.

Microsoft also patched CVE-2026-50661, a publicly disclosed BitLocker security feature bypass that could allow someone with physical access to a device to access encrypted data.

Alongside the zero-days, the July release includes numerous critical remote code execution vulnerabilities affecting Windows, SharePoint, Exchange Server, Dynamics, Microsoft Defender, Media Foundation, and other enterprise technologies.

Experts urge organizations to move quickly

Security researchers say the scale of this month’s release leaves little room for delay.

“To call this record-breaking is a massive understatement — this is the ‘Mother of All Releases’. The bug apocalypse has fully descended upon us, with July’s numbers pushing the year-to-date CVE count past every single full-year total of the last 20 years,” Dustin Childs, Head of Threat Awareness at Zero Day Initiative, told TechRepublic in a statement.

“Security teams need to take an extended break from their regularly scheduled activities to eat this elephant one byte at a time, starting immediately with active exploits in AD FS and SharePoint.”

Jack Bicer, Director of Vulnerability Research at Action1, warned that defenders are now facing a different challenge. “For defenders, this means the challenge is no longer just keeping up with attackers, but also keeping pace with an accelerating stream of security fixes. With three zero-days already being exploited in the wild, this month’s updates should be treated as a high priority,” Bicer told TechRepublic.

Amol Sarwate, Head of Security Research and REDLab at Cohesity, said the concentration of critical flaws reflects a broader shift. “The concentration of high-impact RCEs across the entire install base in a single release reflects the AI-assisted vulnerability discovery trend Microsoft has acknowledged and highlights the limitations of the CVSS-plus-severity triage model that many defenders still rely on,” Sarwate said in a comment to TechRepublic.

Advertisement

More Microsoft news

AI is changing both offense and defense

Microsoft recently acknowledged that attackers are increasingly using AI to discover vulnerabilities faster, while the company is deploying its own AI-powered system (MDASH) to identify flaws before they can be exploited.

The company has already warned organizations to shorten Windows update deferral periods, arguing that the window between vulnerability disclosure and exploitation is shrinking significantly.

For Windows 11 users, July’s update also introduces several non-security improvements, including Secure Boot enhancements, an updated curl utility, Remote Desktop security improvements, and fixes for Office compatibility and networking issues.

The bigger picture

This Patch Tuesday marks more than a record-breaking release. It signals that security teams may need to rethink patch management strategies as AI appears to be increasing both the speed of vulnerability discovery and the volume of fixes vendors release.

For businesses, delaying updates now carries greater operational risk, especially for organizations running internet-facing services such as SharePoint, AD FS, Exchange, or Dynamics. While larger monthly updates can increase testing workloads and the risk of compatibility issues, this release suggests rapid deployment is becoming just as important as careful validation in modern enterprise security.

Also read: Windows 11 updates should now be installed within three days, Microsoft says, as AI-assisted attacks shrink the time between disclosure and exploitation.

Aminu Abdullahi

Aminu Abdullahi is a B2C and B2B technology and finance writer with more than six years of experience covering enterprise IT, cybersecurity, cloud computing, artificial intelligence, fintech, business software, and emerging technologies. He has written for a wide range of technical and business audiences, from IT professionals and cybersecurity leaders to small business owners, executives, and technology buyers. His work has appeared in publications including: TechRepublic eWEEK Channel Insider Geekflare Enterprise Networking Planet eSecurity Planet CIO Insight Webopedia With a background in computer science, Aminu specializes in translating complex technical subjects into clear, practical, and accessible content. His writing helps readers understand emerging technologies, evaluate business software, strengthen cybersecurity strategies, and make more informed decisions about technology investments. Across his work, Aminu focuses on the real-world impact of technology, connecting technical innovation with business value, operational efficiency, security, and long-term digital transformation.