Microsoft July 2026 Patchday closes record 570‑622 security vulnerabilities
In July 2026 Microsoft released an unprecedented number of security updates, fixing between 570 and 622 vulnerabilities in a single Patch Tuesday. The company attributes the surge to artificial‑intelligence‑assisted discovery, which uncovered many flaws across Windows, Office, Azure, SharePoint, Exchange and other products. At least 59 of the fixes are rated critical, and three zero‑day flaws were addressed, two of which are already being exploited in the wild – one affecting Active Directory Federation Services and another in SharePoint. The update also introduced new recovery tools for Windows 11, allowing point‑in‑time system rollbacks from recent snapshots.
The sheer volume creates a logistical challenge for IT administrators, who are urged to deploy the patches within days. Shortly after the release, security researcher “Nightmare Eclipse” disclosed a new zero‑day exploit named LegacyHive targeting the Windows User Profile Service, which can grant local users administrative rights even on patched systems. Microsoft is investigating the report and has not yet issued a fix. The combined events highlight the growing pressure on organizations to maintain rapid patch cycles in an environment where both attackers and defenders leverage AI.
Organizations are advised to prioritize the critical fixes, monitor for signs of exploitation, and employ automated update mechanisms where possible to mitigate the heightened risk.