< Back to all clusters

On July 15, 2026 Microsoft released its monthly Patch Tuesday update, fixing a record number of vulnerabilities. The Windows‑only count reached 570 flaws, while the total across all Microsoft products—including 427 Chromium‑related issues for Edge—stood at 622. The update contains three zero‑day vulnerabilities: two that were already being exploited in the wild (an elevation‑of‑privilege flaw in Active Directory Federation Services and another in SharePoint Server) and a publicly disclosed BitLocker security‑feature bypass.

Microsoft attributes the surge in discovered bugs to its expanding use of AI‑assisted scanning, which has accelerated identification of weaknesses across the codebase. Security researchers highlighted the scale, with Trend Micro’s Zero Day Initiative calling it “the Mother of All Releases.” Critical categories include 254 privilege‑escalation bugs, 145 remote‑code‑execution flaws, 102 information‑disclosure issues, 35 denial‑of‑service bugs, 17 security‑feature bypasses and 16 spoofing defects; 59 of the fixes are rated critical.

Enterprises are urged to deploy the patches promptly, especially for the two actively exploited zero‑days, to protect authentication services and on‑premises SharePoint installations. The update also adds new Windows‑11 features such as Point‑in‑Time Restore and UI refinements, but the primary focus is on mitigating the heightened security risk introduced by the unprecedented volume of vulnerabilities.

Sources

about 3 hours ago
about 10 hours ago
about 13 hours ago
about 13 hours ago