Overview
- Microsoft published the July Patch Tuesday on Tuesday, July 14, issuing fixes for 622 tracked CVEs and confirming two zero‑day vulnerabilities being exploited in the wild: CVE-2026-56155 in Active Directory Federation Services and CVE-2026-56164 in SharePoint Server.
- The update covers a wide product set — Windows received 416 fixes and Office hundreds more — and includes dozens of critical remote code execution and elevation‑of‑privilege flaws across RDP, DHCP, Hyper‑V, Copilot, Exchange, SharePoint and several cloud services.
- Microsoft and multiple security vendors have updated guidance to urge much faster patching, recommending rollout windows under three days and immediate prioritization of bugs Microsoft or CISA mark as exploited.
- Microsoft says its MDASH multi‑model agentic scanning and other AI tools accelerated the surge in discoveries, and experts warn the same automation shortens attackers’ time to create exploits, reducing the reliability of CVSS as the sole triage metric.
- Counting and lifecycle issues complicate response: independent trackers report slightly different totals, some fixes affect products that just reached end of extended support (notably SharePoint Server 2016/2019), and administrators must weigh patching, mitigations and migration for unsupported systems.