Particle.news

Microsoft Issues Record Patch Tuesday With More Than 600 Fixes

AI-driven scanning sharply raised the monthly bug count, creating urgent remediation pressure for defenders.

Overview

  • On Tuesday, July 14, Microsoft published its largest single-month security update, reporting roughly 622 fixes while independent trackers counted between about 570 and 621 depending on how Chromium and duplicate listings were handled.
  • Two vulnerabilities are confirmed as exploited in the wild: CVE-2026-56155 in Active Directory Federation Services and CVE-2026-56164 in on-premises SharePoint Server, both now listed in CISA’s Known Exploited Vulnerabilities catalog with immediate hardening guidance.
  • A separate BitLocker protection-bypass (CVE-2026-50661) was publicly disclosed before patches and can be used by an attacker with physical access to a device, so organizations with at-risk laptops and portable systems should prioritize those updates.
  • Microsoft attributes the surge to AI-assisted discovery using its MDASH multi-model scanning harness and third-party models, a change that speeds finding flaws but also shortens the window defenders have to test and deploy fixes.
  • Security teams and vendors are urging a shift from CVSS-only triage to risk-based workflows that use KEV and EPSS flags, urgent audits of Kerberos/RC4 settings, staged testing with backups, and network hardening while organizations scale sustained patch operations.