Particle.news

Microsoft Ships Record 622 Patches and Flags Two Zero‑Day Exploits

The flood of fixes reflects faster AI-aided vulnerability discovery and will force organizations to change how they prioritize and deploy updates

Overview

  • Microsoft released its largest Patch Tuesday on Tuesday, listing 622 unique CVEs in its Security Update Guide and covering Windows, Office, Edge, Azure, SharePoint, AD FS and other products.
  • Two flaws were disclosed as actively exploited zero‑days: CVE-2026-56155 in Active Directory Federation Services and CVE-2026-56164 in SharePoint Server, and a BitLocker bypass (CVE-2026-50661) was publicly detailed before the update.
  • Microsoft says AI-assisted tooling, including its MDASH multi-model scanning system, helped find many of the new bugs and warned customers last week to expect higher monthly patch volumes.
  • The release includes many high‑severity remote code execution and privilege‑escalation bugs — Windows received about 416 fixes and Office dozens more — and raises short‑term risks of outages from mass patching such as Kerberos RC4 hardening issues.
  • Security vendors and analysts are urging defenders to prioritize actively exploited and KEV/EPSS‑flagged bugs, deploy detection rules and mitigations, and adapt triage processes because AI-driven discovery could push 2026 totals far above prior years.