Microsoft's notable Patch Tuesday: AI detected the issues.

Microsoft's notable Patch Tuesday: AI detected the issues.

      Microsoft has released its largest security update to date. The July Patch Tuesday addressed a historic number of vulnerabilities, and the company attributes the increase partly to the role of AI in identifying these issues.

      The magnitude of the update is notable. According to Microsoft, it addressed 622 vulnerabilities, a figure that significantly exceeds June's record of 206. Krebs on Security, the first to report on the update, estimates the number at 570. Additionally, there are another 428 Chromium vulnerabilities in Edge that are not included in this count.

      Among the vulnerabilities, three are zero-days, meaning they were made public or leveraged before solutions were available; two of those are currently being actively exploited. The first, CVE-2026-56155, allows attackers to elevate their privileges via Active Directory Federation Services, which is responsible for authenticating logins within a network. The second, CVE-2026-56164, provides similar capabilities through on-premises SharePoint. Despite not being rated as high severity, both are already under active attack.

      The critical takeaway is that the Cybersecurity and Infrastructure Security Agency (CISA) has added both to its known exploited vulnerabilities list and urged federal agencies to apply patches within days. The third zero-day, a BitLocker bypass, requires physical access, making its urgency somewhat lower.

      Microsoft has openly acknowledged AI's influence as a contributing factor to this increase. In a blog post the previous week, Windows chief Pavan Davuluri advised customers to anticipate “a higher volume of security updates” as AI accelerates the bug-finding process.

      AI tools are identifying many issues. Microsoft's own tool, MDASH, detected 16 vulnerabilities in May independently. The Mythos model from Anthropic has been recognized for significantly increasing fixes across various sectors. Monthly vulnerability counts have climbed from 79 in March to 206 in June and now to 622.

      This trend aligns with a broader pattern. OpenAI recently demonstrated an internal AI hacker designed to seek out flaws in its models.

      However, there’s a downside. Once a patch is released, attackers can examine the new code, identify the vulnerability that was addressed, and create an exploit in a matter of hours. The previous practice of delaying patches by a week is diminishing.

      This also complicates how teams prioritize vulnerabilities. When a release includes 600 flaws and numerous critical ones, the labeling becomes less effective. This month’s two exploited vulnerabilities illustrate this point; both are categorized as mid-tier, yet they are actively being taken advantage of.

      Teams are already operating under pressure. Metrics designed to evaluate AI's hacking abilities are becoming saturated, and researchers frequently manage to manipulate coding assistants into unsafe practices.

      The update process has encountered challenges. Microsoft halted the rollout for some Dell devices with Intel processors after receiving reports of abrupt shutdowns, overheating, and battery drainage. A resolution is expected soon.

      For everyone else, the guidance remains consistent but even more urgent: prioritize vulnerabilities based on what is being exploited rather than just the total count, and implement patches more swiftly than in the past.

Other articles

OpenAI created a small $230 keyboard that enables you to enhance an AI's capabilities. OpenAI created a small $230 keyboard that enables you to enhance an AI's capabilities. OpenAI and Work Louder have created a $230 mini keyboard that offers Codex users physical shortcuts, lights indicating live agent status, and a dial for modifying the AI's processing intensity. The UK abandons its proposal to impose restrictions on VPNs. The UK abandons its proposal to impose restrictions on VPNs. The UK has abandoned its plan to impose VPN restrictions after discovering through its own research that children utilize VPNs primarily for privacy reasons, rather than to evade age verification. Responsibility now falls on the platforms. The UK abandons its plan to impose restrictions on VPNs. The UK abandons its plan to impose restrictions on VPNs. The UK has abandoned its plan to impose restrictions on VPNs after its research revealed that children use VPNs primarily for privacy reasons rather than to bypass age verification. The responsibility now falls on the platforms. Competing against AI may boost your confidence when playing with actual teammates. Competing against AI may boost your confidence when playing with actual teammates. According to recent research, AI opponents in gaming have enhanced player confidence, raised playtime by 50 percent, and promoted more collaboration among friends. Google Play will be accessible to third-party app stores starting on July 22. Google Play will be accessible to third-party app stores starting on July 22. Starting July 22, Google will include third-party app stores within Google Play in the US, following the decision by Google and Epic to abandon their efforts to modify the court order. This Game of the Year, exclusive to PS5, is now available on PC... in a way. This Game of the Year, exclusive to PS5, is now available on PC... in a way. Astro Bot has entered an initial boot phase via the experimental SharpEmu PS5 emulator, indicating encouraging advancements, even though it currently does not provide any form of playable gameplay.

Microsoft's notable Patch Tuesday: AI detected the issues.

Microsoft's July Patch Tuesday addressed an unprecedented 622 vulnerabilities, attributing the increase to AI-assisted detection. There were two zero-day exploits that were already being actively used.