Microsoft's notable Patch Tuesday: AI identified the issues.

Microsoft's notable Patch Tuesday: AI identified the issues.

      Microsoft has never released a larger security update. The July Patch Tuesday addressed a record number of vulnerabilities, with the company attributing the rising count to AI advancements.

      The numbers are significant. According to Microsoft, the update fixed 622 vulnerabilities, more than tripling the tally from June, which previously set a record. Krebs on Security, the first to report on this update, cited the figure at 570, with an additional 428 Chromium vulnerabilities in Edge.

      Three zero-day vulnerabilities, two of which are currently under attack, were identified. Of the total flaws, 58 are classified as critical. The three zero-days became public or were exploited prior to being patched. Two of these zero-days are actively being targeted.

      The first zero-day, CVE-2026-56155, allows attackers to elevate their privileges via Active Directory Federation Services, which manages network logins. The second, CVE-2026-56164, enables similar privileges through on-premises SharePoint. Neither vulnerability has a high severity rating, but they are still being exploited.

      CISA has added both to its list of known exploited vulnerabilities and urged federal agencies to apply patches within days. The third zero-day, a BitLocker bypass, requires physical access, making it a lower priority.

      Microsoft has been clear about the reasons behind this surge. In a blog post a week prior, Windows chief Pavan Davuluri cautioned customers to anticipate "a higher volume of security updates" due to AI facilitating quicker detection of bugs.

      AI tools are assisting in the discovery of these vulnerabilities. Microsoft’s scanner, MDASH, independently identified 16 of May’s flaws. Anthropic’s Mythos model has also been acknowledged for contributing to an increase in fixes across the sector. The monthly totals have escalated from 79 in March to 206 in June and now to 622.

      This pattern is part of a larger trend, as OpenAI recently demonstrated an in-house AI hacker that seeks out flaws in its own models.

      However, there's a downside. Post-patch, attackers can analyze the new code against the previous version, identify the vulnerabilities it addresses, and create exploits in a matter of hours. The previous practice of delaying patches by a week is becoming less common.

      Additionally, it complicates how teams prioritize issues. When a release includes 600 flaws, with many categorized as critical, the system loses its effectiveness in sorting them. This month's two exploited vulnerabilities illustrate this issue; they both have mid-tier rankings, yet are actively being targeted.

      Teams are already under pressure. Benchmarks designed to evaluate AI hacking abilities are consistently exceeded, and researchers are finding ways to manipulate coding assistants into unsafe practices.

      The rollout of the update hasn't gone smoothly. Microsoft has suspended the rollout for certain Dell devices with Intel processors due to reports of unexpected shutdowns, overheating, and battery drain, with a fix expected soon.

      For everyone else, the recommendation remains unchanged but is now more pressing: prioritize exploiting flaws over the total number, and implement patches more rapidly than before.

Other articles

Microsoft's notable Patch Tuesday: AI detected the issues. Microsoft's notable Patch Tuesday: AI detected the issues. Microsoft's July Patch Tuesday addressed an unprecedented 622 vulnerabilities, attributing the increase to AI-assisted detection. There were two zero-day exploits that were already being actively used. The UK abandons its proposal for VPN restrictions. The UK abandons its proposal for VPN restrictions. The UK has abandoned its plan to impose VPN restrictions following its own findings that children utilize VPNs primarily for privacy reasons rather than to circumvent age verification. The responsibility now lies with the platforms. This Game of the Year, exclusive to PS5, is now available on PC... in a way. This Game of the Year, exclusive to PS5, is now available on PC... in a way. Astro Bot has entered an initial boot phase via the experimental SharpEmu PS5 emulator, indicating encouraging advancements, even though it currently does not provide any form of playable gameplay. This stylish Chinese electric vehicle combines supercar aesthetics with three AI systems. This stylish Chinese electric vehicle combines supercar aesthetics with three AI systems. Xpeng’s internationally oriented L03 features three proprietary AI chips, seamless integration with Google Maps, two powertrain options, and ample towing and cargo capacity for reliable road trips. Apple's Back to School promotion for 2026 offers savings of up to $150 on a new Mac or iPad. Apple's Back to School promotion for 2026 offers savings of up to $150 on a new Mac or iPad. Apple's Back to School promotion for 2026 reintroduces gift cards valued at up to $150; however, the least expensive Mac and iPad models are not included in the offer. Vint Cerf aims to provide AI agents with a distinct identity. Vint Cerf aims to provide AI agents with a distinct identity. Vint Cerf, one of the pioneers of the internet, is participating in a project aimed at creating a lasting identity framework for AI agents, ensuring that the web can identify the individuals behind them.

Microsoft's notable Patch Tuesday: AI identified the issues.

Microsoft's Patch Tuesday in July addressed a record high of 622 vulnerabilities, attributing the increase to AI-driven detection. Two of these flaws had already been exploited in the wild.