- Microsoft’s July 2026 Patch Tuesday mounted a file 622 vulnerabilities, together with 58 crucial, two exploited within the wild, and one publicly disclosed, plus 428 Chromium bugs
- Actively abused flaws embrace CVE‑2026‑56155 (AD FS privilege escalation) and CVE‑2026‑56164 (SharePoint privilege escalation), alongside notable points in BitLocker and Copilot
- Surge in fixes is linked to Microsoft’s use of Anthropic’s Mythos AI, with patch volumes rising sharply since its adoption
Microsoft has launched its July 2026 Patch Tuesday obtain, marking one other record-breaking replace, addressing a whole bunch of flaws throughout the ecosystem.
The discharge, which is presently rolling out to Microsoft customers, fixes a staggering 622 vulnerabilities, together with 58 critical-severity ones, two that had been noticed as being abused within the wild, and one which has already been publicly disclosed.
On high of that, Microsoft shipped fixes for one more 428 Chromium bugs, as effectively.
A bounce in numbers
There are just too many vulnerabilities to say all of them, nevertheless two which can be being exploited within the wild are CVE-2026-56155 and CVE-2026-56164. The previous is described as an “Inadequate granularity of entry management in Lively Listing Federation Companies (AD FS)” bug, which permits a certified attacker to raise privileges regionally. It carries a severity rating of seven.8/10 (excessive).
The latter is a “Lacking authentication for crucial operate in Microsoft Workplace SharePoint” bug that enables an unauthorized attacker to raise privileges over a community. Microsoft assigned it a medium severity rating (5.3/10), however the Nationwide Vulnerability Database gave it a 9.8/10 (crucial).
Different notable mentions embrace CVE-2026-50661, a safety mechanism failure in Home windows BitLocker that enables unauthorized attackers to bypass a safety characteristic with a bodily assault, and CVE-2026-48561, an improper neutralization of particular parts utilized in a command in Microsoft Copilot, that enables an unauthorized attacker to execute code over a community.
Should you assume fixing 622 vulnerabilities in a month is rather a lot, you’re completely proper. It’s effectively above what Microsoft is used to do, and that is most certainly because of the firm now utilizing the fabled Mythos – Anthropic’s cybersecurity-oriented AI.
In June 2026, roughly a month and a half after the discharge of Mythos, Microsoft mounted 206 flaws, which raised eyebrows as a result of it was considerably above the corporate’s standard quantity of bugs mounted.
In Might it mounted 120 flaws, in April 167, and in March – 79.

The perfect antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our knowledgeable information, evaluations, and opinion in your feeds.
Source link

