Business

Microsoft Patches a Record 570 Security Flaws in July as AI Accelerates the Pace of Vulnerability Discovery

Published

on

Microsoft Patches a Record 570 Security Flaws in July as AI Accelerates the Pace of Vulnerability Discovery

Microsoft released software updates Tuesday to fix at least 570 security vulnerabilities across Windows and its other products, nearly tripling the number of flaws the company patched in last month’s already record-setting release, as the company points to artificial intelligence as a major driver behind the surging patch counts.

Nearly 60 of the vulnerabilities addressed in this month’s release earned a “critical” severity rating, meaning attackers could potentially exploit them to seize remote control of a Windows device with little or no action required from the user. Microsoft also patched three zero-day vulnerabilities as part of the release, including two flaws that were already being actively exploited before the fix became available.

Two of the zero-day vulnerabilities allow attackers to elevate their level of access on a compromised Windows system, joining roughly 250 other elevation-of-privilege flaws fixed this month. Among them are CVE-2026-56155, a bug affecting Active Directory Federation Services, and CVE-2026-56164, a vulnerability in Microsoft SharePoint. Separately, Microsoft addressed CVE-2026-50661, a security feature bypass affecting Windows BitLocker that could allow an attacker with physical access to a device to gain entry to encrypted data. Microsoft said that flaw had been publicly detailed but that the company was not aware of any active exploitation of it at the time of the patch’s release.

Advertisement

Microsoft has attributed the dramatic rise in disclosed vulnerabilities directly to artificial intelligence tools now being used to hunt for security flaws across its massive codebase. In a blog post published July 9, Microsoft Executive Vice President Pavan Davuluri wrote that users would begin noticing “a higher volume of security updates included in each security release” as AI-assisted discovery methods continue to mature. Davuluri explained that advances in AI are changing how quickly vulnerabilities can be found, allowing researchers to identify more issues across larger volumes of code than was previously possible using traditional manual review methods.

Among the vulnerabilities drawing particular attention from security researchers is CVE-2026-48561, a remote code execution flaw in Microsoft Copilot carrying a severity score of 9.6 out of a possible 10 on the Common Vulnerability Scoring System. Jack Bicer, director of vulnerability research at the cybersecurity firm Action1, flagged the bug as especially serious, noting that Microsoft has said an attacker could exploit it simply by hosting a malicious website capable of automatically sending crafted prompts to Copilot when a victim visits the site using Microsoft Edge on an Android device.

The same forces accelerating Microsoft’s ability to find and patch vulnerabilities are also making it easier for attackers to develop working exploits for known flaws more quickly. Microsoft has traditionally used an internal measure called the “exploitability index” to estimate how likely it is that a given vulnerability will be reliably exploited by attackers. But Satnam Narang, a senior staff research engineer at the cybersecurity firm Tenable, argued that Microsoft’s current approach to rating exploitability has not kept pace with how quickly AI tools can now generate working exploits. Narang pointed to this month’s SharePoint zero-day as an example, noting that Microsoft had initially rated it as “less likely” to be exploited, even though the flaw had already been added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities list by July 1.

Narang cited internal research from Anthropic’s red team as evidence of how quickly the landscape has shifted, noting that the company’s Mythos Preview model was able to independently produce proof-of-concept exploits for 13 of 14 known vulnerabilities that Microsoft had rated as unlikely to be exploited. “What this means is that our way of looking at Patch Tuesday has changed, because the exploitability index is centered around humans, not AI tools, and as these tools continue to improve, defense needs to improve alongside it,” Narang said.

Advertisement

Microsoft is not alone in scaling up its patch cadence in response to AI-assisted vulnerability discovery. Chris Goettl, a security researcher at the IT management firm Ivanti, noted that several other major software makers have similarly increased how frequently they release security fixes. Adobe announced this week that it is shifting to a twice-monthly security bulletin schedule, publishing updates on the second and fourth Tuesday of each month, and specifically cited AI as a factor accelerating its own patch cycles. Goettl added that Cisco, Mozilla and Oracle have also increased the frequency of their security updates recently, while Google’s cumulative patch releases in June 2026 alone totaled more than 900 individual security fixes.

Security professionals recommend that organizations and individual users back up their systems and data before applying large batches of operating system updates. Given the unusually high volume of patches included in this month’s release, some experts suggested users consider waiting a few days before installing the updates, since large patch releases can occasionally introduce system stability issues alongside the security fixes they deliver. That risk appears to have grown alongside the dramatic increase in patch volume seen in recent months, as Microsoft and other vendors race to keep pace with AI-accelerated vulnerability discovery on both the defensive and offensive sides of the security landscape.

The record patch count adds to a broader industry conversation about how artificial intelligence is reshaping both cybersecurity research and the software development practices that produce the underlying code in the first place. While AI tools have proven effective at surfacing previously undiscovered flaws in massive, decades-old codebases that would be impossible for any single researcher to fully review manually, the same technology is simultaneously lowering the barrier for attackers to weaponize newly disclosed vulnerabilities, a dynamic that security researchers say is forcing companies like Microsoft to rethink how they prioritize and communicate risk to their customers going forward.

Advertisement

You must be logged in to post a comment Login

Leave a Reply

Cancel reply

Trending

Exit mobile version