Updated
Updated · CyberScoop · Jul 14
Microsoft Patches Record 622 Flaws as AI Tools Put 2026 on Pace for 2,000-Plus CVEs
Updated
Updated · CyberScoop · Jul 14

Microsoft Patches Record 622 Flaws as AI Tools Put 2026 on Pace for 2,000-Plus CVEs

3 articles · Updated · CyberScoop · Jul 14

Summary

  • 622 vulnerabilities were fixed in Microsoft’s July Patch Tuesday release, far above June’s then-record 206 and spanning Windows, Office, Edge and other products.
  • Microsoft said its MDASH AI scanning system is uncovering and helping patch defects faster and at greater scale, driving a surge that researchers say reflects better bug-finding rather than uniformly higher risk.
  • Two actively exploited zero-days were among the fixes: CVE-2026-56155 in Active Directory Federation Services and CVE-2026-56164 in SharePoint Server, both privilege-escalation flaws.
  • 416 Windows flaws, 82 Office flaws and 46 Edge flaws were patched, with 63 vulnerabilities rated critical—more than 1 in 10 of the total.
  • Researchers said Microsoft’s 2026 CVE count has already surpassed prior years at this point and could top the 2020 annual record of 1,245, potentially exceeding 2,000 or even 3,000 this year.

Insights

Microsoft's AI finds more security flaws than ever. Is this making Windows safer, or just revealing how vulnerable it has always been?
With indefinite update pauses now possible, are we trading user control for a future of widespread, preventable cyberattacks?
Windows' new 'time machine' saves your entire PC, but with only a 72-hour memory, can it truly save you from disaster?