• 2 min read
Microsoft ships 622 fixes as AI drives bug surge
Microsoft’s July Patch Tuesday fixed 622 vulnerabilities, including two actively exploited zero-days. The company says AI is helping uncover bugs faster.

Image: TNW
Microsoft has released its biggest Patch Tuesday security update yet, fixing 622 vulnerabilities in July as the company says AI is accelerating bug discovery.
By Microsoft’s count, the update more than tripled June’s total, which had also been a record. Krebs on Security, which first reported the release, put the number at 570. On top of that, Microsoft addressed another 428 Chromium bugs in Edge.
Of the July flaws, 58 are rated critical. Three are zero-days — vulnerabilities that were public or exploited before a patch was available — and two are already being used in attacks.

Recommended reading
AI won’t replace penetration testers just yet
The first, CVE-2026-56155, allows privilege escalation through Active Directory Federation Services, which handles network login signing. The second, CVE-2026-56164, does the same through on-premises SharePoint. Neither has an especially high severity score, but both are under active exploitation. CISA has added the pair to its known-exploited vulnerabilities list and ordered federal agencies to patch them within days. The third zero-day is a BitLocker bypass that requires physical access, making it less urgent.
AI and the growing patch load
Microsoft has directly linked the rising number of fixes to AI-assisted security work. In a blog post published a week earlier, Windows chief Pavan Davuluri said customers should expect “a higher volume of security updates” as AI helps find more bugs, faster.
Microsoft said its own MDASH scanner found 16 of May’s flaws on its own. The article also points to Anthropic’s Mythos model, which has been credited with driving more fixes across the industry. The monthly total has climbed from 79 in March to 206 in June and now 622.
That speed cuts both ways. Once patches are released, attackers can compare updated code with the old version, identify what changed, and build an exploit within hours. That is also making traditional triage harder: when a release includes hundreds of vulnerabilities and dozens marked critical, severity labels become less useful. This month’s two exploited bugs, both only mid-tier by score, underline that problem.
The rollout has also hit a snag. Microsoft paused the update for some Dell devices with Intel chips after reports of sudden shutdowns, overheating, and battery drain. A fix is expected within days. For everyone else, the message is straightforward: prioritize what is already being exploited, and patch faster than before.
Security Editor
Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.
via TNW


