Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Microsoft’s July 2026 Patch Tuesday delivers security updates for a record 570 flaws, including three zero-days, two of which were actively exploited in attacks. The fixes span major products such as Active Directory Federation Services, SharePoint Server, BitLocker, Exchange Server, Office, Windows, and Microsoft Defender, with broad coverage across elevation of privilege, remote code execution, information disclosure, and other bug classes. #CVE-2026-56155 #CVE-2026-56164 #CVE-2026-50661 #ActiveDirectoryFederationServices #SharePointServer #BitLocker #MicrosoftDefender

Keypoints

  • Microsoft patched 570 vulnerabilities in its July 2026 Patch Tuesday release.
  • Three zero-days were fixed, including two that were actively exploited.
  • CVE-2026-56155 affects Active Directory Federation Services and enables privilege escalation.
  • CVE-2026-56164 affects Microsoft SharePoint Server and was used for remote privilege escalation.
  • CVE-2026-50661 is a publicly disclosed BitLocker bypass that could expose encrypted data on physically accessed devices.

Read More: https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2026-patch-tuesday-fixes-massive-570-flaws-3-zero-days/