Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days

Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
Microsoft released patches for 622 vulnerabilities, including zero-days in Active Directory Federation Services and SharePoint Server that were already being exploited in the wild. The update also addressed high-severity issues across Windows, Office, BitLocker, Exchange Server, RDP, and other products, while Adobe fixed 88 additional flaws. #CVE-2026-56155 #CVE-2026-56164 #CVE-2026-50661 #SharePointServer #ActiveDirectoryFederationServices #Microsoft #Adobe

Keypoints

  • Microsoft fixed a record 622 vulnerabilities in its July 2026 Patch Tuesday.
  • CVE-2026-56155 is an exploited zero-day in Active Directory Federation Services.
  • CVE-2026-56164 is a SharePoint Server flaw exploitable over the network without authentication.
  • Microsoft highlighted other critical issues in Windows VMSwitch, Exchange Server, RDP, DHCP, and the Windows Server network driver.
  • Adobe also released patches for 88 vulnerabilities in products including ColdFusion and Illustrator.

Read More: https://www.securityweek.com/microsoft-patches-record-622-vulnerabilities-including-two-exploited-zero-days/