[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fB2iIoMM-n9Q2RxtQO7TlLurkTfok58oXDCmQawp1oaY":3},{"article":4,"iocs":56},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"60f2b591-25f9-4da1-bcb2-9b091386baa8","Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days","microsoft-patches-record-622-vulnerabilities-including-two-exploited-zero-days-2c05a6","Two flaws in Active Directory and SharePoint Server have been exploited as zero-days, and a BitLocker bug was publicly disclosed. The post Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days appeared first on SecurityWeek.","Microsoft has released patches for a record 622 vulnerabilities, two of which were zero-days actively exploited in the wild. The exploited flaws affect Active Directory Federation Services and SharePoint Server, both leading to privilege escalation. A BitLocker security feature bypass, publicly disclosed before the patch, also received a fix.","Microsoft patches record 622 vulnerabilities, including two zero-days exploited in the wild.","Microsoft on Tuesday announced patches for a record-breaking 622 vulnerabilities, including two bugs in Active Directory and SharePoint Server that have been exploited in the wild as zero-days. Tracked as CVE-2026-56155, the exploited AD flaw affects Federation Services (AD FS) and could allow attackers to elevate their privileges locally to administrator. Also leading to privilege escalation, the SharePoint Server flaw is tracked as CVE-2026-56164 and can be exploited over the network without authentication. Another security defect that Microsoft drew attention to is CVE-2026-50661, a BitLocker security feature bypass issue that can be exploited by physical attackers and which was publicly disclosed before the July 2026 Patch Tuesday. “We surmise that this could be related to a flurry of zero-day vulnerabilities disclosed by the researcher known as Nightmare-Eclipse or Chaotic-Eclipse, though no official confirmation was made,” Tenable senior staff research engineer Satnam Narang commented. According to Microsoft’s release notes, Windows received fixes for 416 vulnerabilities this month, while the Office suite received patches for 164 of them.Advertisement. Scroll to continue reading. Some of the security defects that deserve special attention include critical flaws in Windows VMSwitch, tracked as CVE-2026-57092 (CVSS score of 9.9), and SharePoint, tracked as CVE-2026-50522 and CVE-2026-50522 (CVSS score of 9.8), ZDI says. An XSS in Exchange Server (CVE-2026-55008) and remote code execution (RCE) bugs in the Remote Desktop Protocol (CVE-2026-56190), Windows DHCP Server (CVE-2026-50518), Windows Server Network driver (CVE-2026-56188), and Minecraft Bedrock Dedicated Server (CVE-2026-55010) also deserve increased attention. Microsoft’s massive round of security updates resolves security weaknesses across several other products, including Azure, Defender, Developer Tools, Exchange Server, Edge, and SQL Server. With 622 vulnerabilities, the July 2026 Patch Tuesday rollout pushes Microsoft’s year-to-date CVE count above totals from other years, but it is not a surprise. Last week, Windows executive VP Pavan Davuluri announced that AI is speeding up vulnerability discovery and that Microsoft is using multi-model agentic scanning harness (MDASH) to surface bugs faster across the Windows codebase. “We continue to evolve our internal systems and practices so that vulnerability discovery is not treated as a separate activity, but as part of how we build, review, and improve Windows before new features or updates are released,” Davuluri said. On the July 2026 Patch Tuesday, Adobe released fixes for 88 vulnerabilities, including critical bugs in ColdFusion, Commerce, Experience Manager, and Illustrator. Related: SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud Related: Microsoft Patches Defender ‘RoguePlanet’ Vulnerability Related: Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns Related: Palo Alto Networks Patches 13 Vulnerabilities Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire RabbitMQ Vulnerability Threatens Enterprise SystemsZimbra Patches Critical Code Execution VulnerabilityOrganizations Warned of Exploited Joomla Extension VulnerabilitiesProgress Prompts ShareFile Storage Zone Controller Shutdown Amid Security ConcernsGhost Accounts Abuse GitHub API in Mass Recon CampaignOkta Warns of Vishing Attacks Targeting Microsoft 365 CustomersGigaWiper Combines Multiple Malware for System-Level SabotageNetwork of 200 GitHub Repositories Used for Malware Infection Latest News Synopsys Finds No Evidence of Data Breach Amid Bosch Hack ClaimsAdobe Patches Critical ColdFusion Vulnerabilities7 Severe Vulnerabilities Patched in VMware Avi Load BalancerUnpatched Claude for Chrome Flaw Lets Extensions Read Gmail, CalendarSAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce CloudUS, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure RoutersValarian Raises $50 Million for Sovereign Infrastructure Control LayerMultiple Jscrambler Packages Impacted by Supply Chain Attack Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Why Email Security Keeps Failing (And What Has to Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 15, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the MoveF5 has appointed Cathy Peterman as Chief People Officer.Sean Murphy has joined F5 as a Field Chief Information Security Officer - North America.CodeHunter has appointed Stephen McCarney as Chief Strategy Officer.More People On The MoveExpert Insights The Shift Toward Business-Aligned Risk Management Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. (Steve Durbin) How to Conduct a Successful Audit of AI-Driven Software Development As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. (Matias Madou) Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. (Joshua Goldfarb) The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. (Danelle Au) When Information Becomes the Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fmicrosoft-patches-record-622-vulnerabilities-including-two-exploited-zero-days\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F12\u002FMicrosoft-Security-leaders.jpg","2026-07-14T18:50:20+00:00","2026-07-14T20:00:26.603323+00:00",9,[18,21,24,26,28,31],{"name":19,"type":20},"Microsoft","vendor",{"name":22,"type":23},"Active Directory","product",{"name":25,"type":23},"SharePoint Server",{"name":27,"type":23},"BitLocker",{"name":29,"type":30},"Federation Services","technology",{"name":32,"type":30},"VMSwitch","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":33,"icon":35,"name":36,"slug":37},null,"Vulnerabilities","vulnerabilities",[39,44,49,51],{"category":40},{"id":41,"icon":35,"name":42,"slug":43},"574f766a-fb3f-487c-8d2c-0720ae75471b","Zero-day","zero-day",{"category":45},{"id":46,"icon":35,"name":47,"slug":48},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":50},{"id":33,"icon":35,"name":36,"slug":37},{"category":52},{"id":53,"icon":35,"name":54,"slug":55},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[57,61,64,67,70,73,76,79,82,85],{"type":58,"value":59,"context":60},"cve","CVE-2026-56155","Exploited Active Directory flaw affecting Federation Services",{"type":58,"value":62,"context":63},"CVE-2026-56164","Exploited SharePoint Server flaw leading to privilege escalation",{"type":58,"value":65,"context":66},"CVE-2026-50661","BitLocker security feature bypass issue",{"type":58,"value":68,"context":69},"CVE-2026-57092","Critical flaw in Windows VMSwitch",{"type":58,"value":71,"context":72},"CVE-2026-50522","Critical flaw in SharePoint",{"type":58,"value":74,"context":75},"CVE-2026-55008","XSS vulnerability in Exchange Server",{"type":58,"value":77,"context":78},"CVE-2026-56190","Remote code execution bug in Remote Desktop Protocol",{"type":58,"value":80,"context":81},"CVE-2026-50518","Remote code execution bug in Windows Server DHCP Server",{"type":58,"value":83,"context":84},"CVE-2026-56188","Remote code execution bug in Windows Server Network driver",{"type":58,"value":86,"context":87},"CVE-2026-55010","Remote code execution bug in Minecraft Bedrock Dedicated Server"]