securityonline.info 7/15/2026, 12:50:56 AM · external

Microsoft patches 570 flaws, two zero days actively exploited

Microsoft patches 570 flaws, two zero days actively exploited
Developing story vulnerability 8 articles tracked
Microsoft July 2026 Patch Tuesday addresses 622 vulnerabilities including two exploited zero‑days
CyberSIXT Evidence Panel
Primary Source msrc.microsoft.com
CISA KEV Listed in KEV
Patch Patch Available

MICROSOFT'S July 2026 Patch Tuesday addresses 570 vulnerabilities, including two zero-days being exploited in the wild: CVE-2026-56155 (Active Directory Federation Services) and CVE-2026-56164 (SharePoint Server). Federal agencies are required to patch these vulnerabilities by specific deadlines due to their critical nature. The patch includes a wide range of flaws, with significant numbers related to remote code execution and privilege escalation.

Administrators are advised to deploy updates promptly, especially for the actively exploited vulnerabilities, and to take interim safety measures like enabling AMSI for SharePoint. Overall, this patch underscores the importance of maintaining cybersecurity hygiene to minimize exploitation risks.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline