MICROSOFT'S July 2026 Patch Tuesday addresses 570 vulnerabilities, including two zero-days being exploited in the wild: CVE-2026-56155 (Active Directory Federation Services) and CVE-2026-56164 (SharePoint Server). Federal agencies are required to patch these vulnerabilities by specific deadlines due to their critical nature. The patch includes a wide range of flaws, with significant numbers related to remote code execution and privilege escalation.
Administrators are advised to deploy updates promptly, especially for the actively exploited vulnerabilities, and to take interim safety measures like enabling AMSI for SharePoint. Overall, this patch underscores the importance of maintaining cybersecurity hygiene to minimize exploitation risks.