All incidents

Microsoft July 2026 Patch Tuesday addresses 622 vulnerabilities including three zero‑days

vulnerabilityopenJul 14, 2026 — Jul 15, 2026
Microsoft July 2026 Patch Tuesday addresses 622 vulnerabilities including two exploited zero‑days

MICROSOFT released its July 2026 Patch Tuesday update, addressing a staggering 622 security flaws across its product line, including two zero‑day vulnerabilities that are already being exploited in the wild.

The first of the actively exploited bugs, tracked as CVE-2026-55040, carries a CVSS score of 9.1 and describes an authentication bypass in SharePoint that lets an attacker gain unauthenticated access, a flaw highlighted in the Rapid7 analysis of the update.

The second, CVE-2026-56164, scores 5.3 on the CVSS scale and involves a missing authentication check in SharePoint Server that enables remote privilege escalation; it has been added to the CISA Known Exploited Vulnerabilities catalogue.

Although Microsoft has not linked either flaw to a specific threat actor, both vulnerabilities have been observed in active attacks, prompting federal agencies to prioritize patching under binding directives, as noted in the SecurityOnline report.

The update marks the largest Patch Tuesday in Microsoft’s history, with 416 of the addressed bugs affecting Windows components alone, a figure that analysts attribute to the growing use of artificial intelligence in vulnerability discovery, according to DarkReading.

Administrators should deploy the July patches without delay, giving precedence to the two actively exploited SharePoint issues, and consider enabling AMSI logging for SharePoint as an interim safeguard while waiting for full system updates.

Beyond this release, security teams are encouraged to adopt continuous patching practices, improve asset inventories and follow the guidance provided in the MSRC release notes to stay ahead of the rising tide of vulnerabilities.

Intelligence briefing updated Jul 15, 2026

CVE-2026-55040 9.1 CVE-2026-56155 7.8 KEV CVE-2026-50661 6.1 CVE-2026-56164 5.3 KEV
Root sourcemsrc.microsoft.com
Timeline Coverage

Swipe to explore timeline