Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed.
Patch Tuesday addresses 59 "Critical" vulnerabilities, 48 of which are remote code execution, 9 are elevation of privilege, 1 is a security bypass, and 1 is a spoofing.
The approximate number of bugs in each vulnerability category is listed below:
When BleepingComputer reports on Patch Tuesday security updates, we only count those released by Microsoft today.
- 254 Elevation of Privilege Vulnerabilities
- 17 Security Feature Bypass Vulnerabilities
- 145 Remote Code Execution Vulnerabilities
- 102 Information Disclosure Vulnerabilities
- 35 Denial of Service Vulnerabilities
- 16 Spoofing Vulnerabilities
Therefore, the number of flaws does not include flaws in Mariner, Azure OpenAI, Azure Synapse, M365 Copilot, Microsoft Exchange Online, Microsoft Edge for Android, and Microsoft Entra Provisioning Service that were fixed by Microsoft earlier this month.
There were also a massive 468 Microsoft Edge/Chromium flaws that were fixed by Google this month, which were excluded from this Patch Tuesday roundup. As part of last month's June Patch Tuesday, Google fixed 360 flaws that were later ported to Microsoft Edge.
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed.



