July, 2026: Patch Tuesday - Are 600 Updates a Month Our New Normal?

Welcome to my July 2026 Patch Tuesday newsletter.  It's been an abnormally large month from Microsoft.  Today, MS released 570 updates and another 64 since last month's Patch Tuesday.  So, in total we have 634 updates in the chart below!  I did say it's "abnormally" huge this month.  There is a good chance that this is now our new normal.  In one of Microsoft's recent blog articles from July 9th they mention: "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release."  So, there is a good chance we all might see 500+ updates a month instead of our normal hundred or so.  I guess we will see if this month is an anomaly or the new standard as the next few months pass on.

This month we have 4 zero-days to tell you about: 

  • CVE-2026-56155 - This elevation of privilege vulnerability affects most flavors of Microsoft's OS's.  It is currently being exploited and an access control issue in AD FS could allow an attacker to elevate privileges locally.  Although it carries a CVSS score of 7.2, it is only rated as "Important" by Microsoft.   
  • CVE-2026-56164 - This elevation of privilege affects the currently supported versions of SharePoint.  This is also currently being exploited.  Microsoft reports that there is a missing authentication in SharePoint that could allow an attacker to elevate privileges over the network.  Microsoft rates this as "Moderate" severity.
  • CVE-2026-50661 - This security feature bypass affects all current Microsoft OS's.  Although there are no reports of it currently being exploited, it is publicly disclosed. A successful attacker could bypass BitLocker on the system storage device and gain access to encrypted data.
  • CVE-2026-50656 - This elevation of privilege affects the Malware Protection Engine and is also publicly disclosed.  It was released on June 16th but updated with today's updates.  If you've been keeping up with the news then you have most likely heard of RoguePlanet, which this update fixes.  For now, once this update is applied then you remove the risk of hackers gaining access to Windows endpoints in your environment.

Besides these we have 73 "Critical" rated CVE's being pushed out for the month.  You will want to peruse the chart below to see if your environment contains any of the affected applications and the vulnerable versions.  

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:

LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 10, 11

Server 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations

Windows Remote Help

Windows Admin Center

Critical

CVE-2026-33842
CVE-2026-34328
CVE-2026-34346
CVE-2026-34348
CVE-2026-34349
CVE-2026-40378
CVE-2026-40400
CVE-2026-40422
CVE-2026-41087
CVE-2026-42900
CVE-2026-42975
CVE-2026-42982
CVE-2026-42990
CVE-2026-44800
CVE-2026-44806
CVE-2026-48564
CVE-2026-48571
CVE-2026-48572
CVE-2026-49162
CVE-2026-49164
CVE-2026-49165
CVE-2026-49166
CVE-2026-49167
CVE-2026-49168
CVE-2026-49169
CVE-2026-49170
CVE-2026-49171
CVE-2026-49172
CVE-2026-49173
CVE-2026-49174
CVE-2026-49175
CVE-2026-49176
CVE-2026-49177
CVE-2026-49178
CVE-2026-49180
CVE-2026-49181
CVE-2026-49183
CVE-2026-49184
CVE-2026-49783
CVE-2026-49784
CVE-2026-49787
CVE-2026-49788
CVE-2026-49789
CVE-2026-49790
CVE-2026-49791
CVE-2026-49792
CVE-2026-49793
CVE-2026-49794
CVE-2026-49795
CVE-2026-49796
CVE-2026-49797
CVE-2026-49798
CVE-2026-49799
CVE-2026-49800
CVE-2026-49801
CVE-2026-49802
CVE-2026-49803
CVE-2026-49804
CVE-2026-49805
CVE-2026-49806
CVE-2026-49807
CVE-2026-49808
CVE-2026-50293
CVE-2026-50294
CVE-2026-50295
CVE-2026-50296
CVE-2026-50297
CVE-2026-50298
CVE-2026-50299
CVE-2026-50300
CVE-2026-50302
CVE-2026-50303
CVE-2026-50304
CVE-2026-50305
CVE-2026-50306
CVE-2026-50307
CVE-2026-50308
CVE-2026-50309
CVE-2026-50310
CVE-2026-50311
CVE-2026-50312
CVE-2026-50313
CVE-2026-50315
CVE-2026-50316
CVE-2026-50317
CVE-2026-50318
CVE-2026-50321
CVE-2026-50322
CVE-2026-50323
CVE-2026-50324
CVE-2026-50325
CVE-2026-50326
CVE-2026-50327
CVE-2026-50328
CVE-2026-50329
CVE-2026-50330
CVE-2026-50331
CVE-2026-50332
CVE-2026-50333
CVE-2026-50334
CVE-2026-50335
CVE-2026-50336
CVE-2026-50337
CVE-2026-50339
CVE-2026-50340
CVE-2026-50341
CVE-2026-50342
CVE-2026-50343
CVE-2026-50344
CVE-2026-50345
CVE-2026-50346
CVE-2026-50347
CVE-2026-50348
CVE-2026-50350
CVE-2026-50351
CVE-2026-50352
CVE-2026-50353
CVE-2026-50354
CVE-2026-50355
CVE-2026-50356
CVE-2026-50357
CVE-2026-50358
CVE-2026-50359
CVE-2026-50360
CVE-2026-50361
CVE-2026-50362
CVE-2026-50363
CVE-2026-50364
CVE-2026-50365
CVE-2026-50366
CVE-2026-50367
CVE-2026-50368
CVE-2026-50369
CVE-2026-50370
CVE-2026-50371
CVE-2026-50372
CVE-2026-50373
CVE-2026-50374
CVE-2026-50375
CVE-2026-50376
CVE-2026-50377
CVE-2026-50378
CVE-2026-50379
CVE-2026-50380
CVE-2026-50381
CVE-2026-50382
CVE-2026-50383
CVE-2026-50384
CVE-2026-50385
CVE-2026-50386
CVE-2026-50387
CVE-2026-50388
CVE-2026-50389
CVE-2026-50390
CVE-2026-50391
CVE-2026-50392
CVE-2026-50393
CVE-2026-50394
CVE-2026-50396
CVE-2026-50397
CVE-2026-50398
CVE-2026-50399
CVE-2026-50400
CVE-2026-50401
CVE-2026-50402
CVE-2026-50403
CVE-2026-50404
CVE-2026-50405
CVE-2026-50406
CVE-2026-50407
CVE-2026-50409
CVE-2026-50410
CVE-2026-50411
CVE-2026-50412
CVE-2026-50413
CVE-2026-50414
CVE-2026-50415
CVE-2026-50416
CVE-2026-50417
CVE-2026-50418
CVE-2026-50419
CVE-2026-50420
CVE-2026-50421
CVE-2026-50422
CVE-2026-50423
CVE-2026-50424
CVE-2026-50425
CVE-2026-50426
CVE-2026-50427
CVE-2026-50428
CVE-2026-50429
CVE-2026-50430
CVE-2026-50431
CVE-2026-50432
CVE-2026-50433
CVE-2026-50434
CVE-2026-50435
CVE-2026-50436
CVE-2026-50437
CVE-2026-50439
CVE-2026-50440
CVE-2026-50441
CVE-2026-50442
CVE-2026-50444
CVE-2026-50445
CVE-2026-50447
CVE-2026-50448
CVE-2026-50449
CVE-2026-50450
CVE-2026-50451
CVE-2026-50452
CVE-2026-50453
CVE-2026-50454
CVE-2026-50455
CVE-2026-50456
CVE-2026-50457
CVE-2026-50458
CVE-2026-50459
CVE-2026-50460
CVE-2026-50461
CVE-2026-50462
CVE-2026-50463
CVE-2026-50465
CVE-2026-50466
CVE-2026-50469
CVE-2026-50470
CVE-2026-50471
CVE-2026-50473
CVE-2026-50474
CVE-2026-50475
CVE-2026-50476
CVE-2026-50477
CVE-2026-50478
CVE-2026-50479
CVE-2026-50480
CVE-2026-50482
CVE-2026-50483
CVE-2026-50484
CVE-2026-50485
CVE-2026-50486
CVE-2026-50487
CVE-2026-50488
CVE-2026-50489
CVE-2026-50490
CVE-2026-50491
CVE-2026-50492
CVE-2026-50493
CVE-2026-50494
CVE-2026-50495
CVE-2026-50496
CVE-2026-50497
CVE-2026-50498
CVE-2026-50499
CVE-2026-50500
CVE-2026-50501
CVE-2026-50502
CVE-2026-50503
CVE-2026-50504
CVE-2026-50505
CVE-2026-50509
CVE-2026-50518
CVE-2026-50647
CVE-2026-50655
CVE-2026-50661*
CVE-2026-50666
CVE-2026-50667
CVE-2026-50668
CVE-2026-50669
CVE-2026-50670
CVE-2026-50672
CVE-2026-50673
CVE-2026-50674
CVE-2026-50676
CVE-2026-50677
CVE-2026-50679
CVE-2026-50680
CVE-2026-50681
CVE-2026-50682
CVE-2026-50683
CVE-2026-50684
CVE-2026-50685
CVE-2026-50686
CVE-2026-50687
CVE-2026-50688
CVE-2026-50689
CVE-2026-50690
CVE-2026-50692
CVE-2026-50694
CVE-2026-50695
CVE-2026-50696
CVE-2026-50697
CVE-2026-54107
CVE-2026-54109
CVE-2026-54111
CVE-2026-54112
CVE-2026-54114
CVE-2026-54115
CVE-2026-54119
CVE-2026-54121
CVE-2026-54122
CVE-2026-54124
CVE-2026-54125
CVE-2026-54126
CVE-2026-54127
CVE-2026-54128
CVE-2026-54129
CVE-2026-54132
CVE-2026-54982
CVE-2026-54983
CVE-2026-54986
CVE-2026-54987
CVE-2026-54989
CVE-2026-54990
CVE-2026-54991
CVE-2026-54992
CVE-2026-54993
CVE-2026-54995
CVE-2026-54996
CVE-2026-54997
CVE-2026-54999
CVE-2026-55000
CVE-2026-55001
CVE-2026-55003
CVE-2026-55004
CVE-2026-55014
CVE-2026-55144
CVE-2026-56155**
CVE-2026-56159
CVE-2026-56168
CVE-2026-56169
CVE-2026-56173
CVE-2026-56175
CVE-2026-56176
CVE-2026-56181
CVE-2026-56182
CVE-2026-56183
CVE-2026-56184
CVE-2026-56185
CVE-2026-56186
CVE-2026-56187
CVE-2026-56188
CVE-2026-56189
CVE-2026-56190
CVE-2026-56194
CVE-2026-56196
CVE-2026-56197
CVE-2026-56643
CVE-2026-56644
CVE-2026-56647
CVE-2026-56648
CVE-2026-56649
CVE-2026-56650
CVE-2026-57083
CVE-2026-57084
CVE-2026-57085
CVE-2026-57087
CVE-2026-57088
CVE-2026-57089
CVE-2026-57090
CVE-2026-57091
CVE-2026-57092
CVE-2026-57093
CVE-2026-57094
CVE-2026-57095
CVE-2026-57096
CVE-2026-57097
CVE-2026-57107
CVE-2026-57976
CVE-2026-57979
CVE-2026-57982
CVE-2026-58526
CVE-2026-58527
CVE-2026-58528
CVE-2026-58529
CVE-2026-58530
CVE-2026-58531
CVE-2026-58532
CVE-2026-58533
CVE-2026-58534
CVE-2026-58535
CVE-2026-58536
CVE-2026-58537
CVE-2026-58538
CVE-2026-58539
CVE-2026-58540
CVE-2026-58541
CVE-2026-58542
CVE-2026-58543
CVE-2026-58544
CVE-2026-58545
CVE-2026-58546
CVE-2026-58547
CVE-2026-58594
CVE-2026-58601
CVE-2026-58602
CVE-2026-58608
CVE-2026-58609
CVE-2026-58610
CVE-2026-58613
CVE-2026-58614
CVE-2026-58619
CVE-2026-58626
CVE-2026-58627
CVE-2026-58628
CVE-2026-58629
CVE-2026-58631
CVE-2026-58632
CVE-2026-58633
CVE-2026-58634
CVE-2026-58635
CVE-2026-58637
CVE-2026-58638
CVE-2026-58640

Workaround: No
Exploited: Yes**
Public: Yes*

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Tampering

Exchange

Server 2016 CU23

Server 2019 CU14, CU15

Server Subscription Edition RTM

Exchange Online

Critical

CVE-2026-48582
CVE-2026-54998
CVE-2026-55005
CVE-2026-55006
CVE-2026-55008
CVE-2026-55009

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Remote Code Execution

Spoofing

SQL Server

Fabric Data Warehouse

Server 2016 SP3 GDR & Azure Connect Feature Pack

Server 2017 CU31 & GDR

Server 2019 CU32 & GDR

Server 2022 CU25 & GDR

Server 2025 CU6 & GDR

Power BI Report Server

Critical

CVE-2026-47295
CVE-2026-47296
CVE-2026-50468
CVE-2026-54116
CVE-2026-54117
CVE-2026-54118
CVE-2026-55002
CVE-2026-56642
CVE-2026-58647

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Spoofing

Edge

Edge (Chromium-based)

Copilot Chat

Critical

CVE-2026-32208
CVE-2026-45488
CVE-2026-45489
CVE-2026-50521
CVE-2026-55945
CVE-2026-56645
CVE-2026-56646
CVE-2026-57974
CVE-2026-57975
CVE-2026-57977
CVE-2026-57981
CVE-2026-57983
CVE-2026-57984
CVE-2026-57985
CVE-2026-57986
CVE-2026-57987
CVE-2026-57988
CVE-2026-57991
CVE-2026-57992
CVE-2026-57993
CVE-2026-58276
CVE-2026-58278
CVE-2026-58281
CVE-2026-58282
CVE-2026-58283
CVE-2026-58284
CVE-2026-58285
CVE-2026-58286
CVE-2026-58287
CVE-2026-58288
CVE-2026-58289
CVE-2026-58290
CVE-2026-58291
CVE-2026-58292
CVE-2026-58293
CVE-2026-58294
CVE-2026-58295
CVE-2026-58296
CVE-2026-58297
CVE-2026-58298
CVE-2026-58299
CVE-2026-58300
CVE-2026-58522
CVE-2026-58523
CVE-2026-58524
CVE-2026-58525
CVE-2026-58596
CVE-2026-58597

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Office

365 Apps for Enterprise

Excel/Word/PowerPoint 2016

Office 2016, 2019

LTSC 2021, 2024 including for Mac

Office 365 for Mac

Office for Android

Office Online Server

Critical

CVE-2026-47290
CVE-2026-47642
CVE-2026-48580
CVE-2026-50301
CVE-2026-50314
CVE-2026-50387
CVE-2026-50408
CVE-2026-50467
CVE-2026-50665
CVE-2026-50675
CVE-2026-50678
CVE-2026-54131
CVE-2026-54988
CVE-2026-55017
CVE-2026-55018
CVE-2026-55022
CVE-2026-55023
CVE-2026-55024
CVE-2026-55025
CVE-2026-55026
CVE-2026-55027
CVE-2026-55028
CVE-2026-55029
CVE-2026-55031
CVE-2026-55032
CVE-2026-55033
CVE-2026-55035
CVE-2026-55036
CVE-2026-55037
CVE-2026-55038
CVE-2026-55039
CVE-2026-55041
CVE-2026-55042
CVE-2026-55043
CVE-2026-55044
CVE-2026-55045
CVE-2026-55046
CVE-2026-55047
CVE-2026-55048
CVE-2026-55049
CVE-2026-55050
CVE-2026-55053
CVE-2026-55054
CVE-2026-55055
CVE-2026-55056
CVE-2026-55057
CVE-2026-55058
CVE-2026-55120
CVE-2026-55121
CVE-2026-55122
CVE-2026-55123
CVE-2026-55124
CVE-2026-55125
CVE-2026-55127
CVE-2026-55128
CVE-2026-55129
CVE-2026-55130
CVE-2026-55131
CVE-2026-55132
CVE-2026-55133
CVE-2026-55134
CVE-2026-55136
CVE-2026-55137
CVE-2026-55138
CVE-2026-55139
CVE-2026-55140
CVE-2026-55141
CVE-2026-55142
CVE-2026-55898
CVE-2026-55899
CVE-2026-55947
CVE-2026-55948
CVE-2026-55949
CVE-2026-56156
CVE-2026-56192
CVE-2026-56193
CVE-2026-56195
CVE-2026-58618

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

SharePoint

Enterprise Server 2016

Server 2019

Server Subscription Edition

Critical

CVE-2026-50522
CVE-2026-54108
CVE-2026-55016
CVE-2026-55019
CVE-2026-55020
CVE-2026-55021
CVE-2026-55023
CVE-2026-55026
CVE-2026-55027
CVE-2026-55028
CVE-2026-55030
CVE-2026-55032
CVE-2026-55033
CVE-2026-55034
CVE-2026-55035
CVE-2026-55038
CVE-2026-55040
CVE-2026-55045
CVE-2026-55047
CVE-2026-55050
CVE-2026-55051
CVE-2026-55052
CVE-2026-55055
CVE-2026-55121
CVE-2026-55124
CVE-2026-55125
CVE-2026-55126
CVE-2026-55127
CVE-2026-55128
CVE-2026-55130
CVE-2026-55132
CVE-2026-55134
CVE-2026-55135
CVE-2026-55142
CVE-2026-56157
CVE-2026-56164**
CVE-2026-56192
CVE-2026-58277
CVE-2026-58644

Workaround: No
Exploited: Yes**
Public: No
Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Azure

Azure Active Directory

AI Bot Service

CycleCloud 8.9.1

Monitor Agent Metrics Extension

Open AI

Spring Apps

Synapse

Cost Management

Entra Provisioning Service

Critical

CVE-2026-26145
CVE-2026-32174
CVE-2026-45480
CVE-2026-45499
CVE-2026-47632
CVE-2026-47633
CVE-2026-48584
CVE-2026-50338
CVE-2026-50652
CVE-2026-50653
CVE-2026-57100
CVE-2026-57969
CVE-2026-58279

Workaround: No
Exploited: No
Public: No

Denial of Service

Elevation of Privilege

Information Disclosure

Developer Tools

.NET 8, 9, 10 installed on Linux, MacOS and Windows

.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1

Visual Studio
2022 17.12/17.14,
2026 18.7

Visual Studio Code

Microsoft.
AspNet.OData

Microsoft.
AspNetCore.OData

Important

CVE-2026-41109
CVE-2026-45496
CVE-2026-45646
CVE-2026-47282
CVE-2026-47300
CVE-2026-47302
CVE-2026-47303
CVE-2026-47304
CVE-2026-47305
CVE-2026-50506
CVE-2026-50520
CVE-2026-50524
CVE-2026-50525
CVE-2026-50526
CVE-2026-50527
CVE-2026-50528
CVE-2026-50646
CVE-2026-50648
CVE-2026-50649
CVE-2026-50650
CVE-2026-50651
CVE-2026-50659
CVE-2026-56170
CVE-2026-57101
CVE-2026-57102
CVE-2026-57108

Workaround: No
Exploited: No
Public: No

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Spoofing

Tampering

Dynamics

NAV 2018

 365 Customer Voice

Dynamics 365

Critical

CVE-2026-47646
CVE-2026-47647
CVE-2026-55944

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Remote Code Execution

Spoofing

Device

Surface Go 2 & 3, Hub, Hub 2S, Hub 3, Laptop Go, Laptop Go 2, Laptop Go 3, Laptop 4, Pro 7+, Pro 8

Surface Windows Dev Kit

Important

CVE-2026-48581

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Apps

CoPilot

365 CoPilot

365 CoPilot for iOS/Android

Bing Search for iOS

Terminal for Win10/11

Critical

CVE-2026-41106
CVE-2026-42895
CVE-2026-47645
CVE-2026-48561
CVE-2026-50438
CVE-2026-54124
CVE-2026-54130
CVE-2026-55145
CVE-2026-58595
CVE-2026-58617
CVE-2026-58636

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Information Disclosure

Remote Code Execution

Spoofing

Tampering

System Center

Defender for EndPoint for Mac

Malware Protection Engine

Critical

CVE-2026-50656*
CVE-2026-50657
CVE-2026-50658
CVE-2026-55011
CVE-2026-55012
CVE-2026-56178

Workaround: No
Exploited: No
Public: Yes*

Elevation of Privilege

Information Disclosure

Remote Code Execution

Other

Age of Empires II: Definitive Game Edition

Bedrock Dedicated Server

Github Copilot Plugin for JetBrains IDEs

Critical

CVE-2026-50510
CVE-2026-50663
CVE-2026-55010

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Open Source Software

Windows Subsystem for Linux (WSL2)

Important

CVE-2026-57968
CVE-2026-57973

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Tampering