general · BleepingComputer
Microsoft released security updates for 570 vulnerabilities during its July 2026 Patch Tuesday, including three zero-day flaws—two actively exploited in attacks and one publicly disclosed. The update addresses 59 critical vulnerabilities, of which 48 are remote code execution flaws. The vulnerability breakdown includes 254 elevation of privilege, 145 remote code execution, 102 information disclosure, 35 denial of service, 17 security feature bypass, and 16 spoofing vulnerabilities. The two exploited zero-days are CVE-2026-56155 (Active Directory Federation Services elevation of privilege) and CVE-2026-56164 (Microsoft SharePoint Server elevation of privilege). The publicly disclosed zero-day is CVE-2026-50661 (Windows BitLocker security feature bypass). Microsoft attributed the discovery to its recently deployed AI-powered vulnerability identification system.
Defense contractors handling CUI and operating under CMMC requirements should prioritize patching Active Directory and SharePoint deployments, as both services commonly manage classified or controlled information. SaaS and healthcare providers relying on Microsoft infrastructure for SOC2 and HIPAA compliance should assess their SharePoint and AD FS implementations for exposure to CVE-2026-56155 and CVE-2026-56164 before applying patches. The BitLocker bypass (CVE-2026-50661) carries physical-access risk that may require facility-level controls review. Organizations subject to NIST 800-171 or PCI DSS should treat this Patch Tuesday as high-priority; an Omniware engagement can scope vulnerability exposure, patch sequencing, and control gaps specific to your environment.
Source: BleepingComputer - https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2026-patch-tuesday-fixes-massive-570-flaws-3-zero-days/
Source: BleepingComputer
All briefings