Microsoft Patches a Record 570 Security Flaws
robin_reala
82 points
39 comments
July 14, 2026
Related Discussions
Found 5 related stories in 1135.4ms across 14,015 title embeddings via pgvector HNSW
- Mystery Microsoft bug leaker keeps the zero-days coming e12e · 104 pts · May 14, 2026 · 61% similar
- Microsoft 0-day feud escalates as researcher threatens another exploit dump Cider9986 · 222 pts · May 29, 2026 · 58% similar
- Microsoft's stance on zero day exploits is a dumpster fire of their own making _tk_ · 59 pts · May 28, 2026 · 57% similar
- Microsoft tackles quality control issues. Just kidding Bender · 25 pts · April 26, 2026 · 57% similar
- For the 2nd time in weeks, Microsoft packages laced with credential stealer cdrnsf · 40 pts · June 08, 2026 · 56% similar
Discussion Highlights (11 comments)
gerdesj
"Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence." If only real intelligence found the fucking things instead. As ye sew, so shall ye reap!
d0100
An employee just got phished by adding a number to a legitimate deviceAdd login route that bypasses 2FA and adds a device with full access to office and mail Probably working as intended...
freitasm
I wonder how many bugs will be introduced with these fixes...
naturalmovement
Sounds like a lot but compare it to Edge also being patched for 428 Chromium CVEs this month. If 20 years ago you told me a single piece of software had 428 vulnerabilities I wouldn't have believed it. If Chromium has that many security bugs, perhaps the move fast and break things approach of spraying diarrhea masquerading as code into a keyboard — in a rush to add new features no one asked for — needs to be reexamined.
lousken
It would be nice if microsoft had windows update for .net, visual c++, office, windows, edge ... just all their software in one updater, but that would be too easy...
charonn0
It seems like bug hunting might be the one area where AI is actually making the world a better place.
kingforaday
Full July 2026 Summary: https://www.bleepingcomputer.com/microsoft-patch-tuesday-rep...
ReactiveJelly
They should patch that Global Device ID thing :^)
fuckinpuppers
This is great. Now ask Mythos to make windows suck less and let it go crazy.
devin
How many are chained, and how many patches are defense-in-depth after discovering chained paths to that flaw?
dhx
Title is not correct. Microsoft didn't patch a lot of this, they're reporting patches for dependencies that other people patched and Microsoft are inheriting. For example, Mariner (now branded Azure Linux) is a Microsoft-supported Linux distribution. So in this list of 570 vulnerabilities, Microsoft have reported 100 vulnerabilities inherited from all sorts of open source software projects included in their Azure Linux distribution. The OpenSSH vulnerabilities are described in better detail at https://www.openssh.org/releasenotes.html where it implies 2 vulnerabilities were detected with Swival Security Scanner (using LLMs) and another 6 by other researchers/companies (using undisclosed methods). As an example of one of the OpenSSH vulnerabilites CVE-2026-59996 which is attributed to Swival Security Scanner, Swival have published the output of their automated vulnerability detection report at https://github.com/Swival/security-audits/blob/main/openssh/...