Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Here , (Tue, Jul 14th)
SANS Internet Storm Center

Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Here , (Tue, Jul 14th)

Overview

This Patch Tuesday includes a staggering 622 vulnerabilities, not including another 427 vulnerabilities in Chromium, affecting Microsoft's Edge browser. 62 of the vulnerabilities are rated critical. One was disclosed before today, and two have already been exploited.

Given the large number of vulnerabilities, it is difficult to point out "noteworthy" issues.

Already Exploited Vulnerabilities

  • CVE-2026-56155: Active Directory Federation Services Elevation of Privilege Vulnerability. This is an important (not critical) vulnerability.
  • CVE-2026-56164: Microsoft SharePoint Server Elevation of Privilege Vulnerability. Microsoft considers this vulnerability's severity only moderate.

Disclosed but Not Yet Exploited

  • CVE-2026-50661: Windows BitLocker Security Feature Bypass Vulnerability. It is not clear right now if this is one of the Nightmare Eclipse vulnerabilities. "Anonymous" is credited with discovering the vulnerability.

Random Interesting Vulnerabilities

  • CVE-2026-54128: Windows DHCP Client Remote Code Execution Vulnerability. A critical vulnerability, but it will require the victim to connect to a network exposed to a malicious DHCP server. Certainly interesting for "public wifi network" attacks. There are also a few critical DHCP server RCE vulnerabilities being addressed in this update.
  • CVE-2026-54982, CVE-2026-54995: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability. Two critical vulnerabilities. Just like DHCP, the exploit will typically require network-adjacent attackers. I have seen several similar vulnerabilities in MSFT updates in the past, but not seen exploits.

A Quick Word on How to Deal with This Flood of New Vulnerabilities

You still own the same number of Microsoft products. Many products (Office, etc.) are affected by a large number of vulnerabilities. Patching the product should not take a lot more time just because the patch addresses more vulnerabilities.

Vulnerability List

Description CVE Disclosed Exploited Exploitability (old versions) Current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Denial of Service Vulnerability CVE-2026-47302 No No - - Important 7.5 6.5
.NET Denial of Service Vulnerability CVE-2026-50525 No No - - Important 7.5 6.5
.NET Denial of Service Vulnerability CVE-2026-50651 No No - - Important 7.5 6.5
.NET Denial of Service Vulnerability CVE-2026-57108 No No - - Important 7.5 6.5
.NET Framework Denial of Service Vulnerability CVE-2026-50524 No No - - Important 7.5 6.5
.NET Framework Denial of Service Vulnerability CVE-2026-50527 No No - - Important 7.5 6.5
.NET Framework Denial of Service Vulnerability CVE-2026-50648 No No - - Important 7.5 6.5
.NET Framework Elevation of Privilege Vulnerability CVE-2026-50650 No No - - Important 7.8 6.8
.NET Framework Remote Code Execution Vulnerability CVE-2026-50646 No No - - Important 7.8 6.8
.NET Remote Code Execution Vulnerability CVE-2026-50649 No No - - Important 7.8 6.8
.NET Security Feature Bypass Vulnerability CVE-2026-47304 No No - - Important 8.1 7.1
.NET Security Feature Bypass Vulnerability CVE-2026-50528 No No - - Important 8.2 7.1
.NET Spoofing Vulnerability CVE-2026-50659 No No - - Important 6.5 5.7
.NET Tampering Vulnerability CVE-2026-50526 No No - - Important 7.0 6.1
ASP.NET Core Denial of Service Vulnerability CVE-2026-56170 No No - - Important 7.5 6.5
ASP.NET Core Elevation of Privilege Vulnerability CVE-2026-47300 No No - - Important 8.8 7.7
ASP.NET Core Elevation of Privilege Vulnerability CVE-2026-47303 No No - - Important 8.8 7.7
Active Directory Certificate Services Elevation of Privilege Vulnerability CVE-2026-54121 No No - - Critical 8.8 7.7
Active Directory Denial of Service Vulnerability CVE-2026-50682 No No - - Important 7.1 6.2
Active Directory Domain Services Elevation of Privilege Vulnerability CVE-2026-55001 No No - - Important 7.8 6.8
Active Directory Federation Server Denial of Service Vulnerability CVE-2026-50647 No No - - Important 7.5 6.5
Active Directory Federation Server Spoofing Vulnerability CVE-2026-50684 No No - - Important 4.8 4.2
Active Directory Federation Services Elevation of Privilege Vulnerability CVE-2026-56155 No Yes - - Important 7.8 7.2
Azure Active Directory Denial of Service Vulnerability CVE-2026-50652 No No - - Important 7.5 6.5
Azure Active Directory Denial of Service Vulnerability CVE-2026-50653 No No - - Important 7.5 6.5
Azure CycleCloud Elevation of Privilege Vulnerability CVE-2026-57969 No No - - Important 8.8 7.7
Azure CycleCloud Elevation of Privilege Vulnerability CVE-2026-58279 No No - - Important 6.5 5.9
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability CVE-2026-47632 No No - - Important 8.8 7.7
Azure OpenAI Elevation of Privilege Vulnerability (no customer action required) CVE-2026-45499 No No - - Critical 9.9 8.6
Azure Spring Apps Elevation of Privilege Vulnerability CVE-2026-50338 No No - - Important 8.2 7.4
CVE-2026-13862 CVE-2026-13862 No No - - - - -
Clipboard User Service Elevation of Privilege Vulnerability CVE-2026-50488 No No - - Important 7.8 6.8
Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability CVE-2026-50491 No No - - Important 7.0 6.1
Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability CVE-2026-50381 No No - - Important 5.5 4.8
Content Delivery Manager Elevation of Privilege Vulnerability CVE-2026-50427 No No - - Important 7.8 6.8
DHCP Server Service Remote Code Execution Vulnerability CVE-2026-48564 No No - - Critical 8.8 7.7
DHCP Server Service Remote Code Execution Vulnerability CVE-2026-50370 No No - - Critical 8.8 7.7
DHCP Server Service Remote Code Execution Vulnerability CVE-2026-56159 No No - - Critical 9.8 8.5
DNS Client Tampering Vulnerability CVE-2026-49174 No No - - Important 6.1 5.3
DNS Client Tampering Vulnerability CVE-2026-50495 No No - - Important 6.1 5.3
Desktop Window Manager Elevation of Privilege Vulnerability CVE-2026-50692 No No - - Important 8.8 7.7
Desktop Window Manager Elevation of Privilege Vulnerability CVE-2026-58633 No No - - Important 7.8 6.8
Desktop Window Manager Elevation of Privilege Vulnerability CVE-2026-58634 No No - - Important 7.8 6.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-50296 No No - - Important 7.0 6.1
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-50375 No No - - Important 6.3 5.5
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-50353 No No - - Important 7.8 6.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-50493 No No - - Important 7.8 6.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-56643 No No - - Important 7.8 6.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-56644 No No - - Important 7.8 6.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability CVE-2026-58629 No No - - Important 7.0 6.1
DirectX Graphics Kernel Remote Code Execution Vulnerability CVE-2026-50382 No No - - Critical 8.8 7.7
Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability CVE-2026-57088 No No - - Important 7.8 6.8
Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability CVE-2026-50663 No No - - Important 8.8 7.7
GitHub Copilot Remote Code Execution Vulnerability CVE-2026-50510 No No - - Important 7.8 6.8
GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability CVE-2026-47282 No No - - Important 6.5 5.7
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability CVE-2026-41109 No No - - Important 8.8 7.7
HTTP.sys Denial of Service Vulnerability CVE-2026-49787 No No - - Important 7.5 6.5
HTTP.sys Information Disclosure Vulnerability CVE-2026-50420 No No - - Important 6.2 5.4
HTTP/2 Denial of Service Vulnerability CVE-2026-49788 No No - - Important 7.5 6.5
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability CVE-2026-50696 No No - - Important 7.5 6.5
M365 Copilot for iOS Elevation of Privilege Vulnerability CVE-2026-58617 No No - - Important 8.1 7.1
Microsoft 365 Copilot Elevation of Privilege Vulnerability (no customer action required) CVE-2026-41106 No No - - Critical 9.3 8.1
Microsoft Azure Synapse Elevation of Privilege Vulnerability (no customer action required) CVE-2026-26145 No No - - Critical 4.8 4.3
Microsoft Bing App for IOS Spoofing Vulnerability CVE-2026-58595 No No - - Important 8.1 7.1
Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-49162 No No - - Important 7.0 6.1
Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-50305 No No - - Important 7.8 6.8
Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-50361 No No - - Important 7.8 6.8
Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-50466 No No - - Important 7.8 6.8
Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-50458 No No - - Important 7.8 6.8
Microsoft Copilot Remote Code Execution Vulnerability CVE-2026-48561 No No - - Critical 9.6 8.3
Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2026-50329 No No - - Important 7.8 6.8
Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2026-58541 No No - - Important 7.8 6.8
Microsoft Defender Remote Code Execution Vulnerability CVE-2026-55011 No No - - Critical 7.8 6.8
Microsoft Defender Remote Code Execution Vulnerability CVE-2026-55012 No No - - Critical 7.8 6.8
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability CVE-2026-50658 No No - - Important 7.0 6.1
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability CVE-2026-56178 No No - - Important 5.5 4.8
Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability CVE-2026-50657 No No - - Important 4.7 4.1
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability CVE-2026-55944 No No - - Critical 9.8 8.5
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability CVE-2026-58596 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability CVE-2026-55945 No No - - Moderate 4.2 3.7
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability CVE-2026-57991 No No - - Important 7.4 6.4
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability CVE-2026-58291 No No - - Important 6.1 5.3
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57981 No No - - Important 8.8 7.7
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57984 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57985 No No - - Important 7.6 6.6
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57986 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57988 No No - - Important 7.1 6.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57992 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58276 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-56645 No No - - Important 8.8 7.7
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57974 No No - - Important 8.8 7.7
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-57975 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58281 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58284 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58285 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58287 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58288 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58289 No No - - Important 9.0 7.8
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58290 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58292 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58293 No No - - Important 8.1 7.1
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability CVE-2026-58294 No No - - Important 7.5 6.5
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability CVE-2026-57983 No No - - Important 8.7 7.6
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability CVE-2026-58295 No No - - Important 8.3 7.2
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability CVE-2026-58525 No No - - Important 8.2 7.1
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-45488 No No - - Moderate 5.4 4.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-45489 No No - - Moderate 6.5 5.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-57987 No No - - Important 6.5 5.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58278 No No - - Important 5.4 4.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-56646 No No - - Important 6.5 5.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-57977 No No - - Important 7.1 6.2
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-57993 No No - - Important 7.4 6.4
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58282 No No - - Important 8.1 7.1
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58283 No No - - Important 8.1 7.1
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58286 No No - - Important 8.1 7.1
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58298 No No - - Important 7.2 6.3
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58524 No No - - Important 5.4 4.7
Microsoft Edge (Chromium-based) Spoofing Vulnerability CVE-2026-58597 No No - - Low 4.3 3.8
Microsoft Edge for Android Information Disclosure Vulnerability CVE-2026-58296 No No - - Important 7.1 6.2
Microsoft Edge for Android Information Disclosure Vulnerability CVE-2026-58297 No No - - Important 7.1 6.2
Microsoft Edge for Android Information Disclosure Vulnerability CVE-2026-58300 No No - - Important 6.2 5.4
Microsoft Edge for Android Information Disclosure Vulnerability CVE-2026-58522 No No - - Important - -

Comments

No comments yet. Start the discussion.