
Microsoft released its July Patch Tuesday update on Wednesday, fixing 570 vulnerabilities in a single month, shattering the previous record of 206 set just one month earlier in June.
Among the patched flaws are three zero-day vulnerabilities, two of which are already under active exploitation. The third, a BitLocker encryption bypass, was publicly disclosed but has not yet been confirmed as exploited in the wild. Microsoft also rated 61 of the vulnerabilities as critical.
The explosive growth in patch volume is driven by MDASH, Microsoft’s internal AI tool for automated vulnerability discovery. The multi-model agentic scanning harness scans Windows code at scale, identifying security flaws and reducing false positives far faster than traditional manual auditing. Microsoft has warned that organizations should expect monthly security updates to continue growing as the company expands its use of AI for vulnerability discovery and patch development.
Beyond security fixes, the update includes several functional improvements: the Widgets panel no longer opens automatically on taskbar hover, Bluetooth pairing has been improved with faster Apple AirPods connectivity, and the update pause feature now lets users specify an exact date instead of a fixed time window.
The update is available through Windows Update for supported builds, Windows 11 25H2/24H2 (KB5101650), Windows 11 23H2 (KB5099414), and Windows 10 (KB5099539, requiring Extended Security Update enrollment).
Known issue with Dell systems: Microsoft has paused the update for certain Dell devices with Intel processors due to an incompatibility that can cause unexpected shutdowns, poor performance, excessive heat, and battery drain. Microsoft and Dell are working on a resolution expected in the coming days.
Sources: Microsoft patches 570 vulnerabilities exploited zero days (ZDNet, July 15, 2026)

