Microsoft Patch Tuesday: AI Finds 570+ Bugs, 2 Exploited
Summary
Microsoft has released over 570 patches this Patch Tuesday, driven by AI-powered bug hunting. This record update includes fixes for two vulnerabilities already being exploited by attackers. One critical flaw, CVE-2026-56155, affects Active Directory Federation Services and is being used in the wild. Another, CVE-2026-56164, is an easily exploitable flaw in Microsoft SharePoint Server, with attackers already taking advantage of it. It can be exploited remotely in low-complexity attacks. Additionally, a proof-of-concept exploit for an unpatched Windows elevation of privilege vulnerability, dubbed LegacyHive, has been released. The US Cybersecurity and Infrastructure Security Agency is urging organizations using SharePoint servers to apply extra hardening measures. This matters because these exploited vulnerabilities could allow attackers to gain control of systems and access sensitive data.
This is an AI-generated audio summary. Always check the original source for complete reporting.