AIToday

Microsoft patches record 570 flaws, credits AI for discovery

TechCrunch AI3h ago
Microsoft patches record 570 flaws, credits AI for discovery

Key takeaway

Microsoft released a record 570 security patches on Tuesday, including at least two zero-days being actively exploited by hackers, attributing the surge to AI-assisted vulnerability discovery. The company signaled this trend will continue as AI tools help defenders uncover bugs that may have been dormant in Windows and other products for years or longer.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    Microsoft released 570 security patches on Tuesday as part of its monthly Patch Tuesday cycle. At least two were zero-days—vulnerabilities actively exploited by hackers before Microsoft was aware of them: one affecting Windows Server privilege escalation, another targeting SharePoint that the U.S. government's CISA agency warned was being actively exploited.

  • Why it matters

    Microsoft attributed the record patch count to AI-aided vulnerability discovery. Windows leader Pavan Davuluri stated that as AI helps defenders surface previously hidden bugs, "customers will see a higher volume of security updates included in each security release." This signals a structural shift: dormant code flaws hidden for years or decades may now be exposed faster.

  • What to watch

    The company telegraphed this surge a week earlier in a blog post predicting higher-volume monthly patches ahead. Security researchers using advanced AI models focused on cybersecurity are increasingly uncovering long-buried vulnerabilities—parts of Windows code date back decades, creating a growing pool of newly exposed risks.

In Depth

On Tuesday, July 15, Microsoft issued 570 security patches across Windows, Office, and other product lines, marking the largest single patch release the company has disclosed. The company attributed this record volume to its use of AI in identifying code vulnerabilities that its teams might otherwise have missed. Windows leader Pavan Davuluri explained the forward-looking implication in a statement: "As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release."

Among the 570 patches, at least two were classified as zero-days—security flaws that had already been exploited by attackers before Microsoft was notified. One zero-day affected Windows Server and allowed attackers with limited user privileges to escalate to system administrator level. The second targeted Microsoft SharePoint, a file-sharing server widely used in enterprise and government environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that hackers were actively exploiting the SharePoint bug to compromise organizations. Krebs on Security first reported the news.

One week prior to the release, Microsoft had signaled this surge in a blog post, setting expectations that monthly security updates would grow significantly higher than historical norms. The company cited its increasingly sophisticated use of AI models to hunt for vulnerabilities in software. As these AI tools become more advanced and purpose-built for cybersecurity, security researchers across the industry are uncovering bugs that may have lain dormant in production code for years or decades. Parts of Microsoft's Windows codebase date back decades, meaning the surfacing of these long-hidden flaws through AI analysis appears to be just the beginning of a larger trend toward higher patch volumes across the technology sector.

Context & Analysis

The 570-patch release marks a turning point in how vulnerabilities surface in enterprise software. Microsoft's explicit connection between AI-driven code analysis and the record patch volume reflects a broader shift in cybersecurity: as AI models become more sophisticated and targeted at bug discovery, they are exposing flaws that existed dormant in production code for years. The company's Windows code base, parts of which date back decades, appears to contain a substantial backlog of such vulnerabilities now detectable by machine analysis.

The two zero-days included in this cycle underscore the practical danger. One granted privilege escalation on Windows Server; the other affected SharePoint and prompted warning from CISA that active exploitation was underway. This combination—record patch volume driven by AI discovery, coupled with concurrent zero-day exploitation—suggests organizations should expect both higher update frequency and continued urgency in applying them. Microsoft's advance announcement of the trend appears designed to set expectations that escalating patch counts reflect improved detection, not declining code quality.

FAQ

What are zero-days?
Zero-days are security vulnerabilities that were exploited by hackers before Microsoft became aware of them. Two of Tuesday's patches addressed zero-days, one allowing privilege escalation on Windows Server and another affecting SharePoint.
Why is Microsoft expecting more patches going forward?
Microsoft said in a blog post that it expects future monthly patches to be higher in number than before because AI is helping its employees discover previously undiscovered security bugs in its software.

Discussion

No discussion yet for this article

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →