Microsoft patches record 570 Windows security bugs with two exploited zero days – update now

Microsoft's July Patch Tuesday update for Windows 11

Lance Whitney/ZDNET

Follow ZDNET: Add us as a preferred source on Google.


ZDNET’s key takeaways

  • Microsoft has patched a record 570 Windows security flaws for July.
  • The flaws include three zero-days, two of which have been exploited.
  • The update also enhances key features like File Explorer and Bluetooth.

The second Tuesday of the month marks Patch Tuesday, when Microsoft squashes a slew of security bugs in Windows. But July boasts a new record for the most bugs patched, so this is one update you’ll want to install ASAP.

The updates are available for Windows 11 25H2/24H2 and 23H2, as well as for Windows 10 (assuming you’re enrolled in the free Extended Security Update program). I have a couple of virtual machines running Windows 10, which I keep patched via the ESU.

As usual, July’s Patch Tuesday updates are mandatory, which means they download and install automatically. All you need to do is reboot your PC for the update to take effect.

Also: Windows Search just got a faster, cleaner overhaul – how to try it today

To check manually in Windows 11, head to Settings and select Windows Update. In Windows 10, go to Settings, select Update & Security, and then click Windows Update. You should see the new update waiting for a reboot. If not, click the “Check for updates” button to download and install it.

Now for the details.

What’s included in July’s Patch Tuesday?

For July, Microsoft patched a whopping 570 Windows security flaws, the most ever in a single month. This tops previous record-breakers in which the company squashed 206 bugs in June and 164 in April. Why the growing trend? Thank AI.

Microsoft employs its own internal “multi-model agentic scanning harness,” codenamed MDASH. This AI-powered tool tries to identify true Windows vulnerabilities, reduce false positives, and deliver the results to engineers more quickly. Overall, this reduces the amount of time during which attackers can exploit zero-day flaws.

“Microsoft has warned that organizations should expect security updates to become more frequent as the company expands its use of AI to uncover vulnerabilities and accelerate patch development, while continuing to rely on human engineers for final validation and release decisions,” patch management provider Action1 said in a post on the latest update.

Among the vulnerabilities patched this month, three were zero-days, according to Action1. Two of them have already been exploited in attacks, while the third was publicly disclosed, which means that attackers could have exploited it. The two already exploited flaws include one that affects Microsoft’s Active Directory and one focused on Microsoft SharePoint, making them of greater impact to organizations.

Also: Windows questions? How Copilot can analyze your PC settings now

But the publicly disclosed flaw targets Microsoft’s BitLocker encryption feature, making it a concern for both individual and enterprise users. Here, someone with physical access to a computer could bypass BitLocker security to sneak into an encrypted system drive and view your personal files.

“Although the attack requires physical access, the potential exposure of sensitive corporate or personal information makes this a significant security concern, particularly for lost, stolen, or unattended devices,” Action1 said. “Systems deployed in remote locations or shared environments may be particularly vulnerable.”

An important update

Add up the three zero-days and the 61 vulnerabilities rated critical, and this is an important update you’ll want to install. But there’s more here than just security fixes. The July update also enhances several key Windows features.

The Widgets app has been a controversial feature, not just due to its content, but because of the easy way you can trigger it by hovering over its taskbar icon. With the July update, the Widgets screen no longer opens by default when you hover over the icon. The tool now opens to the dashboard instead of Microsoft’s Discover page. Plus, you can more easily change any of the default settings.

Also: Microsoft’s new Windows 11 recovery tool is the ultimate Undo button – how to enable it

File Explorer should now load faster and prove more responsive when you mount a virtual drive. The suggestions that pop up in the address bar should be more reliable, and the address bar itself now supports folder and filename paths that include double backslashes and quotation marks, allowing you to access a wider variety of locations.

Bluetooth can be a problem child in Windows. The latest update promises to improve the speed and reliability of connecting to Bluetooth devices. Apple’s AirPods will pop up faster when you try to pair them, while the microphone on Beats Studio Pro headphones aims to be more reliable.

Setting up and using a printer is often another temperamental task in Windows. Now, new third-party printer installations will use the Internet Printing Protocol and Windows Ready Print by default. This aims to ease the setup and improve the reliability of adding a printer.

Also: You can soon restore Windows 11 from scratch even if it can’t boot up – here’s how

As one more piece of icing on the cake, you can now pause Windows updates until a specific date instead of for just a general time frame, such as one week. To try this one, go to the Windows Update screen and select the Pick a date box next to Pause updates. Then just select the date on which you want to resume updates. But do remember to resume updates at some point, especially when you’ve got an important one waiting to be installed.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *