
Microsoft patches record number of security vulnerabilities, citing its use of AI
Quick Answer
Microsoft has released a record 570 security patches this month, leveraging AI to identify vulnerabilities.
Quick Take
Microsoft has released a record 570 security patches this month, leveraging AI to identify vulnerabilities. Among these, two zero-day flaws pose significant risks, including privilege escalation on Windows Server and active exploitation of a SharePoint bug. This trend indicates a growing reliance on AI for enhanced cybersecurity measures.
Key Points
- 570 security flaws patched in this month's update, the highest ever recorded.
- Two zero-day vulnerabilities were actively exploited before Microsoft was notified.
- AI is increasingly used to discover previously undetected security issues.
- Windows Server bug allows privilege escalation from limited user to administrator.
- CISA warns of active exploitation of a SharePoint file sharing server vulnerability.
📖 Reader Mode
~2 min readIn Brief
Posted:

Microsoft released a record number of security patches for Windows, Office, and other tech product lines this week, citing the use of AI to aid the discovery of code vulnerabilities.
The technology and cloud giant issued patches for 570 security flaws on Tuesday as part of its monthly scheduled release of fixes, which security researchers have long dubbed “Patch Tuesday.”
At least two of the vulnerabilities are classified as zero-days, meaning that they were exploited before Microsoft was made aware of them. One bug affecting Windows Server allows hackers to escalate their privileges from a limited user to a system administrator. Another bug affects the SharePoint file sharing server — the U.S. government’s cybersecurity agency CISA has warned hackers were actively exploiting the bug to compromise organizations.
Krebs on Security first reported the news.
The huge patch update comes a week after Microsoft said in a blog post that it expected its usual batch of monthly security patches to be far higher in number than before. The company cited its use of AI to help its employees uncover previously undiscovered security bugs in its software.
“As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release,” said Windows boss Pavan Davuluri.
As AI models become more advanced and focused on cybersecurity issues, security researchers are using them to uncover vulnerabilities that may have been dormant in software code for years, if not longer. Parts of Microsoft’s Windows code dates back decades.
Topics
Subscribe for the industry’s biggest tech news
Latest in Security
— Originally published at techcrunch.com
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from TechCrunch
See more →
OpenAI launches its new family of models with GPT-5.6
OpenAI has launched GPT-5.6, featuring three models: Sol, Terra, and Luna, with Sol being 54% more token efficient for coding tasks. The models excel in cybersecurity and enterprise applications, outperforming competitors like Anthropic's Fable in benchmarks. Pricing starts at $1 for Luna and goes up to $30 for Sol per million tokens.

