Microsoft Patch Tuesday, July 2026 Security Update Review
Microsoft’s July 2026 Patch Tuesday delivers security updates for a broad range of products and services, including several vulnerabilities that pose significant risks to enterprise environments. As attackers continue to target unpatched systems, timely deployment of these updates remains one of the most effective defenses against exploitation. This blog provides an overview of the month’s key security fixes, highlights the most critical vulnerabilities, and offers guidance for prioritizing patch deployment.
This month’s release addresses a whopping 570 vulnerabilities, including 57 critical and 510 important-severity vulnerabilities.
In this month’s updates, Microsoft has addressed three zero-day vulnerabilities, with two exploited in attacks and one publicly disclosed.
There were also a massive 468 Microsoft Edge/Chromium vulnerabilities this month. Of the 468 Edge CVEs, 360 were issued by the Chrome CNA (upstream Chromium fixes rolled into Edge), and the rest are Microsoft-issued CVEs in products Microsoft Edge (Chromium-based) and Microsoft Edge for Android.
Microsoft Patch Tuesday, July edition, includes updates for vulnerabilities in Windows Media, Windows HTTP.sys, Windows Hyper-V, Windows NTFS, Windows BitLocker, Windows Bluetooth Port Driver, Windows Bluetooth Service, Microsoft Copilot, Microsoft Defender, Microsoft Exchange Server, and more.
This month’s release includes fixes for several high-severity issues that could potentially enable remote code execution, privilege escalation, or denial-of-service attacks. As always, timely patch deployment is crucial to reduce exposure and ensure systems remain resilient against exploitation attempts.
The July 2026 Microsoft vulnerabilities are classified as follows:
| Vulnerability Category | Quantity | Severities |
| Spoofing Vulnerability | 16 | Critical: 1
Important: 15 |
| Denial of Service Vulnerability | 35 | Important: 35 |
| Elevation of Privilege Vulnerability | 249 | Critical: 7
Important: 242 |
| Information Disclosure Vulnerability | 101 | Important: 101 |
| Remote Code Execution Vulnerability | 143 | Critical: 48
Important: 95 |
| Security Feature Bypass Vulnerability | 17 | Critical: 1
Important: 16 |
Zero-day Vulnerabilities Patched in July Patch Tuesday Edition
CVE-2026-50661: Windows BitLocker Security Feature Bypass Vulnerability
A protection mechanism failure in Windows BitLocker may allow an unauthenticated attacker to bypass a security feature with a physical attack. A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device to gain access to encrypted data.
CVE-2026-56155: Active Directory Federation Services Elevation of Privilege Vulnerability
Insufficient granularity of access control in Active Directory Federation Services (AD FS) could allow an authenticated attacker to elevate privileges locally. Successful exploitation of the vulnerability may allow an attacker to gain administrator privileges.
CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch it before July 28, 2026.
CVE-2026-56164: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Missing authentication for a critical function in Microsoft Office SharePoint could allow an unauthenticated attacker to elevate privileges over a network.
Microsoft mentioned in the advisory that enabling the Antimalware Scan Interface (AMSI) on the server and setting the Request Body Scan mode to Full can help mitigate this flaw.
CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch it before July 17, 2026.
Critical Severity Vulnerabilities Patched in July Patch Tuesday Edition
CVE-2026-48561: Microsoft Copilot for Android (Edge) Remote Code Execution Vulnerability
A command injection flaw in Microsoft Copilot may allow an unauthenticated attacker to execute code over a network.
CVE-2026-55944: Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Dynamics NAV may allow an unauthenticated attacker to execute code over a network. An attacker could exploit the vulnerability by sending a specially crafted login request to an affected Dynamics NAV or Business Central server.
CVE-2026-55045: Microsoft Office Remote Code Execution Vulnerability
An out-of-bounds read flaw in Microsoft Office allows an unauthenticated attacker to execute code locally.
CVE-2026-42982: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Improper validation of input consistency in Windows Secure Kernel Mode may allow an authenticated attacker to elevate privileges locally.
CVE-2026-56188: Windows Server Network driver Remote Code Execution Vulnerability
A race condition flaw in the Windows Server Network driver may allow an unauthenticated attacker to execute code over a network.
CVE-2026-49164: Windows Active Directory Domain Services Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Active Directory Domain Services may allow an unauthenticated attacker to execute code over a network.
CVE-2026-54992: Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Windows Message Queuing Queue Manager may allow an unauthenticated attacker to execute code locally.
CVE-2026-54982: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
An integer underflow flaw in the Reliable Multicast Transport Driver (RMCAST) may allow an unauthenticated attacker to execute code over an adjacent network.
CVE-2026-54999: Windows TCP/IP Remote Code Execution Vulnerability
A race condition flaw in Windows TCP/IP may allow an unauthenticated attacker to execute code over an adjacent network.
CVE-2026-54995: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
A use-after-free in the Reliable Multicast Transport Driver (RMCAST) may allow an unauthenticated attacker to execute code over a network.
CVE-2026-55008: Microsoft Exchange Server Spoofing Vulnerability
A cross-site scripting flaw in Microsoft Exchange Server may allow an unauthenticated attacker to perform network spoofing.
CVE-2026-55011: Microsoft Defender Remote Code Execution Vulnerability
An integer underflow flaw in Microsoft Defender may allow an unauthenticated attacker to execute code locally.
CVE-2026-55012: Microsoft Defender Remote Code Execution Vulnerability
An integer overflow flaw in Microsoft Defender may allow an unauthenticated attacker to execute code locally.
CVE-2026-54117 & CVE-2026-54118: Microsoft SQL Server Remote Code Execution Vulnerability
A deserialization of untrusted data flaw in SQL Server may allow an authenticated attacker to execute code over a network.
CVE-2026-50694: Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
A use-after-free flaw in Windows Secure Socket Tunneling Protocol may allow an unauthenticated attacker to execute code over a network.
CVE-2026-54127: Windows Hyper-V Elevation of Privilege Vulnerability
A use-after-free flaw in Windows Hyper-V may allow an unauthenticated attacker to elevate privileges locally.
CVE-2026-58644 & CVE-2026-50522: Microsoft SharePoint Remote Code Execution Vulnerability
A deserialization of untrusted data flaw in Microsoft Office SharePoint may allow an unauthenticated attacker to execute code over a network.
CVE-2026-58608: Windows Print Spooler Remote Code Execution Vulnerability
A race condition flaw in Windows Print Spooler Components may allow an authenticated attacker to execute code over a network.
CVE-2026-56159, CVE-2026-50370, CVE-2026-48564, & CVE-2026-50518: DHCP Server Service Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Windows DHCP Server may allow an authenticated attacker to execute code over a network.
CVE-2026-49796 & CVE-2026-50380: Windows GDI+ Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Windows GDI+ may allow an unauthenticated attacker to execute code locally.
CVE-2026-50392: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
A use-after-free flaw in Windows Secure Kernel Mode may allow an authenticated attacker to elevate privileges locally.
CVE-2026-50382: DirectX Graphics Kernel Remote Code Execution Vulnerability
An untrusted pointer dereference flaw in Windows DirectX may allow an authenticated attacker to execute code locally.
CVE-2026-50474: Windows Remote Desktop Client Elevation of Privilege Vulnerability
A use-after-free flaw in the Remote Desktop Client may allow an unauthenticated attacker to elevate privileges over a network.
CVE-2026-50444: Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Missing authentication for a critical function in Windows Server Update Service may allow an authenticated attacker to elevate privileges over a network.
CVE-2026-50327, CVE-2026-50655 & CVE-2026-58542: Windows Media Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Windows Media may allow an unauthenticated attacker to execute code locally.
CVE-2026-50680: Windows Hyper-V Elevation of Privilege Vulnerability
A heap-based buffer overflow flaw in Windows Hyper-V may allow an authenticated attacker to elevate privileges locally.
CVE-2026-54121: Active Directory Certificate Services Elevation of Privilege Vulnerability
An improper authorization flaw in Active Directory Certificate Services (AD CS) may allow an authenticated attacker to gain administrative privileges.
CVE-2026-54128: Windows DHCP Client Remote Code Execution Vulnerability
A use-after-free flaw in Windows DHCP Client may allow an unauthenticated attacker to execute code locally.
CVE-2026-55010: Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Minecraft Bedrock Dedicated Server may allow an unauthenticated attacker to execute code over a network.
CVE-2026-50314, CVE-2026-50467, & CVE-2026-55018: Microsoft Office Remote Code Execution Vulnerability
A use-after-free flaw in Microsoft Office may allow an unauthenticated attacker to execute code locally.
CVE-2026-55022: Microsoft Office Remote Code Execution Vulnerability
A type confusion flaw in Microsoft Office may allow an unauthenticated attacker to execute code locally.
CVE-2026-55049, CVE-2026-55129, CVE-2026-55140, & CVE-2026-55056: Microsoft Office Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Microsoft Office may allow an unauthenticated attacker to execute code locally.
CVE-2026-55033: Microsoft Word Remote Code Execution Vulnerability
An integer overflow or wraparound flaw in Microsoft Office Word may allow an unauthenticated attacker to execute code locally.
CVE-2026-55127: Microsoft Word Remote Code Execution Vulnerability
A heap-based buffer overflow in Microsoft Office Word may allow an unauthenticated attacker to execute code locally.
CVE-2026-55132: Microsoft Word Remote Code Execution Vulnerability
A double-free flaw in Microsoft Office Word may allow an unauthenticated attacker to execute code locally.
CVE-2026-55040: Microsoft SharePoint Server Security Feature Bypass Vulnerability
A weak authentication in Microsoft Office SharePoint may allow an unauthenticated attacker to bypass a security feature over a network.
CVE-2026-55043, CVE-2026-55123, & CVE-2026-55120: Microsoft PowerPoint Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Microsoft Office PowerPoint may allow an unauthenticated attacker to execute code locally.
CVE-2026-56189, CVE-2026-57090, CVE-2026-57094, & CVE-2026-57087: Microsoft Windows Media Foundation Remote Code Execution Vulnerability
A heap-based buffer overflow flaw in Microsoft Windows Media Foundation may allow an unauthenticated attacker to execute code locally.
CVE-2026-57092: Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
A use-after-free in Windows VMSwitch may allow an authenticated attacker to elevate privileges over a network.
Other Microsoft Vulnerability Highlights
- CVE-2026-49170 is an elevation of privilege vulnerability in the Windows StateRepository API Server file. Upon successful exploitation, this vulnerability could allow an attacker to gain SYSTEM privileges.
- CVE-2026-54986 is an elevation of privilege vulnerability in the Windows Win32k. An attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-54114 is an elevation of privilege vulnerability in the Windows Win32k. A use-after-free vulnerability could allow an authenticated attacker to elevate privileges locally.
- CVE-2026-58631 is a remote code execution vulnerability in Windows Admin Center (WAC). An improper authorization flaw may allow an authenticated attacker to execute code locally.
- CVE-2026-49795, CVE-2026-50436, and CVE-2026-50688 are elevation of privilege vulnerabilities in the Windows Kernel. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-49798 is an elevation of privilege vulnerability in the Windows Kernel. An unauthenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-49805 is an elevation of privilege vulnerability in Win32k. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50351 is an elevation of privilege vulnerability in the Windows Audio Compression Manager (ACM). An improper access control flaw may allow an authenticated attacker to elevate privileges locally.
- CVE-2026-50297 & CVE-2026-50325 are elevation of privilege vulnerabilities in win32k. An improper access control could allow an authenticated attacker to elevate privileges locally.
- CVE-2026-50332 is an elevation of privilege vulnerability in the Windows Kernel. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50329 is an elevation of privilege vulnerability in the Microsoft DWM Core Library. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50343 is an elevation of privilege vulnerability in the Microsoft Install Service. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50390 is an elevation of privilege vulnerability in the Windows Kernel. A type confusion flaw may allow an authenticated attacker to elevate privileges locally.
- CVE-2026-50375 is an elevation of privilege vulnerability in the DirectX Graphics Kernel. A heap-based buffer overflow flaw may allow an authenticated attacker to elevate privileges locally.
- CVE-2026-50433 is an elevation of privilege vulnerability in Windows Media. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50423 is an elevation of privilege vulnerability in the Windows Kernel. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50387 is an elevation of privilege vulnerability in the Windows GDI. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50454 is an elevation of privilege vulnerability in the Windows User Interface Core. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50475 is an information disclosure vulnerability in the Windows Kernel. A buffer over-read flaw may allow an authenticated attacker to disclose information locally.
- CVE-2026-50476 is an elevation of privilege vulnerability in the Windows Network Connections Service. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50489 is an elevation of privilege vulnerability in the Win32k. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50509 is an elevation of privilege vulnerability in the Wireless Wide Area Network Service (WwanSvc). An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-50667 is an elevation of privilege vulnerability in the Windows Common Log File System Driver. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-57091 is an elevation of privilege vulnerability in the Windows File History Service. An authenticated attacker may exploit the vulnerability to gain SYSTEM privileges.
- CVE-2026-58531 is an elevation of privilege vulnerability in the Windows SMB. A race condition flaw in Windows SMB could allow an authenticated attacker to elevate privileges locally.
- CVE-2026-58536 is an elevation of privilege vulnerability in the Windows Cloud Files Mini Filter Driver. A use-after-free flaw may allow an authenticated attacker to elevate privileges locally.
- CVE-2026-58596 is an elevation of privilege vulnerability in Microsoft Edge (Chromium-based). Successful exploitation of the vulnerability may allow an unauthenticated attacker to elevate privileges locally.
Microsoft Release Summary
This month’s release notes cover multiple Microsoft product families and products/versions affected, including, but not limited to, .NET, .NET Core, .NET Framework, Active Directory Certificate Services (AD CS), Active Directory Domain Services, Active Directory Federation Services (AD FS), Age of Empires II: Definitive Edition Game, ASP.NET Core, Azure Active Directory, Azure CycleCloud, Azure Monitor Agent, Azure Spring Apps, Code Integrity DLL (ci.dll), Composite Image File System Driver, Content Delivery Manager, Desktop Window Manager, Extensible Storage Engine (ESENT), Github Copilot, GitHub Copilot and Visual Studio, GitHub Copilot and Visual Studio Code, HTTP/2, Microsoft 365 Copilot for iOS, Microsoft Bing App for IOS, Microsoft Copilot, Microsoft Defender, Microsoft Defender for Endpoint, Microsoft Dynamics NAV, Microsoft Exchange Server, Microsoft Fabric Data Warehouse, Microsoft Graphics Component, Microsoft Input Method Editor (IME), Microsoft Install Service, Microsoft NAT Helper Components (ipnathlp.dll), Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Printer Drivers, Microsoft Surface, Microsoft Windows, Microsoft Windows App Store, Microsoft Windows Codecs Library, Microsoft Windows Media Foundation, Microsoft Windows Search Component, Microsoft Windows Speech, Microsoft XML, Microsoft XML Core Services, Minecraft Bedrock Dedicated Server, Outlook Copilot, Power BI, Quality Windows Audio/Video Experience (QWAVE) service, Reliable Multicast Transport Driver (RMCAST), Remote Desktop Client, Role: DNS Server, RPC Runtime, SQL Server, SQL Server ODBC driver, Universal Plug and Play (upnp.dll), Virtual Hard Disk (VHD) Miniport Driver, Visual Studio, Visual Studio Code, Window PC Manager, Windows Active Directory, Windows Admin Center, Windows Ancillary Function Driver for WinSock, Windows App Installer, Windows Application Model, Windows AppX Deployment Service, Windows Audio Compression Manager (ACM), Windows Audio Service, Windows Backup Engine, Windows BitLocker, Windows Bluetooth Port Driver, Windows Bluetooth Service, Windows Boot Loader, Windows Brokering File System, Windows Client-Side Caching (CSC) Service, Windows Clip Service, Windows Clipboard Server, Windows Clipboard User Service, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Connected User Experiences and Telemetry, Windows Container Isolation FS Filter Driver (unionfs.sys), Windows CryptoAPI, Windows Cryptographic Services, Windows Data.dll, Windows Devices Human Interface, Windows DHCP Client, Windows DHCP Server, Windows DirectX, Windows DNS, Windows Domain Controller, Windows DWM, Windows DWM Core Library, Windows Event Logging Service, Windows File Explorer, Windows File History Service, Windows Filtering Platform (WFP), Windows FTP Service, Windows GDI, Windows GDI+, Windows Graphics Kernel, Windows Group Policy, Windows HTTP.sys, Windows Hyper-V, Windows Image Acquisition, Windows Installer, Windows Internal System User Profile, Windows Internal Task Bar, Windows Internet Key Exchange (IKE) Protocol, Windows Kernel, Windows Kernel Mode Driver, Windows Kernel-Mode Drivers, Windows Key Guard, Windows Local Security Authority Subsystem Service (LSASS), Windows LUAFV, Windows Management Services, Windows Media, Windows Message Queuing, Windows Message Queuing Queue Manager, Windows MIDI Service Module, Windows Narrator Braille, Windows Netlogon, Windows Network Address Translation (NAT), Windows Network File System, Windows Network Policy Server SNMP, Windows Notification, Windows NTFS, Windows OLE, Windows Operating Systems, Windows Overlay Filter, Windows PowerShell, Windows Print Spooler Components, Windows Projected File System, Windows Push Notifications, Windows Quality of Service (QoS) Packet Scheduler, Windows RDP, Windows Redirected Drive Buffering, Windows Remote Access Connection Manager, Windows Remote Access Service Infrastructure, Windows Remote Desktop Protocol, Windows Remote Desktop Services, Windows Remote Help Defense, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows RPC API, Windows Runtime, Windows Schannel, Windows Secure Boot, Windows Secure Kernel Mode, Windows Secure Socket Tunneling Protocol (SSTP), Windows Sensor Data Service, Windows Server, Windows Server Backup, Windows Server Network driver, Windows Server Update Service, Windows SMB, Windows SMB Server, Windows SMB Server Network Transport Driver (srvnet.sys), Windows Spaceport.sys, Windows StateRepository API, Windows Storage, Windows Storage Spaces Direct, Windows Subsystem for Linux, Windows System, Windows TCP/IP, Windows Telephony Service, Windows Terminal, Windows Trusted Runtime Interface Driver, Windows Unified Consent System, Windows Universal Disk Format File System Driver (UDFS), Windows USB Audio Class driver (usbaudio.sys), Windows USB Driver, Windows USB Hub Driver, Windows USB Print Driver, Windows USB Video Driver, Windows User Interface Core, Windows Virtual Filtering Platform (VFP), Windows VMSwitch, Windows WalletService, Windows Web Proxy Auto-Discovery Protocol (WPAD), Windows WebView, Windows Win32K, Windows Win32K – GRFX, Windows Wireless Networking, and Windows Wireless Wide Area Network Service.
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its Knowledgebase (KB).
You can see all your impacted hosts by these vulnerabilities using the following QQL query:
vulnerabilities.vulnerability: ( qid: 110529 or qid: 110530 or qid: 387867 or qid: 387868 or qid: 50148 or qid: 92416 or qid: 92417 or qid: 92418 or qid: 92419 or qid: 92420 or qid: 92421 or qid: 92422 or qid: 92423 or qid: 92424 or qid: 92425 or qid: 92426 or qid: 92427 or qid: 92428 )

Rapid Response with TruRisk
Eliminate
Patch to the Latest Version
VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches with one click.
The following QQL will return the missing patches for this Patch Tuesday:
( qid: 110529 or qid: 110530 or qid: 387867 or qid: 387868 or qid: 50148 or qid: 92416 or qid: 92417 or qid: 92418 or qid: 92419 or qid: 92420 or qid: 92421 or qid: 92422 or qid: 92423 or qid: 92424 or qid: 92425 or qid: 92426 or qid: 92427 or qid: 92428 )

Mitigation: Reducing Risk Until Remediation
Not every team can patch immediately due to operational challenges. TruRisk
Eliminate enables security teams to apply mitigation controls that immediately lower exposure and reduce the Qualys Detection Score (QDS).
EVALUATE Vendor-Suggested Mitigation with Policy Audit (PA)
With Qualys Policy Audit’s Out-of-the-Box Mitigation or Compensatory Controls, which reduce the risk of a vulnerability being exploited because the remediation (fix/patch) cannot be done now, these security controls are not recommended by any industry standards, such as CIS or DISA-STIG.
Qualys Policy Audit team releases these exclusive controls based on Vendor-suggested Mitigation/Workaround.
Mitigation refers to a setting, common configuration, or general best practice that exists in a default state and could reduce the severity of a vulnerability’s exploitation.
A workaround is a method, sometimes used temporarily, for achieving a task or goal when the usual or planned method isn’t working. Information technology often uses a workaround to overcome hardware, programming, or communication problems. Once a problem is fixed, a workaround is usually abandoned.
The following Qualys Policy Audit Control IDs (CIDs) and System Defined Controls (SDC) have been updated to support Microsoft-recommended mitigation(s) for this Patch Tuesday:
CVE-2026-56164: Microsoft SharePoint Server Elevation of Privilege Vulnerability
This vulnerability has a CVSS: 3.1 5.3 / 4.9
Policy Audit Control IDs (CIDs):
- 30908 Status of the ‘Antimalware Scan Interface’ in SharePoint Server
The following QQL will return a posture assessment for the CIDs for this Patch Tuesday:
control.id: [30908]

Visit the July 2026 Security Updates to access the full description of each vulnerability and the systems it affects.
Qualys customers can scan their network with QIDs 110529, 110530, 387867, 387868, 50148, 92416, 92417, 92418, 92419, 92420, 92421, 92422, 92423, 92424, 92425, 92426, 92427, and 92428 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References:
https://msrc.microsoft.com/update-guide
https://msrc.microsoft.com/update-guide/releaseNote/2026-Jul

Comments are closed.