A Record-Setting Patch Tuesday for Windows and Office

Microsoft's latest monthly security release addressed 570 vulnerabilities spanning Windows, Office, and other core product lines, marking the largest batch of fixes the company has issued in a single "Patch Tuesday" cycle. The scale stands out even against Microsoft's regular monthly cadence of updates, a release schedule security researchers have tracked and nicknamed for years.

The company attributes the surge directly to its growing use of artificial intelligence to comb through code and surface vulnerabilities that had gone unnoticed. Rather than signaling a sudden decline in software quality, the jump in patch volume points to AI-assisted auditing uncovering flaws that were already present but previously invisible to human reviewers.

Microsoft Signaled the Surge a Week in Advance

This month's release wasn't a surprise inside Microsoft. A week earlier, the company published a blog post warning that its routine monthly security updates would grow substantially larger than in the past, specifically because of AI-powered discovery methods.

What Windows Boss Pavan Davuluri Said

Windows chief Pavan Davuluri framed the shift as a natural consequence of better detection tools rather than worsening security: as AI helps defenders find more issues, customers should expect a heavier volume of updates bundled into every security release going forward.

That framing repositions a record-breaking patch load as evidence of stronger defensive tooling rather than weaker code.

Two Zero-Day Vulnerabilities Were Already Under Attack

Among the hundreds of flaws fixed, at least two were zero-days, meaning attackers were exploiting them before Microsoft had a chance to release a fix.

Windows Server Privilege Escalation Flaw

One of the zero-days affects Windows Server and lets an attacker who already holds limited access escalate their permissions all the way up to system administrator level — a serious jump that turns a minor foothold into full control of the machine.

Actively Exploited SharePoint Bug

The second zero-day targets Microsoft's SharePoint file-sharing server. The U.S. Cybersecurity and Infrastructure Security Agency confirmed that hackers were actively exploiting this flaw to compromise organizations, and added it to its catalog of known exploited vulnerabilities as a result.

The zero-day details were first reported by the security news outlet Krebs on Security, which broke the story on the record-breaking scope of this month's patch batch.

Why AI Is Surfacing Bugs That Are Decades Old

Parts of Windows' underlying code date back decades, and security researchers are increasingly turning to advanced AI models trained specifically on cybersecurity tasks to dig through that legacy codebase. These tools are uncovering vulnerabilities that have sat dormant in the software for years, if not longer, since long before AI-assisted review became practical at this scale.

That dynamic suggests the size of monthly patch releases is likely to keep climbing. The backlog of undiscovered issues buried in long-running code isn't something that gets exhausted quickly, and more capable tools mean more of it surfaces with each review cycle.