Microsoft released a record number of security patches this week, fixing 570 vulnerabilities across Windows, Office, and other products. The company attributed the surge to its use of artificial intelligence to detect flaws in its code. Two of the bugs are zero-days that were already being exploited in the wild.
Record Patch Tuesday
The patches arrived as part of Microsoft's monthly "Patch Tuesday" update. Among the most critical fixes is a privilege escalation bug in Windows Server that lets attackers gain admin-level access. Another zero-day affects SharePoint Server, with the U.S. cybersecurity agency CISA warning that hackers are actively exploiting it to breach organizations.
AI's role in vulnerability discovery
Microsoft had signaled last week that its patch volume would increase, citing AI tools that help engineers uncover bugs that might otherwise go unnoticed. Windows chief Pavan Davuluri explained that as AI helps defenders find more issues, customers should expect a higher number of security updates in each release. Many of these vulnerabilities may have existed for years in legacy code, some dating back decades.