Microsoft Patch Tuesday – July 2026

Today is Microsoft Patch Tuesday for July 2026. There are 621 vulnerabilities that have been addressed this time around. Two of them are actively exploited zero-days affecting SharePoint Server and Active Directory Federation Services, and one publicly disclosed BitLocker bypass is also included. We recommend applying these updates as soon as possible.

Notable Patch Tuesday vulnerabilities for July

CVE-2026-56164

A missing authentication check in Microsoft SharePoint Server lets an unauthenticated attacker elevate privileges over the network. This is a zero-day that is being actively exploited, so on-premises SharePoint Server farms should be patched first.

CVE-2026-56155

An access control weakness in Active Directory Federation Services allows an attacker who already has a low-privileged account on the server to gain administrator privileges. This zero-day is being actively exploited and affects environments running on-premises AD FS.

CVE-2026-50661

A protection mechanism failure in Windows BitLocker lets an attacker with physical access to a device bypass drive encryption and read the protected data. The issue has been publicly disclosed but is not known to be exploited, and it requires physical access to the machine.

For more detailed information on these and other vulnerabilities, please refer to the release notes: : https://msrc.microsoft.com/update-guide/releaseNote/2026-Jul

Need help addressing the above in your own organization? Speak to an Outpost24 expert.

About the Author

Marcus White Cybersecurity Specialist, Outpost24

Marcus is an Outpost24 cybersecurity specialist based in the UK, with 8+ years experience in the tech and cyber sectors. He writes about attack surface management, application security, threat intelligence, and compliance.