Microsoft patches record number of security vulnerabilities, citing its use of AI



Microsoft released a record number of security patches for Windows, Office, and other tech product lines this week, citing the use of AI to aid the discovery of code vulnerabilities.
The technology and cloud giant issued patches for 570 security flaws on Tuesday as part of its monthly scheduled release of fixes, which security researchers have long dubbed “Patch Tuesday.”
At least two of the vulnerabilities are classified as zero-days , meaning that they were exploited before Microsoft was made aware of them. One bug affecting Windows Server allows hackers to escalate their privileges from a limited user to a system administrator. Another bug affects the SharePoint file sharing server — the U.S. government’s cybersecurity agency CISA has warned hackers were actively exploiting the bug to compromise organizations.
The huge patch update comes a week after Microsoft said in a blog post that it expected its usual batch of monthly security patches to be far higher in number than before. The company cited its use of AI to help its employees uncover previously undiscovered security bugs in its software.
“As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release,” said Windows boss Pavan Davuluri.
As AI models become more advanced and focused on cybersecurity issues, security researchers are using them to uncover vulnerabilities that may have been dormant in software code for years, if not longer. Parts of Microsoft’s Windows code dates back decades.
Last chance to save up to $190 on TechCrunch Founder Summit. Join 1,000+ founders and VCs at all stages for real-world scaling insights and connections that move the needle. Savings end June 26, 11:59 p.m. PT .

US charges Russian ‘bulletproof’ web hosts over cyberattacks that netted $62M from cybercrime victims

The real AI race may no longer be at the frontier

Hacked, leaked, and held for ransom: The worst breaches of 2026 so far
Latest in Security

Microsoft patches record number of security vulnerabilities, citing its use of AI
US charges Russian ‘bulletproof’ web hosts over cyberattacks that netted $62M from cybercrime victims

Iran abused mobile networks’ vulnerabilities to locate US military in the Middle East, report says
Verified source · TechCrunch
Reported by TechCrunch. Open the original for full media and formatting.
More in Product
All news
ProductApple Intelligence approved for launch in China with Alibaba’s Qwen AI
The deal, which was rumored to be in the works last year, marks an important step for Apple's AI ambitions in a key market.
Read at TechCrunch
Product8BitDo’s FlipPad is the most pocketable way to turn your phone into a Game Boy
Both 8BitDo and GameSir announced tiny gamepads designed to turn smartphones into Game Boy-inspired handhelds at CES 2026. GameSir released its Pocket Taco months ago, but the longer wait for 8BitDo's FlipPad has been well worth it. While the Pocket Taco may be a better fit for…
Read at The Verge
ProductHome Depot’s viral 12-foot skeleton now talks
The Home Depot is once again upgrading its 12-foot-tall skeleton to help keep the viral piece of Halloween decor popular as spooky season creeps closer. Skelly is borrowing some of the tech introduced in the smaller 6.5-foot Ultra Skelly last year, including letting you speak th…
Read at The Verge
ProductWindows 11’s big patch Tuesday allows you to hold off on updates for longer
Microsoft just released a long list of improvements for Windows 11 as part of its bigger patch Tuesdays, patching at least 570 security holes, almost triple the number fixed in last month's record-breaking release, according to Krebs on Security. It also includes the ability to…
Read at The Verge