Full July 2026 Summary: <a href="https://www.bleepingcomputer.com/microsoft-patch-tuesday-reports/Microsoft-Patch-Tuesday-July-2026.html" rel="nofollow">https://www.bleepingcomputer.com/microsoft-patch-tuesday-rep...</a>
It seems like bug hunting might be the one area where AI is actually making the world a better place.
It would be nice if microsoft had windows update for .net, visual c++, office, windows, edge ... just all their software in one updater, but that would be too easy...
It did work that way for .NET versions but the patches and upgrades caused too many bugs and incompatibility. Folks would install old .net versions anyway.<p>The pattern moved to packaging in all your dependencies.<p>Winget/Microsoft Store etc could auto-update your apps even with packaged .NET DLLs, though.
Isn't that... Windows Update? At least last time I looked it would update .net runtimes, Office, what else? OK, Visual Studio has its own update mechanism. Edge is part of the OS, isn't it?
it's still an opt-in setting though. Windows and OS-components like drivers and Edge do get auto updated yes, but to enable Microsoft Update, you still need to turn on a setting in the Settings app.
even setting up a new PC/laptop with windows, this is off by default.
[dead]
You mean…service packs?
No, "Microsoft Update" is what it was once called (see e.g. <a href="https://learn.microsoft.com/en-us/windows/deployment/update/update-other-microsoft-products" rel="nofollow">https://learn.microsoft.com/en-us/windows/deployment/update/...</a>)
I wonder how many bugs will be introduced with these fixes...
Sounds like a lot but compare it to Edge also being patched for 428 Chromium CVEs this month.<p>If 20 years ago you told me a single piece of software had 428 vulnerabilities I wouldn't have believed it.<p>If Chromium has that many security bugs, perhaps the move fast and break things approach of spraying diarrhea masquerading as code into a keyboard — in a rush to add new features no one asked for — needs to be reexamined.
20 years ago software wasn't as much battle tested as today, had way less feature set, was less connected to the internet, and etc. 428 CVEs looks small, assuming not all have CVSS 9.8 or something.
> If 20 years ago you told me a single piece of software had 428 vulnerabilities I wouldn't have believed it.<p>For something as complex as an operating system or a web browser, even one from 20 years ago (say, Windows XP or IE/Firefox) I wouldn't have believed there were 428 vulnerabilities either, I would have assumed there were much more than that.
Even if it had the Microsoft logo attached? Windows was always known to not be the most secure of products. I can't imagine anything else from the same company would be any better
"Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence."<p>If only real intelligence found the fucking things instead.<p>As ye sew, so shall ye reap!
An employee just got phished by adding a number to a legitimate deviceAdd login route that bypasses 2FA and adds a device with full access to office and mail<p>Probably working as intended...