🚨Microsoft Patches Over 600 CVEs in Record-Breaking Month
Your Windows and Office systems just got a major security update
TL;DR
Microsoft released an unprecedented 622 Common Vulnerabilities and Exposures (CVE) patches this month. This is the highest number ever, with over half being critical vulnerabilities.
Microsoft just dropped a bombshell with its September Patch Tuesday release: 622 CVEs patched, more than triple last month's all-time high. If you're running Windows or Office, your security just got a major boost. But this isn't just about numbers; fifty-eight of these are critical, and two are already being exploited in the wild. The actively exploited vulnerabilities include an elevation of privilege issue in Active Directory Federation Services (CVE-2026-56155) and another in Microsoft SharePoint (CVE-2026-56164). That's not all; there are 30 critical CVEs, including 16 remote code execution vulnerabilities in Office apps. If you're managing systems or applications that rely on these products, now is the time to update.

Key Points
Microsoft released 622 Common Vulnerabilities and Exposures (CVE) patches on September Patch Tuesday
Fifty-eight of the patched vulnerabilities are rated as critical by Microsoft, including two actively exploited CVEs
One of the actively exploited vulnerabilities is a privilege elevation issue in Active Directory Federation Services (CVE-2026-56155)
Another actively exploited vulnerability involves SharePoint and allows for privilege escalation (CVE-2026-56164)
Adobe released 64 unique CVEs across seven bulletins, addressing issues in Commerce, Experience Manager, and more
Why It Matters
If you're managing Windows or Office systems, this update is crucial. The critical vulnerabilities include actively exploited flaws that could compromise your system's security. For instance, the privilege elevation issue in Active Directory (CVE-2026-56155) can be a game-changer for organizations relying on ADFS for authentication and authorization.
Frequently Asked Questions
Why does this matter?
If you're managing Windows or Office systems, this update is crucial. The critical vulnerabilities include actively exploited flaws that could compromise your system's security. For instance, the privilege elevation issue in Active Directory (CVE-2026-56155) can be a game-changer for organizations relying on ADFS for authentication and authorization.
What happened?
Microsoft released an unprecedented 622 Common Vulnerabilities and Exposures (CVE) patches this month. This is the highest number ever, with over half being critical vulnerabilities.
Comments
Be the first to comment
Enjoyed this article?
Get it daily. 7am. Free. Reads in 5 minutes.
Join 2,074 builders reading daily.