Key facts
- Microsoft issued 570 security patches for Windows, Office, and other products.
- The company stated that AI tools were used to discover these vulnerabilities.
- At least two of the patched vulnerabilities were zero-days.
- A Windows Server vulnerability allowed hackers to escalate privileges.
- A SharePoint vulnerability was actively exploited by hackers.
Microsoft released a record 570 security patches for its products, including Windows and Office, this week. The company attributed the significant increase in vulnerabilities discovered to its use of artificial intelligence tools. These AI models are helping employees uncover previously unknown security bugs in software, some of which dates back decades.
Among the patches were at least two zero-day vulnerabilities, meaning they were exploited before Microsoft became aware of them. One critical bug affecting Windows Server allows attackers to gain system administrator privileges from a limited user account. Another vulnerability targets the SharePoint file sharing server, prompting a warning from the U.S. government's cybersecurity agency, CISA, about active exploitation by hackers to compromise organizations.
Pavan Davuluri, head of Windows, stated that as AI becomes more advanced in cybersecurity, customers can expect a higher volume of security updates in each release.
