Microsoft released its largest Patch Tuesday to date, addressing 622 vulnerabilities, including two zero-day elevation-of-privilege flaws actively exploited in SharePoint Server (CVE-2026-56164) and Active Directory Federation Services (CVE-2026-56155). Organizations are urged to prioritize these patches despite their moderate severity ratings, as both affect critical identity and collaboration infrastructure, and attackers are currently exploiting them. The update also ends support for SharePoint Server 2016 and 2019, and continues Kerberos RC4 hardening, which may cause authentication issues if service accounts still rely on RC4.
https://thehackernews.com/2026/07/microsoft-patches-record-622-flaws.html

