Could Microsoft's AI era spell the end of Patch Tuesday? Experts say yes.
AI is accelerating Windows security fixes – and challenging Microsoft's decades-old monthly update model.

Image by Cybernews.
- Microsoft says AI is finding more Windows vulnerabilities, leading to larger Patch Tuesday security releases.
- Security experts say faster AI-driven discovery could eventually replace monthly patching with rolling updates.
- The shift could change how organizations manage Windows security and respond to emerging threats.
Microsoft is warning enterprise customers to expect larger Patch Tuesday releases for the foreseeable future as the company continues to integrate advanced AI models to help identify new security vulnerabilities, develop fixes, and disclose them to the public.
Security experts now say this growing trend could signal the beginning of the end for Patch Tuesday – or at least change how the industry’s largest vulnerability response program has been operating since 2003.
AI is accelerating vulnerability discovery
June's record-breaking Patch Tuesday fixed more than 200 vulnerabilities – a clear sign that AI-assisted vulnerability hunting across the Windows ecosystem will only accelerate the pace of discovery and disclosure.
“As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release,” Pavan Davuluri, Executive Vice President of Windows + Devices, wrote in a Windows Experience blog post on Thursday.
“Our focus is to effectively utilize these AI tools to support faster protection, stronger engineering systems and more actionable guidance for customers,” Davuluri said.
Rolling security updates could replace the monthly cycle
Gene Moody, Field CTO at Action1, a patch management solutions firm, has watched the patching process evolve over the past four decades – from slow, manual release cycles into something far more automated and responsive.
“AI is now pushing that evolution into a new place, one where vulnerability discovery, patch development, validation, and release need to all happen much faster than they ever did before,” he says.
The CTO predicts a future where Microsoft and others “move steadily away from scheduled monthly patch cycles in favor of rolling updates for most security issues.”
He says organizations should expect releases to arrive as close to real time as research allows.
"The work of finding and fixing vulnerabilities continues to get faster, broader, and more rigorous across the industry. Customers should expect this to be reflected in the size of a given Patch Tuesday, and at times in how updates are delivered."– Tom Gallagher, head of the Microsoft Security Response Center (MSRC)
Microsoft was already talking about a revised patching schedule back in May – coinciding with Anthropic’s explosive release of its advanced AI security model Mythos, and the watered-down Fable 5.
While defenders began to adjust to this new AI-fueled reality, Tom Gallagher, head of the Microsoft Security Response Center (MSRC) engineering team, authored a blog post detailing how AI was not only accelerating vulnerability discovery but also improving the speed of the entire patching lifecycle.
“Advanced AI models enable us to reason about code paths and configurations at a speed and consistency that would not be possible through manual review alone,” Gallagher wrote at the time, anticipating Microsoft’s larger security releases.
“Issues can be found and mitigated faster. Patches can be studied and reasoned about faster. In that environment, the value of consistent security fundamentals – timely patching, exposure reduction, identity hygiene, segmentation, and strong detection and response – only increases,” he said.
Why Patch Tuesday may no longer be enough
Comparing the more traditional Patch Tuesday – which saw less frequent updates often bundled into large service packs or scheduled maintenance windows — Moody says modern threats now require a different approach.
“Attackers move faster, exploit windows are shorter, and the monthly cadence of old looks like a relic of a slower era – because it is,” Moody explains.
“The history of updating has always been shaped by the speed of the threat.”– Gene Moody, Field CTO at Action1
He says that AI is likely to expose new classes of vulnerabilities, with some flaws originating from AI-assisted development itself.
Logically, Moody says the future of updating must become “more continuous, more adaptive, and less tied to a fixed calendar.”
Stay updated with our latest stories and follow us on social media
Be the first to discover new stories, ideas, and updates from our team.
Moody says “faster patch creation and delivery, paired with more agile practices on the customer side, would finally start to align patching with the pace of modern discovery and exploitation,” something he calls a win for the entire industry.
“What needs to happen is simple; patching on a calendar is no longer a safe assumption in today’s threat landscape. Patching where and when needed vs scheduled is the only path forward," he said.
Strong password generator