Microsoft's largest Patch Tuesday ever: 570 flaws, Kerberos encryption overhaul
The record-breaking update also forces a long-planned authentication change that could disrupt legacy Windows environments.

Image by Cybernews.
- Microsoft's July security update tackles more than 500 flaws, including multiple critical vulnerabilities and exploited zero-days.
- The update also begins mandatory Kerberos RC4 enforcement, potentially affecting organizations using legacy authentication.
- Just days after warning AI would accelerate vulnerability discovery, Microsoft delivered its biggest Patch Tuesday on record.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
Microsoft releases its largest Patch Tuesday ever, fixing 570 vulnerabilities, including 59 critical flaws and three zero-days – and begins forcing organizations to phase out legacy Kerberos RC4 encryption.
The July security update, released Tuesday, spans Windows, Office, Exchange Server, SharePoint Server, SQL Server, Azure, Visual Studio, and other Microsoft products.
Three zero-days demand immediate attention
Two of the zero-days – (CVE-2026-56155 and CVE-2026-56164) – were actively exploited before patches became available.
The third – a BitLocker security feature bypass (CVE-2026-50661) – was previously publicly disclosed but has not been confirmed as exploited, according to an executive summary of the release published by Zecurit.
The security management company is urging defenders to treat all three zero-days as “immediate patching priorities.”
According to Microsoft's Security Update Guide, the first two actively exploited zero-days – affecting Active Directory Federation Services (AD FS) and Microsoft SharePoint Server – can allow attackers to escalate privileges, and in the case of the SharePoint bug, do so remotely.
The third zero-day – affecting Windows BitLocker – can allow an attacker with physical access to bypass device encryption.As for the 59 critical vulnerabilities, Microsoft has patched 145 remote code execution flaws, including critical bugs affecting Exchange Server, SharePoint Server, SQL Server, DHCP Server, Hyper-V, Office, Word, Excel, and PowerPoint.
Microsoft flips Kerberos into enforcement mode (or Kerberos enforcement phase officially begins)
Besides the record-breaking number of patches, Microsoft's July update begins enforcing the transition away from legacy RC4 encryption for Kerberos, the authentication protocol used by Active Directory to verify users and services across Windows domains.
As part of the new update, Windows domain controllers will no longer fall back to RC4-based Kerberos tickets when no explicit configuration exists.
Instead, organizations will be forced to move supported Kerberos configurations to stronger AES-based encryption.
Microsoft says the enhanced encryption will help prevent threat actors from carrying out credential-recovery attacks, which often involve cracking stolen credentials offline through brute-force attacks.
Microsoft warns that after installing the update, organizations still relying on RC4-based service accounts, legacy applications, or non-Windows integrations could experience Kerberos authentication failures will no longer be able to authenticate users via Kerberos.
Dell compatibility issue delays update for some PCs
One important note for Dell users finds Microsoft temporarily pausing the Windows 11 security update for a limited number of Dell devices with Intel processors.
Microsoft says the update could trigger unexpected shutdowns, degraded performance, overheating, and battery drain. The company said it is working with Dell on a fix before resuming the rollout.
Has your password leaked?