Microsoft's July 2026 security update addresses 622 vulnerabilities, with 57 classified as "critical." Two critical vulnerabilities, CVE-2026-56155 (Active Directory Federation Services) and CVE-2026-56164 (Microsoft SharePoint Server), have been exploited in the wild. The critical vulnerabilities include 48 remote code execution (RCE) vulnerabilities, seven elevation of privilege (EoP) vulnerabilities, one spoofing vulnerability, and one security feature bypass vulnerability. RCE vulnerabilities affect various Microsoft services, including Windows Media, Microsoft Office, and SQL Server, with eleven rated as "more likely" to be exploited. Additional important vulnerabilities include CVE-2026-49170, CVE-2026-49795, and CVE-2026-50325. Talos is releasing a new Snort ruleset to detect these vulnerabilities, and Cisco Security Firewall customers are advised to update their ruleset.