Microsoft's July Patch Tuesday update addresses 570 vulnerabilities, including three critical zero-days. The vulnerabilities include 254 elevation-of-privilege flaws, 17 security feature bypasses, 145 remote-code-execution issues, 102 information disclosures, 16 spoofing vulnerabilities, and 35 denial-of-service vulnerabilities. Among these, 59 bugs are classified as "critical." The three zero-days patched are CVE-2026-56155 (elevation of privilege in Active Directory Federation Services), CVE-2026-56164 (elevation of privilege in Microsoft SharePoint Server), and CVE-2026-50661 (security bypass in Windows BitLocker). The update is recommended to be installed as soon as possible, and users can check for updates through the Windows Update settings.