Microsoft patches record 198 Windows bugs in June update – and 3 are zero days

Microsoft’s latest Patch Tuesday has set a new benchmark by addressing an impressive 198 security vulnerabilities, marking the most extensive update in recent memory. Among these, 32 flaws have been classified as critical, while three are categorized as zero-day vulnerabilities. Given the nature of these updates, Windows users are strongly encouraged to ensure they are installed promptly.

This month’s updates are detailed across three specific KB articles: KB5094126 for Windows 11 versions 24H2 and 25H2, KB5093998 for version 23H2, and KB5094127 for Windows 10. As these updates are mandatory, they will automatically download and install. However, users should verify their installation status, as a reboot is required for the changes to take effect.

Bugs squashed with AI’s help

To check for updates in Windows 11, navigate to Settings and select Windows Update. If a restart is pending, simply reboot your computer. For Windows 10 users enrolled in the Extended Security Updates (ESU) program, the process involves going to Settings, selecting Update & Security, and checking for updates as needed.

The remarkable number of vulnerabilities addressed this month can be attributed to advancements in artificial intelligence. Companies like Microsoft are leveraging AI models, such as Anthropic’s Claude Mythos, to expedite the identification and resolution of security flaws. This trend is evident in the recent patching efforts by Mozilla, which resolved 271 vulnerabilities in Firefox with the assistance of an early version of Claude Mythos Preview.

According to Action1, a patch management provider, “The unusually high volume of disclosures reflects a broader trend in vulnerability research, where advances in AI-assisted analysis and initiatives such as Mythos are helping researchers uncover flaws at a much faster pace than before.” The critical nature of the 32 vulnerabilities, along with the three zero-days, underscores the urgency of installing this update. These zero-days, while not actively exploited, were publicly disclosed, leaving systems vulnerable until patched.

Among the zero-day vulnerabilities, one allows an attacker to gain Windows System privileges through a flaw that improperly resolves file links. Another, which poses a significant risk to organizations, could facilitate a denial-of-service attack via an HTTP vulnerability. The third zero-day relates to a flaw in Windows BitLocker, which could enable an attacker with physical access to an unpatched PC to capture encrypted data from the hard drive.

Update includes these new Windows 11 features

In addition to security enhancements, the June Patch Tuesday update introduces several new features to Windows 11. With older Secure Boot certificates nearing expiration, Microsoft is providing new certificates for supported devices. A notable addition is the Low Latency Profile, designed to enhance performance by delivering a quick boost to the processor for certain tasks.

Windows 11 now supports shared audio devices, allowing multiple Bluetooth connections simultaneously. This feature enables users to enjoy the same content together, whether it’s a TV show or music, using their individual earbuds or headsets.

Another enhancement allows the webcam to function across multiple applications concurrently, facilitating seamless transitions between Zoom meetings, Google Meet video calls, and even Snapchat filters without the need to toggle between apps.

Lastly, users can now assign a custom name to their user folder during the Windows 11 setup process, moving away from the automatic naming convention based on the username, which previously lacked flexibility.

Winsage
Microsoft patches record 198 Windows bugs in June update - and 3 are zero days