Microsoft
Microsoft released its largest Patch Tuesday update on record this week, fixing 570 vulnerabilities in Windows and related products, according to BleepingComputer. These include flaws attackers were already using before a fix existed.
Two of the fixed vulnerabilities were already being used in attacks before Microsoft had a patch ready. One, tracked as CVE-2026-56155, lets an attacker who already has some access to a network grant themselves administrator privileges through Active Directory Federation Services, the system many workplaces and schools use to manage employee and student logins. Microsoft's Security Update Guide credits its own Detection and Response Team with catching the exploit in the wild.
The second flaw affects BitLocker, the encryption feature built into Windows that protects the data on your hard drive if your laptop is lost or stolen. SecurityWeek reports that researchers published a working demonstration of the bypass before Microsoft's fix was available, though no confirmed case of an attacker using it outside a lab exists yet. Exploiting the flaw requires physical access to the laptop, which matters mainly if a device goes missing.
Read more: How to prevent Windows disk encryption from locking you out of your PC
The July update also adds Point-in-Time Restore, a new recovery tool that automatically snapshots your system every 24 hours and lets you roll a PC back to a working state from the Windows Recovery Environment if a bad driver or update breaks something. Windows Latest confirmed the feature is on by default for Home and Pro editions with a system drive of 200GB or larger.
Windows installs most security updates automatically, but confirming yours went through takes under a minute: open Settings, go to Windows Update, and check for the July update if it hasn't already installed. If you use BitLocker on a laptop, I'd treat this update as more urgent than a routine patch, since it closes a bypass that's already public.
Read next: Best antivirus software 2026: free and paid picks