July 2026 News & Updates
CTC News
- MyIT Program Pricing Reminder – Our new MyIT Program pricing went into effect on 1 June 2026. If you haven’t reviewed your service level yet, details are available here.
- July Monthly Maintenance Underway – Our July monthly maintenance cycle is in progress. This month’s focus includes security patch verification, backup integrity checks, and system optimization. If you haven’t scheduled your maintenance window yet, please reach out to ensure your systems stay current.
- MyIT Program Reminder – For businesses running without managed IT, the MyIT Program provides enterprise-level protection without enterprise-level pricing. With no term agreements, you can cancel anytime if you don’t find value. Details available here.
Industry News
- Second Record-Breaking Patch Tuesday in a row: 570 (or 622, depending on who you ask) Vulnerabilities – July 2026 marks the largest Patch Tuesday in history with Microsoft patching 570 security flaws, nearly triple the previous record of 206 from June. Microsoft attributes this explosion directly to artificial intelligence: “The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code.” This isn’t a statistic—it’s a warning. AI is accelerating both discovery and exploitation simultaneously.
- Two Zero-Days Already Exploited – Among the 570 patches are three zero-day vulnerabilities, two already under active exploitation: CVE-2026-56155 (Active Directory Federation Services elevation of privilege) and CVE-2026-56164 (Microsoft SharePoint Server elevation of privilege). The SharePoint flaw was added to CISA’s Known Exploited Vulnerabilities list on July 1—before Patch Tuesday arrived. Microsoft credited the discovery to their own DART team and Mandiant, indicating these were found during active incident response.
- AI vs. Exploitability Index – Security researchers now warn that Microsoft’s “exploitability index” (which rates how likely a vulnerability is to be exploited) is becoming obsolete. Anthropic’s Red Team demonstrated their AI model could produce working exploits for 13 of 14 vulnerabilities rated “Exploitation Less Likely” or “Exploitation Unlikely.” As Tenable’s Satnam Narang notes: “Defense needs to improve alongside” AI-driven discovery. The old rules no longer apply.
- Industry-Wide Acceleration – Adobe announced they are moving to twice-monthly security bulletins (2nd and 4th Tuesday), citing AI for accelerating their patch cycles. Google shipped over 900 security fixes in June. Cisco, Mozilla, Oracle, and others are also increasing patch frequency. The monthly cadence is no longer sufficient to keep pace with AI-driven discovery.
- Dell/Intel Compatibility Issues – Microsoft has confirmed that the July 2026 security update for Windows 11 (KB5101650) is not available for a limited number of Dell devices with Intel processors due to incompatibility that can cause unexpected shutdowns, poor performance, increased heat, and battery drain. Microsoft and Dell are working on a resolution.
Updates
DEPLOY IMMEDIATELY – Microsoft’s July 2026 Patch Tuesday was record-breaking: 570 vulnerabilities patched, including 59 critical bugs and 3 zero-day vulnerabilities (two actively exploited in the wild, one publicly disclosed). The breakdown by category: 254 elevation of privilege, 145 remote code execution, 102 information disclosure, 35 denial of service, 17 security feature bypass, and 16 spoofing vulnerabilities.
Actively Exploited:
- CVE-2026-56155 – Active Directory Federation Services elevation of privilege (discovered by Microsoft’s DART team during incident response)
- CVE-2026-56164 – Microsoft SharePoint Server elevation of privilege (credited to Mandiant, Google, and anonymous researchers; added to CISA KEV July 1)
Publicly Disclosed:
CVE-2026-50661 – Windows BitLocker security feature bypass (allows attackers with physical access to access encrypted data)
Notable Critical:
CVE-2026-48561 – Microsoft Copilot remote code execution (CVSS 9.6), allowing attackers to execute code by hosting a malicious website that triggers Edge for Android to send crafted prompts to Copilot
CVE-2026-54128 – Windows DHCP Client remote code execution (interesting for public WiFi attacks)
Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critical, it’s important that the updates are installed.
Additional details on this month’s Microsoft updates are available from SANS Internet Storm Center, Krebs on Security, Bleeping Computer, CrowdStrike.
Adobe has released 7 security bulletins this month, including updates for ColdFusion and Campaign, with severity ratings ranging from Important to Critical. Notably, CVE-2026-48282 (a ColdFusion flaw) was later exploited in attacks after publication. Adobe also announced they are moving to twice-monthly security bulletins published on the 2nd and 4th Tuesday of each month—citing AI for accelerating their vulnerability discovery and patch cycles.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).
Additional details are available from Adobe Here including links to download the update(s) and instructions for installation.
Need IT Support for your Home or Business? We’d love to help!
Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently? Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of? Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?
Cyber Tech Cafe is an IT Service Company with a focus on helping small to medium business get the most out of their technology investment. As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar. We offer on-call, as needed support if you just need a quick fix or extra set of hands right now. We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract. We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without a contract saying that you have to.
If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know. We look forward to the opportunity to earn your business.
Article Submitted by Nathan J. Underwood, CEH
