Microsoft Monthly Security Update (July 2026)
Release Date:
15 Jul 2026
601
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS

Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| Apps | Medium Risk | Remote Code Execution Elevation of Privilege Spoofing | |
| Windows | Medium Risk | Elevation of Privilege Information Disclosure Remote Code Execution Data Manipulation Denial of Service Security Restriction Bypass Spoofing | CVE-2026-56155 is being exploited in the wild. Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally. Hence, the risk level of this vulnerability is rated as Medium Risk. |
| Extended Security Updates (ESU) | Medium Risk | Elevation of Privilege Information Disclosure Remote Code Execution Data Manipulation Denial of Service Security Restriction Bypass Spoofing | CVE-2026-56155 is being exploited in the wild. Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally. Hence, the risk level of this vulnerability is rated as Medium Risk. |
| SQL Server | Medium Risk | Elevation of Privilege Remote Code Execution Spoofing Information Disclosure | |
| Azure | Medium Risk | Elevation of Privilege Denial of Service | |
| Server Software | Medium Risk | Elevation of Privilege Remote Code Execution Spoofing | |
| Developer Tools | Medium Risk | Elevation of Privilege Denial of Service Information Disclosure Security Restriction Bypass Remote Code Execution Data Manipulation Spoofing | |
| Other | Medium Risk | Remote Code Execution Data Manipulation | |
| System Center | Medium Risk | Remote Code Execution Elevation of Privilege Information Disclosure | |
| Microsoft Office | High Risk | Spoofing Remote Code Execution Information Disclosure Elevation of Privilege Security Restriction Bypass | CVE-2026-56164 is being exploited in the wild. Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network. Hence, the risk level of this vulnerability is rated as High Risk. |
| Device | Medium Risk | Elevation of Privilege | |
| Microsoft Dynamics | Medium Risk | Remote Code Execution | |
| Open Source Software | Medium Risk | Elevation of Privilege Data Manipulation |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 1
Number of 'Medium Risk' product(s): 12
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': High Risk
Impact
- Remote Code Execution
- Denial of Service
- Elevation of Privilege
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
- Spoofing
System / Technologies affected
- Apps
- Windows
- Extended Security Updates (ESU)
- SQL Server
- Azure
- Server Software
- Developer Tools
- Other
- System Center
- Microsoft Office
- Device
- Microsoft Dynamics
- Open Source Software
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
Related Tags
Share with


