July Patch Tuesday is Huge: 570 Vulnerabilities Fixed in Windows 10/11
Microsoft has released new cumulative updates KB5101650 and KB5099414 for Windows 11, applicable to versions 25H2/24H2 and 23H2, respectively. This is the seventh Patch Tuesday of 2026 and, as per usual practice, installation is mandatory: the package closes 571 vulnerabilities identified in previous months.
The starting point remains 24H2; therefore, 25H2 receives the same package of fixes, with no exclusive features or differences between the two versions. After installation, the build of 25H2 moves to 26200.8875, that of 24H2 to 26100.8875, while Windows 11 23H2 (via KB5099414) rises to 22631.7376. Among the most relevant new features is Point-in-Time restore, now available to all users, with more granular control reserved for enterprise customers.
News on Windows 11 from the July Patch Tuesday
The Widget panel changes its approach: it no longer opens on mouse hover, notifications, and badges on the taskbar remain minimized, and the default opening leads directly to the dashboard. Microsoft has also added finer management of settings, with warning counters on dashboard icons and badges that automatically reset.
On the accessibility front, screen tint debuts, a full-screen color filter designed to reduce visual fatigue, adjustable in intensity or automatically activated from Settings > Accessibility. The Magnifier now includes direct entry of the zoom percentage and a settings menu that can be accessed from the bar, without having to go through Windows Settings.
In File Explorer, hovering over a file now shows quick actions like opening the path or "Ask Copilot," a feature also extended to enterprise and school accounts with Entra ID. Microsoft claims to have improved startup speed and responsiveness during disk image mounting, in addition to fixing the duplication of OneDrive files in the Favorites section and some defects in the renaming function.
The Bluetooth chapter brings several fixes: synchronization of the microphone mute status between audio mixer and Hands-Free profile, faster pairing for AirPods, greater reliability of the microphone on Beats Studio Pro, and the resolution of an error (0x9F) that caused instability with some PC manufacturer drivers. Audio routing for calls via Phone Link has also been fixed, with the ringtone staying on the phone until the call is accepted by the PC. Lastly, voice typing and voice access now also support French, German, and Spanish, with real-time correction of grammar and punctuation.
On the networking front, confidential virtual machines now utilize SR-IOV hardware acceleration by default, while Microsoft reports fewer blue screens related to Wi-Fi power management and more stable cellular connectivity, including support for IPv6 VPNs. New printer installations will use the IPP protocol by default when available, with a dedicated switch in settings for those who prefer to revert to previous behavior.
The July 2026 bulletin has set a record, with Microsoft fixing a total of 570 vulnerabilities. This massive increase is largely due to the introduction of a new AI-based discovery system implemented by Microsoft to identify and close code vulnerabilities in Windows before they are exploited. In particular, three zero-day vulnerabilities were fixed:
- CVE-2026-56155 (Active Directory Federation Services): Privilege escalation vulnerability already exploited in active attacks.
- CVE-2026-56164 (SharePoint Server): Privilege escalation vulnerability exploitable remotely, also under attack.
- CVE-2026-50661 (BitLocker): Bypass vulnerability of the encryption system (publicly disclosed).
In addition to the zero-days, 59 critical vulnerabilities were addressed (of which 48 are remote code execution - RCE). The main distribution includes 254 privilege escalation bugs and 145 remote code execution bugs. The count refers exclusively to Patch Tuesday fixes and does not include fixes for Edge/Chromium (468 bugs managed by Google) or other updates released by Microsoft during the month for products like Azure or Copilot. The same vulnerabilities were also fixed on Windows 10 (KB5099539).
The July update can be downloaded from Start > Settings > Windows Update, or manually via the Microsoft Update Catalog.