Microsoft's July 2026 security update patched 622 vulnerabilities across its product portfolio, including 57 marked as critical; the company confirmed that at least two of these have already been exploited by threat actors in active attacks.