Microsoft Security Updates — July 2026
Roundup of Microsoft security advisories published in July 2026.
What's new
- l2 added CVE-2026-57985 +3 Jul 7, 07:36 via msrc
- l2 added CVE-2026-57983 +3 Jul 7, 07:36 via msrc
- l2 added CVE-2026-57977 +1 Jul 6, 20:27 via elastic
- l2 added CVE-2026-57975 +3 Jul 6, 15:08 via elastic
- l2 added CVE-2026-57974 +4 Jul 6, 15:08 via elastic
Aggregated Microsoft security advisories for July 2026. CVEs from this cycle are folded into the list below as they are published.
Recommendation
Review affected products and apply Microsoft's July 2026 security updates.
Indicators of compromise
6
domain
2
23
url
| Type | Value |
|---|---|
| url | https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/ |
| url | https://tccontre.blogspot.com/2020/01/remcos-rat-evading-windows-defender-av.html |
| url | https://app.any.run/tasks/cf1245de-06a7-4366-8209-8e3006f2bfe5/ |
| url | https://app.any.run/tasks/a6f2ffe2-e6e2-4396-ae2e-04ea0143f2d8/ |
| url | https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1059.001/import_applocker_policy/windows-powershell-xml2.log |
| url | https://devblogs.microsoft.com/scripting/automating-quser-through-powershell/ |
| url | https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1531/log_off_user/pwh_quser_logoff.log |
| url | https://sploitus.com/exploit?id=816BFD0D-57FA-5C9C-B54C-3F0F88BD2C84 |
| domain | sharepoint.local |
| url | http://127.0.0.1:8080 |
| domain | graph.windows.net |
| url | https://github.com/andreisss/Ghosting-AMSI |
| domain | nvd.nist.gov |
| domain | msrc.microsoft.com |
| url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57983 |
| nvd@nist.gov | |
| soc@us-cert.gov | |
| url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58288 |
| url | https://nvd.nist.gov |
| url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58292 |
| domain | nist.gov |
| domain | microsoft.com |
| url | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58297 |
| url | https://microsoft.com/devicelogin |
| url | https://login.microsoftonline.com/{tenant}/oauth2/v2.0/devicecode |
| url | https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token |
| url | https://2017.zeronights.org/wp-content/uploads/materials/ZN17_Kheirkhabarov_Hunting_for_Credentials_Dumping_in_Windows_Environment.pdf |
| url | https://twitter.com/pr0xylife/status/1585612370441031680?s=46&t=Dc3CJi4AnM-8rNoacLbScg |
| url | https://thedfirreport.com/2023/06/12/a-truly-graceful-wipe-out/ |
| url | https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/malware/qakbot/qbot_wermgr2/sysmon_wermgr2.log |
| url | https://github.com/its-a-feature/bifrost |