Skip to content
Threat Feed
high advisory updated

Microsoft Security Updates — July 2026

Roundup of Microsoft security advisories published in July 2026.

What's new

  • l2 added CVE-2026-57985 +3 Jul 7, 07:36 via msrc
  • l2 added CVE-2026-57983 +3 Jul 7, 07:36 via msrc
  • l2 added CVE-2026-57977 +1 Jul 6, 20:27 via elastic
  • l2 added CVE-2026-57975 +3 Jul 6, 15:08 via elastic
  • l2 added CVE-2026-57974 +4 Jul 6, 15:08 via elastic

Aggregated Microsoft security advisories for July 2026. CVEs from this cycle are folded into the list below as they are published.

Recommendation

Review affected products and apply Microsoft's July 2026 security updates.

Indicators of compromise

6

domain

2

email

23

url

TypeValue
urlhttps://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/
urlhttps://tccontre.blogspot.com/2020/01/remcos-rat-evading-windows-defender-av.html
urlhttps://app.any.run/tasks/cf1245de-06a7-4366-8209-8e3006f2bfe5/
urlhttps://app.any.run/tasks/a6f2ffe2-e6e2-4396-ae2e-04ea0143f2d8/
urlhttps://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1059.001/import_applocker_policy/windows-powershell-xml2.log
urlhttps://devblogs.microsoft.com/scripting/automating-quser-through-powershell/
urlhttps://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1531/log_off_user/pwh_quser_logoff.log
urlhttps://sploitus.com/exploit?id=816BFD0D-57FA-5C9C-B54C-3F0F88BD2C84
domainsharepoint.local
urlhttp://127.0.0.1:8080
domaingraph.windows.net
urlhttps://github.com/andreisss/Ghosting-AMSI
domainnvd.nist.gov
domainmsrc.microsoft.com
urlhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57983
emailnvd@nist.gov
emailsoc@us-cert.gov
urlhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58288
urlhttps://nvd.nist.gov
urlhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58292
domainnist.gov
domainmicrosoft.com
urlhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58297
urlhttps://microsoft.com/devicelogin
urlhttps://login.microsoftonline.com/{tenant}/oauth2/v2.0/devicecode
urlhttps://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
urlhttps://2017.zeronights.org/wp-content/uploads/materials/ZN17_Kheirkhabarov_Hunting_for_Credentials_Dumping_in_Windows_Environment.pdf
urlhttps://twitter.com/pr0xylife/status/1585612370441031680?s=46&t=Dc3CJi4AnM-8rNoacLbScg
urlhttps://thedfirreport.com/2023/06/12/a-truly-graceful-wipe-out/
urlhttps://media.githubusercontent.com/media/splunk/attack_data/master/datasets/malware/qakbot/qbot_wermgr2/sysmon_wermgr2.log
urlhttps://github.com/its-a-feature/bifrost