Microsoft's AI security tool tripled monthly CVE patches with higher severity ratings
An independent analysis of Microsoft's Security Update Guide data found that monthly CVE counts surged roughly three times above the pre-2026 baseline after Microsoft deployed AI-powered vulnerability scanning. The July 2026 patch package contained 1,150 CVEs, compared to an average of 383 in the eight sampled months before the increase. Severity metrics also rose sharply, with the CVSS median jumping from 6.5 to 7.5 and remote code execution vulnerabilities nearly quadrupling. Microsoft had publicly warned in a July 2026 blog post that AI-assisted discovery would increase patch volumes, but offered no specific figures. Analysts suggest the surge reflects a long-standing backlog of discoverable bugs rather than a sudden increase in new vulnerabilities.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in