Microsoft issues unusually large June 2026 security patch for nearly 200 flaws

Microsoft released its June 2026 Patch Tuesday update this week, and it is unusually large even by the company’s standards. The monthly package fixes nearly 200 security vulnerabilities across Windows and other Microsoft products, a record number for a single monthly update.

Of those flaws, 36 were rated critical, Microsoft’s highest severity level for bugs that could enable system takeover, malicious code execution, or access to sensitive data. At least three of the patched issues were zero-days, meaning they were already known or exploitable before an official fix was available. In some cases, proof-of-concept code was also made public, showing how the flaws could be used.

Among the notable fixes is GreenPlasma, a privilege-escalation vulnerability in Windows Collaborative Translation Framework that could let a local attacker gain higher system rights. Another issue, called YellowKey, affects BitLocker encryption and could weaken some of its protections.

The main story, however, is the sheer number of vulnerabilities addressed at once. Security researchers say artificial intelligence tools are increasingly being used to find software bugs, allowing massive amounts of code to be scanned quickly and uncovering weaknesses that once required lengthy manual work. The result is more vulnerabilities being discovered, even if the total number of bugs has not necessarily risen in the same way. Security experts expect the trend to continue, and Microsoft users are being urged to install the update, which is described as one of the most important of recent years.