Microsoft patches record number of security vulnerabilities, citing its use of AI

0
2

Microsoft released a record number of security patches for Windows, Office, and other tech product lines this week, citing the use of AI to aid the discovery of code vulnerabilities.

The technology and cloud giant issued patches for 570 security flaws on Tuesday as part of its monthly scheduled release of fixes, which security researchers have long dubbed “Patch Tuesday.”

At least two of the vulnerabilities are classified as zero-days, meaning that they were exploited before Microsoft was made aware of them. One bug affecting Windows Server allows hackers to escalate their privileges from a limited user to a system administrator. Another bug affects the SharePoint file sharing server — the U.S. government’s cybersecurity agency CISA has warned hackers were actively exploiting the bug to compromise organizations.

Krebs on Security first reported the news.

The huge patch update comes a week after Microsoft said in a blog post that it expected its usual batch of monthly security patches to be far higher in number than before. The company cited its use of AI to help its employees uncover previously undiscovered security bugs in its software.

“As AI helps defenders discover more issues, customers will see a higher volume of security updates included in each security release,” said Windows boss Pavan Davuluri.

As AI models become more advanced and focused on cybersecurity issues, security researchers are using them to uncover vulnerabilities that may have been dormant in software code for years, if not longer. Parts of Microsoft’s Windows code dates back decades.

Disclaimer : This story is auto aggregated by a computer programme and has not been created or edited by DOWNTHENEWS. Publisher: techcrunch.com