Tendvane

← All articles

Windows updatesJuly 15, 2026

July's Windows update is the biggest one yet - and one fix matters most if your laptop is ever lost or stolen

Microsoft's July 2026 Patch Tuesday, released on July 14, set a new record: it fixed around 570 security flaws in one go, the largest single monthly update the company has ever shipped. Among them are three zero-days - holes that were either already public or already being used before the fix arrived.

Two of those zero-days are being actively exploited right now, but here's the reassuring part for home users: both target business systems, not your PC at home. CVE-2026-56155 hits Active Directory Federation Services and CVE-2026-56164 hits SharePoint Server - server software you'd only find in a company. The one worth your attention is CVE-2026-50661, a BitLocker bypass. It was publicly disclosed (though not yet seen in attacks), and it lets someone with physical access to your machine get around the disk encryption that's supposed to keep a lost or stolen laptop's files unreadable.

The fix is simple: install the update. Open Settings → Windows Update and let it run - Windows 11 gets it as KB5101650 (24H2) or KB5099414 (25H2), and Windows 10 as KB5099539. After June's update caused boot failures on some machines, it's worth taking a quick restore point first and making sure your BitLocker recovery key is saved to your Microsoft account before you patch, just in case.

Tendvane's check-for-updates confirms the month's update actually installed rather than silently failing, and its security-posture check tells you whether BitLocker is switched on and nudges you to back up that recovery key - the difference between an inconvenience and a lockout.

Sources

Download Tendvane