Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold

Microsoft and other major vendors released an unusually large set of security patches as AI tools accelerate vulnerability discovery; several critical remote-code-execution CVEs (including CVE-2026-41089, CVE-2026-41096, CVE-2026-42898) were patched, Microsoft disclosed an internal AI system (MDASH) that found multiple flaws, and Google reported a disrupted mass-exploitation campaign using an AI-developed zero-day.