Security · 1h ago
AI Drives Record Patch Tuesday as Coding Agents Become Attack Surface
Microsoft shipped its largest Patch Tuesday ever with ~570 CVEs, including two zero-days under active exploitation. Researchers demonstrated that AI coding agents can be tricked into writing to symlinked files, bypassing human approval. The volume of patches is partly due to Microsoft's own AI-assisted vulnerability discovery, which attackers also leverage.
Meridian48 take
The real story isn't the record patch count but that AI is simultaneously accelerating both bug discovery and exploitation, while the tools meant to help developers code are themselves becoming security liabilities.
Read the full reporting
AI Worked Both Sides of the Security Ledger This Week. Here's What to Actually Run →
DEV Community
patch-tuesdayai-security