Something shifted on Tuesday. Microsoft dropped 206 security patches in a single batch — the largest Patch Tuesday in the program's 23-year history — and their own VP of Engineering told the press this may now be the permanent baseline. The reason? AI.
Before most organizations had finished reading the advisory, the anonymous researcher who forced a third of those patches out of Microsoft released a brand-new zero-day targeting fully patched Windows. No fix. No timeline. Posted to GitHub, publicly, hours after the record update shipped.
If your org still treats patching as something you do monthly when you get around to it, this week is a good week to rethink that.
What happened on Patch Tuesday
On June 10, 2026, Microsoft pushed fixes for 206 vulnerabilities — more than double the typical volume from a year ago. The breakdown: 33 rated Critical, 28 of those enabling remote code execution, 65 Elevation of Privilege bugs, three publicly disclosed zero-days. The most dangerous single flaw is CVE-2026-45657, a use-after-free in the Windows Kernel with a CVSS score of 9.8. It's wormable — an attacker can trigger full remote code execution on an unpatched Windows 11 or Windows Server machine over the network, no user interaction required. Security researchers flagged it immediately: "every researcher and bug shop on the planet is reversing this patch right now trying to create an exploit."
Tom Gallagher, Microsoft's VP of Engineering, addressed the volume directly. He said releases of this scale "could become the new normal" because AI tools are enabling vulnerability discovery "at a speed and scale previously unseen." That's not a quote buried in a technical footnote. That's a vice president telling the security community: the old cadence is gone.
Sixteen of the patches in this batch were found by Microsoft's own internal AI system, MDASH. Researchers using AI-assisted fuzzing pipelines — like the independent researcher who earned $500,000 from Google's bug bounty last week alone — are filing valid reports at a rate bug bounty programs weren't built to handle. The Curl project shut down its HackerOne program earlier this year because 95% of submissions were AI-generated. HackerOne reported 210% growth in valid AI-found vulnerability reports in the last twelve months.
The pipeline that used to take months — find bug, write report, wait for vendor, negotiate patch, release — now compresses to days.
The researcher in the middle of this
Some of those 206 patches exist specifically because of one anonymous person.
Nightmare Eclipse has been releasing Windows zero-days publicly since April — each one a protest against what they describe as Microsoft's broken vulnerability disclosure process. If you read our earlier piece on RedSun and UnDefend, you know the backstory: Microsoft sat on private reports, stopped communicating, and the researcher decided forcing public disclosure was the only way to compel action.
This Tuesday's batch finally included patches for three Nightmare Eclipse disclosures: GreenPlasma (a CTFMON privilege escalation to SYSTEM), YellowKey (a BitLocker bypass via USB and the Windows Recovery Environment), and MiniPlasma (a privilege escalation that the researcher claims was first reported in 2020 and never fully patched).
Microsoft patched all three. So the story's over, right?
Within hours of Patch Tuesday shipping, Nightmare Eclipse published RoguePlanet.
RoguePlanet is a proof-of-concept local privilege escalation that exploits a time-of-check to time-of-use (TOCTOU) race condition in Microsoft Defender's file-processing pipeline. The attack works by writing an EICAR test file to trigger Defender's quarantine process, then racing that remediation window using an oplock on an alternate data stream to replace a legitimate Windows system binary (wermgr.exe) with the attacker's payload. The result: a command shell running as NT AUTHORITY\SYSTEM on fully patched Windows 10 or Windows 11.
The researcher noted that Microsoft silently hardened Defender's internal APIs in mid-May to blunt the previous technique. RoguePlanet was rewritten specifically to bypass that hardening. Closing one door opened another.
There is no patch. There is no CVE assigned. There is no public timeline from Microsoft.
What this means for a 20-person org running Windows
Local privilege escalation isn't the same as breaking in from outside. RoguePlanet requires an attacker to already be on a machine. But that's almost always how serious attacks work: phishing gets them in the door, escalation hands them the keys. The initial foothold is the hard part. After that, a reliable path to SYSTEM makes every subsequent step — deploying ransomware, exfiltrating data, pivoting to other machines, disabling your security tools — dramatically easier.
The bigger shift is structural. The assumption embedded in most small-org security planning is that monthly patching, applied within a reasonable window, keeps you reasonably covered. That model was already fraying. It's now broken.
Microsoft's own VP said AI is what's driving 200-CVE patch months. What he didn't say is that the same tools are available to everyone — researchers, defenders, and attackers. The time between a patch releasing and an attacker reversing it to find the variant it didn't fix is now measured in hours, not weeks. CVE-2026-45657, the wormable kernel RCE, was patched on Tuesday. Security researchers immediately said to treat it as actively exploited until proven otherwise, because weaponization would be fast.
Three things are now colliding: AI is finding bugs faster, patches are arriving in larger and more overwhelming batches, and a motivated researcher is releasing zero-days between cycles specifically to stay ahead of Microsoft's response.
What to actually do
Apply the June patches today, not next week. CVE-2026-45657 (CVSS 9.8, wormable kernel RCE) is the priority. If your Windows systems aren't set to auto-update, push the June Patch Tuesday update manually. On Windows 11 and Server 2022/2025 especially — that's the attack surface for the worst bug in this batch.
Turn on automatic Windows Updates if you haven't already. The argument for delaying updates to "test stability" made sense when patches arrived monthly in manageable batches. It makes much less sense when 200+ patches arrive simultaneously and zero-days are dropping between cycles.
Assume RoguePlanet will be incorporated into attack chains. It's a local privilege escalation, which means an attacker needs to already be on a machine. That's a good reason to audit your phishing defenses and MFA posture before worrying about the exploit itself. Block the initial foothold.
Watch your Defender update status. We covered UnDefend in April — that exploit silently stops Defender from receiving definition updates. Check that your endpoint protection is actually current. A machine where Defender hasn't pulled a definition update in several days warrants investigation.
Monitor for CVE-2026-45657 exploitation indicators. Security researchers are building detection signatures as fast as they're reverse-engineering the patch. CISA will likely add it to the KEV catalog within days if active exploitation is confirmed.
The pattern, named
The old model — big vendor finds bugs slowly, patches quarterly, small orgs catch up eventually — is dead. AI-powered fuzzing, AI-assisted code review, and a community of researchers who can now audit millions of lines of code in days have permanently accelerated this cycle.
The orgs that will navigate this are the ones running automated patch deployment, monitoring Defender health continuously, and treating their initial access surface (email security, MFA, VPN firmware) as a first-class operational concern — not something IT gets to eventually.
The ones that won't are still scheduling patch windows for next month.
Helping small teams keep their Windows environments patched and monitored without needing a full-time security person is the kind of thing we set up in a sprint. Let's talk.