On April 14, Microsoft released its April 2026 Patch Tuesday release which addressed 163 CVEs with eight rated as critical, 154 rated as important and one rated as moderate.

This month’s update included one actively exploited zero-day vulnerability. CVE-2026-32201 is a spoofing vulnerability affecting Microsoft SharePoint Server. It received a CVSSv3 score of 6.5 and was rated as important. Microsoft has released updates for SharePoint 2016, 2019 and SharePoint Server Subscription Edition to address this flaw.

Microsoft also addressed another zero-day, however this vulnerability was not exploited in the wild, however was publicly disclosed prior to a patch being made available. CVE-2026-33825 is an elevation of privilege vulnerability in Microsoft Defender. It received a CVSSv3 score of 7.8 and was rated important.

This month’s update includes patches for:

• .NET
• .NET and Visual Studio
• .NET Framework
• .NET, .NET Framework, Visual Studio
• Applocker Filter Driver (applockerfltr.sys)
• Azure Logic Apps
• Azure Monitor Agent
• Desktop Window Manager
• Function Discovery Service (fdwsd.dll)
• GitHub Copilot and Visual Studio Code
• Microsoft Brokering File System
• Microsoft Defender
• Microsoft Dynamics 365 (on-premises)
• Microsoft Edge (Chromium-based)
• Microsoft Graphics Component
• Microsoft High Performance Compute Pack (HPC)
• Microsoft Management Console
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office PowerPoint
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Power Apps
• Microsoft PowerShell
• Microsoft Windows
• Microsoft Windows Search Component
• Microsoft Windows Speech
• Remote Desktop Client
• Role: Windows Hyper-V
• SQL Server
• Universal Plug and Play (upnp.dll)
• Windows Active Directory
• Windows Admin Center
• Windows Advanced Rasterization Platform
• Windows Ancillary Function Driver for WinSock
• Windows Biometric Service
• Windows BitLocker
• Windows Boot Loader
• Windows Boot Manager
• Windows Client Side Caching driver (csc.sys)
• Windows Cloud Files Mini Filter Driver
• Windows COM
• Windows Common Log File System Driver
• Windows Container Isolation FS Filter Driver
• Windows Cryptographic Services
• Windows Encrypting File System (EFS)
• Windows File Explorer
• Windows GDI
• Windows Hello
• Windows HTTP.sys
• Windows IKE Extension
• Windows Installer
• Windows Kerberos
• Windows Kernel
• Windows Kernel Memory
• Windows Local Security Authority Subsystem Service (LSASS)
• Windows LUAFV
• Windows Management Services
• Windows OLE
• Windows Print Spooler Components
• Windows Projected File System
• Windows Push Notifications
• Windows Recovery Environment Agent
• Windows Redirected Drive Buffering
• Windows Remote Desktop
• Windows Remote Desktop Licensing Service
• Windows Remote Procedure Call
• Windows RPC API
• Windows Sensor Data Service
• Windows Server Update Service
• Windows Shell
• Windows Snipping Tool
• Windows Speech Brokered Api
• Windows SSDP Service
• Windows Storage Spaces Controller
• Windows TCP/IP
• Windows TDI Translation Driver (tdx.sys)
• Windows Universal Plug and Play (UPnP) Device Host
• Windows USB Print Driver
• Windows User Interface Core
• Windows Virtualization-Based Security (VBS) Enclave
• Windows WalletService
• Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)
• Windows Win32K - GRFX
• Windows Win32K - ICOMP

For more information, please visit our blog.