Protect.Computer
NEWS

Microsoft's Historic Patch Tuesday Addresses 163 CVEs Including Active Exploits

ยท 1 min read
Microsoft's Historic Patch Tuesday Addresses 163 CVEs Including Active Exploits

Microsoft has released its second-biggest Patch Tuesday ever, addressing a staggering 163 vulnerabilities across its ecosystem. This massive update includes fixes for three zero-day vulnerabilities that are confirmed to be actively exploited in the wild, urging administrators to prioritize patching.

The Scope of the April 2026 Update

The sheer volume of this month’s updates highlights the growing complexity of securing enterprise environments. The vulnerabilities span across various Microsoft products, including Windows OS components, Microsoft Office, Edge, Azure, and specifically, enterprise server solutions.

Of the 163 vulnerabilities, over a dozen are rated “Critical,” meaning they could allow remote code execution (RCE) without user interaction. The remaining are mostly “Important” and “Moderate,” covering elevation of privilege, information disclosure, and denial-of-service flaws.

Active Exploits: CVE-2026-32201

One of the most critical issues addressed is CVE-2026-32201, a Microsoft SharePoint Server spoofing vulnerability. This flaw allows an authenticated attacker to bypass critical security measures, potentially leading to unauthorized access to sensitive corporate data and lateral movement within the network. Evidence suggests threat actors have been leveraging this in targeted attacks.

Two other zero-days, involving Windows Kernel Elevation of Privilege and Windows Print Spooler components, were also observed in limited exploitation chains.

How to check if you’re affected

  • Windows Users: Navigate to Settings > Windows Update and click “Check for updates”. Apply all available updates, which will include the April cumulative patch. Restart your device to ensure changes take effect.
  • SharePoint Administrators: You must apply the specific server-side patches immediately. Check your current SharePoint version against the Microsoft Advisory. Updates need to be applied directly to the server nodes. Be sure to run the SharePoint Products Configuration Wizard after installing the patches to fully mitigate the vulnerability.

Sources

Related reading

News
CISA Orders Federal Agencies to Patch Microsoft Defender 'BlueHammer' Zero-Day

CISA adds a critical Microsoft Defender zero-day vulnerability (BlueHammer) to its Known Exploited Vulnerabilities catalog.

News
Microsoft SharePoint Server Spoofing Zero-Day (CVE-2026-32201) Patched

Microsoft releases a patch for an actively exploited spoofing zero-day vulnerability (CVE-2026-32201) in SharePoint Server.

News
Adobe Patches Critical PDF Zero-Day Exploit in Acrobat and Reader

Adobe releases critical patches for a zero-day exploit actively targeting Acrobat and Reader users.

News
Google Chrome Zero-Day (CVE-2026-5281) Actively Exploited in the Wild

Google patches an actively exploited zero-day vulnerability (CVE-2026-5281) affecting Chrome browsers.