Protect.Computer
NEWS

Microsoft SharePoint Server Spoofing Zero-Day (CVE-2026-32201) Patched

ยท 0 min read
Microsoft SharePoint Server Spoofing Zero-Day (CVE-2026-32201) Patched

Microsoft has released security updates to address an actively exploited spoofing vulnerability in Microsoft SharePoint Server, tracked as CVE-2026-32201.

Vulnerability Overview

Assigned a CVSS score of 6.5, this zero-day vulnerability stems from improper input validation. It allows unauthenticated remote attackers to perform spoofing, potentially tricking users into revealing sensitive information or executing unauthorized actions on behalf of the attacker.

How to check if you’re affected

  1. Identify SharePoint Instances: Determine if your organization runs on-premises or hybrid instances of Microsoft SharePoint Server.
  2. Apply April 2026 Updates: Verify that the Microsoft April 2026 security updates are applied across all your SharePoint servers.
  3. Check Logs for Spoofing Attempts: Review your web application firewall (WAF) and SharePoint access logs for abnormal requests or suspicious redirection attempts.

Sources

Related reading

News
CISA Orders Federal Agencies to Patch Microsoft Defender 'BlueHammer' Zero-Day

CISA adds a critical Microsoft Defender zero-day vulnerability (BlueHammer) to its Known Exploited Vulnerabilities catalog.

News
Microsoft's Historic Patch Tuesday Addresses 163 CVEs Including Active Exploits

Microsoft releases a historic Patch Tuesday update resolving 163 vulnerabilities, including multiple active exploits.

News
Recently Leaked Windows Zero-Days 'BlueHammer', 'RedSun', 'UnDefend' Actively Exploited

Threat actors are actively exploiting three recently leaked Windows zero-day vulnerabilities affecting Microsoft Defender.

News
Adobe Patches Critical PDF Zero-Day Exploit in Acrobat and Reader

Adobe releases critical patches for a zero-day exploit actively targeting Acrobat and Reader users.