Microsoft April 2026 Patch Tuesday: 167 Flaws, 2 Zero-Days
🔒 Microsoft released its April 2026 Patch Tuesday addressing 167 vulnerabilities, including two zero-days and eight Critical flaws. The updates patch an actively exploited SharePoint Server spoofing bug (CVE-2026-32201) and a publicly disclosed Microsoft Defender elevation-of-privilege flaw (CVE-2026-33825) that can grant SYSTEM privileges. Multiple Microsoft Office RCEs exploitable via preview panes or malicious documents were fixed; administrators should prioritize installing these patches immediately.
