Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products

AndyC 24 April 2026

Overview
On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .

[…Keep reading]

Google Keep cheat sheet: How to get started

Google Keep cheat sheet: How to get started

Overview
On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .NET Framework, Widely used products such as Azure, including high-risk vulnerability types such as privilege escalation and remote code execution.
Among the vulnerabilities fixed by Microsoft’s monthly update this month, there are 8 critical vulnerabilities, 154 important vulnerabilities, 2 moderate vulnerabilities, and 1 low-risk (Low) vulnerability. These include 1 vulnerability that has been detected for wild exploitation:
Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201)
Please update the patch as soon as possible for protection. For a complete list of vulnerabilities, please refer to the appendix.
Reference link: https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
Key Vulnerabilities
Based on the product popularity and vulnerability importance, this update contains vulnerabilities with greater impact. Relevant users are requested to pay special attention:
Microsoft SharePoint Server Spoofing Vulnerability (CVE-2026-32201):
There is a spoofing vulnerability in Microsoft SharePoint Server. Due to improper input validation of SharePoint Server, unauthenticated attackers can conduct spoofing attacks through the network to view some sensitive information and tamper with publicly available information. The vulnerability is exploited in the wild and has a CVSS score of 9.0.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201
Windows Kerberos Privilege Escalation Vulnerability (CVE-2026-27912):
There is a privilege escalation vulnerability in Windows Kerberos. Due to improper authorization during the verification process of the Kerberos service ticket request, an authenticated attacker can bypass security checks by manipulating the Kerberos ticket field and elevate privileges on adjacent networks, possibly gaining domain administrator privileges. CVSS score 8.0.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27912
Remote Desktop Client remote code execution vulnerability (CVE-2026-32157):
A remote code execution vulnerability exists in the Remote Desktop Client. Due to the Use After Free problem when processing RDP connection parameters, an unauthenticated attacker can execute arbitrary code on the client host by tricking users into connecting to a malicious RDP server. CVSS score 8.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32157
Windows TCP/IP Remote Code Execution Vulnerability (CVE-2026-33827):
A remote code execution vulnerability exists in Windows TCP/IP. Due to improper synchronization mechanism when using shared resources in Windows TCP/IP, an unauthenticated attacker can exploit this vulnerability over the network to execute arbitrary code. CVSS score 8.1.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33827
Windows Shell Security Function Bypass Vulnerability (CVE-2026-32225):
There is a security feature bypass vulnerability in Windows Shell. Due to the failure of the protection mechanism in Windows Shell, an unauthenticated attacker can bypass SmartScreen security protection by tricking the victim into opening a specially crafted .lnk file, resulting in unauthorized operation or access. CVSS score 8.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32225
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability (CVE-2026-33824):
A remote code execution vulnerability exists in Windows Internet Key Exchange (IKE) Service Extensions, which allows an unauthenticated attacker to send specially crafted packets to IKEv2 enabled Windows systems due to a Double Free issue in the Windows IKE extension. Thereby enabling remote code execution. CVSS score 9.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33824
Microsoft Defender Privilege Escalation Vulnerability (CVE-2026-33825):
There is a privilege escalation vulnerability in Microsoft Defender. Due to insufficient access control granularity in Microsoft Defender, an authenticated local attacker can elevate privileges to SYSTEM. CVSS score 7.8.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825
Windows Active Directory Remote Code Execution Vulnerability (CVE-2026-33826):
A remote code execution vulnerability exists in Windows Active Directory. Due to improper input validation in Windows Active Directory, an authenticated attacker can send a specially crafted RPC call to the RPC host through an adjacent network to achieve remote code execution. CVSS score 8.0.
Official announcement link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33826
Scope of Impact
The following are the affected product versions of some key vulnerabilities. For the scope of products affected by other vulnerabilities, please refer to the official announcement link.

Vulnerability Number
Affected product versions

CVE-2026-32201
Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019

CVE-2026-27912
Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2025 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019

CVE-2026-32157
Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 25H2 for x64-based Systems Windows 11 Version 25H2 for ARM systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Remote Desktop client for Windows Desktop Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows App Client for Windows Desktop Windows 11 version 26H1 for x64-based Systems Windows 11 Version 26H1 for ARM64-based Systems

CVE-2026-33827 CVE-2026-32225
Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 11 Version 26H1 for ARM64-based Systems Windows 11 version 26H1 for x64-based Systems Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 25H2 for x64-based Systems Windows 11 Version 25H2 for ARM systems

CVE-2026-33824
Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 11 Version 26H1 for ARM64-based Systems Windows 11 version 26H1 for x64-based Systems Windows Server 2025 Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 25H2 for x64-based Systems Windows 11 Version 25H2 for ARM systems Windows Server 2025 (Server Core installation) Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems

CVE-2026-33825
Microsoft Defender Antimalware Platform

CVE-2026-33826
Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2025 Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019

Mitigation
At present, Microsoft has officially released security patches to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install patches as soon as possible for protection. The official download link: https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
Note: Patch updates for Windows Update may fail due to network problems, computer environment problems, etc. After installing the patch, users should check whether the patch has been successfully updated in time.
Right-click the Windows icon, select “Settings (N)”, select “Update and Security”-“Windows Update”, view the prompt information on this page, or click “View Update History” to view the historical update status.
For updates that have not been successfully installed, you can click the update name to jump to the Microsoft official download page. It is recommended that users click the link on this page and go to the “Microsoft Update Catalog” website to download the independent program package and install it.
Appendix: Vulnerability List

Affected products
CVE No.
Vulnerability Title
Severity

Windows
CVE-2026-32157
Remote Desktop Client remote code execution vulnerability
Critical

Windows
CVE-2026-33826
Windows Active Directory Remote Code Execution Vulnerability
Critical

Microsoft .NET Framework
CVE-2026-23666
.NET Framework Denial of Service Vulnerability
Critical

Microsoft Office
CVE-2026-32190
Microsoft Office Remote Code Execution Vulnerability
Critical

Microsoft Office
CVE-2026-33114
Microsoft Word remote code execution vulnerability
Critical

Microsoft Office
CVE-2026-33115
Microsoft Word remote code execution vulnerability
Critical

Windows
CVE-2026-33827
Windows TCP/IP Remote Code Execution Vulnerability
Critical

Windows
CVE-2026-33824
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
Critical

Windows
CVE-2026-20930
Windows Management Services Privilege Escalation Vulnerability
Important

Microsoft Visual Studio Code CoPilot Chat Extension
CVE-2026-23653
GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability
Important

Windows
CVE-2026-25184
Applocker Filter Driver (applockerfltr.sys) Privilege Escalation Vulnerability
Important

Microsoft Office
CVE-2026-20945
Microsoft SharePoint Server Spoofing Vulnerability
Important

Windows
CVE-2026-23670
Windows Virtualization-Based Security (VBS) security feature bypass vulnerability
Important

Microsoft Dynamics
CVE-2026-26149
Microsoft Power Apps Security Feature Bypass
Important

Windows
CVE-2026-26151
Remote Desktop spoofing vulnerability
Important

Windows
CVE-2026-26154
Windows Server Update Service (WSUS) Tampering Vulnerability
Important

Windows
CVE-2026-26155
Microsoft Local Security Authority Subsystem Service information disclosure vulnerability
Important

Windows
CVE-2026-26160
Remote Desktop Licensing Service privilege escalation vulnerability
Important

Windows
CVE-2026-26161
Windows Sensor Data Service privilege escalation vulnerability
Important

Windows
CVE-2026-26162
Windows OLE privilege escalation vulnerability
Important

Windows
CVE-2026-26165
Windows Shell Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26166
Windows Shell Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26167
Windows Push Notifications privilege escalation vulnerability
Important

Windows
CVE-2026-26174
Windows Server Update Service (WSUS) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26175
Windows Boot Manager security feature bypass vulnerability
Important

Windows
CVE-2026-26179
Windows Kernel privilege escalation vulnerability
Important

Windows
CVE-2026-26180
Windows Kernel privilege escalation vulnerability
Important

Windows
CVE-2026-26181
Microsoft Brokering File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26183
Remote Access Management service/API (RPC server) privilege escalation vulnerability
Important

Windows
CVE-2026-27906
Windows Hello security feature bypass vulnerability
Important

Windows
CVE-2026-27907
Windows Storage Spaces Controller privilege escalation vulnerability
Important

Windows
CVE-2026-27908
Windows TDI Translation Driver (tdx.sys) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27915
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-27917
Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27918
Windows Shell Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27919
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-27921
Windows TDI Translation Driver (tdx.sys) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27924
Desktop Window Manager Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27926
Windows Cloud Files Mini Filter Driver privilege escalation vulnerability
Important

Windows
CVE-2026-27927
Windows Projected File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27929
Windows LUA File Virtualization Filter Driver Escalation Vulnerability
Important

Windows
CVE-2026-27931
Windows GDI Information Disclosure Vulnerability
Important

Windows
CVE-2026-32071
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Important

Windows
CVE-2026-32073
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32075
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-32081
Package Catalog information leakage vulnerability
Important

Windows
CVE-2026-32082
Windows Simple Search and Discovery Protocol (SSDP) Service privilege escalation vulnerability
Important

Windows
CVE-2026-32083
Windows Simple Search and Discovery Protocol (SSDP) Service privilege escalation vulnerability
Important

Windows
CVE-2026-32085
Remote Procedure Call information leakage vulnerability
Important

Windows
CVE-2026-32087
Windows Function Discovery Service (fdwsd.dll) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32089
Windows Speech Brokered Api Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32090
Windows Speech Brokered Api Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32093
Windows Function Discovery Service (fdwsd.dll) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32152
Desktop Window Manager Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32154
Desktop Window Manager Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32156
Windows UPnP Device Host Remote Code Execution Vulnerability
Important

Windows
CVE-2026-32158
Windows Push Notifications privilege escalation vulnerability
Important

Windows
CVE-2026-32159
Windows Push Notifications privilege escalation vulnerability
Important

Windows
CVE-2026-32160
Windows Push Notifications privilege escalation vulnerability
Important

Windows
CVE-2026-0390
UEFI Secure Boot security feature bypass vulnerability
Important

Windows
CVE-2026-32165
Windows User Interface Core Privilege Escalation Vulnerability
Important

Microsoft SQL Server
CVE-2026-32167
SQL Server Privilege Escalation Vulnerability
Important

Azure
CVE-2026-32168
Azure Monitor Agent privilege escalation vulnerability
Important

.NET 9.0 installed on Mac OS,.NET 9.0 installed on Windows,.NET 10.0 installed on Mac OS,.NET 9.0 installed on Linux,.NET,Microsoft Visual Studio,.NET 10.0 installed on Windows,.NET 8.0 installed on Windows,.NET 8.0 installed on Mac OS,.NET 10.0 installed on Linux,.NET 8.0 installed on Linux
CVE-2026-32178
.NET Spoofing Vulnerability
Important

Windows
CVE-2026-32181
Connected User Experiences and Telemetry Service Denial of Service Vulnerability
Important

Windows
CVE-2026-32183
Windows Snipping Tool Remote Code Execution Vulnerability
Important

Azure
CVE-2026-32184
Microsoft High Performance Compute (HPC) Pack privilege escalation vulnerability
Important

Microsoft Office
CVE-2026-32188
Microsoft Excel Information Disclosure Vulnerability
Important

Microsoft Office
CVE-2026-32189
Microsoft Excel Remote Code Execution Vulnerability
Important

Azure
CVE-2026-32192
Azure Monitor Agent privilege escalation vulnerability
Important

Windows
CVE-2026-32195
Windows Kernel privilege escalation vulnerability
Important

Windows
CVE-2026-32202
Windows Shell Spoofing Vulnerability
Important

Windows
CVE-2026-32215
Windows Kernel Information Disclosure Vulnerability
Important

Windows
CVE-2026-32216
Windows Redirected Drive Buffering System Denial of Service Vulnerability
Important

Windows
CVE-2026-32217
Windows Kernel Information Disclosure Vulnerability
Important

Windows
CVE-2026-32218
Windows Kernel Information Disclosure Vulnerability
Important

Windows
CVE-2026-32219
Microsoft Brokering File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32220
UEFI Secure Boot security feature bypass vulnerability
Important

Windows
CVE-2026-32221
Windows Graphics Component Remote Code Execution Vulnerability
Important

Windows
CVE-2026-32222
Windows Win32k Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32223
Windows USB Printing Stack (usbprint.sys) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32224
Windows Server Update Service (WSUS) Privilege Escalation Vulnerability
Important

Microsoft .NET Framework
CVE-2026-32226
.NET Framework Denial of Service Vulnerability
Important

Microsoft Office
CVE-2026-33095
Microsoft Word remote code execution vulnerability
Important

Windows
CVE-2026-33096
HTTP.sys denial of service vulnerability
Important

Windows
CVE-2026-33098
Windows Container Isolation FS Filter Driver Escalation Vulnerability
Important

.NET 9.0 installed on Mac OS,.NET 9.0 installed on Windows,Microsoft .NET Framework,.NET 10.0 installed on Mac OS,.NET 9.0 installed on Linux,.NET,.NET 8.0 installed on Windows,.NET 8.0 installed on Mac OS,.NET 10.0 installed on Linux,.NET 8.0 installed on Linux
CVE-2026-33116
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
Important

Microsoft SQL Server
CVE-2026-33120
Microsoft SQL Server Remote Code Execution Vulnerability
Important

Microsoft Office
CVE-2026-33822
Microsoft Word Information Disclosure Vulnerability
Important

Windows
CVE-2026-32212
Universal Plug and Play (upnp.dll) information disclosure vulnerability
Important

Windows
CVE-2026-20928
Windows Recovery Environment Security Function Bypass Vulnerability
Important

Windows
CVE-2026-20806
Windows COM Server Information Disclosure Vulnerability
Important

Microsoft Office
CVE-2026-23657
Microsoft Word remote code execution vulnerability
Important

PowerShell
CVE-2026-26143
Microsoft PowerShell security feature bypass vulnerability
Important

Windows
CVE-2026-26152
Microsoft Cryptographic Services privilege escalation vulnerability
Important

Windows
CVE-2026-26153
Windows Encrypted File System (EFS) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26156
Windows Hyper-V remote code execution vulnerability
Important

Windows
CVE-2026-26159
Remote Desktop Licensing Service privilege escalation vulnerability
Important

Windows
CVE-2026-26163
Windows Kernel privilege escalation vulnerability
Important

Windows
CVE-2026-26168
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26169
Windows Kernel Memory Information Disclosure Vulnerability
Important

Windows
CVE-2026-26170
PowerShell privilege escalation vulnerability
Important

Windows
CVE-2026-26172
Windows Push Notifications privilege escalation vulnerability
Important

Windows
CVE-2026-26173
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26176
Windows Client Side Caching driver (csc.sys) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26177
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26178
Windows Advanced Rasterization Platform Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26182
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-26184
Windows Projected File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27909
Windows Search Service privilege escalation vulnerability
Important

Windows
CVE-2026-27910
Windows Installer privilege escalation vulnerability
Important

Windows
CVE-2026-27911
Windows User Interface Core Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27912
Windows Kerberos privilege escalation vulnerability
Important

Windows
CVE-2026-27913
Windows BitLocker security feature bypass vulnerability
Important

Windows
CVE-2026-27914
Microsoft Management Console Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27916
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-27920
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-27922
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27923
Desktop Window Manager Privilege Escalation Vulnerability
Important

Windows
CVE-2026-27925
Windows UPnP Device Host information disclosure vulnerability
Important

Windows
CVE-2026-27928
Windows Hello security feature bypass vulnerability
Important

Windows
CVE-2026-27930
Windows GDI Information Disclosure Vulnerability
Important

Windows
CVE-2026-32068
Windows Simple Search and Discovery Protocol (SSDP) Service privilege escalation vulnerability
Important

Windows
CVE-2026-32069
Windows Projected File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32070
Windows Common Log File System Driver Escalation Vulnerability
Important

Windows
CVE-2026-32072
Active Directory Spoofing Vulnerability
Important

Windows
CVE-2026-32074
Windows Projected File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32076
Windows Storage Spaces Controller privilege escalation vulnerability
Important

Windows
CVE-2026-32077
Windows UPnP Device Host privilege escalation vulnerability
Important

Windows
CVE-2026-32078
Windows Projected File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32079
Web Account Manager Information Disclosure Vulnerability
Important

Windows
CVE-2026-32080
Windows WalletService privilege escalation vulnerability
Important

Windows
CVE-2026-32084
Windows Print Spooler Information Disclosure Vulnerability
Important

Windows
CVE-2026-32086
Windows Function Discovery Service (fdwsd.dll) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32088
Windows Biometric Service security feature bypass vulnerability
Important

Windows
CVE-2026-32091
Microsoft Brokering File System Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32149
Windows Hyper-V remote code execution vulnerability
Important

Windows
CVE-2026-32150
Windows Function Discovery Service (fdwsd.dll) Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32151
Windows Shell Information Disclosure Vulnerability
Important

Windows
CVE-2026-32153
Windows Speech Runtime privilege escalation vulnerability
Important

Windows
CVE-2026-32155
Desktop Window Manager Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32162
Windows COM Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32163
Windows User Interface Core Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32164
Windows User Interface Core Privilege Escalation Vulnerability
Important

Azure
CVE-2026-32171
Azure Logic Apps privilege escalation vulnerability
Important

Microsoft SQL Server
CVE-2026-32176
SQL Server Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32196
Windows Admin Center Spoofing Vulnerability
Important

Microsoft Office
CVE-2026-32197
Microsoft Excel Remote Code Execution Vulnerability
Important

Microsoft Office
CVE-2026-32198
Microsoft Excel Remote Code Execution Vulnerability
Important

Microsoft Office
CVE-2026-32199
Microsoft Excel Remote Code Execution Vulnerability
Important

Microsoft Office
CVE-2026-32200
Microsoft PowerPoint remote code execution vulnerability
Important

Microsoft Office
CVE-2026-32201
Microsoft SharePoint Server Spoofing Vulnerability
Important

.NET 9.0 installed on Mac OS,.NET 9.0 installed on Windows,.NET 10.0 installed on Mac OS,.NET 9.0 installed on Linux,.NET 10.0 installed on Windows,.NET 8.0 installed on Windows,.NET 8.0 installed on Mac OS,.NET 10.0 installed on Linux,.NET 8.0 installed on Linux
CVE-2026-26171
.NET Denial of Service Vulnerability
Important

.NET 9.0 installed on Mac OS,.NET 9.0 installed on Windows,.NET 10.0 installed on Mac OS,.NET 9.0 installed on Linux,Microsoft Visual Studio,.NET 10.0 installed on Windows,.NET 8.0 installed on Windows,.NET 8.0 installed on Mac OS,.NET 10.0 installed on Linux,.NET 8.0 installed on Linux
CVE-2026-32203
.NET and Visual Studio Denial of Service Vulnerability
Important

Windows
CVE-2026-32225
Windows Shell security feature bypass vulnerability
Important

Windows
CVE-2026-33099
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-33100
Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Important

Windows
CVE-2026-33101
Windows Print Spooler privilege escalation vulnerability
Important

Microsoft Dynamics
CVE-2026-33103
Microsoft Dynamics 365 (On-Premises) information disclosure vulnerability
Important

Windows
CVE-2026-33104
Win32k Privilege Escalation Vulnerability
Important

Windows
CVE-2026-32214
Universal Plug and Play (upnp.dll) information disclosure vulnerability
Important

System Center
CVE-2026-33825
Microsoft Defender privilege escalation vulnerability
Important

Windows
CVE-2026-33829
Windows Snipping Tool spoofing vulnerability
Moderate

Microsoft Edge for Android
CVE-2026-33119
Microsoft Edge (Chromium-based) for Android spoofing vulnerability
Moderate

Microsoft Edge (Chromium-based)
CVE-2026-33118
Microsoft Edge (Chromium-based) spoofing vulnerability
Low

Statement
This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.
About NSFOCUS
NSFOCUS, a pioneering leader in cybersecurity, is dedicated to safeguarding telecommunications, Internet service providers, hosting providers, and enterprises from sophisticated cyberattacks.
Founded in 2000, NSFOCUS operates globally with over 3000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.
Leveraging technical prowess and innovation, NSFOCUS delivers a comprehensive suite of security solutions, including the Intelligent Security Operations Platform (ISOP) for modern SOC, DDoS Protection, Continuous Threat Exposure Management (CTEM) Service and Web Application and API Protection (WAAP). All the solutions and services are augmented by the Security Large Language Model (SecLLM), ML, patented algorithms and other cutting-edge research achievements developed by NSFOCUS.
The post Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS.

*** This is a Security Bloggers Network syndicated blog from NSFOCUS authored by NSFOCUS. Read the original post at: https://nsfocusglobal.com/microsofts-april-security-update-of-high-risk-vulnerability-notice-for-multiple-products/

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , ,

What do you feel about this?

More Stories

What the Mythos-Ready Briefing Says About Credentials

What the Mythos-Ready Briefing Says About Credentials

AndyC 24 April 2026
Breach of Confidence: 24 April 2026

Breach of Confidence: 24 April 2026

AndyC 24 April 2026
Breach of Confidence: 24 April 2026

Xinference PyPI Supply Chain Poisoning Warning

AndyC 24 April 2026
The Robot Will See You Now

When Research Becomes a Crime: The New Risk Landscape for OSINT and Dark Web Intelligence

AndyC 24 April 2026
Runtime Analytics Cuts Millions of Alerts to What Matters

Runtime Analytics Cuts Millions of Alerts to What Matters

AndyC 24 April 2026
The AI workplace paradox: Higher productivity, higher anxiety

Zero Trust Architecture for Sidecar-Based MCP Servers

AndyC 24 April 2026

You may have missed

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

AndyC 24 April 2026
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

AndyC 24 April 2026
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

AndyC 24 April 2026
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

AndyC 24 April 2026
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying

AndyC 24 April 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.