Microsoft has released its April 2026 Patch Tuesday update, addressing more than 160 security vulnerabilities across its software ecosystem, including an actively exploited zero-day flaw in SharePoint Server.
The most critical issue fixed is a SharePoint Server vulnerability tracked as CVE-2026-32201, which has already been exploited in real-world attacks. The flaw is classified as a spoofing vulnerability caused by improper input validation, allowing attackers to impersonate trusted entities, potentially access sensitive information, and manipulate data.
Despite being rated as “Important” with a CVSS score of 6.5, the vulnerability is considered high-risk due to active exploitation. It has already been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities catalog, with federal agencies instructed to apply patches urgently.
In total, Microsoft addressed over 160 flaws, including multiple critical vulnerabilities such as remote code execution (RCE) and elevation of privilege issues. Security experts have described this update as one of the largest in recent history, highlighting the increasing complexity of modern cyber threats.
The vulnerabilities span a wide range of Microsoft products, including Windows, Office, Defender, and SharePoint, with elevation of privilege flaws accounting for a significant portion of the patches.
Experts have urged organizations to prioritize patching immediately, especially for internet-facing SharePoint servers, as such vulnerabilities are frequently targeted by attackers and can be chained with other exploits for deeper system compromise.
