Welcome to my April 2026 Patch Tuesday newsletter. This month is huge with 167 updates released today and another 344 released since our newsletter last month for a staggering 512 updates. I haven't seen a list of updates this long in years. The good news is that we only have two zero-days to talk about. So, let's get to it.
This month we have only two zero-days. One is only public and the other is currently being exploited but not publicly disclosed.
- CVE-2026-32201 - This spoofing vulnerability is rated "Important" with a moderate CVSS score of 6.5/6.0. It affects the support versions of SharePoint. An attacker who is success with the exploit could view some sensitive information and make changes to that information. Exploitation has been detected so you will want to get this updated to stop unauthorized attackers from being able to spoof over the network.
- CVE-2026-33825 - This elevation of privilege is also rated "Important" and has a higher CVSS score of 7.8/7.0. A successful attacker could gain SYSTEM privileges locally. Systems with Microsoft Defender disabled are not exploitable. Systems using Defender should be updated.
Besides these we have 22 "Critical" rated CVE's being pushed out for the month. You will want to peruse the chart below to see if your environment contains any of the affected applications and the vulnerable versions.
I want to invite you to a webinar I am hosting with Barry Vista from LOGbinder this Thursday, April 16. We will be discussing 4 silent killers to Windows Event Collection. This is going to be a deep dive in to WEC that you won't want to miss. Register here!
Happy patching!
So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.
|
Patch data provided by:
|
|
|
Technology
|
Products Affected
|
Severity
|
Reference
|
Workaround/ Exploited / Publicly Disclosed
|
Vulnerability Info
|
|
Windows
|
Windows 10, 11
Server 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations
Windows App Client for Windows Desktop
Windows Admin Center
Remote Desktop Client for Windows Desktop
|
Critical
|
CVE-2023-20585
CVE-2026-0390
CVE-2026-20806
CVE-2026-20928
CVE-2026-20930
CVE-2026-23670
CVE-2026-25184
CVE-2026-25250
CVE-2026-26151
CVE-2026-26152
CVE-2026-26153
CVE-2026-26154
CVE-2026-26155
CVE-2026-26156
CVE-2026-26159
CVE-2026-26160
CVE-2026-26161
CVE-2026-26162
CVE-2026-26163
CVE-2026-26165
CVE-2026-26166
CVE-2026-26167
CVE-2026-26168
CVE-2026-26169
CVE-2026-26170
CVE-2026-26172
CVE-2026-26173
CVE-2026-26174
CVE-2026-26175
CVE-2026-26176
CVE-2026-26177
CVE-2026-26178
CVE-2026-26179
CVE-2026-26180
CVE-2026-26181
CVE-2026-26182
CVE-2026-26183
CVE-2026-26184
CVE-2026-27906
CVE-2026-27907
CVE-2026-27908
CVE-2026-27909
CVE-2026-27910
CVE-2026-27911
CVE-2026-27912
CVE-2026-27913
CVE-2026-27914
CVE-2026-27915
CVE-2026-27916
CVE-2026-27917
CVE-2026-27918
CVE-2026-27919
CVE-2026-27920
CVE-2026-27921
CVE-2026-27922
CVE-2026-27923
CVE-2026-27924
CVE-2026-27925
CVE-2026-27926
CVE-2026-27927
CVE-2026-27928
CVE-2026-27929
CVE-2026-27930
CVE-2026-27931
CVE-2026-32068
CVE-2026-32069
CVE-2026-32070
CVE-2026-32071
CVE-2026-32072
CVE-2026-32073
CVE-2026-32074
CVE-2026-32075
CVE-2026-32076
CVE-2026-32077
CVE-2026-32078
CVE-2026-32079
CVE-2026-32080
CVE-2026-32081
CVE-2026-32082
CVE-2026-32083
CVE-2026-32084
CVE-2026-32085
CVE-2026-32086
CVE-2026-32087
CVE-2026-32088
CVE-2026-32089
CVE-2026-32090
CVE-2026-32091
CVE-2026-32093
CVE-2026-32149
CVE-2026-32150
CVE-2026-32151
CVE-2026-32152
CVE-2026-32153
CVE-2026-32154
CVE-2026-32155
CVE-2026-32156
CVE-2026-32157
CVE-2026-32158
CVE-2026-32159
CVE-2026-32160
CVE-2026-32162
CVE-2026-32163
CVE-2026-32164
CVE-2026-32165
CVE-2026-32181
CVE-2026-32183
CVE-2026-32195
CVE-2026-32196
CVE-2026-32202
CVE-2026-32212
CVE-2026-32214
CVE-2026-32215
CVE-2026-32216
CVE-2026-32217
CVE-2026-32218
CVE-2026-32219
CVE-2026-32220
CVE-2026-32221
CVE-2026-32222
CVE-2026-32223
CVE-2026-32224
CVE-2026-32225
CVE-2026-33096
CVE-2026-33098
CVE-2026-33099
CVE-2026-33100
CVE-2026-33101
CVE-2026-33104
CVE-2026-33824
CVE-2026-33826
CVE-2026-33827
CVE-2026-33829
|
Workaround: No
Exploited: No
Public: No |
Denial of Service
Elevation of Privilege
Information Disclosure
Remote Code Execution
Security Feature Bypass
Spoofing
Tampering
|
|
Edge
|
Edge (Chromium-based)
|
Low
|
CVE-2026-0385
CVE-2026-26133
CVE-2026-32187
CVE-2026-32191
CVE-2026-32194
CVE-2026-33118
CVE-2026-33119
CVE-2026-3537
CVE-2026-3909
CVE-2026-3910
CVE-2026-3913
CVE-2026-3914
CVE-2026-3915
CVE-2026-3916
CVE-2026-3917
CVE-2026-3918
CVE-2026-3919
CVE-2026-3920
CVE-2026-3921
CVE-2026-3922
CVE-2026-3923
CVE-2026-3924
CVE-2026-3925
CVE-2026-3926
CVE-2026-3927
CVE-2026-3928
CVE-2026-3929
CVE-2026-3930
CVE-2026-3931
CVE-2026-3932
CVE-2026-3934
CVE-2026-3935
CVE-2026-3936
CVE-2026-3937
CVE-2026-3938
CVE-2026-3939
CVE-2026-3940
CVE-2026-3941
CVE-2026-3942
CVE-2026-4440
CVE-2026-4441
CVE-2026-4442
CVE-2026-4443
CVE-2026-4444
CVE-2026-4445
CVE-2026-4446
CVE-2026-4447
CVE-2026-4448
CVE-2026-4449
CVE-2026-4450
CVE-2026-4451
CVE-2026-4452
CVE-2026-4453
CVE-2026-4454
CVE-2026-4455
CVE-2026-4456
CVE-2026-4457
CVE-2026-4458
CVE-2026-4459
CVE-2026-4460
CVE-2026-4461
CVE-2026-4462
CVE-2026-4463
CVE-2026-4464
CVE-2026-4673
CVE-2026-4674
CVE-2026-4675
CVE-2026-4676
CVE-2026-4677
CVE-2026-4678
CVE-2026-4679
CVE-2026-4680
CVE-2026-5272
CVE-2026-5273
CVE-2026-5274
CVE-2026-5275
CVE-2026-5276
CVE-2026-5277
CVE-2026-5279
CVE-2026-5280
CVE-2026-5281
CVE-2026-5283
CVE-2026-5284
CVE-2026-5285
CVE-2026-5286
CVE-2026-5287
CVE-2026-5289
CVE-2026-5290
CVE-2026-5291
CVE-2026-5292
CVE-2026-5858
CVE-2026-5859
CVE-2026-5860
CVE-2026-5861
CVE-2026-5862
CVE-2026-5863
CVE-2026-5864
CVE-2026-5865
CVE-2026-5866
CVE-2026-5867
CVE-2026-5868
CVE-2026-5869
CVE-2026-5870
CVE-2026-5871
CVE-2026-5872
CVE-2026-5873
CVE-2026-5874
CVE-2026-5875
CVE-2026-5876
CVE-2026-5877
CVE-2026-5878
CVE-2026-5879
CVE-2026-5880
CVE-2026-5881
CVE-2026-5882
CVE-2026-5883
CVE-2026-5884
CVE-2026-5885
CVE-2026-5886
CVE-2026-5887
CVE-2026-5888
CVE-2026-5889
CVE-2026-5890
CVE-2026-5891
CVE-2026-5892
CVE-2026-5893
CVE-2026-5894
CVE-2026-5895
CVE-2026-5896
CVE-2026-5897
CVE-2026-5898
CVE-2026-5899
CVE-2026-5900
CVE-2026-5901
CVE-2026-5902
CVE-2026-5903
CVE-2026-5904
CVE-2026-5905
CVE-2026-5906
CVE-2026-5907
CVE-2026-5908
CVE-2026-5909
CVE-2026-5910
CVE-2026-5911
CVE-2026-5912
CVE-2026-5913
CVE-2026-5914
CVE-2026-5915
CVE-2026-5918
CVE-2026-5919
|
Workaround: No
Exploited: No
Public: No
|
Defense in Depth
Information Disclosure
Remote Code Execution
Spoofing |
|
Office
|
365 Apps for Enterprise
Excel/PowerPoint 2016 and for Android, iOS
Office 2016, 2019
LTSC 2021, 2024 including for Mac
Loop for iOS
OneNote/Teams for Android, iOS
Outlook for iOS, Mac
Office Online Server
Purview
Word for iOS
|
Critical
|
CVE-2026-23657
CVE-2026-26133
CVE-2026-26138
CVE-2026-26139
CVE-2026-32188
CVE-2026-32189
CVE-2026-32190
CVE-2026-32197
CVE-2026-32198
CVE-2026-32199
CVE-2026-32200
CVE-2026-33095
CVE-2026-33114
CVE-2026-33115
CVE-2026-33822
|
Workaround: No
Exploited: No
Public: No |
Elevation of Privilege
Information Disclosure
Remote Code Execution
|
|
SharePoint
|
Enterprise Server 2016
Server 2019
Server Subscription Edition
|
Important
|
CVE-2026-20945
CVE-2026-32201**
|
Workaround: No
Exploited: Yes**
Public: No |
Spoofing |
|
Azure
|
Cloud Shell
Data Factory
DevOps: msazure
Logic Apps
Monitor Agent
HPC Pack 2019
|
Critical
|
CVE-2026-23658
CVE-2026-23659
CVE-2026-32168
CVE-2026-32169
CVE-2026-32171
CVE-2026-32184
CVE-2026-32192
|
Workaround: No
Exploited: No
Public: No
|
Elevation of Privilege
Information Disclosure |
|
Developer Tools
|
.NET 10, 9 and 8 installed on Linux, MacOS and Windows
.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
Visual Studio 2017 15.9 - 15.0
Visual Studio 2019 16.11 - 16.0
Visual Studio 2022 17.14/17.12
Visual Studio Code CoPilot Chat Extension
PowerShell 7.4/7.5
|
Critical
|
CVE-2026-21637
CVE-2026-23653
CVE-2026-23666
CVE-2026-26143
CVE-2026-26171
CVE-2026-32178
CVE-2026-32203
CVE-2026-32226
CVE-2026-32631
CVE-2026-33116
|
Workaround: No
Exploited: No
Public: No
|
Denial of Service
Information Disclosure
Security Feature Bypass
Spoofing |
|
SQL Server
|
PowerBI for Android, iOS
2016 SP3 GDR and Azure Connect Feature Pack
2017 CU31/GDR
2019 CU32/GDR
2022 CU24/GDR
2025 CU3/GDR
|
Important
|
CVE-2026-26133
CVE-2026-32167
CVE-2026-32176
CVE-2026-33120
|
Workaround: No
Exploited: No
Public: No |
Elevation of Privilege
Information Disclosure
Remote Code Execution
|
|
Exchange
|
Exchange Online
|
Critical
|
CVE-2026-26137
|
Workaround: No
Exploited: No
Public: No |
Elevation of Privilege
|
|
Dynamics
|
365 (on-premises) v9.0
Power Apps
|
Important
|
CVE-2026-26149
CVE-2026-33103
|
Workaround: No
Exploited: No
Public: No |
Information Disclosure
Security Feature Bypass
|
|
Apps
|
365 CoPilot also for Android, iOS
Bing
|
Critical
|
CVE-2026-24299
CVE-2026-26120
CVE-2026-26133
|
Workaround: No
Exploited: No
Public: No |
Information Disclosure
Tampering
|
|
System Center
|
Defender Antimalware Platform
|
Important
|
CVE-2026-33825*
|
Workaround: No
Exploited: No
Public: Yes* |
Elevation of Privilege
|
|
Other
|
CoPilot
|
Critical
|
CVE-2026-26136
|
Workaround: No
Exploited: No
Public: No |
Information Disclosure
|
|
Open-Source Software
|
See list directly below chart***
|
Critical
|
CVE-2006-10003
CVE-2025-49010
CVE-2025-66037
CVE-2025-66038
CVE-2025-66215
CVE-2025-67030
CVE-2025-69647
CVE-2025-69720
CVE-2025-71239
CVE-2025-71265
CVE-2025-71266
CVE-2025-71267
CVE-2026-0964
CVE-2026-0965
CVE-2026-0966
CVE-2026-0967
CVE-2026-1519
CVE-2026-1965
CVE-2026-21710
CVE-2026-21712
CVE-2026-21713
CVE-2026-21714
CVE-2026-21715
CVE-2026-21716
CVE-2026-21717
CVE-2026-23100
CVE-2026-23169
CVE-2026-23233
CVE-2026-23241
CVE-2026-23242
CVE-2026-23243
CVE-2026-23244
CVE-2026-23245
CVE-2026-23246
CVE-2026-23248
CVE-2026-23253
CVE-2026-23259
CVE-2026-23266
CVE-2026-23267
CVE-2026-23268
CVE-2026-23269
CVE-2026-23271
CVE-2026-23274
CVE-2026-23277
CVE-2026-23279
CVE-2026-23281
CVE-2026-23284
CVE-2026-23285
CVE-2026-23286
CVE-2026-23289
CVE-2026-23290
CVE-2026-23291
CVE-2026-23292
CVE-2026-23293
CVE-2026-23296
CVE-2026-23298
CVE-2026-23300
CVE-2026-23303
CVE-2026-23304
CVE-2026-23306
CVE-2026-23307
CVE-2026-23310
CVE-2026-23312
CVE-2026-23315
CVE-2026-23317
CVE-2026-23318
CVE-2026-23319
CVE-2026-23324
CVE-2026-23334
CVE-2026-23336
CVE-2026-23340
CVE-2026-23343
CVE-2026-23347
CVE-2026-23351
CVE-2026-23352
CVE-2026-23356
CVE-2026-23357
CVE-2026-23359
CVE-2026-23364
CVE-2026-23365
CVE-2026-23367
CVE-2026-23368
CVE-2026-23370
CVE-2026-23379
CVE-2026-23381
CVE-2026-23382
CVE-2026-23388
CVE-2026-23390
CVE-2026-23391
CVE-2026-23392
CVE-2026-23395
CVE-2026-23396
CVE-2026-23397
CVE-2026-23398
CVE-2026-23403
CVE-2026-23404
CVE-2026-23405
CVE-2026-23406
CVE-2026-23407
CVE-2026-23408
CVE-2026-23409
CVE-2026-23410
CVE-2026-23411
CVE-2026-2369
CVE-2026-23868
CVE-2026-23941
CVE-2026-23942
CVE-2026-23943
CVE-2026-2436
CVE-2026-25075
CVE-2026-25645
CVE-2026-25679
CVE-2026-2673
CVE-2026-27135
CVE-2026-27448
CVE-2026-27456
CVE-2026-27459
CVE-2026-27651
CVE-2026-27654
CVE-2026-27784
CVE-2026-28388
CVE-2026-28389
CVE-2026-28390
CVE-2026-28753
CVE-2026-28755
CVE-2026-29111
CVE-2026-29785
CVE-2026-30922
CVE-2026-3104
CVE-2026-3119
CVE-2026-31394
CVE-2026-31789
CVE-2026-31790
CVE-2026-3184
CVE-2026-32241
CVE-2026-32249
CVE-2026-32647
CVE-2026-32748
CVE-2026-32775
CVE-2026-32776
CVE-2026-32777
CVE-2026-32778
CVE-2026-33055
CVE-2026-33056
CVE-2026-33216
CVE-2026-33343
CVE-2026-33412
CVE-2026-33413
CVE-2026-33416
CVE-2026-33515
CVE-2026-33526
CVE-2026-33542
CVE-2026-33554
CVE-2026-33636
CVE-2026-33750
CVE-2026-33936
CVE-2026-34353
CVE-2026-34714
CVE-2026-34743
CVE-2026-34933
CVE-2026-34982
CVE-2026-35177
CVE-2026-35385
CVE-2026-35386
CVE-2026-35388
CVE-2026-35535
CVE-2026-3591
CVE-2026-3783
CVE-2026-3784
CVE-2026-39881
CVE-2026-40024
CVE-2026-40025
CVE-2026-40026
CVE-2026-4111
CVE-2026-4224
CVE-2026-4437
CVE-2026-4438
CVE-2026-4519
CVE-2026-4645
CVE-2026-4647
CVE-2026-4746
CVE-2026-4878
CVE-2026-4897
CVE-2026-5107
CVE-2026-5201
|
Workaround: No
Exploited: No
Public: No
|
None listed |
***To keep from clogging up the chart above I am putting the list of Open-Source Software products here:
azl3 avahi 0.8-7, azl3 bind 9.20.18-1, azl3 binutils 2.41-10, azl3 cmake 3.30.3-12, azl3 curl 8.11.1-5, azl3 erlang 26.2.5.17-1, azl3 expat 2.6.4-4, azl3 flannel 0.24.2-26, azl3 freeipmi 1.6.11-1, azl3 frr 10.5.0-1, azl3 gdb 13.2-6, azl3 gdk-pixbuf2 2.42.10-4, azl3 glibc 2.38-18, azl3 glibc 2.38-19, azl3 golang 1.25.7-1, azl3 kernel 0.0.0-1, azl3 kernel 6.6.0.0-1, azl3 kernel 6.6.126.1-1, azl3 kernel 6.6.130.1-3, azl3 libarchive 3.7.7-4, azl3 libcap 2.69-13, azl3 libexif 0.6.24-1, azl3 libpng 1.6.55-1, azl3 libsoup 3.4.4-12, azl3 libsoup 3.4.4-14, azl3 libssh 0.10.6-5, azl3 libssh 0.10.6-6, azl3 ncurses 6.4-2, azl3 ncurses 6.4-3, azl3 nghttp2 1.61.0-2, azl3 nginx 1.28.2-1, azl3 nodejs 20.14.0-13, azl3 nodejs 20.14.0-14, azl3 nodejs24 24.13.0-3, azl3 ocaml 5.1.1-1, azl3 ocaml 5.1.1-2, azl3 opensc 0.26.1-1, azl3 openssh 9.8p1-5, azl3 openssl 3.3.5-4, azl3 perl-XML-Parser 2.47-1, azl3 plexus-utils 3.3.0-4, azl3 plexus-utils 3.3.0-5, azl3 pyOpenSSL 24.2.1-1, azl3 python3 3.12.9-10, azl3 python3 3.12.9-9, azl3 python-ecdsa 0.18.0-2, azl3 python-pyasn1 0.4.8-1, azl3 python-pyasn1 0.4.8-2, azl3 python-requests 2.31.0-4, azl3 sleuthkit 4.12.1-1, azl3 squid 6.13-3, azl3 strongswan 5.9.14-8, azl3 sudo 1.9.17-1, azl3 systemd-bootstrap 250.3-19, azl3 telegraf 1.31.0-15, azl3 telegraf 1.31.0-17, azl3 trident 0.21.0-1, azl3 util-linux 2.40.2-3, azl3 vim 9.2.0088-1, azl3 vim 9.2.0240-1
cbl2 avahi 0.8-5, cbl2 cloud-hypervisor 32.0-7, cbl2 cmake 3.21.4-21, cbl2 erlang 25.3.2.21-4, cbl2 etcd 3.5.21-4, cbl2 frr 8.5.5-5, cbl2 giflib 5.2.1-10, cbl2 kernel 5.15.200.1-1, cbl2 libarchive 3.6.1-8, cbl2 libcap 2.60-7, cbl2 libexif 0.6.24-1, cbl2 libexif 0.6.24-2, cbl2 libpng 1.6.55-1, cbl2 nghttp2 1.57.0-2, cbl2 nginx 1.22.1-15, cbl2 nodejs18 18.20.3-11, cbl2 nodejs18 18.20.3-12, cbl2 ocaml 4.13.1-2, cbl2 ocaml 4.13.1-3, cbl2 plexus-utils 3.3.0-3, cbl2 plexus-utils 3.3.0-4, cbl2 polkit 0.119-4, cbl2 python3 3.9.19-19, cbl2 python-pyasn1 0.4.8-1, cbl2 systemd-bootstrap 250.3-13, cbl2 systemd-bootstrap 250.3-14, cbl2 telegraf 1.29.4-21, cbl2 telegraf 1.29.4-22, cbl2 terraform 1.3.2-29, cbl2 vim 9.2.0088-1, cbl2 xz 5.2.5-1
Thanks as always for reading and best wishes on security,
Randy Franklin Smith
Click here to unsubscribe
Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2026 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.
9450 SW Gemini Drive #53822, Beaverton, OR 97008
Note: We do our best to provide quality information and expert commentary but use all information at your own risk.