2026-04-14 | Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" vulnerabilities, 7 of which are remote code execution flaws and the other is a denial of service flaw. The number of bugs in each vulnerability category is listed below: 93 Elevation of Privilege Vulnerabilities 13 Security Feature Bypass Vulnerabilities 20 Remote Code Execution Vulnerabilities 21 Information Disclosure Vulnerabilities 10 Denial of Service Vulnerabilities 9 Spoofing Vulnerabilities When BleepingComputer reports on Patch Tuesday security updates, we only count those released by Microsoft today. Therefore, the number of flaws does not include Mariner, Azure, and Bing flaws that were fixed by Microsoft earlier this month. There were also 80 Microsoft Edge/Chromium flaws that were fixed by Google. To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5083769 & KB5082052 cumulative updates and the Windows 10 KB5082200 extended security update . 2 zero-days and Microsoft Office flaws This month's Patch Tuesday fixes two zero-day vulnerabilities, with one publicly disclosed and the other actively exploited in attacks. Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available. The actively exploited zero-day flaw is: CVE-2026-32201 - Microsoft SharePoint Server Spoofing Vulnerability Microsoft has patched a Microsoft SharePoint Server Spoofing Vulnerability that was exploited in attacks. "Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network," explains Microsoft.

"An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability)," continued Microsoft. Microsoft has not disclosed how this vulnerability was exploited in attacks or who disclosed it. The publicly disclosed zero-day is: CVE-2026-33825 - Microsoft Defender Elevation of Privilege Vulnerability Microsoft has patched a Microsoft Defender privilege elevation flaw that gives SYSTEM privileges. The company has addressed the flaw in the Microsoft Defender Antimalware Platform update version 4.18.26050.3011 , which will automatically be downloaded to systems. Windows users can manually install it by going to Windows Security > Virus & threat protection > Protection Updates , then clicking Check for updates . Microsoft has credited Zen Dodd and Yuanpei XU (HUST) with Diffract with discovering this flaw. Microsoft has also fixed multiple remote code execution bugs in Microsoft Office (Word and Excel) that can be executed via the preview pane or by opening malicious documents. Therefore, users should prioritize updating Microsoft Office as soon as possible, especially if they commonly receive attachments. Recent updates from other companies Other vendors who released updates or advisories in April 2026 include: Adobe has released security updates for Illustrator, Reader, Acrobat, Photoshop, Bridge, ColdFusion, AdobeConnect, FrameMaker, AEM, InCopy, and InDesign. These updates include a fix for an actively exploited Reader/Acrobat zero-day . Apache fixed a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that had gone undetected for 13 years. Apple enabled more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit.

Cisco released security updates for numerous products, including an Integrated Management Controller (IMC) authentication bypass that allows attackers to gain Admin access. Fortinet released security updates for numerous products, including a critical FortiClient Enterprise Management Server (EMS) vulnerability, CVE-2026-35616, which is actively exploited in attacks . Google released Android's April security bulletin and fixed a Google Chrome zero-day that was exploited in attacks. New GPUBreach rowhammer attack can escalate privileges and lead to a full system compromise. Marimo released a security update for a pre-auth RCE flaw that is now being exploited in attacks. SAP released the April security updates for multiple products, including a critical SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse The wolfSSL SSL/TLS library released a security update to fix a flaw that could force a target device or application to accept forged certificates. The April 2026 Patch Tuesday Security Updates Below is the complete list of resolved vulnerabilities in the April 2026 Patch Tuesday updates. To access the full description of each vulnerability and the systems it affects, you can view the full report here .

Tag CVE ID CVE Title Severity .NET CVE-2026-26171 .NET Denial of Service Vulnerability Important .NET CVE-2026-32178 .NET Spoofing Vulnerability Important .NET and Visual Studio CVE-2026-32203 .NET and Visual Studio Denial of Service Vulnerability Important .NET Framework CVE-2026-23666 .NET Framework Denial of Service Vulnerability Critical .NET Framework CVE-2026-32226 .NET Framework Denial of Service Vulnerability Important .NET, .NET Framework, Visual Studio CVE-2026-33116 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Important Applocker Filter Driver (applockerfltr.sys) CVE-2026-25184 Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability Important Azure Logic Apps CVE-2026-32171 Azure Logic Apps Elevation of Privilege Vulnerability Important Azure Monitor Agent CVE-2026-32192 Azure Monitor Agent Elevation of Privilege Vulnerability Important Azure Monitor Agent CVE-2026-32168 Azure Monitor Agent Elevation of Privilege Vulnerability Important Desktop Window Manager CVE-2026-27924 Desktop Window Manager Elevation of Privilege Vulnerability Important Desktop Window Manager CVE-2026-32154 Desktop Window Manager Elevation of Privilege Vulnerability Important Desktop Window Manager CVE-2026-32152 Desktop Window Manager Elevation of Privilege Vulnerability Important Desktop Window Manager CVE-2026-27923 Desktop Window Manager Elevation of Privilege Vulnerability Important Desktop Window Manager CVE-2026-32155 Desktop Window Manager Elevation of Privilege Vulnerability Important Function Discovery Service (fdwsd.dll) CVE-2026-32087 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Important Function Discovery Service (fdwsd.dll) CVE-2026-32086 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Important Function Discovery Service (fdwsd.dll) CVE-2026-32150 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Important Function Discovery Service (fdwsd.dll) CVE-2026-32093 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Important GitHub Copilot and Visual Studio Code CVE-2026-23653 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability Important GitHub Repo: Git for Windows CVE-2026-32631 GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes Important Input-Output Memory Management Unit (IOMMU) CVE-2023-20585 AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability Important Microsoft Brokering File System CVE-2026-32091 Microsoft Brokering File System Elevation of Privilege Vulnerability Important Microsoft Brokering File System CVE-2026-32219 Microsoft Brokering File System Elevation of Privilege Vulnerability Important Microsoft Brokering File System CVE-2026-26181 Microsoft Brokering File System Elevation of Privilege Vulnerability Important Microsoft Defender CVE-2026-33825 Microsoft Defender Elevation of Privilege Vulnerability Important Microsoft Dynamics 365 (on-premises) CVE-2026-33103 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Important Microsoft Graphics Component CVE-2026-32221 Windows Graphics Component Remote Code Execution Vulnerability Important Microsoft High Performance Compute Pack (HPC) CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability Important Microsoft Management Console CVE-2026-27914 Microsoft Management Console Elevation of Privilege Vulnerability Important Microsoft Office CVE-2026-32190 Microsoft Office Remote Code Execution Vulnerability Critical Microsoft Office Excel CVE-2026-32199 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2026-32198 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2026-32197 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2026-32188 Microsoft Excel Information Disclosure Vulnerability Important Microsoft Office Excel CVE-2026-32189 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office PowerPoint CVE-2026-32200 Microsoft PowerPoint Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2026-32201 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office SharePoint CVE-2026-20945 Microsoft SharePoint Server Spoofing Vulnerability Important Microsoft Office Word CVE-2026-23657 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2026-33115 Microsoft Word Remote Code Execution Vulnerability Critical Microsoft Office Word CVE-2026-33114 Microsoft Word Remote Code Execution Vulnerability Critical Microsoft Office Word CVE-2026-33095 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2026-33822 Microsoft Word Information Disclosure Vulnerability Important Microsoft Power Apps CVE-2026-26149 Microsoft Power Apps Security Feature Bypass Important Microsoft PowerShell CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability Important Microsoft PowerShell CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2026-32181 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Important Microsoft Windows Search Component CVE-2026-27909 Windows Search Service Elevation of Privilege Vulnerability Important Microsoft Windows Speech CVE-2026-32153 Windows Speech Runtime Elevation of Privilege Vulnerability Important Node.js CVE-2026-21637 HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers Moderate Remote Desktop Client CVE-2026-32157 Remote Desktop Client Remote Code Execution Vulnerability Critical Role: Windows Hyper-V CVE-2026-32149 Windows Hyper-V Remote Code Execution Vulnerability Important Role: Windows Hyper-V CVE-2026-26156 Windows Hyper-V Remote Code Execution Vulnerability Important SQL Server CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability Important SQL Server CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability Important SQL Server CVE-2026-32167 SQL Server Elevation of Privilege Vulnerability Important Universal Plug and Play (upnp.dll) CVE-2026-32212 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Important Universal Plug and Play (upnp.dll) CVE-2026-32214 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Important Windows Active Directory CVE-2026-32072 Active Directory Spoofing Vulnerability Important Windows Active Directory CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability Critical Windows Admin Center CVE-2026-32196 Windows Admin Center Spoofing Vulnerability Important Windows Advanced Rasterization Platform CVE-2026-26178 Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-27922 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-26177 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-32073 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-26182 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-26173 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-33100 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2026-33099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Biometric Service CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability Important Windows Boot Loader CVE-2026-0390 UEFI Secure Boot Security Feature Bypass Vulnerability Important Windows Boot Manager CVE-2026-26175 Windows Boot Manager Security Feature Bypass Vulnerability Important Windows Client Side Caching driver (csc.sys) CVE-2026-26176 Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability Important Windows Cloud Files Mini Filter Driver CVE-2026-27926 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important Windows COM CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability Important Windows COM CVE-2026-20806 Windows COM Server Information Disclosure Vulnerability Important Windows Common Log File System Driver CVE-2026-32070 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Container Isolation FS Filter Driver CVE-2026-33098 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Important Windows Cryptographic Services CVE-2026-26152 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Important Windows Encrypting File System (EFS) CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability Important Windows File Explorer CVE-2026-32084 Windows Print Spooler Information Disclosure Vulnerability Important Windows File Explorer CVE-2026-32079 Web Account Manager Information Disclosure Vulnerability Important Windows File Explorer CVE-2026-32081 Package Catalog Information Disclosure Vulnerability Important Windows GDI CVE-2026-27931 Windows GDI Information Disclosure Vulnerability Important Windows GDI CVE-2026-27930 Windows GDI Information Disclosure Vulnerability Important Windows Hello CVE-2026-27928 Windows Hello Security Feature Bypass Vulnerability Important Windows Hello CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability Important Windows HTTP.sys CVE-2026-33096 HTTP.sys Denial of Service Vulnerability Important Windows IKE Extension CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability Critical Windows Installer CVE-2026-27910 Windows Installer Elevation of Privilege Vulnerability Important Windows Kerberos CVE-2026-27912 Windows Kerberos Elevation of Privilege Vulnerability Important Windows Kernel CVE-2026-32215 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2026-32218 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2026-26179 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2026-32217 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2026-26163 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2026-32195 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2026-26180 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel Memory CVE-2026-26169 Windows Kernel Memory Information Disclosure Vulnerability Important Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-26155 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Important Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-32071 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Important Windows LUAFV CVE-2026-27929 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability Important Windows Management Services CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability Important Windows OLE CVE-2026-26162 Windows OLE Elevation of Privilege Vulnerability Important Windows Print Spooler Components CVE-2026-33101 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Projected File System CVE-2026-26184 Windows Projected File System Elevation of Privilege Vulnerability Important Windows Projected File System CVE-2026-32078 Windows Projected File System Elevation of Privilege Vulnerability Important Windows Projected File System CVE-2026-32074 Windows Projected File System Elevation of Privilege Vulnerability Important Windows Projected File System CVE-2026-32069 Windows Projected File System Elevation of Privilege Vulnerability Important Windows Projected File System CVE-2026-27927 Windows Projected File System Elevation of Privilege Vulnerability Important Windows Push Notifications CVE-2026-32159 Windows Push Notifications Elevation of Privilege Vulnerability Important Windows Push Notifications CVE-2026-32160 Windows Push Notifications Elevation of Privilege Vulnerability Important Windows Push Notifications CVE-2026-26167 Windows Push Notifications Elevation of Privilege Vulnerability Important Windows Push Notifications CVE-2026-26172 Windows Push Notifications Elevation of Privilege Vulnerability Important Windows Push Notifications CVE-2026-32158 Windows Push Notifications Elevation of Privilege Vulnerability Important Windows Recovery Environment Agent CVE-2026-20928 Windows Recovery Environment Security Feature Bypass Vulnerability Important Windows Redirected Drive Buffering CVE-2026-32216 Windows Redirected Drive Buffering System Denial of Service Vulnerability Important Windows Remote Desktop CVE-2026-26151 Remote Desktop Spoofing Vulnerability Important Windows Remote Desktop Licensing Service CVE-2026-26159 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Important Windows Remote Desktop Licensing Service CVE-2026-26160 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Important Windows Remote Procedure Call CVE-2026-32085 Remote Procedure Call Information Disclosure Vulnerability Important Windows RPC API CVE-2026-26183 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability Important Windows Secure Boot CVE-2026-25250 MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix Important Windows Sensor Data Service CVE-2026-26161 Windows Sensor Data Service Elevation of Privilege Vulnerability Important Windows Server Update Service CVE-2026-32224 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Important Windows Server Update Service CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Important Windows Server Update Service CVE-2026-26154 Windows Server Update Service (WSUS) Tampering Vulnerability Important Windows Shell CVE-2026-27918 Windows Shell Elevation of Privilege Vulnerability Important Windows Shell CVE-2026-26165 Windows Shell Elevation of Privilege Vulnerability Important Windows Shell CVE-2026-26166 Windows Shell Elevation of Privilege Vulnerability Important Windows Shell CVE-2026-32225 Windows Shell Security Feature Bypass Vulnerability Important Windows Shell CVE-2026-32151 Windows Shell Information Disclosure Vulnerability Important Windows Shell CVE-2026-32202 Windows Shell Spoofing Vulnerability Important Windows Snipping Tool CVE-2026-32183 Windows Snipping Tool Remote Code Execution Vulnerability Important Windows Snipping Tool CVE-2026-33829 Windows Snipping Tool Spoofing Vulnerability Moderate Windows Speech Brokered Api CVE-2026-32089 Windows Speech Brokered Api Elevation of Privilege Vulnerability Important Windows Speech Brokered Api CVE-2026-32090 Windows Speech Brokered Api Elevation of Privilege Vulnerability Important Windows SSDP Service CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Important Windows SSDP Service CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Important Windows SSDP Service CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Important Windows Storage Spaces Controller CVE-2026-32076 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Important Windows Storage Spaces Controller CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Important Windows TCP/IP CVE-2026-27921 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Important Windows TCP/IP CVE-2026-33827 Windows TCP/IP Remote Code Execution Vulnerability Critical Windows TDI Translation Driver (tdx.sys) CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-27916 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-32156 Windows UPnP Device Host Remote Code Execution Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-32077 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-27919 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-27925 Windows UPnP Device Host Information Disclosure Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-32075 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows Universal Plug and Play (UPnP) Device Host CVE-2026-27920 Windows UPnP Device Host Elevation of Privilege Vulnerability Important Windows USB Print Driver CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability Important Windows User Interface Core CVE-2026-32165 Windows User Interface Core Elevation of Privilege Vulnerability Important Windows User Interface Core CVE-2026-32164 Windows User Interface Core Elevation of Privilege Vulnerability Important Windows User Interface Core CVE-2026-27911 Windows User Interface Core Elevation of Privilege Vulnerability Important Windows User Interface Core CVE-2026-32163 Windows User Interface Core Elevation of Privilege Vulnerability Important Windows Virtualization-Based Security (VBS) Enclave CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Important Windows Virtualization-Based Security (VBS) Enclave CVE-2026-32220 UEFI Secure Boot Security Feature Bypass Vulnerability Important Windows WalletService CVE-2026-32080 Windows WalletService Elevation of Privilege Vulnerability Important Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability Important Windows Win32K - GRFX CVE-2026-33104 Win32k Elevation of Privilege Vulnerability Important Windows Win32K - ICOMP CVE-2026-32222 Windows Win32k Elevation of Privilege Vulnerability Important