HomeTechnology

Microsoft Strengthens Security with Patches for SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft Strengthens Security with Patches for SharePoint Zero-Day and 168 Additional Vulnerabilities

On Tuesday, Microsoft unveiled a major update addressing a record 169 security vulnerabilities across its product suite. This release is particularly significant due to the inclusion of a zero-day vulnerability that has been actively exploited, underscoring the persistent challenges organizations face in maintaining cybersecurity.

Overview of the Vulnerabilities

The 169 vulnerabilities are categorized by severity: 157 are deemed Important, eight are Critical, three are Moderate, and one is Low. The breakdown indicates that 93 vulnerabilities relate to privilege escalation, while 21 are associated with information disclosure and another 21 with remote code execution. Additional categories include 14 security feature bypasses, 10 spoofing vulnerabilities, and nine denial-of-service issues.

This update also addresses four non-Microsoft Common Vulnerabilities and Exposures (CVEs) impacting third-party products: AMD (CVE-2023-20585), Node.js (CVE-2026-21637), Windows Secure Boot (CVE-2026-25250), and Git for Windows (CVE-2026-32631). This comprehensive update follows the resolution of 78 vulnerabilities in Microsoft’s Chromium-based Edge browser last month.

Historical Context and Industry Impact

This release marks the second-largest Patch Tuesday in Microsoft’s history, just short of the record set in October 2025, which addressed 183 security flaws. A senior staff research engineer at Tenable noted that if the current pace continues, 2026 could see over 1,000 Patch Tuesday CVEs annually, highlighting the increasing complexity and frequency of security threats organizations must navigate.

In the past eight months, privilege escalation vulnerabilities have dominated the Patch Tuesday landscape, accounting for 57% of all CVEs patched in April. In contrast, remote code execution vulnerabilities have decreased to just 12%, indicating a shift in the types of threats organizations are facing.

Active Exploitation of CVE-2026-32201

One vulnerability that has drawn significant attention is CVE-2026-32201, a spoofing vulnerability affecting Microsoft SharePoint Server, which carries a CVSS score of 6.5. Microsoft indicated that improper input validation within SharePoint allows unauthorized attackers to spoof content over a network. This vulnerability enables attackers to view sensitive information and alter disclosed data, although it does not allow them to restrict access to resources.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has responded to the active exploitation of this vulnerability by adding it to the Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch (FCEB) agencies are required to remediate this vulnerability by April 28, 2026.

Implications of CVE-2026-33825 in Microsoft Defender

Another critical vulnerability is CVE-2026-33825, a privilege escalation flaw in Microsoft Defender with a CVSS score of 7.8. This vulnerability could allow an authorized attacker to elevate privileges locally by exploiting inadequate access controls within Defender. Microsoft stated that no user action is required to install the update for this vulnerability, as the platform updates itself automatically.

The patch addresses a zero-day exploit known as BlueHammer, which was publicly disclosed on GitHub by a security researcher following a breakdown in communication with Microsoft regarding the vulnerability disclosure process. This exploit leverages the Microsoft Defender update process to escalate privileges, allowing low-privileged users to gain SYSTEM-level access.

Remote Code Execution Risk in IKE Service Extensions

Among the most severe vulnerabilities addressed in this update is CVE-2026-33824, which affects the Windows Internet Key Exchange (IKE) Service Extensions and has a CVSS score of 9.8. Exploitation of this vulnerability requires an attacker to send specially crafted packets to a Windows machine with IKE v2 enabled, potentially leading to remote code execution.

A lead software engineer at Rapid7 noted that vulnerabilities allowing unauthenticated remote code execution against modern Windows assets are rare. However, the IKE service is exposed to untrusted networks, making it a target for attackers. The implications for enterprise environments are significant, particularly for those relying on VPN or IPsec for secure communications. Successful exploitation could lead to complete system compromise, enabling attackers to steal sensitive data or disrupt operations.

For further details on the vulnerabilities addressed, refer to the original reporting source: cyberwarriorsmiddleeast.com.

Explore the latest digital editions of FAME Delivered in the Magazine section: https://famedelivered.com/magazine/

Published on 2026-04-15 15:04:00 • By FAME Delivered News Desk

FAME Delivered News Desk

Microsoft Strengthens Security with Patches for SharePoint Zero-Day and 168 Additional Vulnerabilities

Microsoft Strengthens Security with Patches for SharePoint Zero-Day and 168 Additional Vulnerabilities

On Tuesday, Microsoft unveiled a major update addressing a record 169 security vulnerabilities across its product suite. This release is particularly significant due to the inclusion of a zero-day vulnerability that has been actively exploited, underscoring the persistent challenges organizations face in maintaining cybersecurity.

Overview of the Vulnerabilities

The 169 vulnerabilities are categorized by severity: 157 are deemed Important, eight are Critical, three are Moderate, and one is Low. The breakdown indicates that 93 vulnerabilities relate to privilege escalation, while 21 are associated with information disclosure and another 21 with remote code execution. Additional categories include 14 security feature bypasses, 10 spoofing vulnerabilities, and nine denial-of-service issues.

This update also addresses four non-Microsoft Common Vulnerabilities and Exposures (CVEs) impacting third-party products: AMD (CVE-2023-20585), Node.js (CVE-2026-21637), Windows Secure Boot (CVE-2026-25250), and Git for Windows (CVE-2026-32631). This comprehensive update follows the resolution of 78 vulnerabilities in Microsoft’s Chromium-based Edge browser last month.

Historical Context and Industry Impact

This release marks the second-largest Patch Tuesday in Microsoft’s history, just short of the record set in October 2025, which addressed 183 security flaws. A senior staff research engineer at Tenable noted that if the current pace continues, 2026 could see over 1,000 Patch Tuesday CVEs annually, highlighting the increasing complexity and frequency of security threats organizations must navigate.

In the past eight months, privilege escalation vulnerabilities have dominated the Patch Tuesday landscape, accounting for 57% of all CVEs patched in April. In contrast, remote code execution vulnerabilities have decreased to just 12%, indicating a shift in the types of threats organizations are facing.

Active Exploitation of CVE-2026-32201

One vulnerability that has drawn significant attention is CVE-2026-32201, a spoofing vulnerability affecting Microsoft SharePoint Server, which carries a CVSS score of 6.5. Microsoft indicated that improper input validation within SharePoint allows unauthorized attackers to spoof content over a network. This vulnerability enables attackers to view sensitive information and alter disclosed data, although it does not allow them to restrict access to resources.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has responded to the active exploitation of this vulnerability by adding it to the Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch (FCEB) agencies are required to remediate this vulnerability by April 28, 2026.

Implications of CVE-2026-33825 in Microsoft Defender

Another critical vulnerability is CVE-2026-33825, a privilege escalation flaw in Microsoft Defender with a CVSS score of 7.8. This vulnerability could allow an authorized attacker to elevate privileges locally by exploiting inadequate access controls within Defender. Microsoft stated that no user action is required to install the update for this vulnerability, as the platform updates itself automatically.

The patch addresses a zero-day exploit known as BlueHammer, which was publicly disclosed on GitHub by a security researcher following a breakdown in communication with Microsoft regarding the vulnerability disclosure process. This exploit leverages the Microsoft Defender update process to escalate privileges, allowing low-privileged users to gain SYSTEM-level access.

Remote Code Execution Risk in IKE Service Extensions

Among the most severe vulnerabilities addressed in this update is CVE-2026-33824, which affects the Windows Internet Key Exchange (IKE) Service Extensions and has a CVSS score of 9.8. Exploitation of this vulnerability requires an attacker to send specially crafted packets to a Windows machine with IKE v2 enabled, potentially leading to remote code execution.

A lead software engineer at Rapid7 noted that vulnerabilities allowing unauthenticated remote code execution against modern Windows assets are rare. However, the IKE service is exposed to untrusted networks, making it a target for attackers. The implications for enterprise environments are significant, particularly for those relying on VPN or IPsec for secure communications. Successful exploitation could lead to complete system compromise, enabling attackers to steal sensitive data or disrupt operations.

For further details on the vulnerabilities addressed, refer to the original reporting source: cyberwarriorsmiddleeast.com.

Explore the latest digital editions of FAME Delivered in the Magazine section: https://famedelivered.com/magazine/

Published on 2026-04-15 15:04:00 • By FAME Delivered News Desk

RELATED ARTICLES

Technology

Aftershock Strikes Caracas as Venezuela’s Death Toll Nears 1,500 in Urgent Rescue Operations

FAME Delivered News Desk -
Aftershock Strikes Caracas as Venezuela's Death Toll Nears 1,500 in Urgent Rescue Operations Caracas experienced a 4.6-magnitude aftershock early Monday, centered at a depth of...
Technology

Bill Maher Defies White House Opposition to Receive Mark Twain Prize at Kennedy Center

FAME Delivered News Desk -
Bill Maher Defies White House Opposition to Receive Mark Twain Prize at Kennedy Center The John F. Kennedy Memorial Center for the Performing Arts hosted...
Technology

New Enterprise-Ready MCP Specification Strengthens AI Integration but Introduces Security Risks for Developers

FAME Delivered News Desk -
New Enterprise-Ready MCP Specification Strengthens AI Integration but Introduces Security Risks for Developers The Model Concept Protocol (MCP) is set to undergo a major transformation,...
Technology

UAE Strengthens Bankruptcy Framework, Transforming Default into Recovery and Economic Stability

FAME Delivered News Desk -
UAE Strengthens Bankruptcy Framework, Transforming Default into Recovery and Economic Stability Abu Dhabi: The United Arab Emirates (UAE) has made significant strides in reshaping its...
Technology

AI-Powered Risk Management Transforms BFSI Decision-Making in 2026

FAME Delivered News Desk -
AI-Powered Risk Management Transforms BFSI Decision-Making in 2026 In 2026, the Banking, Financial Services, and Insurance (BFSI) sector is undergoing a profound transformation fueled by...

Latest Posts

Latest Posts

Don't Miss

Subscribe

To be updated with all the latest news, offers and special announcements.