CP
cyberpings

Microsoft Fixes Two Zero-Days in April Patch Tuesday

Microsoft has patched two zero-day vulnerabilities, including one actively exploited. These flaws could lead to serious security risks in enterprise environments. It's crucial for sysadmins to update their systems immediately.

VulnerabilitiesHIGHUpdated: Published:
Featured image for Microsoft Fixes Two Zero-Days in April Patch Tuesday

Original Reporting

IMInfosecurity Magazine

AI Summary

CyberPings AI·Reviewed by Rohit Rana

🎯Basically, Microsoft fixed two serious security holes in its software that hackers could use to attack systems.

What Happened

On April 14, 2026, Microsoft released its monthly Patch Tuesday updates, addressing a total of over 160 vulnerabilities. Among these were two critical zero-day flaws: CVE-2026-32201 and CVE-2026-33825. The first is actively exploited in the wild, while the second has been publicly disclosed but not yet exploited.

The Flaw

CVE-2026-32201 is a server spoofing vulnerability in SharePoint. It allows attackers to manipulate how information is presented to users, which could lead to phishing attacks and unauthorized data manipulation. The second flaw, CVE-2026-33825, is an elevation of privilege vulnerability in Microsoft Defender, enabling attackers to gain system-level access and control over endpoints.

What's at Risk

The exploitation of these vulnerabilities poses significant risks to enterprise environments. For instance, the SharePoint flaw can deceive users by presenting falsified information, potentially leading to broader attacks. Meanwhile, the Microsoft Defender vulnerability could allow attackers to exfiltrate data and disable security tools, increasing the risk of lateral movement across networks.

Patch Status

Microsoft has released patches for both vulnerabilities. System administrators are urged to apply these updates promptly to mitigate potential risks. The April Patch Tuesday also included a notable remote code execution flaw (CVE-2026-33824) with a CVSS score of 9.8, which could be exploited remotely and poses a serious threat to systems relying on VPN or IPsec for secure communications.

Immediate Actions

By taking these proactive steps, organizations can significantly reduce their exposure to these vulnerabilities and enhance their overall security posture.

Containment

  • 1.Update Systems: Ensure that all Microsoft products are updated with the latest patches.
  • 2.Monitor for Exploitation: Keep an eye on system logs for any signs of exploitation related to the mentioned CVEs.

🔒 Pro Insight

🔒 Pro insight: The active exploitation of CVE-2026-32201 underscores the urgent need for organizations to prioritize timely patching and user education.

IMInfosecurity Magazine
Read Original

Share

Related Pings

Preview image for Windows Snipping Tool - PoC Exploit for NTLM Hash Leak
Vulnerabilities
HIGH

Windows Snipping Tool - PoC Exploit for NTLM Hash Leak

A PoC exploit for a vulnerability in Microsoft's Snipping Tool has been released, allowing attackers to steal Net-NTLM hashes through social engineering tactics.

CSCyber Security News+1 more
Read PingRead Source
Preview image for CVE-2023-33538 - Year-long Attack Fails to Exploit Vulnerability
Vulnerabilities
HIGH

CVE-2023-33538 - Year-long Attack Fails to Exploit Vulnerability

Hackers have targeted CVE-2023-33538 in TP-Link routers for over a year, but no successful exploitation has been recorded. Despite high-risk scores, attackers face limitations. Users should update their firmware and change default credentials.

SASecurity Affairs
Read PingRead Source
Preview image for iTerm2 Vulnerability - SSH Integration Allows Code Execution
Vulnerabilities
HIGH

iTerm2 Vulnerability - SSH Integration Allows Code Execution

A newly discovered flaw in iTerm2 allows attackers to execute code by simply viewing a malicious text file. This vulnerability affects macOS users, posing a significant risk. Caution is advised when handling untrusted files or SSH connections until a fix is available.

CSCyber Security News
Read PingRead Source
Preview image for Windows Vulnerabilities - Trio Under Active Exploitation
Vulnerabilities
CRITICAL

Windows Vulnerabilities - Trio Under Active Exploitation

Three new Windows vulnerabilities have been weaponized by attackers. Organizations are at risk of admin access breaches. Immediate updates and monitoring are essential to protect systems.

SCSC Media
Read PingRead Source
Preview image for Anthropic MCP Design Vulnerability Enables RCE Threat, Exposing 200,000 Servers
Vulnerabilities
CRITICAL

Anthropic MCP Design Vulnerability Enables RCE Threat, Exposing 200,000 Servers

A critical vulnerability in Anthropic's Model Context Protocol exposes 200,000 servers to remote code execution threats. Immediate protective measures are recommended.

THThe Hacker News+1 more
Read PingRead Source
Vulnerabilities
HIGH

CISA Adds Eight New Vulnerabilities to KEV Catalog

CISA has added eight vulnerabilities to its KEV Catalog, highlighting serious risks for federal networks. Organizations need to act quickly to remediate these flaws to avoid exploitation.

CICISA Advisories
Read PingRead Source