Blog  /  Patching updates  /  Microsoft Patch Tuesday – April 2026

Microsoft Patch Tuesday – April 2026

Patching updates Last updated: 14 Apr 2026
Written By
Marcus White Cybersecurity Specialist, Outpost24

Today is Microsoft Patch Tuesday for April 2026. There are 165 vulnerabilities that have been addressed this time around. This release includes one vulnerability with exploitation detected and one publicly disclosed vulnerability, alongside multiple critical remote code execution issues in core Windows infrastructure components.

Notable Patch Tuesday vulnerabilities for April

  • CVE-2026-32201 An input validation flaw in Microsoft SharePoint Server can allow an unauthenticated attacker to spoof content over the network, and exploitation has been detected. Organizations running on-premises SharePoint should prioritize this update immediately to reduce active risk.
  • CVE-2026-33825 An elevation of privilege issue in Microsoft Defender was publicly disclosed before patching, making it a zero-day indicator even without confirmed exploitation. Defender typically auto-updates, but enterprise environments with managed update channels should verify the patched version (4.18.26030.3011 or later) has been applied.
  • CVE-2026-33824 A double free issue in the Windows IKE Extension can allow an unauthenticated attacker to execute code over the network without user interaction. Environments relying on IPsec/IKE for secure connectivity should treat this as a high-priority patch to reduce the risk of remote compromise.
  • CVE-2026-33826 An input validation flaw in Windows Active Directory can allow code execution from an adjacent network by an authenticated attacker. Because this affects identity infrastructure, delaying remediation may increase the risk of lateral movement and broader domain impact.
  • CVE-2026-33827 A race condition in Windows TCP/IP can enable remote code execution by sending a specially crafted IPv6 packet to a node where IPSec is enabled. Even though this vulnerability has higher exploitation complexity, environments using IPv6 with IPSec should prioritize patching across both server and client fleets.

For more detailed information on these and other vulnerabilities, please refer to the release notes: https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr

Need help addressing the above in your own organization? Speak to an Outpost24 expert.

About the Author

Marcus White Cybersecurity Specialist, Outpost24

Marcus is an Outpost24 cybersecurity specialist based in the UK, with 8+ years experience in the tech and cyber sectors. He writes about attack surface management, application security, threat intelligence, and compliance.