Tuesday, April 14

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days


Tag

CVE ID

CVE Title

Severity


.NET

CVE-2026-26171

.NET Denial of Service Vulnerability

Important


.NET

CVE-2026-32178

.NET Spoofing Vulnerability

Important


.NET and Visual Studio

CVE-2026-32203

.NET and Visual Studio Denial of Service Vulnerability

Important


.NET Framework

CVE-2026-23666

.NET Framework Denial of Service Vulnerability

Critical


.NET Framework

CVE-2026-32226

.NET Framework Denial of Service Vulnerability

Important


.NET, .NET Framework, Visual Studio

CVE-2026-33116

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Important


Applocker Filter Driver (applockerfltr.sys)

CVE-2026-25184

Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability

Important


Azure Logic Apps

CVE-2026-32171

Azure Logic Apps Elevation of Privilege Vulnerability

Important


Azure Monitor Agent

CVE-2026-32192

Azure Monitor Agent Elevation of Privilege Vulnerability

Important


Azure Monitor Agent

CVE-2026-32168

Azure Monitor Agent Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-27924

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-32154

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-32152

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-27923

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Desktop Window Manager

CVE-2026-32155

Desktop Window Manager Elevation of Privilege Vulnerability

Important


Function Discovery Service (fdwsd.dll)

CVE-2026-32087

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Important


Function Discovery Service (fdwsd.dll)

CVE-2026-32086

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Important


Function Discovery Service (fdwsd.dll)

CVE-2026-32150

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Important


Function Discovery Service (fdwsd.dll)

CVE-2026-32093

Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Important


GitHub Copilot and Visual Studio Code

CVE-2026-23653

GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability

Important


GitHub Repo: Git for Windows

CVE-2026-32631

GitHub: CVE-2026-32631 ‘git clone’ from manipulated repositories can leak NTLM hashes

Important


Input-Output Memory Management Unit (IOMMU)

CVE-2023-20585

AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability

Important


Microsoft Brokering File System

CVE-2026-32091

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Microsoft Brokering File System

CVE-2026-32219

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Microsoft Brokering File System

CVE-2026-26181

Microsoft Brokering File System Elevation of Privilege Vulnerability

Important


Microsoft Defender

CVE-2026-33825

Microsoft Defender Elevation of Privilege Vulnerability

Important


Microsoft Dynamics 365 (on-premises)

CVE-2026-33103

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Important


Microsoft Graphics Component

CVE-2026-32221

Windows Graphics Component Remote Code Execution Vulnerability

Important


Microsoft High Performance Compute Pack (HPC)

CVE-2026-32184

Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability

Important


Microsoft Management Console

CVE-2026-27914

Microsoft Management Console Elevation of Privilege Vulnerability

Important


Microsoft Office

CVE-2026-32190

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office Excel

CVE-2026-32199

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-32198

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-32197

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2026-32188

Microsoft Excel Information Disclosure Vulnerability

Important


Microsoft Office Excel

CVE-2026-32189

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office PowerPoint

CVE-2026-32200

Microsoft PowerPoint Remote Code Execution Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-32201

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office SharePoint

CVE-2026-20945

Microsoft SharePoint Server Spoofing Vulnerability

Important


Microsoft Office Word

CVE-2026-23657

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2026-33115

Microsoft Word Remote Code Execution Vulnerability

Critical


Microsoft Office Word

CVE-2026-33114

Microsoft Word Remote Code Execution Vulnerability

Critical


Microsoft Office Word

CVE-2026-33095

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2026-33822

Microsoft Word Information Disclosure Vulnerability

Important


Microsoft Power Apps

CVE-2026-26149

Microsoft Power Apps Security Feature Bypass

Important


Microsoft PowerShell

CVE-2026-26143

Microsoft PowerShell Security Feature Bypass Vulnerability

Important


Microsoft PowerShell

CVE-2026-26170

PowerShell Elevation of Privilege Vulnerability

Important


Microsoft Windows

CVE-2026-32181

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Important


Microsoft Windows Search Component

CVE-2026-27909

Windows Search Service Elevation of Privilege Vulnerability

Important


Microsoft Windows Speech

CVE-2026-32153

Windows Speech Runtime Elevation of Privilege Vulnerability

Important


Node.js

CVE-2026-21637

HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers

Moderate


Remote Desktop Client

CVE-2026-32157

Remote Desktop Client Remote Code Execution Vulnerability

Critical


Role: Windows Hyper-V

CVE-2026-32149

Windows Hyper-V Remote Code Execution Vulnerability

Important


Role: Windows Hyper-V

CVE-2026-26156

Windows Hyper-V Remote Code Execution Vulnerability

Important


SQL Server

CVE-2026-33120

Microsoft SQL Server Remote Code Execution Vulnerability

Important


SQL Server

CVE-2026-32176

SQL Server Elevation of Privilege Vulnerability

Important


SQL Server

CVE-2026-32167

SQL Server Elevation of Privilege Vulnerability

Important


Universal Plug and Play (upnp.dll)

CVE-2026-32212

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Important


Universal Plug and Play (upnp.dll)

CVE-2026-32214

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Important


Windows Active Directory

CVE-2026-32072

Active Directory Spoofing Vulnerability

Important


Windows Active Directory

CVE-2026-33826

Windows Active Directory Remote Code Execution Vulnerability

Critical


Windows Admin Center

CVE-2026-32196

Windows Admin Center Spoofing Vulnerability

Important


Windows Advanced Rasterization Platform

CVE-2026-26178

Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-27922

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-26177

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-32073

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-26168

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-26182

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-26173

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-33100

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Ancillary Function Driver for WinSock

CVE-2026-33099

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Important


Windows Biometric Service

CVE-2026-32088

Windows Biometric Service Security Feature Bypass Vulnerability

Important


Windows BitLocker

CVE-2026-27913

Windows BitLocker Security Feature Bypass Vulnerability

Important


Windows Boot Loader

CVE-2026-0390

UEFI Secure Boot Security Feature Bypass Vulnerability

Important


Windows Boot Manager

CVE-2026-26175

Windows Boot Manager Security Feature Bypass Vulnerability

Important


Windows Client Side Caching driver (csc.sys)

CVE-2026-26176

Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability

Important


Windows Cloud Files Mini Filter Driver

CVE-2026-27926

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Important


Windows COM

CVE-2026-32162

Windows COM Elevation of Privilege Vulnerability

Important


Windows COM

CVE-2026-20806

Windows COM Server Information Disclosure Vulnerability

Important


Windows Common Log File System Driver

CVE-2026-32070

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important


Windows Container Isolation FS Filter Driver

CVE-2026-33098

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Important


Windows Cryptographic Services

CVE-2026-26152

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Important


Windows Encrypting File System (EFS)

CVE-2026-26153

Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability

Important


Windows File Explorer

CVE-2026-32084

Windows Print Spooler Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-32079

Web Account Manager Information Disclosure Vulnerability

Important


Windows File Explorer

CVE-2026-32081

Package Catalog Information Disclosure Vulnerability

Important


Windows GDI

CVE-2026-27931

Windows GDI Information Disclosure Vulnerability

Important


Windows GDI

CVE-2026-27930

Windows GDI Information Disclosure Vulnerability

Important


Windows Hello

CVE-2026-27928

Windows Hello Security Feature Bypass Vulnerability

Important


Windows Hello

CVE-2026-27906

Windows Hello Security Feature Bypass Vulnerability

Important


Windows HTTP.sys

CVE-2026-33096

HTTP.sys Denial of Service Vulnerability

Important


Windows IKE Extension

CVE-2026-33824

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Critical


Windows Installer

CVE-2026-27910

Windows Installer Elevation of Privilege Vulnerability

Important


Windows Kerberos

CVE-2026-27912

Windows Kerberos Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-32215

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-32218

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-26179

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-32217

Windows Kernel Information Disclosure Vulnerability

Important


Windows Kernel

CVE-2026-26163

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-32195

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2026-26180

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel Memory

CVE-2026-26169

Windows Kernel Memory Information Disclosure Vulnerability

Important


Windows Local Security Authority Subsystem Service (LSASS)

CVE-2026-26155

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Important


Windows Local Security Authority Subsystem Service (LSASS)

CVE-2026-32071

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Important


Windows LUAFV

CVE-2026-27929

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Important


Windows Management Services

CVE-2026-20930

Windows Management Services Elevation of Privilege Vulnerability

Important


Windows OLE

CVE-2026-26162

Windows OLE Elevation of Privilege Vulnerability

Important


Windows Print Spooler Components

CVE-2026-33101

Windows Print Spooler Elevation of Privilege Vulnerability

Important


Windows Projected File System

CVE-2026-26184

Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Projected File System

CVE-2026-32078

Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Projected File System

CVE-2026-32074

Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Projected File System

CVE-2026-32069

Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Projected File System

CVE-2026-27927

Windows Projected File System Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-32159

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-32160

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-26167

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-26172

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Push Notifications

CVE-2026-32158

Windows Push Notifications Elevation of Privilege Vulnerability

Important


Windows Recovery Environment Agent

CVE-2026-20928

Windows Recovery Environment Security Feature Bypass Vulnerability

Important


Windows Redirected Drive Buffering

CVE-2026-32216

Windows Redirected Drive Buffering System Denial of Service Vulnerability

Important


Windows Remote Desktop

CVE-2026-26151

Remote Desktop Spoofing Vulnerability

Important


Windows Remote Desktop Licensing Service

CVE-2026-26159

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Important


Windows Remote Desktop Licensing Service

CVE-2026-26160

Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Important


Windows Remote Procedure Call

CVE-2026-32085

Remote Procedure Call Information Disclosure Vulnerability

Important


Windows RPC API

CVE-2026-26183

Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Important


Windows Secure Boot

CVE-2026-25250

MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix

Important


Windows Sensor Data Service

CVE-2026-26161

Windows Sensor Data Service Elevation of Privilege Vulnerability

Important


Windows Server Update Service

CVE-2026-32224

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Important


Windows Server Update Service

CVE-2026-26174

Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Important


Windows Server Update Service

CVE-2026-26154

Windows Server Update Service (WSUS) Tampering Vulnerability

Important


Windows Shell

CVE-2026-27918

Windows Shell Elevation of Privilege Vulnerability

Important


Windows Shell

CVE-2026-26165

Windows Shell Elevation of Privilege Vulnerability

Important


Windows Shell

CVE-2026-26166

Windows Shell Elevation of Privilege Vulnerability

Important


Windows Shell

CVE-2026-32225

Windows Shell Security Feature Bypass Vulnerability

Important


Windows Shell

CVE-2026-32151

Windows Shell Information Disclosure Vulnerability

Important


Windows Shell

CVE-2026-32202

Windows Shell Spoofing Vulnerability

Important


Windows Snipping Tool

CVE-2026-32183

Windows Snipping Tool Remote Code Execution Vulnerability

Important


Windows Snipping Tool

CVE-2026-33829

Windows Snipping Tool Spoofing Vulnerability

Moderate


Windows Speech Brokered Api

CVE-2026-32089

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Important


Windows Speech Brokered Api

CVE-2026-32090

Windows Speech Brokered Api Elevation of Privilege Vulnerability

Important


Windows SSDP Service

CVE-2026-32083

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Important


Windows SSDP Service

CVE-2026-32082

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Important


Windows SSDP Service

CVE-2026-32068

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Important


Windows Storage Spaces Controller

CVE-2026-32076

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Important


Windows Storage Spaces Controller

CVE-2026-27907

Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Important


Windows TCP/IP

CVE-2026-27921

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Important


Windows TCP/IP

CVE-2026-33827

Windows TCP/IP Remote Code Execution Vulnerability

Critical


Windows TDI Translation Driver (tdx.sys)

CVE-2026-27908

Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-27916

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-32156

Windows UPnP Device Host Remote Code Execution Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-32077

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-27915

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-27919

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-27925

Windows UPnP Device Host Information Disclosure Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-32075

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2026-27920

Windows UPnP Device Host Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2026-32223

Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

Important


Windows User Interface Core

CVE-2026-32165

Windows User Interface Core Elevation of Privilege Vulnerability

Important


Windows User Interface Core

CVE-2026-32164

Windows User Interface Core Elevation of Privilege Vulnerability

Important


Windows User Interface Core

CVE-2026-27911

Windows User Interface Core Elevation of Privilege Vulnerability

Important


Windows User Interface Core

CVE-2026-32163

Windows User Interface Core Elevation of Privilege Vulnerability

Important


Windows Virtualization-Based Security (VBS) Enclave

CVE-2026-23670

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Important


Windows Virtualization-Based Security (VBS) Enclave

CVE-2026-32220

UEFI Secure Boot Security Feature Bypass Vulnerability

Important


Windows WalletService

CVE-2026-32080

Windows WalletService Elevation of Privilege Vulnerability

Important


Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)

CVE-2026-27917

Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability

Important


Windows Win32K – GRFX

CVE-2026-33104

Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K – ICOMP

CVE-2026-32222

Windows Win32k Elevation of Privilege Vulnerability

Important




Source link

Leave a Reply

Your email address will not be published. Required fields are marked *