Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch

Microsoft confirmed that CVE-2026-32202—a zero-click Windows vulnerability that can exfiltrate credentials when Explorer renders a malicious file—was actively exploited in the wild; the issue arose after an incomplete February fix for a related flaw (CVE-2026-21510, previously used by APT28) left a silent credential-leak path open, prompting an April 14 patch and an updated advisory urging immediate remediation and mitigation steps.