Microsoft Patch Tuesday – April 2026

Microsoft's April 2026 Patch Tuesday fixes 165 vulnerabilities across Windows and related products, including several critical remote code execution issues. Notable items include an actively exploited SharePoint input validation flaw (CVE-2026-32201), a publicly disclosed elevation-of-privilege in Microsoft Defender (CVE-2026-33825), and high-priority network-facing bugs in IKE, Active Directory, and TCP/IP that may enable remote code execution or lateral movement; organisations are advised to prioritise patching, especially on exposed or identity-critical systems.