{"id":233648,"date":"2026-04-14T16:31:00","date_gmt":"2026-04-14T20:31:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/14\/microsoft-drops-its-second-largest-monthly-batch-of-defects-on-record\/"},"modified":"2026-04-20T22:15:14","modified_gmt":"2026-04-21T02:15:14","slug":"microsoft-drops-its-second-largest-monthly-batch-of-defects-on-record","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/14\/microsoft-drops-its-second-largest-monthly-batch-of-defects-on-record\/","title":{"rendered":"Microsoft drops its second-largest monthly batch of defects on record"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2026\/\">Microsoft drops its second-largest monthly batch of defects on record<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2026\/\">https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2026\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-14 16:31:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Microsoft addressed 165 vulnerabilities affecting its various products and underlying systems, including one actively exploited vulnerability in Microsoft Office SharePoint, in this month\u2019s Patch Tuesday update.\u00a0<\/p>\n<p>\u201cBy my count, this is the second-largest monthly release in Microsoft\u2019s history,\u201d Dustin Childs, head of threat awareness at Trend Micro\u2019s Zero Day Initiative, wrote in a blog post Tuesday.<\/p>\n<p>Microsoft didn\u2019t explain why its monthly batch of patches grew so large this month, but Childs noted that many vulnerability programs are experiencing a significant increase in submissions found by artificial intelligence tools. \u201cFor us, our incoming rate has essentially tripled, making triage a challenge, to say the least,\u201d he added.\u00a0<\/p>\n<p>The zero-day vulnerability \u2014 CVE-2026-32201 \u2014 has a CVSS rating of 6.5 and allows attackers to view sensitive information and make changes to disclosed information. Microsoft said the improper input validation defect in Microsoft Office SharePoint allows unauthenticated attackers to perform spoofing over a network.<\/p>\n<p>The Cybersecurity and Infrastructure Security Agency added the zero-day to its known exploited vulnerabilities catalog shortly after Microsoft\u2019s disclosure.\u00a0<\/p>\n<p>Microsoft also addressed a high-severity vulnerability \u2014 CVE-2026-33825 \u2014 that was publicly known at the time of release. The vendor said the defect in Microsoft Defender is more likely to be exploited and could allow unauthorized attackers to elevate privileges locally.<\/p>\n<p>\u201cWhat starts as a foothold can quickly become full system domination,\u201d Jack Bicer, director of vulnerability research at Action1, said in a blog post about the vulnerability.\u00a0<\/p>\n<p>\u201cOnce exploited, it allows full control over endpoints, enabling data exfiltration, disabling security tools and lateral movement across networks,\u201d Bicer said.<\/p>\n<p>Proof-of-concept exploit code for the defect is publicly available, which increases the likelihood&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2026\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft drops its second-largest monthly batch of defects on record https:\/\/cyberscoop.com\/microsoft-patch-tuesday-april-2026\/ Publish Date: 2026-04-14 16:31:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":233649,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2021\/05\/GettyImages-1306394026.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,24,31,27],"class_list":["post-233648","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233648"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=233648"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233648\/revisions"}],"predecessor-version":[{"id":233650,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233648\/revisions\/233650"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/233649"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=233648"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=233648"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=233648"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}