Microsoft Addresses 167 Vulnerabilities in April 2026 Security Update

Microsoft Corporation released its comprehensive monthly security update on April 14, 2026, addressing a total of 167 vulnerabilities across its software portfolio. This release represents one of the largest security deployments in recent years, covering critical flaws in Windows, Microsoft Office, Azure, and the .NET framework. Of the 167 vulnerabilities identified, 18 are classified as Critical, 148 as Important, and one as Moderate in severity.

The April update is headlined by the remediation of two zero-day vulnerabilities. The most significant of these is CVE-2026-21432, a critical remote code execution vulnerability residing in Microsoft Office SharePoint. According to the Microsoft Security Response Center, this flaw is currently being exploited in the wild. The vulnerability allows an unauthenticated attacker to execute arbitrary code on a targeted SharePoint server by sending a specially crafted network request. Microsoft has advised enterprise administrators to prioritize the deployment of this specific patch to prevent unauthorized access to sensitive corporate data and potential lateral movement within internal networks.

The second zero-day vulnerability, identified as CVE-2026-21455, involves a security feature bypass in the Windows Mark of the Web functionality. While Microsoft has not yet observed active exploitation of this flaw, the company confirmed that details regarding the vulnerability were publicly disclosed prior to the release of the patch. This bypass could allow malicious files to circumvent security warnings when downloaded from external sources, potentially leading to the execution of unauthorized software on user machines.

In addition to the zero-day fixes, the update addresses 42 remote code execution vulnerabilities, 35 elevation of privilege flaws, and 22 information disclosure bugs. Notable inclusions are fixes for a critical remote code execution vulnerability in the Windows DNS Server and a denial-of-service flaw within the .NET framework. The release also incorporates security updates for the Chromium-based Microsoft Edge browser, addressing 12 vulnerabilities reported through the Chromium project.

Microsoft provided official documentation for these updates through its Security Update Guide, noting that the patches are available via Windows Update, Microsoft Update Catalog, and Windows Server Update Services. For enterprise environments, the company emphasized that deployment should follow standard testing protocols, though the active exploitation of the SharePoint flaw necessitates an accelerated timeline for many organizations. No official statement regarding the origin of the SharePoint exploits was provided by the company.