On April 14, 2026, Microsoft released its April 2026 security update, addressing 165 newly disclosed vulnerabilities. Among these, Arctic Wolf has highlighted two vulnerabilities in this security bulletin.

ArcticWolf's platform is a central hub for cybersecurity professionals, offering insights into managed detection and response (MDR), threat intelligence, and security operations. Through articles, reports, and webinars, ArcticWolf offers insights into detecting and responding to cybersecurity threats effectively. Security analysts can learn about threat hunting, incident response strategies, and security best practices to protect organizations from cyberattacks.

Arctic Wolf

Microsoft's April 2026 Patch Tuesday addresses 165 vulnerabilities. Arctic Wolf highlights two critical ones: CVE-2026-32201, a SharePoint Server spoofing vulnerability (CVSS 6.5) already being exploited in the wild, and CVE-2026-33824, a critical Windows IKE Service Extensions RCE vulnerability (CVSS 9.8) caused by a double-free bug that allows unauthenticated remote code execution. Upgrading to the latest fixed versions, particularly for Windows Server 2025, is strongly recommended.

Microsoft Patch Tuesday: April 2026