Overview
- U.S. cyber officials said attackers are hitting vulnerabilities across Microsoft, Adobe and Fortinet products, including a 2009 Excel bug and a 2012 Visual Basic issue that linger on legacy machines.
- Microsoft released April security updates for 167 vulnerabilities across Windows, Office, cloud services and Edge, with eight rated critical for remote code execution or other severe impact.
- One patched SharePoint flaw, tracked as CVE-2026-32201, is already exploited in spoofing attacks that can let intruders view or change data stored on SharePoint sites.
- Exploit code for a Microsoft Defender privilege‑escalation bug, CVE-2026-33825, was posted publicly before the fix, raising the likelihood that others reuse it to gain higher system rights.
- CISA did not share indicators of compromise, so defenders have limited clues for hunting and are urged to apply updates immediately, especially for critical Windows components like Remote Desktop, IKE and the TCP/IP stack.