PRIVILEGE Elevation Dominates Microsoft’s patch Tuesday, with elevation-of-privilege bugs accounting for more than half of the 165 CVEs patched. Microsoft noted that one zero-day is actively being exploited, CVE-2026-32201, a spoofing vulnerability in SharePoint Server, while another publicly disclosed but not yet exploited zero-day, CVE-2026-33825, affects Defender and is considered likely to be exploited.
In total, 19 of the newly disclosed flaws are seen as high likelihood targets for attackers, and roughly 60% of the patched flaws are elevation-of-privilege bugs, followed by RCE and information-disclosure flaws. The zero-day CVE-2026-32201 was described by Mike Walters of Action1 as a tool that can be used to manipulate what information users see, potentially enabling broader attacks, while CVE-2026-33825 is discussed by Jack Bicer of Action1 as likely to be chained with other exploits.
Dozens of Edge and Chromium fixes were also republished, with industry voices noting browser patching can be deployed fleet-wide in minutes. According to Satnam Narang of Tenable, elevation-of-privilege bugs continue to dominate Patch Tuesday cycles, now representing a record share of patched CVEs in April. 14 April 2026.