Microsoft Patches SharePoint Zero-Day Alongside 168 Other Vulnerabilities
Original source
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
The Hacker News →Microsoft’s April 2026 Patch Tuesday addresses 169 vulnerabilities across its product ecosystem, including an actively exploited zero-day in SharePoint. The SharePoint flaw allowed authenticated attackers to execute arbitrary code on affected servers, and evidence suggests it was already being leveraged in targeted attacks before the fix was available.
The broader patch batch covers critical flaws in Windows, Office, Azure, and other Microsoft services, with several remote code execution and privilege escalation bugs rated critical. Organizations running SharePoint on-premises are urged to prioritize that fix immediately given confirmed in-the-wild exploitation.
The sheer volume of patches - one of the larger Patch Tuesday releases this year - underscores the expanding attack surface across Microsoft’s stack and the ongoing challenge enterprises face in keeping up with monthly remediation cycles.
Read the full article
Continue reading at The Hacker News →This is an AI-generated summary. Read the original for the full story.