Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft shipped April 2026 Patch Tuesday updates covering 165 CVEs, including an actively exploited zero-day and a publicly disclosed flaw, creating immediate remediation pressure across Windows and related products. The bundle matters because multiple patched bugs can enable remote code execution, elevation of privilege, or information disclosure. Microsoft also said 19 vulnerabilities are more likely to be exploited and need high-priority attention. The update spans SharePoint Server, Defender, Windows IKE, Word, and nearly 80 Edge/Chromium fixes.
Cases
Related Happenings
Amazon security patch release for CVE-2026-50549
Security Patch Release
H score29
First: 09.07.2026 14:00
Last: 09.07.2026 14:00
Sources 1
About this happening:
**Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...
Amazon security patch release for CVE-2026-50549
Security Patch ReleaseAbout this happening: **Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...
BeyondTrust Remote Support and Privileged Remote Access critical fixes
Security Patch Release
H score38
First: 07.07.2026 08:16
Last: 07.07.2026 08:16
Sources 1
About this happening:
**BeyondTrust** released **RS 25.3.3** and **PRA 25.3.3** to fix **four critical vulnerabilities** in its remote-access appliances, including **pre-authentication access-control b...
BeyondTrust Remote Support and Privileged Remote Access critical fixes
Security Patch ReleaseAbout this happening: **BeyondTrust** released **RS 25.3.3** and **PRA 25.3.3** to fix **four critical vulnerabilities** in its remote-access appliances, including **pre-authentication access-control b...
OpenAI Daybreak expands with **GPT-5.5-Cyber** and **Codex Security** patch automation
Security Tool/Service
H score14
First: 23.06.2026 17:15
Last: 23.06.2026 17:15
Sources 1
About this happening:
OpenAI expanded **Daybreak** with a full release of **GPT-5.5-Cyber** and updated **Codex Security**, widening AI-assisted patch automation for **verified defenders**. The rollout...
OpenAI Daybreak expands with **GPT-5.5-Cyber** and **Codex Security** patch automation
Security Tool/ServiceAbout this happening: OpenAI expanded **Daybreak** with a full release of **GPT-5.5-Cyber** and updated **Codex Security**, widening AI-assisted patch automation for **verified defenders**. The rollout...
OpenAI upgrades GPT-5.5-Cyber and Codex Security plugin for vulnerability discovery and patching
Security Tool/Service
H score14
First: 23.06.2026 06:56
Last: 23.06.2026 06:56
Sources 1
About this happening:
OpenAI expanded **Daybreak** by releasing an improved **GPT-5.5-Cyber** model and updating the **Codex Security plugin**, giving **trusted defenders** faster tooling for **finding...
OpenAI upgrades GPT-5.5-Cyber and Codex Security plugin for vulnerability discovery and patching
Security Tool/ServiceAbout this happening: OpenAI expanded **Daybreak** by releasing an improved **GPT-5.5-Cyber** model and updating the **Codex Security plugin**, giving **trusted defenders** faster tooling for **finding...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch Release
H score32
First: 17.06.2026 20:36
Last: 17.06.2026 20:36
Sources 1
About this happening:
**Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch ReleaseAbout this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Latest development: 09.07.2026 11:48
Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.
Timeline
-
15.04.2026 00:22 1 articles · 2mo ago
Microsoft April 2026 Patch Tuesday release
Mitigation Patch UpdateMicrosoft's April 2026 Patch Tuesday delivered patches for 165 CVEs, including CVE-2026-32201, an actively exploited spoofing flaw in Microsoft SharePoint Server that can let attackers view and modify sensitive information, and CVE-2026-33825, a publicly disclosed Defender antimalware platform flaw with proof-of-concept code. The update also covered critical fixes for CVE-2026-33824 in Windows Internet Key Exchange (IKE) Service Extensions, CVE-2026-33827 in Windows secure tunneling and authentication components, and nearly 80 republished Microsoft Edge and Chromium patches.
Show sources
- Privilege Elevation Dominates Massive Microsoft Patch Update — www.darkreading.com — 15.04.2026 00:22
-
15.04.2026 00:22 2 articles · 2mo ago
Microsoft flags exploitation risk and hardening steps
Technical Analysis UpdateMicrosoft assessed 19 newly disclosed vulnerabilities as more likely to be exploited, and researchers warned that CVE-2026-33825 could be chained with other exploits to expand initial access and gain system-level control on vulnerable endpoints. Microsoft said Defender instances with automatic updates were already protected, while organizations that do not use IKE should block UDP ports 500 and 4500 and required IKE deployments should restrict inbound traffic to known peer addresses.
Show sources
- Privilege Elevation Dominates Massive Microsoft Patch Update — www.darkreading.com — 15.04.2026 00:22
- Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday — thehackernews.com — 13.05.2026 16:46