Serial number: AV26-352
Date: April 14, 2026
On April 14, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- .NET 10.0 installed on Linux
- .NET 10.0 installed on Mac OS
- .NET 10.0 installed on Windows
- .NET 8.0 installed on Linux
- .NET 8.0 installed on Mac OS
- .NET 8.0 installed on Windows
- .NET 9.0 installed on Linux
- .NET 9.0 installed on Mac OS
- .NET 9.0 installed on Windows
- Azure Logic Apps
- Azure Monitor Agent
- Microsoft .NET Framework
- Microsoft .NET Framework 3.5 AND 4.8.1
- Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
- Microsoft 365 Apps for Enterprise
- Microsoft Defender Antimalware Platform
- Microsoft Dynamics 365
- Microsoft Excel 2016
- Microsoft HPC Pack 2019
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft Power Apps
- Microsoft PowerPoint 2016
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Visual Studio 2022
- Microsoft Visual Studio Code CoPilot Chat Extension
- Office Online Server
- PowerShell
- Remote Desktop client for Windows Desktop
- Windows 10
- Windows 11
- Windows Admin Center
- Windows App Client for Windows Desktop
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-32201 has been exploited.
On April 14, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-32201 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.