Forwarded from the National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202604-00000009
[Content Description]
Microsoft has released its April 2026 security update, patching 165 vulnerabilities, including 8 high-risk vulnerabilities and 1 already exploited vulnerability. Please identify and patch them as soon as possible.
[Influence Platform]
Impact Platform-System
Azure Logic Apps
Microsoft Power App
Remote Desktop Client
SQL Server
NET
NET Framework
NET and Visual Studio
NET, .NET Framework, Visual Studio
Applocker Filter Driver (applockerfltr.sys)
Azure Monitor Agent
Desktop Window Manager
Function Discovery Service (fdwsd.dll)
GitHub Copilot and Visual Studio Code
Impact Platform-Software
Windows Advanced Rasterization Platform
Windows IKE Extension
Windows Push Notifications
Windows Shell
Microsoft Brokering File System
Microsoft Defender
Microsoft Dynamics 365 (on-premises)
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft High Performance Compute Pack (HPC)
Microsoft Management Console
Microsoft Office
Microsoft Office Excel
Microsoft Office PowerPoint
Microsoft Office SharePoint
Microsoft Office Word
Microsoft PowerShell
Microsoft Windows
Microsoft Windows Search Component
Microsoft Windows Speech
Role: Windows Hyper-V
Universal Plug and Play (upnp.dll)
Windows Active Directory
Windows Admin Center
Windows Ancillary Function Driver for WinSock
Windows Biometric Service
Windows BitLocker
Windows Boot Loader
Windows Boot Manager
Windows COM
Windows Client Side Caching driver (csc.sys)
Windows Cloud Files Mini Filter Driver
Windows Common Log File System Driver
Windows Container Isolation FS Filter Driver
Windows Cryptographic Services
Windows Encrypting File System (EFS)
Windows File Explorer
Windows GDI
WindowsHTTP.sys
Windows Hello
Windows Installer
Windows Kerberos
Windows Kernel
Windows Kernel Memory
WindowsLUAFV
Windows Local Security Authority Subsystem Service (LSASS)
Windows Management Services
Windows OLE
Windows Print Spooler Components
Windows Projected File System
Windows RPC API
Windows Recovery Environment Agent
Windows Redirected Drive Buffering
Windows Remote Desktop
Windows Remote Desktop Licensing Service
Windows Remote Procedure Call
Windows SSDP Service
Windows Sensor Data Service
Windows Snipping Tool
Windows Speech Brokered API
Windows Storage Spaces Controller
Windows TCP/IP
Windows TDI Translation Driver (tdx.sys)
Windows USB Print Driver
Windows Universal Plug and Play (UPnP) Device Host
Windows User Interface Core
Windows User Interface Core
Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)
Windows WalletService
Windows Win32K - GRFX
Windows Win32K - ICOMP
[Recommended Actions]
Microsoft has released a patch for this vulnerability. Organizations are advised to contact their system maintenance vendors or refer to the following link: https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
[References]
1. https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr