April 2026 Windows Update — 167 Fixes and 2 Zero-Days, Install It Now

18 April 2026 3 min read

Microsoft shipped 167 security fixes on 14 April. Eight Critical. Two zero-days already being used in the wild. Install now, then read on.

167

vulnerabilities patched this month8 Critical (7 remote code execution, 1 denial-of-service), plus 2 actively exploited zero-days. One of the biggest Patch Tuesdays Microsoft has shipped in over a year.

The two zero-days

Both are being used in real attacks. Every day without the patch, your PC is vulnerable.

2 zero-days, actively exploited

CVE-2026-32201: SharePoint spoofing. Attacker impersonates a trusted source, accesses confidential data, modifies files. Business-focused, but anyone using SharePoint or OneDrive for Business should care.

CVE-2026-33825: Defender privilege escalation. An attacker already on the machine promotes to full SYSTEM access. Fixed in Defender Antimalware Platform 4.18.26050.3011. Most PCs have it already.

Three other Critical flaws worth knowing

CVE-2026-33824, Windows IKE. Remote code execution over the network. No login required. Hostile Wi-Fi is enough.
CVE-2026-33827, TCP/IP race condition. Flaw in Windows' core networking stack. Rare and serious.
Word and Excel preview-pane RCE. Malicious document runs code when previewed in Outlook or File Explorer. No clicking needed.

The last one is why "I don't click dodgy links" isn't enough in 2026. You don't have to click. You just have to look.

How to install

Settings → Windows Update
Check for updates
Wait 10-30 minutes
Restart when prompted, not two days later

Quick check: The Windows 11 cumulative this month is KB5083769 (24H2 and 25H2). Look in Update history to confirm it's installed.

Bonus: .rdp phishing is now blocked

Scammers have been emailing Remote Desktop shortcut files to trick people into connecting to attacker-controlled machines. After this update, Windows is much more cautious about what those files can do.

Windows 10 (if you're still there)

This month's Windows 10 patch is KB5082200. You only get it if you're on the free Extended Security Updates programme. See the Windows 10 end-of-life guide for how to enrol. Free ESU expires October 2026. After that it's pay or upgrade.

If Windows Update itself is broken

A PC that can't update can't protect itself. The usual culprits are low disk space, corrupted update files, or another antivirus clashing with Defender. I've covered the fixes in my common PC problems post. If storage is the bottleneck, speeding up a slow Windows 11 PC has that covered too.

If you want the full technical breakdown, Bleeping Computer covers every CVE and Krebs on Security analyses which ones matter most.

Mark

Mark has been fixing computers since the late '90s and went self-employed in 2008. Based in St Helens since 2013, he works evenings and weekends from his home in Laffak — friendly, affordable repairs for PCs, laptops, and Macs. See reviews on Google

Updates failing or something not right?

If Windows Update is stuck, your PC is running worse since you installed, or you're not sure you're protected — get in touch and I'll sort it.

★★★★★

"I cant fault this guy. Fit me in speedily and resolved the issue. Had another issue once I got home and he did fixed that too. Would defo use again."
— Melanie Atherton, via Google

WhatsApp Me Call 07428 101010