【Vulnerability Alert】Microsoft Released the April 2026 Security Updates

publish date : 2026-04-24 update date : 2026-04-24

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026041709043535 Publication Time 2026/04/17 09:01
Incident Type ANA-Vulnerability Alert Discovery Time 2026/04/17 09:01
Impact Level Medium  
[Subject]
【Vulnerability Alert】Microsoft Released the April 2026 Security Updates
[Content]
Forwarded from the National Institute of Cyber Security NISAC-200-202604-00000009

Microsoft has released the April 2026 security updates, addressing a total of 165 vulnerabilities, including 8 high-risk vulnerabilities and 1 vulnerability that has already been exploited. Please verify and apply the necessary patches as soon as possible.


(Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]

Affected Platforms - Systems
Azure Logic Apps
Microsoft Power App
Remote Desktop Client
SQL Server
.NET
.NET Framework
.NET and Visual Studio
.NET, .NET Framework, Visual Studio
AppLocker Filter Driver (applockerfltr.sys)
Azure Monitor Agent
Desktop Window Manager
Function Discovery Service (fdwsd.dll)
GitHub Copilot and Visual Studio Code

Affected Platforms - Software
Windows Advanced Rasterization Platform
Windows IKE Extension
Windows Push Notifications
Windows Shell
Microsoft Brokering File System
Microsoft Defender
Microsoft Dynamics 365 (on-premises)
Microsoft Edge (Chromium-based)
Microsoft Graphics Component
Microsoft High Performance Compute Pack (HPC)
Microsoft Management Console
Microsoft Office
Microsoft Office Excel
Microsoft Office PowerPoint
Microsoft Office SharePoint
Microsoft Office Word
Microsoft PowerShell
Microsoft Windows
Microsoft Windows Search Component
Microsoft Windows Speech
Role: Windows Hyper-V
Universal Plug and Play (upnp.dll)
Windows Active Directory
Windows Admin Center
Windows Ancillary Function Driver for WinSock
Windows Biometric Service
Windows BitLocker
Windows Boot Loader
Windows Boot Manager
Windows COM
Windows Client Side Caching Driver (csc.sys)
Windows Cloud Files Mini Filter Driver
Windows Common Log File System Driver
Windows Container Isolation FS Filter Driver
Windows Cryptographic Services
Windows Encrypting File System (EFS)
Windows File Explorer
Windows GDI
Windows HTTP.sys
Windows Hello
Windows Installer
Windows Kerberos
Windows Kernel
Windows Kernel Memory
Windows LUAFV
Windows Local Security Authority Subsystem Service (LSASS)
Windows Management Services
Windows OLE
Windows Print Spooler Components
Windows Projected File System
Windows RPC API
Windows Recovery Environment Agent
Windows Redirected Drive Buffering
Windows Remote Desktop
Windows Remote Desktop Licensing Service
Windows Remote Procedure Call
Windows SSDP Service
Windows Sensor Data Service
Windows Snipping Tool
Windows Speech Brokered API
Windows Storage Spaces Controller
Windows TCP/IP
Windows TDI Translation Driver (tdx.sys)
Windows USB Print Driver
Windows Universal Plug and Play (UPnP) Device Host
Windows User Interface Core
Windows User Interface Core
Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys)
Windows WalletService
Windows Win32K - GRFX
Windows Win32K - ICOMP
[Recommended Actions]

Microsoft has released remediation updates for these vulnerabilities. Organizations are advised to contact their system maintenance vendors or refer to the following link: https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
[Reference]
1. https://msrc.microsoft.com/update-guide/releaseNote/2026-Apr
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center