Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Key Points:

• Microsoft has released patches for 169 vulnerabilities, including the actively exploited CVE-2026-32201, a spoofing vulnerability in SharePoint Server.
• The impact of CVE-2026-32201 allows unauthorized attackers to manipulate information presentation, potentially deceiving users, while CVE-2026-33824 poses a critical risk with a CVSS score of 9.8, enabling remote code execution via specially crafted packets.
• Immediate patching is recommended for all affected systems, especially those with IKEv2 services exposed to untrusted networks.

Technical Details: CVE-2026-32201 exploits improper input validation in SharePoint, allowing spoofing attacks. CVE-2026-33824 requires sending crafted packets to exploit IKE v2 services for remote code execution.

MITRE ATT&CK Techniques:

• T1203 - Exploitation for Client Execution (Execution)
• T1068 - Exploit Public-Facing Application (Initial Access)

IOCs Mentioned: None mentioned