Microsoft drops its second-largest monthly batch of defects on record

Key Points:

• Microsoft disclosed a zero-day vulnerability (CVE-2026-32201) in Office SharePoint that allows unauthenticated attackers to view and modify sensitive information.
• The vulnerability has a CVSS score of 6.5 and is actively exploited, posing a significant risk to organizations using SharePoint. Additionally, another high-severity vulnerability (CVE-2026-33825) in Microsoft Defender could allow local privilege escalation, leading to potential full system control.
• Immediate patching of these vulnerabilities is recommended, especially for systems running Microsoft Office SharePoint and Defender. Organizations should also monitor for any signs of exploitation.

Technical Details: CVE-2026-32201 allows spoofing attacks through improper input validation in SharePoint, while CVE-2026-33825 enables unauthorized local privilege escalation.

MITRE ATT&CK Techniques:

• T1078 - Valid Accounts (Defense Evasion, Privilege Escalation)
• T1068 - Exploit Public-Facing Application (Initial Access)

IOCs Mentioned: None mentioned