Microsoft's April 2026 security release landed on the 14th with 165 Microsoft CVEs plus 82 third-party advisories bundled under the same release banner — 247 items to triage in one sitting. For MSPs managing Windows fleets, the problem is volume: nobody reads 247 CVEs cover-to-cover.

The one that should move to the top of every patch cycle this week is CVE-2026-33824 — a remote code execution vulnerability in the Windows Internet Key Exchange (IKE) service extensions. It carries CVSS 9.8, requires no authentication, and is exploitable over the network. Any host running Windows IKE — Windows Servers serving IPsec tunnels, VPN concentrators built on Windows, endpoints with IPsec policies applied — is exposed until patched. The MSRC advisory is the authoritative source, and the fix ships in the April cumulative update for every supported Windows version.

Four other items deserve same-week attention:

• CVE-2026-40175 (CVSS 10.0) — an Axios library prototype-pollution gadget chain that escalates to remote code execution and AWS IMDSv2 cloud-credential compromise. Fixed in Axios 1.15.0 and 0.31.0. This surfaces in MSRC because several Microsoft components ship Axios as an upstream dependency. NVD entry.
• CVE-2025-6965 (CVSS 9.8) — a SQLite memory-corruption bug where the aggregate-term count can exceed the column count; fixed upstream in SQLite 3.50.2 and patched by Microsoft across every Windows SKU that bundles SQLite. NVD entry.
• CVE-2026-27143 (CVSS 9.8) and CVE-2026-27140 (CVSS 8.8) — two Go toolchain issues. The first is a runtime memory-corruption bug from unvalidated arithmetic over loop induction variables. The second is a build-time code-smuggling flaw in SWIG/CGO file handling that allows arbitrary code execution at compile time. Microsoft products built with the Go compiler pick up both fixes through the April release.
• CVE-2026-26149 (CVSS 9.0) — a Power Apps security feature bypass via improperly neutralized escape, meta, or control sequences, exploitable over the network by an authorized attacker. NVD entry.

The full release manifest is in the CVRF document. The working assumption for the month should be "review every High, patch every Critical this week" — and the way to build that list is to filter the CVRF JSON against your actual product footprint, not to read CVE titles sequentially in the MSRC web UI.

One CVE in this release is already on the CISA Known Exploited Vulnerabilities catalog: CVE-2026-32201 in SharePoint Server, which CISA added the same day as the MSRC release. Same-day KEV additions are the signal CISA uses when it has observed active exploitation. If you run on-prem SharePoint Server, treat this as a same-week patch even though the CVSS is lower than the headline items.

Concrete action this week:

1. Deploy the April cumulative update to every Windows host by Friday. Prioritize any host serving IPsec traffic for CVE-2026-33824.
2. Audit your SharePoint Server tenants against CVE-2026-32201 — on-prem SharePoint is a same-day patch.
3. If your patching workflow still starts with the MSRC Update Guide web UI, switch to the CVRF API for this release. 369 CVEs is the month to do triage right.

Volume isn't the story for April. Microsoft has shipped 200+ CVE months before. The story is that the release coincides with a ten-CVE KEV week — well above CISA's usual two-to-four cadence — including three fresh 2026 CVEs affecting Microsoft, Fortinet, and Adobe, and the overlap makes the triage work heavier than the raw numbers suggest. Start with the CVEs highest by CVSS, intersect with your actual product footprint, and accept that whatever's left is next month's backlog.

Brief 1 — Fortinet FortiClient EMS SQL injection (CVE-2026-21643)

CISA added this one to the Known Exploited Vulnerabilities catalog on April 13 with a remediation due date of April 16 — a three-day window CISA reserves for confirmed in-the-wild exploitation.

If you run FortiClient EMS to manage VPN clients or endpoint policies, patch this week. The vulnerability is an unauthenticated SQL injection in the EMS web interface that allows attackers to execute arbitrary commands via crafted HTTP requests. Unauthenticated SQLi in a management console is the class of bug that shows up in ransomware initial-access chains.

Action: upgrade to the patched EMS version listed in the Fortinet PSIRT advisory for this CVE. FortiClient EMS versions 7.4.0 through 7.4.4 are affected per the NVD record. If you can't patch immediately, isolate the EMS management interface from the internet. Management planes should not be internet-reachable. NVD entry.

Brief 2 — CISA KEV added 10 CVEs in one week, including historical back-dates

The CISA KEV catalog normally adds 2–4 CVEs a week. This week it added ten. Three are fresh 2026 discoveries — Fortinet (Brief 1), SharePoint (covered in the lead), and Adobe Acrobat (Brief 5). The rest are historical catch-ups, including: Microsoft Office RCE from 2009 (CVE-2009-0238), Microsoft VBA insecure library loading from 2012 (CVE-2012-1854), Adobe Acrobat use-after-free from 2020 (CVE-2020-9715), Exchange Server deserialization from 2023 (CVE-2023-21529), Windows CLFS out-of-bounds read from 2023 (CVE-2023-36424), and Windows link-following from 2025 (CVE-2025-60710).

Action: if you run KEV-driven vulnerability management, audit that your scanner picked up all the historical adds and your current systems are patched against them. The Exchange and CLFS entries are the ones most likely to still be unremediated on older on-prem deployments.

Brief 3 — Chrome 147 stable ships 31 security fixes

Google shipped Chrome stable channel 147.0.7727.101 (Linux) and 147.0.7727.102 (Windows/Mac) this week with 31 security fixes. Per Google's standard practice, full vulnerability details are withheld until most users have updated — the Chrome Releases blog lists the CVE IDs without deep technical detail for this release.

If you manage endpoints with Chrome deployed (which is most of them), this is a force-update-this-week release. Microsoft Edge will pull in the same Chromium fixes on its own update cadence — expect the Edge patch within a few days.

Action: push the Chrome update via your RMM, Intune, or GPO policy. Set the minimum version to 147.0.7727.101 (Linux) / 147.0.7727.102 (Windows/Mac) and block older versions from authenticating to internal apps via Conditional Access device compliance if your tenant supports it.

Brief 4 — Managing client tenants without GDAP: the non-CSP MSP question

This week's top r/msp discussion is from an IT services provider that sells M365 through direct-purchase rather than the CSP program and is trying to figure out the right way to access client tenants without being a Cloud Solution Provider.

The short answer: Granular Delegated Admin Privileges (GDAP) is the current Microsoft-recommended path and works without full CSP enrollment. Customers grant specific Entra roles to your partner tenant for a bounded duration, the access appears in their audit log, and you can scope it to least-privilege. The older Delegated Admin Privileges (DAP) model is being phased out in favor of GDAP.

Action: if you manage client tenants via per-tenant admin accounts (break-glass accounts on the client side), migrate to GDAP. Document the GDAP relationships per client in your PSA so the access review trail is clear. Review contract language to make sure GDAP grants are referenced as an access mechanism.

Brief 5 — Adobe Acrobat and Reader prototype pollution (CVE-2026-34621)

Adobe added this one to their April security bulletin and CISA added it to KEV on April 13 with a due date of April 27. Prototype pollution in the PDF JavaScript engine allows attackers to execute arbitrary code when a user opens a crafted PDF. The attack surface is every device that renders PDFs.

Action: deploy the Acrobat and Reader updates via your endpoint management tool this week. For layered defense, disable JavaScript in Reader via the registry policy bDisableJavaScript. Most PDF workflows don't use it. NVD entry.

Brief 6 — r/sysadmin reports RDP login dialog changes after the April update

The top r/sysadmin post of the week is from an MSP operator whose client reported that RDP looked "hacked" because the login dialog changed overnight after the April cumulative update. Per the thread, the changes include new caution messaging on unverified hosts, updated verbiage on the credential prompt, and a new checkbox for saved credential behavior. Microsoft has not documented this in the release health dashboard yet, so treat it as community-reported rather than officially confirmed.

This is not a security story. It's a client communication story.

Action: send a proactive note to clients that use RDP (either direct or via RD Gateway) that they may see new warnings on the credential prompt after the April cumulative update, and the warnings are expected behavior if the change is real. Get ahead of the support tickets. Track the Windows release health dashboard for an official note on the change.

Brief 7 — Purview DLP enforces "Shadow AI" controls via Edge for Business and network data security

If you run Purview DLP on behalf of clients dealing with employees pasting sensitive data into generative AI apps, Microsoft has two enforcement surfaces available. Per the Microsoft Purview DLP overview, DLP policies now cover inline web traffic — both via Edge for Business on managed and unmanaged Windows devices and via Network Data Security — and target the usual suspects (OpenAI ChatGPT, Google Gemini, DeepSeek, Microsoft Copilot) plus the 34,000+ cloud apps in the Defender for Cloud Apps catalog. The previous model required per-app URL blocking and didn't catch every variant.

Action: if you run Purview on an E5 tenant, add an AI category policy to your DLP ruleset. Review which AI apps your clients' employees actually use via Defender for Cloud Apps discovery reports before you enforce — false-positive blocks on approved tools drive shadow-IT workarounds and erode DLP adoption.

Brief 8 — GitLab April patch cluster: 18.8.9 / 18.9.5 / 18.10.3 across the three self-managed branches

GitLab shipped a patch-release cluster on April 8 covering versions 18.8.9, 18.9.5, and 18.10.3 — the three supported self-managed branches. The fixes span authentication, authorization, and privilege-escalation issues. See the GitLab patch release blog for the CVE list, severities, and affected versions before you schedule the upgrade.

Action: if you host GitLab for dev clients, upgrade every self-managed instance this week. After the upgrade, validate custom-role assignments — role-evaluation changes in security patches have historically surfaced misconfigurations that were previously invisible.

Brief 9 — The community wisdom brief: don't tie your password manager to SSO

One r/sysadmin thread this week is worth pulling out for the operational lesson. An MSP operator ran a disaster recovery tabletop exercise simulating an Entra ID outage and discovered that their password manager — which they had configured for SSO via SAML — became completely unreachable the moment the identity provider went down. Every credential they needed to start recovery was behind the locked door.

The fix is to make sure your break-glass path doesn't depend on the systems you're trying to recover.

Action: review your own MSP's disaster recovery runbook and confirm the password manager has an independent authentication path — either a local vault with a hardware-key emergency login, or a separate non-SSO admin account for recovery. Test the path quarterly. The emergency access guidance in Microsoft's docs is written for Entra but the principle applies to every SaaS tool you depend on.

Brief 10 — Purview Endpoint DLP extending to Copilot+PC Recall snapshots (GA May 2026)

Microsoft announced on the M365 Roadmap that Endpoint DLP coverage is being extended to Recall snapshots on Copilot+PC devices. Recall captures periodic screenshots of the user's screen to power its retrieval features, and until now those snapshots existed outside the DLP enforcement boundary — meaning a DLP policy that blocked data from being copied to a USB drive would not stop the same data being captured in a Recall snapshot on the same device.

The feature reaches GA in May 2026.

Action: if any client has deployed Copilot+PCs (or plans to in the next quarter), plan a Recall-specific DLP policy as part of the rollout. Clients handling regulated data should disable Recall entirely via the Copilot+PC policy. The announced DLP scope is additive coverage, not a replacement for that baseline.