Microsoft has released a massive security update containing 165 new Common Vulnerabilities and Exposures (CVEs), including one flaw currently under active attack.
According to go.theregister.com, attackers are already exploiting a spoofing vulnerability in Microsoft SharePoint Server known as CVE-2026-32201. The flaw involves improper input validation that allows unauthorized users to perform spoofing over a network.
This exploit enables attackers to view sensitive information and modify disclosed data. Mike Walters, president and cofounder of patch management provider Action1, told the outlet that the bug can be used to manipulate how information is presented to users, potentially tricking them into trusting malicious content.
Walters added that the flaw lets attackers "fake trust at scale: what looks legitimate may actually be a carefully crafted deception." He noted that the bug can facilitate phishing attacks, unauthorized data manipulation, or social engineering campaigns.
Rise in AI-driven bug discovery
This monthly patch cycle represents Microsoft's second-largest monthly CVE release ever, according to Dustin Childs of the Zero Day Initiative. Childs suggested that the massive volume of vulnerabilities might be linked to an increase in submissions found by AI tools.
Microsoft confirmed that its security response team, MSRC, credited one vulnerability to an Anthropic researcher using the Claude AI model. While the company stated that today's release does not reflect a significant increase in AI-driven discoveries, the presence of AI-assisted research is notable.
Beyond the active exploit, one other bug, CVE-2026-33825, was already publicly known at the time of the update release.
