Microsoft and CISA disclosed active exploitation of CVE-2026-32202, a Windows Shell authentication coercion flaw enabling sensitive information disclosure via network spoofing. The vulnerability stems from an incomplete patch for CVE-2026-21510, previously exploited by Russian state-sponsored actors (APT28). CISA added the flaw to its Known Exploited Vulnerabilities catalog with a May 12 deadline for federal agencies to patch.
Safety
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Russian state-sponsored actors are actively exploiting CVE-2026-32202, a Windows flaw that escaped Microsoft's incomplete patch for the same vulnerability class, forcing a May 12 federal agency deadline.
Thursday, April 30, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety