Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Monthly Patch

April 2026 Monthly Patch

15 April 2026

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://msrc.microsoft.com/update-guide/en-us/releaseNote/2026-Apr

CRITICAL VULNERABILITIES

Table caption

CVE Number

CVE Name

Base Score

Reference

CVE-2026-33824

Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

9.8

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33824

CVE-2026-27143

Missing bound checks can lead to memory corruption in safe Go in cmd/compile

9.8

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27143

CVE-2026-27140

Code execution vulnerability in SWIG code generation in cmd/go

9.8

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-27140

CVE-2026-32157

Remote Desktop Client Remote Code Execution Vulnerability

8.8

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32157

CVE-2026-33115

Microsoft Word Remote Code Execution Vulnerability

8.4

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33115

CVE-2026-33114

Microsoft Word Remote Code Execution Vulnerability

8.4

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33114

CVE-2026-32190

Microsoft Office Remote Code Execution Vulnerability

8.4

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32190

CVE-2026-33827

Windows TCP/IP Remote Code Execution Vulnerability

8.1

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33827

CVE-2026-33826

Windows Active Directory Remote Code Execution Vulnerability

8.0

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-33826

CVE-2026-23666

.NET Framework Denial of Service Vulnerability

7.5

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23666

Back to top