India, April 28 -- Microsoft has confirmed that CVE-2026-32202, a Windows Shell spoofing vulnerability, is being actively exploited and has therefore become a greater alert to enterprise defenders about this vulnerability than originally intended. While the more serious concern of this vulnerability is not necessarily taking over a system, the exposure of credentials associated with the systems will allow for more effective access to the network from where they can move deeper into the network undetected.

According to Microsoft, the vulnerability was revealed on April 12, 2026, with the release of their updated advisory on April 27, 2026. The advisory indicated changes to its status of exploitability, its exploited flag, and to its CVSS ...