Microsoft issued a fix for CVE-2026-33825 on Tuesday, a Microsoft Defender privilege-escalation bug that had been publicly disclosed and linked by security researchers to BlueHammer, the proof-of-concept exploit that surfaced online earlier this month. That patch landed as part of Microsoft’s April Patch Tuesday update, which also included a security fix for SharePoint—CVE-2026-32201. According to Microsoft, attackers had already started exploiting that SharePoint vulnerability. This one’s significant: BlueHammer allowed attackers with existing access to escalate to SYSTEM, the highest level on Windows machines. With public exploit code out before any patch was ready, the debate among researchers quickly took a back seat. Suddenly, every unpatched endpoint faced a real threat.