Microsoft released patches for 110 security holes, 19 classified critical in severity and 88 considered important. The most dire of those flaws disclosed is arguably a Win32k elevation of privilege vulnerability (CVE-2021-28310) The vulnerability is actively being exploited in the wild by the cybercriminal group BITTER APT. Microsoft also included patches for its Chromium-based Edge web browser, Microsoft Office, SharePoint Server, Hyper-V, Team Foundation Server and Visual Studio. The U.S. National Security Agency released information on four critical Exchange Server vulnerabilities.
Source: https://threatpost.com/microsoft-april-patch-tuesday-zero-days/165393/