{"slug": "patch-tuesday-april-2026-edition", "title": "Patch Tuesday, April 2026 Edition", "summary": "Microsoft's April 2026 Patch Tuesday addressed a record 167 security vulnerabilities, including a SharePoint Server zero-day (CVE-2026-32201) already under active attack and a publicly disclosed Windows Defender privilege escalation bug called \"BlueHammer\" (CVE-2026-33825). Separately, Google Chrome fixed its fourth zero-day of 2026, and Adobe released an emergency patch for an actively exploited remote code execution flaw (CVE-2026-34621) that had been exploited since at least November 2025. Experts noted that the surge in vulnerabilities may be driven by expanding AI capabilities in bug discovery, and users are advised to fully restart their browsers to ensure updates are applied.", "body_md": "Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.\nRedmond warns that attackers are already targeting CVE-2026-32201, a vulnerability in Microsoft SharePoint Server that allows attackers to spoof trusted content or interfaces over a network.\nMike Walters, president and co-founder of Action1, said CVE-2026-32201 can be used to deceive employees, partners, or customers by presenting falsified information within trusted SharePoint environments.\n“This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said. “The presence of active exploitation significantly increases organizational risk.”\nMicrosoft also addressed BlueHammer (CVE-2026-33825), a privilege escalation bug in Windows Defender. According to BleepingComputer, the researcher who discovered the flaw published exploit code for it after notifying Microsoft and growing exasperated with their response. Will Dormann, senior principal vulnerability analyst at Tharros, says he confirmed that the public BlueHammer exploit code no longer works after installing today’s patches.\nSatnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for Microsoft. Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.\nAdam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities. Barnett said it might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing — a much-hyped but still unreleased new AI capability from Anthropic that is reportedly quite good at finding bugs in a vast array of software.\nBut he notes that Microsoft Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday.\n“A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities,” Barnett said. “We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability.”\nFinally, no matter what browser you use to surf the web, it’s important to completely close out and restart the browser periodically. This is really easy to put off (especially if you have a bajillion tabs open at any time) but it’s the only way to ensure that any available updates get installed. For example, a Google Chrome update released earlier this month fixed 21 security holes, including the high-severity zero-day flaw CVE-2026-5281.\nFor a clickable, per-patch breakdown, check out the SANS Internet Storm Center Patch Tuesday roundup. Running into problems applying any of these updates? Leave a note about it in the comments below and there’s a decent chance someone here will pipe in with a solution.", "url": "https://wpnews.pro/news/patch-tuesday-april-2026-edition", "canonical_source": "https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/", "published_at": "2026-04-14 21:47:59+00:00", "updated_at": "2026-05-22 09:42:53.450832+00:00", "lang": "en", "topics": ["cybersecurity"], "entities": ["Microsoft", "Google Chrome", "Adobe", "SharePoint Server", "Windows Defender", "Mike Walters", "Will Dormann", "Action1"], "alternates": {"html": "https://wpnews.pro/news/patch-tuesday-april-2026-edition", "markdown": "https://wpnews.pro/news/patch-tuesday-april-2026-edition.md", "text": "https://wpnews.pro/news/patch-tuesday-april-2026-edition.txt", "jsonld": "https://wpnews.pro/news/patch-tuesday-april-2026-edition.jsonld"}}