Microsoft's April 2026 Patch Tuesday addresses a record-breaking 167 security vulnerabilities, including an actively exploited SharePoint Server zero-day (CVE-2026-32201) enabling content spoofing and phishing, a SQL Server RCE flaw (CVE-2026-33120), and the publicly leaked Windows Defender privilege escalation bug 'BlueHammer' (CVE-2026-33825). Google Chrome patched its fourth zero-day of 2026, and Adobe issued an emergency fix for an actively exploited Adobe Reader RCE flaw (CVE-2026-34621) that has reportedly been exploited since November 2025. Security researchers note the spike in patch volume is likely driven by expanding AI-assisted vulnerability discovery capabilities.
Sort: