Microsoft fixes record 167 security vulnerabilities in April Patch Tuesday

Microsoft pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software this month, marking the second-biggest Patch Tuesday ever. The April 2026 updates include patches for a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution. Microsoft warns that attackers are already targeting CVE-2026-32201, a vulnerability in Microsoft SharePoint Server that allows attackers to spoof trusted content or interfaces over a network. Mike Walters, president and co-founder of Action1, said CVE-2026-32201 can be used to deceive employees, partners, or customers Microsoft also addressed BlueHammer (CVE-2026-33825), a privilege escalation bug in Windows Defender. According to BleepingComputer, the researcher who discovered the flaw published exploit code for it after notifying Microsoft and growing exasperated with their response. Will Dormann, senior principal vulnerability analyst at Tharros, confirmed that the public BlueHammer exploit code no longer works after installing today's patches. Satnam Narang, senior staff research engineer at Tenable, said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11. CVE-2026-34621. has seen active exploitation since at least November 2025. Adam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today "a new record in that category" because it includes nearly 60 browser vulnerabilities. Barnett said it might be tempting to imagine that this sudden spike was tied to the buzz around Project Glasswing. a much-hyped but still unreleased new AI capability from Anthropic that is reportedly good at finding bugs. But he notes that Microsoft Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday. "A safe conclusion is that this increase in volume is driven