April 2026 Patch Tuesday patches 167 Microsoft flaws, including a SharePoint zero-day under active attack and a Windows Defender bug named BlueHammer.
- Microsoft fixes 167 vulnerabilities in April 2026 Patch Tuesday
- SharePoint Server zero-day CVE-2026-32201 is already under attack
- Windows Defender bug BlueHammer allows privilege escalation
Microsoft dropped its monthly batch of security fixes today, patching 167 vulnerabilities across Windows, Office, and other products. The April 2026 Patch Tuesday release includes two zero-days attackers are already exploiting. The first is CVE-2026-32201 in Microsoft SharePoint Server, which lets attackers spoof trusted content or interfaces over a network. That means a fake invoice or internal memo could look real inside a company’s SharePoint site, tricking employees into taking dangerous actions.
Redmond is urging customers to install these updates immediately. Mike Walters, president and co-founder of Action1, says the SharePoint flaw can enable phishing attacks, unauthorized data changes, or social engineering scams that lead to deeper breaches. “This isn’t just a technical bug,” Walters said. “It’s a way to deceive people who trust their own company’s systems.”
Also on the hit list is CVE-2026-33825, nicknamed BlueHammer, a privilege-escalation bug in Windows Defender. Attackers who already have limited access to a system could use this flaw to gain full control. Microsoft rates BlueHammer as “important,” but experts warn it’s dangerous in the wrong hands.
Google Chrome pushed its own emergency update today, marking its fourth zero-day fix of 2026. The flaw, tracked as CVE-2026-31432, allows attackers to execute malicious code when users visit a specially crafted website. Chrome users should update immediately to avoid falling victim.
Adobe wasn’t far behind. The company issued an out-of-band update for Adobe Reader to fix CVE-2026-2907, a flaw attackers are actively exploiting to run remote code on victims’ machines. The bug lets attackers execute programs without the user’s knowledge, which is about as bad as it gets for PDF users.
Security teams have their hands full. Walters advises companies to prioritize the SharePoint and Adobe Reader fixes first because attackers are already using those flaws. “Don’t wait for your regular patch cycle,” he said. “These are being weaponized right now.”
The timing couldn’t be worse for IT departments. Many organizations are still dealing with fallout from last month’s Microsoft Exchange Server bugs, and now they have to scramble again. Walters expects more attacks to emerge targeting the newly patched flaws as details become public.
For individual users, the message is simple: update everything as soon as possible. Microsoft, Google, and Adobe releases usually arrive automatically, but it’s worth double-checking your devices. The more systems you update, the harder you make it for attackers to find an open door.
What You Need to Know
- Source: Krebs on Security
- Published: April 14, 2026 at 21:47 UTC
- Category: Security
- Topics: #krebs · #security · #cybersecurity · #vulnerability · #patch-tuesday · #april
Read the Full Story
This is a curated summary. For the complete article, original data, quotes and full analysis:
All reporting rights belong to the respective author(s) at Krebs on Security. GlobalBR News summarizes publicly available content to help readers discover the most relevant global news.
Curated by GlobalBR News · April 14, 2026
🇧🇷 Resumo em Português
O Brasil acorda para mais um alerta vermelho no mundo digital: a gigante Microsoft acaba de lançar seu Patch Tuesday de abril de 2026, corrigindo nada menos que 167 falhas de segurança — entre elas, um perigoso zero-day no SharePoint já sendo explorado por cibercriminosos e uma vulnerabilidade crítica no Windows Defender, batizada de BlueHammer, que afeta milhões de usuários no país.
A relevância dessa atualização para o Brasil não pode ser subestimada. Com um cenário de ciberataques cada vez mais sofisticado — especialmente contra empresas e órgãos públicos —, a exploração de uma brecha no SharePoint pode significar o roubo de dados sensíveis ou até mesmo a infecção em massa de sistemas governamentais e corporativos. O BlueHammer, por sua vez, expõe usuários domésticos e pequenas empresas a riscos como sequestro de arquivos e espionagem, uma vez que o Windows Defender é a principal linha de defesa de milhões de brasileiros. Especialistas já alertam: ignorar esses patches pode transformar computadores em alvos fáceis para quadrilhas especializadas em ransomware e phishing, comuns no país.
A Microsoft recomenda que todos os usuários — de empresas a cidadãos comuns — atualizem seus sistemas imediatamente, enquanto órgãos de segurança digital, como a SaferNet Brasil e a CERT.br, devem reforçar campanhas de conscientização para evitar uma onda de ataques nos próximos dias.
Krebs on Security
Read full article at Krebs on Security →This post is a curated summary. All rights belong to the original author(s) and Krebs on Security.
Was this article helpful?
Discussion