Close Menu
geekfence.comgeekfence.com
    What's Hot

    I Use One UI 9 Daily – This Hidden Feature is a Game-changer

    July 6, 2026

    The Science Behind Why Soccer Players at the 2026 World Cup Are Cutting Their Socks

    July 6, 2026

    Expanding our Heat Resilience data to 50+ global cities

    July 6, 2026
    Facebook X (Twitter) Instagram
    • About Us
    • Contact Us
    Facebook Instagram
    geekfence.comgeekfence.com
    • Home
    • UK Tech News
    • AI
    • Big Data
    • Cyber Security
      • Cloud Computing
      • iOS Development
    • IoT
    • Mobile
    • Software
      • Software Development
      • Software Engineering
    • Technology
      • Green Technology
      • Nanotechnology
    • Telecom
    geekfence.comgeekfence.com
    Home»Cyber Security»Patch Tuesday, April 2026 Edition – Krebs on Security
    Cyber Security

    Patch Tuesday, April 2026 Edition – Krebs on Security

    AdminBy AdminApril 17, 2026No Comments3 Mins Read9 Views
    Facebook Twitter Pinterest LinkedIn Telegram Tumblr Email
    Patch Tuesday, April 2026 Edition – Krebs on Security
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution.

    Patch Tuesday, April 2026 Edition – Krebs on Security

    Redmond warns that attackers are already targeting CVE-2026-32201, a vulnerability in Microsoft SharePoint Server that allows attackers to spoof trusted content or interfaces over a network.

    Mike Walters, president and co-founder of Action1, said CVE-2026-32201 can be used to deceive employees, partners, or customers by presenting falsified information within trusted SharePoint environments.

    “This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said. “The presence of active exploitation significantly increases organizational risk.”

    Microsoft also addressed BlueHammer (CVE-2026-33825), a privilege escalation bug in Windows Defender. According to BleepingComputer, the researcher who discovered the flaw published exploit code for it after notifying Microsoft and growing exasperated with their response. Will Dormann, senior principal vulnerability analyst at Tharros, says he confirmed that the public BlueHammer exploit code no longer works after installing today’s patches.

    Satnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for Microsoft. Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.

    Adam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities. Barnett said it might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing — a much-hyped but still unreleased new AI capability from Anthropic that is reportedly quite good at finding bugs in a vast array of software.

    But he notes that Microsoft Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday.

    “A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities,” Barnett said. “We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability.”

    Finally, no matter what browser you use to surf the web, it’s important to completely close out and restart the browser periodically. This is really easy to put off (especially if you have a bajillion tabs open at any time) but it’s the only way to ensure that any available updates get installed. For example, a Google Chrome update released earlier this month fixed 21 security holes, including the high-severity zero-day flaw CVE-2026-5281.

    For a clickable, per-patch breakdown, check out the SANS Internet Storm Center Patch Tuesday roundup. Running into problems applying any of these updates? Leave a note about it in the comments below and there’s a decent chance someone here will pipe in with a solution.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

    July 5, 2026

    FBI Seizes NetNut Proxy Platform, Popa Botnet – Krebs on Security

    July 4, 2026

    This month in security with Tony Anscombe – June 2026 edition

    July 3, 2026

    Getty Scraps $3.7B Shutterstock Merger After UK Curbs

    July 2, 2026

    Findings Report from the SOC at RSAC 2026 Conference

    July 1, 2026

    USB drives carrying China-linked malware infected Japanese military networks for nearly a year

    June 30, 2026
    Top Posts

    Understanding U-Net Architecture in Deep Learning

    November 25, 202559 Views

    Hard-braking events as indicators of road segment crash risk

    January 14, 202631 Views

    Redefining AI efficiency with extreme compression

    March 25, 202628 Views
    Don't Miss

    I Use One UI 9 Daily – This Hidden Feature is a Game-changer

    July 6, 2026

    What’s the actual point of One UI 9? Before I installed the beta of Samsung’s…

    The Science Behind Why Soccer Players at the 2026 World Cup Are Cutting Their Socks

    July 6, 2026

    Expanding our Heat Resilience data to 50+ global cities

    July 6, 2026

    Fable 5 Returns, Sonnet 5 Gets Cheaper, But European Banks Still Can’t Deploy Either on Azure |

    July 6, 2026
    Stay In Touch
    • Facebook
    • Instagram
    About Us

    At GeekFence, we are a team of tech-enthusiasts, industry watchers and content creators who believe that technology isn’t just about gadgets—it’s about how innovation transforms our lives, work and society. We’ve come together to build a place where readers, thinkers and industry insiders can converge to explore what’s next in tech.

    Our Picks

    I Use One UI 9 Daily – This Hidden Feature is a Game-changer

    July 6, 2026

    The Science Behind Why Soccer Players at the 2026 World Cup Are Cutting Their Socks

    July 6, 2026

    Subscribe to Updates

    Please enable JavaScript in your browser to complete this form.
    Loading
    • About Us
    • Contact Us
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 Geekfence.All Rigt Reserved.

    Type above and press Enter to search. Press Esc to cancel.