8 Critical April 2026 Security Patches You Need to Install Now

April 2026 has delivered one of the most intense Patch Tuesdays in recent memory. Microsoft, Google, and Adobe all released urgent updates to fix a staggering 167 vulnerabilities across Windows, Office, browsers, and productivity tools. Some flaws are already under active attack, and the scale of fixes—fueled in part by new AI-driven bug hunting—signals a dangerous new era for cyber threats. Here are the eight essential things you should know to keep your systems safe.

1. Record-Breaking 167 Vulnerabilities Patched by Microsoft

Microsoft’s April update broke its own record by addressing 167 security holes in Windows, Office, Edge, and other software. This total includes nearly 60 browser vulnerabilities, a significant spike compared to typical monthly releases. While some may suspect the rise is linked to the buzz around Anthropic’s new AI tool, Project Glasswing, security experts say the real driver is the increasing use of AI to find bugs. With AI models becoming more powerful, vulnerability discovery is accelerating—and organizations need to prioritize patching faster than ever.

2. SharePoint Server Zero-Day Under Active Exploitation

Among the most critical fixes is CVE-2026-32201, a Microsoft SharePoint Server spoofing vulnerability that attackers are already using in the wild. This flaw allows malicious actors to present fake content or interfaces within trusted SharePoint environments. Mike Walters of Action1 warns that it enables phishing, data manipulation, and social engineering attacks. If your organization uses SharePoint, this patch should be installed immediately—the exploit requires no authentication and can trick even cautious users.

3. Windows Defender 'BlueHammer' Bug Publicly Disclosed

A privilege escalation vulnerability in Windows Defender, nicknamed BlueHammer (CVE-2026-33825), was publicly released by a researcher after growing frustrated with Microsoft’s response. The exploit code initially worked, but Microsoft’s April patch neuters it. Will Dormann of Tharros confirmed that after applying the update, the public exploit no longer functions. However, the incident highlights ongoing frustration around disclosure timelines. Ensure your Windows Defender definitions and OS patches are fully up to date.

4. Adobe Reader Emergency Patch Fixes Actively Exploited Zero-Day

On April 11, Adobe released an emergency out-of-band update for CVE-2026-34621, a remote code execution flaw in Adobe Reader. Satnam Narang of Tenable notes that evidence suggests this vulnerability has been exploited since at least November 2025—meaning attackers have had a five-month head start. The flaw allows attackers to run arbitrary code on a victim’s machine simply by opening a malicious PDF. If you use Adobe Reader, install version 2026.001.20385 or later immediately.

5. Google Chrome Patches Fourth Zero-Day of 2026

Google Chrome also shipped a fix for its fourth zero-day vulnerability of the year. While specific details are limited to prevent further exploitation, the update addresses a high-severity issue that attackers actively leveraged. Chrome’s rapid patch cycle underscores the importance of keeping browsers updated—especially since browsers are prime targets for attackers seeking initial access. To protect yourself, ensure Chrome is set to update automatically and restart the browser after patches.

6. Project Glasswing AI Buzz vs. Reality

The announcement of Anthropic’s Project Glasswing—an unreleased AI tool touted as exceptional for finding software bugs—has sparked debate. Adam Barnett of Rapid7 notes that the spike in browser vulnerabilities might seem correlated, but the real cause is the Chromium engine’s broad researcher acknowledgment. Still, Barnett believes “this increase in volume is driven by ever-expanding AI capabilities.” Expect further surges as AI models become more accessible and better at code analysis. The key takeaway: prepare for a new normal of high patch volumes.

7. Browser Vulnerability Surge Tied to Chromium & AI

Microsoft Edge, based on Chromium, accounted for nearly 60 of the April patches. The Chromium project credits a wide range of researchers, many of whom are now using AI tools to discover bugs faster. While this is good for long-term security, it creates a short-term patching burden. Whether you use Edge, Chrome, or another Chromium-based browser, check for updates and restart your browser to apply fixes. AI-aided bug hunting is here to stay—stay vigilant.

8. Don't Forget to Restart Your Browser

An often-overlooked step: after updating your browser, you must fully close and reopen it. Many updates apply only after a restart, leaving you vulnerable if you only refresh or close tabs. This applies to all browsers—Chrome, Edge, Firefox, etc. Make it a habit to check for updates and perform a clean restart. Additionally, ensure your operating system and third-party apps (like Adobe Reader) are restarted after patching. A few seconds can mean the difference between protected and compromised.

Conclusion
April 2026’s Patch Tuesday is a wake-up call: cyberattacks are growing in sophistication and frequency, partly thanks to AI. With 167 vulnerabilities, an actively exploited SharePoint zero-day, a public Windows Defender exploit, and multiple zero-days in tools you use daily, there’s no room for delay. Immediately install all patches from Microsoft, Adobe, and Google, and restart everything—including your browser. Stay informed, because the next Patch Tuesday might be even bigger.