April 2026 Security Patch Guide: How to Protect Your Systems from Active Exploits

Introduction

In April 2026, Microsoft released a record-breaking Patch Tuesday update addressing 167 security vulnerabilities, including a SharePoint Server zero-day (CVE-2026-32201) and a privilege escalation bug in Windows Defender known as BlueHammer (CVE-2026-33825). Additionally, Google Chrome fixed its fourth zero-day of the year, and Adobe issued an emergency update for Adobe Reader to patch an actively exploited remote code execution flaw (CVE-2026-34621). This guide walks you through the steps to apply these critical patches and protect your systems.

April 2026 Security Patch Guide: How to Protect Your Systems from Active Exploits — Source: krebsonsecurity.com

What You Need

A computer running a supported version of Windows (Windows 11, Windows 10, Windows Server 2022/2019/2016)
Administrator access to install updates
Internet connection to download patches
Microsoft SharePoint Server (if applicable in your organization)
Google Chrome browser installed (if not using Edge)
Adobe Reader (free version) installed
Backup of critical data (recommended before any major update)

Step-by-Step Instructions

Step 1: Verify Your Windows Version and Check for Available Updates

Before applying patches, ensure your Windows version is up-to-date. Press Windows Key + I to open Settings, then go to Update & Security > Windows Update. Click Check for updates. If you see a message saying your device is up to date, continue to Step 2. Otherwise, let Windows scan and list available updates.

Step 2: Install the April 2026 Patch Tuesday Rollup

Microsoft’s April 2026 cumulative update includes fixes for the 167 vulnerabilities. Click Install Now on the update labeled “2026-04 Cumulative Update for Windows 10/11 Version [your version]”. The update will include patches for the SharePoint zero-day (CVE-2026-32201) and Windows Defender privilege escalation (BlueHammer). Accept the license terms and restart your computer when prompted.

Step 3: Update Microsoft SharePoint Server (If Used)

If your organization runs SharePoint Server, apply the specific security update for CVE-2026-32201. This zero-day is actively exploited to spoof trusted content. Navigate to the Microsoft Update Catalog (https://www.catalog.update.microsoft.com) and search for “SharePoint Server 2026-04”. Download and install the update for your SharePoint version. After installation, restart the SharePoint services or reboot the server.

Step 4: Confirm Windows Defender is Patched (BlueHammer Fix)

The BlueHammer vulnerability (CVE-2026-33825) allows privilege escalation through Windows Defender. The patch is included in the cumulative update from Step 2. To verify, open Windows Security (search in Start menu) and go to Virus & threat protection. Check that your antivirus engine version is updated automatically. If not, click Check for updates under Virus & threat protection updates.

Step 5: Update Google Chrome (Fourth Zero-Day Fix)

Google Chrome fixed its fourth zero-day of 2026 in April. Open Chrome, click the three-dot menu in the upper-right corner, then go to Help > About Google Chrome. Chrome will automatically check for updates and download the latest version. Click Relaunch to apply the update. Ensure you are running version 130.0.6723.91 or higher (check via the same menu).

Step 6: Apply Adobe Reader Emergency Update (CVE-2026-34621)

Adobe released an emergency update on April 11, 2026, for Adobe Reader to fix CVE-2026-34621, an actively exploited remote code execution flaw. Open Adobe Acrobat Reader DC, go to Help > Check for Updates. If you see an update available, download and install it. Restart the program. Alternatively, download the latest installer from the Adobe website and run it.

Step 7: Restart Your Browser and Verify All Updates

After installing updates, completely close and restart your web browser (Chrome, Edge, or any other based on Chromium). This ensures that the patched components load correctly. To verify all updates are applied, go to Windows Update > View update history. You should see entries for the April 2026 cumulative update, and for Chrome/Adobe updates, check the respective About pages.

Tips for a Smooth Update Experience

Schedule updates during off-hours: Large cumulative updates may require multiple restarts. Plan accordingly to avoid disruption.
Back up important data: While updates are generally safe, a system restore point can save time if conflicts arise.
Test in a staging environment: For enterprise SharePoint servers, test the update on a non-production instance first.
Monitor for further exploits: As noted by researchers, the SharePoint zero-day is being actively used. Watch for phishing attempts that leverage spoofed content.
Keep other software updated: Use automatic updates where possible. The spike in browser vulnerabilities (nearly 60 in Edge/Chromium) may be linked to AI-powered bug discovery—expect more frequent updates.
Restart your browser completely: Just opening a new tab isn’t enough; fully close all browser windows to apply the patch.

By following these steps, you will have mitigated the most critical vulnerabilities disclosed in April 2026, including the actively exploited SharePoint zero-day, BlueHammer, and the Adobe Reader RCE. Stay vigilant and apply future patches promptly.