Microsoft released its April 2026 Patch Tuesday addressing 167 security vulnerabilities, including two zero-day exploits currently being leveraged in active attacks.
Microsoft's April 2026 Patch Tuesday covers 167 distinct flaws across multiple product lines. The update includes fixes for two zero-day vulnerabilities—unpatched security holes that attackers have already begun exploiting in the wild.
Zero-day vulnerabilities pose elevated risk because they affect systems before patches become available. Microsoft's rapid acknowledgment and release of fixes for these two exploits reduces the window of exposure for enterprise and consumer users.
The monthly security update addresses vulnerabilities in Windows, Microsoft Office, Edge browser, Azure services, and other enterprise products. Severity ratings range across critical, important, and moderate categories.
Microsoft advises users and administrators to apply the patches promptly. Enterprise environments typically deploy updates across phases to test compatibility before full rollout. Home users can enable automatic Windows updates to receive patches automatically.
The April release continues Microsoft's regular second-Tuesday-of-the-month update schedule, established to provide predictable patching cycles. This consistency allows IT teams to plan maintenance windows and test updates against business-critical systems.
Additional security guidance from Microsoft includes reviewing patching timelines for specific vulnerabilities, as critical flaws may warrant expedited deployment. The company's security advisories provide detailed technical information for each fix, including affected versions and workarounds for systems unable to patch immediately.
Users should verify update installation through Windows Update settings or System Information panels to confirm all April patches have deployed successfully.
Caller ID service Truecaller is pushing back against India's telecom regulator over new anti-spam regulations, claiming users are increasingly blocking calls from the country's dedicated business number series.
Telstra customers faced a second day of disruptions Thursday as a secondary outage prevented some from reaching triple-zero emergency services. Regional train services remained affected following Wednesday's initial mobile network failure.
Australia's government has instructed volunteers to discard thousands of functional test routers despite the devices being capable of being reflashed for continued use.
A lawsuit alleges a man used X's Grok AI to create approximately 7,000 sexually explicit images of his stepdaughter before taking his own life. Multiple young girls are now suing X, claiming the platform failed to prevent the abuse.