Microsoft Corporation issued a comprehensive security update on April 21, 2026, detailing fixes for 162 vulnerabilities across its software portfolio. This release marks the highest volume of patches ever issued by the company in a single month, surpassing the previous record set in 2024. The update covers a broad range of products, including the Windows operating system, Microsoft Office, Azure cloud services, and the Microsoft Defender security suite.

The centerpiece of the April release is the remediation of a zero-day vulnerability in Microsoft SharePoint, identified as CVE-2026-3104. Microsoft’s Security Response Center confirmed that this flaw, which allows for unauthenticated remote code execution, has been actively exploited in targeted attacks against corporate environments. According to the technical documentation, the vulnerability stems from a failure to properly sanitize user-supplied input in the SharePoint Server core processing engine. Microsoft has advised administrators to prioritize this patch, as successful exploitation could grant an attacker full administrative control over affected servers.

In addition to the SharePoint flaw, the update addresses a significant privilege-escalation vulnerability in Microsoft Defender, tracked as CVE-2026-3112. This flaw could allow a local attacker to gain system-level privileges on a compromised machine. The company noted that while there have been no confirmed reports of this specific vulnerability being used in widespread campaigns, the complexity of the flaw necessitated a fundamental change in how Defender handles temporary file permissions during system scans.

The April 2026 update categorizes 19 of the 162 vulnerabilities as Critical, the company’s highest severity rating. These flaws primarily involve remote code execution capabilities in Windows 11 and Windows Server 2025. The remaining 143 vulnerabilities are classified as Important, covering issues such as information disclosure, denial of service, and security feature bypasses. Notably, the release includes fixes for 12 vulnerabilities in the Windows Print Spooler service and eight flaws within the Microsoft Exchange Server environment.

Microsoft’s Vice President of Security Response, Vasu Jakkal, stated in an official release that the increased volume of patches reflects the company’s ongoing Secure Future Initiative. This initiative, launched in late 2023, focuses on accelerating the identification and remediation of legacy code vulnerabilities. Jakkal emphasized that the April update includes several defense-in-depth enhancements designed to mitigate entire classes of memory-corruption bugs that have historically affected the Windows kernel.

The deployment of these patches is being managed through the standard Windows Update and Microsoft Endpoint Manager channels. Microsoft has provided specific guidance for enterprise customers using Azure-based virtual machines, noting that automated patching schedules may require manual intervention for certain legacy configurations. The company also released updated security baselines for Windows 11 version 25H2 to align with the new security posture established by this record-setting update.