Microsoft released patches for 167 vulnerabilities across Windows and related products. The update addresses a SharePoint Server zero-day and "BlueHammer," a publicly disclosed Windows Defender weakness. Google Chrome received its fourth zero-day fix of 2026. Adobe released an emergency patch for Reader that closes an actively exploited remote code execution flaw.
Defenders should prioritize the Adobe Reader patch immediately given active exploitation. The Microsoft SharePoint zero-day and Windows Defender vulnerability warrant rapid deployment in enterprise environments. Organizations running Chrome should update to the latest build. No information on CVE identifiers or exploitation timeline was available at publication.