This month’s roundup covers the latest security updates from Microsoft, Apple, Google, and the major Linux distributions. Inside you’ll find the new Windows KB release, Apple’s iOS and macOS security fixes (including the DarkSword patch), Google’s April Android bulletin, and the current security advisories from Ubuntu. The report outlines the key vulnerabilities addressed across each platform, links directly to the official vendor advisories, and highlights the priority actions worth taking for individuals, businesses, and admins.
Windows Updates – April 2026 Patch Tuesday
Latest cumulative update: KB5083769
OS Builds: 26200.8246 / 26100.8246
Release date: 14 April 2026
Key improvements
- Secure Boot certificate update improvements
- Fix for BitLocker Recovery prompts after Secure Boot updates
- Reliability improvements for SMB compression over QUIC
- Enhanced phishing protection for Remote Desktop (.rdp) files
- Roll‑up of March preview and out‑of‑band fixes
Official Microsoft links
Windows 11 Release Health
https://learn.microsoft.com/windows/release-health/windows11-release-information
Microsoft Security Update Guide (CVE list)
https://msrc.microsoft.com/update-guide
Microsoft Defender for Endpoint — What’s New
Priority actions
- Patch Secure Boot + BitLocker environments
- Patch RDP‑exposed systems
- Validate Defender platform version
Apple Security Updates — April 2026
Apple released multiple security updates across iOS, iPadOS, and macOS, including patches for older devices affected by the DarkSword exploit.
iOS 18.7.7 / iPadOS 18.7.7
Release date: 1 April 2026
Devices: Older iPhones and iPads still on iOS 18
Security fixes
- WebKit memory corruption → arbitrary code execution
- Kernel memory handling issues → potential code execution with kernel privileges
- ImageIO out‑of‑bounds read → information disclosure
- Safari WebKit patches included
Notable fix
DarkSword exploit
- Actively exploited in the wild
- Allows device compromise via malicious web content
iOS 26.4 / iPadOS 26.4
Release date: 24 March 2026
Security fixes
- WebKit RCE vulnerabilities
- Kernel privilege escalation
- CoreMedia memory corruption
- Apple Neural Engine input validation issues
- Contacts sandbox escape
- Find My location data exposure fix
macOS Tahoe 26.4
Release date: 24 March 2026
Security fixes
- Kernel memory corruption → arbitrary code execution
- WebKit RCE vulnerabilities
- ImageIO memory safety issues
- CoreGraphics out‑of‑bounds reads
- Safari WebKit patches included
macOS Sequoia 15.7.5
Release date: 24 March 2026
Security fixes
- Kernel privilege escalation
- WebKit arbitrary code execution
- CoreMedia memory corruption
- LaunchServices sandbox escape
- libxml2 memory safety fixes
macOS Sonoma 14.8.5
Release date: 24 March 2026
Security fixes
- WebKit RCE vulnerabilities
- Kernel memory corruption
- ImageIO information disclosure
- Safari WebKit patches included
Official Apple link
Apple Security Updates
https://support.apple.com/en-au/HT201222
Priority actions
- Update any device still on iOS 18 → install 18.7.7
- Update macOS systems to the latest supported version
- Ensure iOS 26 devices are on 26.4
Android – April 2026 Security Bulletin
Published: 6 April 2026
Patch levels: 2026‑04‑01 and 2026‑04‑05
Key vulnerabilities
- Critical Framework vulnerability enabling local DoS
- Multiple vendor component vulnerabilities (Google, NXP, STMicroelectronics)
- Google Play system update v26.13 released
Official Android links
Android Security Bulletin
https://source.android.com/docs/security/bulletin
Pixel Update Bulletin
https://source.android.com/docs/security/bulletin/pixel
Priority actions
- Pixel devices → install April OTA
- OEM devices → patch availability varies by manufacturer
Linux – Ubuntu Security Updates
Ubuntu provides one of the clearest and most consistent security advisory portals in the Linux ecosystem, making it the optimal reference point for tracking Linux vulnerabilities each month. The Ubuntu Security Notices (USN) feed lists all CVEs addressed across the distribution, along with the affected packages, impact summaries, and fixed versions. For this roundup, Ubuntu is used as the reference Linux distribution due to its clear, consistent, and well‑maintained security advisory format.
Ubuntu – Security Notices (USN)
https://ubuntu.com/security/notices
Current themes
- Kernel security fixes, including privilege escalation and memory‑safety issues
- OpenSSL and OpenSSH updates addressing cryptographic and authentication vulnerabilities
- Browser security updates (Firefox, Chromium builds)
- Patches for common libraries such as systemd, libxml2, and ImageMagick
- Updates to server‑side components like Samba, Apache, and PHP depending on the week’s advisories
Priority actions
- Patch kernel‑level vulnerabilities
- Patch OpenSSH/OpenSSL updates
- Apply browser updates promptly
- Keep server‑side packages updated based on weekly USNs
Practical Guidance
For individuals
- Update iPhones/iPads immediately (DarkSword patch)
- Install Windows KB5083769
- Update Android devices as soon as OEM patches land
For businesses
- Prioritise Secure Boot + BitLocker environments
- Patch RDP‑exposed systems
- Validate macOS fleet compliance
For admins
- Review MSRC for exploited‑in‑the‑wild CVEs
- Confirm Defender platform version
- Check Linux fleet for kernel + OpenSSH/OpenSSL updates
Continue Reading
New Patch Roundup published every Patch Tuesday.