Security Digest - April 29, 2026

Daily security intelligence briefing for infrastructure and endpoint management teams. Consolidated from authoritative research, vendor advisories, and community discussions.

• Generated (UTC): 2026-04-29 15:53:10 +00:00
• Lookback window: 7 days

🚀 Top Research & Advisories

• Critical Chrome Vulnerabilities Enables Remote Code Execution Attacks - (CybersecurityNews) System.Xml.XmlElement

  Action: Validate Chrome coverage; update managed package if needed.

💻 AppSec

• How am I supposed to move the window properly? - (Reddit r/Windows11) Monitor developer tool vulnerabilities and supply chain risks.

• Visual Studio April update adds autonomous cloud agents and a new debugger agent - (Neowin) Monitor developer tool vulnerabilities and supply chain risks.

🏗 Infrastructure

• Windows PageFile Settings on VMs - (Reddit r/sysadmin) Review server hardening and AD security posture.

• Windows Server native data deduplication - Does anybody actually use it? - (Reddit r/sysadmin) Review server hardening and AD security posture.

🛠 Infrastructure & Endpoint Control

• AI may be coming to Windows 11’s Clock app as Microsoft turns it into a focus tool - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• April 2026 OOB updates (KB5091572/73/75/KB5091157) — DC-only or apply to all Windows Servers? - (Reddit r/sysadmin) Evaluate update rings and expedite actions if needed.

• Developing a cross-process reader/writer lock with limited readers, part 1: A semaphore - (The Old New Thing) Confirm Adobe exposure; push updated deployment.

• Display settings enhancer app (see photo) - (Reddit r/Windows11) Validate Chrome coverage; update managed package if needed.

• Don’t make the business’s risk your own. - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• For the people who are using Translucent TB with dark wallpaper and cant see clock as it’s in black font. Here is the fix - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Has anyone noticed this about the Windows Calculator? - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• HCI vs SAN - (Reddit r/sysadmin) Validate Edge/WebView2 coverage; refresh managed package.

• Here are all the new features Microsoft added to Excel in April 2026 - (Neowin) Review Office update channel health and security baseline compliance.

• Here’s my take on refining Windows - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Intel improves Windows 11 and 10 Wi-Fi and Bluetooth with new drivers - (Neowin) Validate workstation security baseline and update compliance.

• KnowBe4 Phish Alert causing malware attachments to save in OLK folder — expected behavior? - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Microsoft asks iPhone users to reauthenticate after Outlook outage - (BleepingComputer) Review Office update channel health and security baseline compliance.

• My Windows 11 Desktop Interface - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Our quarterly access review is a 9,800 row Excel file that we email to 140 managers. I need help. - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Phishing emails! - (Reddit r/cybersecurity) Review security controls and policy updates.

• Save 86% on an Microsoft Office 2021 Professional Plus digital license - (Neowin) Review Office update channel health and security baseline compliance.

• scan to email now lands in junk mail folder - (Reddit r/sysadmin) Review Office update channel health and security baseline compliance.

• Static CTFs are becoming obsolete for LLMs. This new paper on “Dynamic Cyber Ranges” shows why - (Reddit r/cybersecurity) Review security controls and policy updates.

• This Windows 11 concept looks clean, but may be controversial - (Neowin) Validate workstation security baseline and update compliance.

• TIP: Add a right-click ‘Unblock Files’ option to Windows Explorer to fix the File Explorer preview warning in bulk - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• What is Windows K2? Inside Microsoft’s big plan to SAVE Windows 11 and win back trust from users. - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows 10 gets a funeral in France as furious activists parade a coffin, blasting Microsoft - (Neowin) Validate workstation security baseline and update compliance.

• Windows 11 file ‘Share’ does not have an option for Bluetooth in it (forces user to use classic right-click to access Bluetooth context menu). Microsoft please add Bluetooth to the options for Share too! - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• Windows 11’s hidden Screen Tint feature lets you soften your display with amber, blue, green, and more colors - (Reddit r/Windows11) Validate workstation security baseline and update compliance.

• WSUS not delivering updates to a Windows 11 device upgraded via ISO - (Reddit r/sysadmin) Validate workstation security baseline and update compliance.

🩹 Patch Tuesday & Update Experience

• April 2026 OOB updates (KB5091572/73/75/KB5091157) — DC-only or apply to all Windows Servers? - (Reddit r/sysadmin) Hi, Microsoft released OOB updates this month (KB5091572, KB5091573, KB5091575, KB5091157) to fix DC reboot loops caused by the April 2026 Patch Tuesday updates. My question: are these OOB updates onl…

🔍 Quick Links (Watch Items)

• Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden - (Reddit r/cybersecurity)
• Exploring training platforms alternative to Mimecast for better phishing awareness. - (Reddit r/cybersecurity)
• Defederating from GoDaddy to Microsoft - Bundled Email Question - (Reddit r/sysadmin)
• April 2026 OOB updates (KB5091572/73/75/KB5091157) — DC-only or apply to all Windows Servers? - (Reddit r/sysadmin)
• How do you guys define “misuse” and risks? - (Reddit r/cybersecurity)
• Certifications for behavioral cybersecurity / human risk research? - (Reddit r/cybersecurity)
• Cursor AI Coding Agent Vulnerability Allow Attackers to Execute Code on Developer’s Machine - (CybersecurityNews)
• Static CTFs are becoming obsolete for LLMs. This new paper on “Dynamic Cyber Ranges” shows why - (Reddit r/cybersecurity)
• Hardening administrative actions - issues with Kerberos and HTML if machines are cloned without Sysprep - (Reddit r/sysadmin)
• CISA Warns Microsoft Windows Shell 0-click Vulnerability Exploited in Attacks - (CybersecurityNews)