Microsoft Patch Tuesday March 2026 – 78 Vulnerabilities Fixed, Including One 0-day

Zerowl

March 11, 2026

Microsoft Patch Tuesday March 2026 – 78 Vulnerabilities Fixed, Including One 0-day

On March 10, 2026, Microsoft released its Patch Tuesday security update for March 2026 This article explores vulnerability cve 2026. . It fixed 78 security holes in Windows, Microsoft Office, Azure, SQL Server, and .NET. The update has one actively exploited zero-day vulnerability and several Critical-rated flaws that security teams need to fix right away.

CVE-2026-21262 is the most important fix this month. It is the only zero-day in this release. Companies should make patching this hole a top priority right away. Microsoft hasn't said which threat actor is actively exploiting the zero-day, but the fact that it exists shows how important it is to quickly deploy patches to all affected environments.

CVE Number CVE Title CVE-2026-20967 System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability CVE-2026-21262 SQL Server Elevation of Privilege Vulnerability CVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability CVE-2026-23656 Windows App Installer Spoofing Vulnerability CVE-2026-23660 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability CVE-2026-23661 Azure IoT Explorer Information Disclosure Vulnerability CVE-2026-23662 Azure IoT Explorer Information Disclosure Vulnerability CVE-2026-23664 Azure IoT Explorer Information Disclosure Vulnerability CVE-2026-23665 Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability CVE-2026-23667 Broadcast DVR Elevation of Privilege Vulnerability CVE-2026-23668 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2026-23669 Windows Print Spooler Remote Code Execution Vulnerability CVE-2026-23671 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability CVE-2026-23672 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability CVE-2026-23673 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability CVE-2026-23674 MapUrlToZone Security Feature Bypass Vulnerability CVE-2026-24282 Push message Routing Service Elevation of Privilege Vulnerability CVE-2026-24283 Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability CVE-2026-24285 Win32k Elevation of Privilege Vulnerability CVE-2026-24287 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-24288 Windows Mobile Broadband Driver Remote Code Execution Vulnerability CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-24290 Windows Projected File System Elevation of Privilege Vulnerability CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability CVE-2026-24292 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-24294 Windows SMB Server Elevation of Privilege Vulnerability CVE-2026-24295 Windows Device Association Service Elevation of Privilege Vulnerability CVE-2026-24296 Windows Device Association Service Elevation of Privilege Vulnerability CVE-2026-24297 Windows Kerberos Security Feature Bypass Vulnerability CVE-2026-25165 Performance Counters for Windows Elevation of Privilege Vulnerability CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability CVE-2026-25167 Microsoft Brokering File System Elevation of Privilege Vulnerability CVE-2026-25168 Windows Graphics Component Denial of Service Vulnerability CVE-2026-25169 Windows Graphics Component Denial of Service Vulnerability CVE-2026-25170 Windows Hyper-V Elevation of Privilege Vulnerability CVE-2026-25171 Windows Authentication Elevation of Privilege Vulnerability CVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVE-2026-25174 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability CVE-2026-25175 Windows NTFS Elevation of Privilege Vulnerability CVE-2026-25176 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerability CVE-2026-25178 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-25179 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-25180 Windows Graphics Component Information Disclosure Vulnerability CVE-2026-25181 GDI+ Information Disclosure Vulnerability CVE-2026-25185 Windows Shell Link Processing Spoofing Vulnerability CVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability CVE-2026-25188 Windows Telephony Service Elevation of Privilege Vulnerability CVE-2026-25189 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-25190 GDI Remote Code Execution Vulnerability CVE-2026-26105 Microsoft SharePoint Server Spoofing Vulnerability CVE-2026-26106 Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2026-26107 Microsoft Excel Remote Code Execution Vulnerability CVE-2026-26108 Microsoft Excel Remote Code Execution Vulnerability CVE-2026-26109 Microsoft Excel Remote Code Execution Vulnerability CVE-2026-26110 Microsoft Office Remote Code Execution Vulnerability CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability CVE-2026-26112 Microsoft Excel Remote Code Execution Vulnerability CVE-2026-26113 Microsoft Office Remote Code Execution Vulnerability CVE-2026-26114 Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2026-26115 SQL Server Elevation of Privilege Vulnerability CVE-2026-26116 SQL Server Elevation of Privilege Vulnerability CVE-2026-26117 Arc Enabled Servers – Azure Connected Machine Agent Elevation of Privilege Vulnerability CVE-2026-26118 Azure MCP Server Tools Elevation of Privilege Vulnerability CVE-2026-26121 Azure IOT Explorer Spoofing Vulnerability CVE-2026-26123 Microsoft Authenticator Information Disclosure Vulnerability CVE-2026-26127 .NET Denial of Service Vulnerability CVE-2026-26128 Windows SMB Server Elevation of Privilege Vulnerability CVE-2026-26130 ASP.NET Core Denial of Service Vulnerability CVE-2026-26131 .NET Elevation of Privilege Vulnerability CVE-2026-26132 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-26134 Microsoft Office Elevation of Privilege Vulnerability CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability CVE-2026-26144 Microsoft Excel Information Disclosure Vulnerability CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability Security teams should apply all March 2026 patches as soon as possible, with immediate priority on CVE-2026-21262, the three Critical Office and Excel flaws, the Windows Kernel and SMB Server EoP vulnerabilities, and the SharePoint RCE bugs.

All affected product lines require customer action as confirmed by Microsoft. Other Patch Tuesday Updates: Fortinet Security Update – Patch for Multiple Vulnerabilities That Enable Malicious Command Execution. Zoom Workplace for Windows Vulnerabilities Allow Privilege Escalation.

Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges. SAP Security Update – Patch for Multiple Vulnerabilities that Enable Remote Code Execution.

Microsoft Patch Tuesday March 2026 – 78 Vulnerabilities Fixed, Including One 0-day

Trending News

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Coruna, DarkSword, and Democratizing Nation-State Exploit Kits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Apple Sends Lock Screen Alerts to Old iPhones About Active Web-Based Exploits

Wartime Usage of Compromised IP Cameras Highlight Their Danger

Wartime Usage of Compromised IP Cameras Highlight Their Danger

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

Hackers use phishing ZIP files to send PXA Stealer to steal money from banks and other financial institutions.

China improves the backdoor it uses to spy on telecom companies around the world.

China improves the backdoor it uses to spy on telecom companies around the world.

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Attacks on infrastructure that have physical effects are down 25%.

Attacks on infrastructure that have physical effects are down 25%.

How mistakes can help businesses improve their security programs

How mistakes can help businesses improve their security programs