Microsoft’s March Patch Tuesday Fixes 79 Flaws and Two Zero-Days

Microsoft has unleashed its March security update constellation, adhering to the customary cadence of Patch Tuesday. Within this nascent release, the corporate leviathan has vanquished 79 distinct vulnerabilities across a myriad of products, notably encompassing a pair of zero-day aberrations whose existence had already permeated the public domain.

These remediations envelop an expansive spectrum of Windows constituents and enterprise-grade services. Among the rectified flaws, a triad has been branded with the dire “critical” designation. Twain of these empower adversaries to orchestrate remote code execution, whilst the tertiary vulnerability precipitates the illicit disclosure of sensitive intelligence.

The overwhelming preponderance of these unmasked errors is inextricably tethered to the escalation of systemic privileges—an affliction encompassing precisely 46 documented vulnerabilities. Furthermore, the architectural vanguard has eradicated 18 tribunes facilitating remote code execution, 10 data disclosure anomalies, alongside a menagerie of vulnerabilities inducing denial of service, data spoofing, and the profound circumvention of defensive matrices.

The twin zero-day vulnerabilities were previously thrust into the public eye; however, intelligence regarding their kinetic weaponization in active campaigns remains reassuringly absent. The inaugural anomaly, chronicled as CVE-2026-21262, afflicts the Microsoft SQL Server architecture. A profoundly deficient access validation protocol empowers an authenticated patron to intravenously escalate their privileges across the network, ultimately usurping absolute dominion as a database administrator. This perilous flaw was unearthed by the savant Erland Sommarskog, who had antecedently delineated the vulnerability within a treatise scrutinizing the authorization mechanics governing stored procedures.

The secondary vulnerability—designated CVE-2026-26127—is inextricably linked to the .NET framework. An egregious out-of-bounds read anomaly bestows upon a remote assailant the terrifying capacity to precipitate a catastrophic denial of service across the network conduit. The sentinel who illuminated this tribulation has elected to remain shrouded in anonymity.

The enterprise has concurrently directed profound vigilance toward the Microsoft Office suite. The promulgated patches definitively seal a pair of critical remote code execution vulnerabilities—CVE-2026-26110 and CVE-2026-26113. As exploitation is seamlessly achievable via the document preview pane, the architects vehemently counsel the immediate installation of the Office remediation.

Yet another noteworthy tribulation has been unearthed within Microsoft Excel. Vulnerability CVE-2026-26144 facilitates the illicit disclosure of telemetry via its integration with the Microsoft Copilot architecture. Upon a triumphant exploitation, a malefactor possesses the capacity to coerce the Copilot agent into exfiltrating intelligence across the network, entirely bereft of auxiliary patron interaction—effectively architecting a chilling, zero-click attack scenario.

Beyond the aforementioned constituents, these restorative updates encompass Active Directory, Azure, Hyper-V, SharePoint, foundational Windows drivers, and a constellation of systemic services. Certain afflictions are similarly tethered to the mechanics of network routing, the underlying file systems, and the Windows Print Spooler apparatus.

An exhaustive delineation of all unearthed vulnerabilities, replete with their granular technical specifications and a comprehensive ledger of compromised systems, remains accessible within the unabridged dossier.