Microsoft's March 2026 Patch Tuesday is being released today with security updates for 79 flaws, including 2 publicly disclosed zero-days.
This Patch Tuesday also addresses three “Critical” vulnerabilities, 2 of which are remote code execution flaws and the other is an information disclosure flaw.
The number of bugs in each vulnerability category is listed below:
46 Elevation of Privilege Vulnerabilities
2 Security Bypass Vulnerabilities
18 Remote Code Execution Vulnerabilities
10 Information Disclosure Vulnerabilities
4 Denial of Service Vulnerabilities
4 Spoofing Vulnerabilities
The number of flaws does not include 9 security vulnerabilities in Microsoft Edge, Mariner, Payment Orchestrator Service, Azure, and Microsoft Devices Pricing Program that were patched earlier this month.
This month's Patch Tuesday fixes two publicly disclosed zero-day vulnerabilities.
CVE-2026-21262 – SQL Server Elevation of Privilege Vulnerability
Microsoft has updated a publicly disclosed SQL Server elevation of privilege flaw that grants SQLAdmin privileges.
"Inappropriate access control in SQL Server allows an authorized attacker to elevate privileges across a network," Microsoft says.
CVE-2026-26127 – .NET Denial of Service Vulnerability
Microsoft has fixed a publicly disclosed .NET denial of service flaw.
“Out-of-bounds reading in .NET allows an unauthorized attacker to cause a denial of service over a network,” Microsoft says.
March 2026 Patch Tuesday Security Updates
Download Links for Windows 11 KB5079473
Windows 11 KB5079473 Direct Download Links: 64-bit and ARM-64 |
Download Links for Windows 10 KB5078885
Windows 10 KB5078885 Direct Download Links: 64-bit and ARM-64
Although the press releases will range from very select to rare, I said I'd pass...because sometimes the editors hide.
