Microsoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday, Mitigating Two Exploited 0-Days - gbhackers.com

Microsoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday CVE/vulnerabilityCyber Security NewsMicrosoft 3 min.Read Microsoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday, Mitigating Two Exploited 0-Days By Divya March 11, 2026 Share Facebook Twitter Pinterest WhatsApp Microsoft has released its March 2026 Patch Tuesday updates, successfully addressing 79 security vulnerabilities across various products and mitigating two publicly disclosed zero-day flaws. These critical security updates provide essential fixes for enterprise systems, including Microsoft Windows, Office, SQL Server, and the .NET framework. March 2026 Vulnerability Overview The March 2026 Patch Tuesday addresses a wide range of security flaws impacting modern infrastructure. Among the 79 patched vulnerabilities, three are classified as critical. The remaining flaws are rated as important or low severity. The vulnerabilities span several categories, heavily featuring 46 elevation of privilege flaws and 18 remote code execution risks. Because attackers often target known vulnerabilities quickly, administrators must apply these patches promptly to protect enterprise networks from unauthorized access and potential data breaches. Delaying updates can leave systems exposed to cybercriminal groups and ransomware operators.​ Microsoft patched two zero-day vulnerabilities that were publicly disclosed before the official fix was available. While neither flaw has been actively exploited in the wild yet, their public disclosure significantly increases the risk of threat actors developing active exploits. The notable zero-day flaws include: SQL Server Elevation of Privilege: Tracked as CVE-2026-21262, this flaw allows an attacker with authorized access to elevate their privileges to an administrator level over a network. .NET Denial-of-Service: This vulnerability affects the .NET framework, allowing attackers to disrupt business operations by causing service outages.​ Patched Vulnerabilities Data Below is the table of Microsoft vulnerabilities based on the provided security update guide. CVE ID Vulnerability Name Type Severity CVE-2024-29059 .NET Framework Information Disclosure Vulnerability Information Disclosure Important CVE-2024-29057 Microsoft Edge (Chromium-based) Spoofing Vulnerability Spoofing Low CVE-2024-28916 Xbox Gaming Services Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26247 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Security Feature Bypass Low CVE-2024-26246 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Security Feature Bypass Low CVE-2024-26204 Outlook for Android Information Disclosure Vulnerability Information Disclosure Important CVE-2024-26203 Azure Data Studio Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26201 Microsoft Intune Linux Agent Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26199 Microsoft Office Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26198 Microsoft Exchange Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2024-26197 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Denial of Service Important CVE-2024-26196 Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Information Disclosure Low CVE-2024-26192 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Information Disclosure Important CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability Denial of Service Important CVE-2024-26188 Microsoft Edge (Chromium-based) Spoofing Vulnerability Spoofing Low CVE-2024-26185 Windows Compressed Folder Tampering Vulnerability Tampering Important CVE-2024-26182 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26181 Windows Kernel Denial of Service Vulnerability Denial of Service Important CVE-2024-26178 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26177 Windows Kernel Information Disclosure Vulnerability Information Disclosure Important CVE-2024-26176 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26174 Windows Kernel Information Disclosure Vulnerability Information Disclosure Important CVE-2024-26173 Windows Kernel Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26170 Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26169 Windows Error Reporting Service Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26167 Microsoft Edge for Android Spoofing Vulnerability Spoofing Low CVE-2024-26166 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2024-26165 Visual Studio Code Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2024-26164 Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2024-26163 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Security Feature Bypass Low Recommended Mitigations To maintain a strong security posture, organizations should follow these mitigation steps: Deploy the March 2026 security updates immediately, prioritizing internet-facing and business-critical servers. Test patches in a staging environment before full deployment to avoid operational disruptions.​ Monitor SQL Server and .NET applications closely for unusual network traffic or unauthorized access attempts. Review Microsoft Office configurations, as certain flaws can be triggered via the preview pane without opening a malicious file. Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google. Tags cyber security Cyber Security News Vulnerability Divya Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Hot this week Infosec- Resources How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities June 4, 2023 1 What is Deep Web The deep web, invisible web, or... SOC Architecture How to Build and Run a Security Operations Center (SOC Guide) – 2023 June 3, 2023 12 Today’s Cyber security operations center (CSOC) should have everything... Cyber Security News Network Penetration Testing Checklist – 2025 March 2, 2025 0 Network penetration testing is a cybersecurity practice that simulates... Cyber Security News Russian Hackers Bypass EDR to Deliver a Weaponized TeamViewer Component October 18, 2023 0 TeamViewer's popularity and remote access capabilities make it an... Checklist Web Server Penetration Testing Checklist – 2026 January 6, 2026 0 Web server pentesting is performed under three significant categories: identity,... Topics AcquisitionAdobeAdwareAIAmazonAmazon AWSAMDAndroidAnti VirusAntimalwareAntispoofingANY RUNApacheAPIAppleAPTArtificial IntelligenceAvastAWSAzureBackdoorBitcoinBluetoothBotnetBrowserBuffer over flowBug BountyBusinessChatbotsChatGPTChecklistChromeCiscoCISOCISO AdvisoryCloudCloud SecurityCloudflareComputer SecurityCourseCPUCross site ScriptingcryptocurrencyCryptocurrency hackCVE/vulnerabilityCyber AdvisoryCyber AICyber AttackCyber Crimecyber securityCyber security CourseCyber Security NewsCyber Security ResourcesDark WebData BreachData GovernanceDDOSDealsDeepSeekDiscordDNSDos AttackDriveDropboxEducationEmailEmail SecurityEthical HackingExploitExploitation ToolsExtratorrentsFACEBOOKFeaturedFirefoxFirefox NewsFirewallForensics ToolsgameGenAIGitHubGitLabGmailGoogleGoogle dorksGovernanceGRCHacking BooksHacksHardware HackingHBOHTMLHTTPIBMIISIncident ResponseInformation GatheringInformation Security RisksInfosec- ResourcesInsider ThreatsInstagramMore cyber security Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks 0 Handala Hack is an Iranian state-linked destructive actor that... Cyber Attack Cyberattack Hits Poland’s Nuclear Research Center 0 Poland's National Centre for Nuclear Research recently experienced a... Cyber Attack CamelClone Uses Public File-Sharing Sites in Government Cyberattacks 0 A new cyber espionage campaign dubbed Operation CamelClone, targeting... AI Betterleaks Launches as Open-Source Tool for Scanning Files, Directories, and Git Repositories 0 Zach Rice, the original creator of the widely popular... Botnet RondoDox Botnet Scales Up, Exploiting 174 Vulnerabilities via Residential IPs 0 RondoDox is a Mirai‑style botnet that has quickly evolved... cyber security MEA Shipment Phishing Scams Surge, Stealing Banking Data in Real Time 0 Every day, billions of people rely on postal and... Android Google Unveils Android 17 Advanced Protection Mode to Stop Malicious Services 0 Google is preparing to launch Android 17, introducing a... Cyber Security News Google Looker Studio Vulnerabilities Allow Attackers to Exfiltrate Data from Google Services 0 Tenable Research recently uncovered “LeakyLooker,” a critical set of... Related Articles Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks cyber security March 16, 2026 Cyberattack Hits Poland’s Nuclear Research Center Cyber Attack March 16, 2026 CamelClone Uses Public File-Sharing Sites in Government Cyberattacks Cyber Attack March 16, 2026 Betterleaks Launches as Open-Source Tool for Scanning Files, Directories, and Git Repositories AI March 16, 2026 RondoDox Botnet Scales Up, Exploiting 174 Vulnerabilities via Residential IPs Botnet March 16, 2026 Recent News Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks Mayura Kathir - March 16, 2026 Cyberattack Hits Poland’s Nuclear Research Center Divya - March 16, 2026 CamelClone Uses Public File-Sharing Sites in Government Cyberattacks Mayura Kathir - March 16, 2026 Betterleaks Launches as Open-Source Tool for Scanning Files, Directories, and Git Repositories Divya - March 16, 2026 RondoDox Botnet Scales Up, Exploiting 174 Vulnerabilities via Residential IPs Mayura Kathir - March 16, 2026 MEA Shipment Phishing Scams Surge, Stealing Banking Data in Real Time Mayura Kathir - March 16, 2026