Microsoft Patch Tuesday – March 2026

Microsoft Patch Tuesday – March 2026

No Comments

Released: March 10, 2026

Executive Summary

Microsoft’s March 2026 Patch Tuesday addresses 83 vulnerabilities across Windows, Microsoft Office, SQL Server, Azure cloud services, and .NET — with 8 rated Critical and 75 rated Important. Including 9 Chromium based vulnerabilities affecting Microsoft Edge, the total count reaches 93 CVEs. Two vulnerabilities were publicly disclosed prior to patching, though none have been confirmed as actively exploited in the wild at time of release.

This month’s release carries particular significance for organizations running Microsoft 365 Copilot and agentic AI workflows, as one Critical Excel flaw could enable a zero-click data exfiltration scenario via Copilot Agent mode. Additionally, a vulnerability in the Azure Model Context Protocol (MCP) server highlights the growing attack surface introduced by AI infrastructure components.

Zero-Day Vulnerabilities

Two vulnerabilities were publicly known before Microsoft released patches. Neither has been observed in active exploitation, though security teams should treat them as high priority.

CVE-2026-21262 – SQL Server Elevation of Privilege

  • Severity: Important | CVSS: High
  • Type: Improper Access Control → Elevation of Privilege
  • Impact: An authorized attacker can escalate to SQL sysadmin privileges over the network without requiring physical access
  • Status: Publicly disclosed — no active exploitation confirmed
  • Action: Patch immediately, especially for internet-facing or multi-tenant SQL environments

CVE-2026-26127 – .NET Denial of Service

  • Severity: Important
  • Type: Out-of-bounds read → Denial of Service
  • Impact: Unauthenticated network-based exploitation; no credentials required to trigger service disruption
  • Status: Publicly disclosed — Microsoft rates exploitation as unlikely
  • Action: Apply patch as part of regular update cycle

Critical Vulnerabilities

Of the 8 Critical CVEs, 3 require immediate customer action (Office/Excel-related), while the remaining 5 were already remediated by Microsoft on the backend and require no customer patching.

CVE-2026-26113 – Microsoft Office RCE Preview Pane Risk

  • Type: Untrusted Pointer Dereference → Remote Code Execution
  • Vector: Unauthenticated local exploit — can be triggered via the Preview Pane (no file opening required)
  • Impact: Attacker can execute arbitrary code simply by a user previewing a malicious document in Outlook or File Explorer
  • Priority: PATCH IMMEDIATELY

CVE-2026-26110 – Microsoft Office RCE

  • Type: Type Confusion → Remote Code Execution
  • Vector: Unauthenticated local exploit — also exploitable via Preview Pane
  • Impact: Arbitrary code execution without user interaction beyond previewing content
  • Priority: PATCH IMMEDIATELY

CVE-2026-26144 – Microsoft Excel Information Disclosure (Copilot Zero-Click Risk)

  • Type: Improper Input Neutralization → Information Disclosure
  • Unique Risk: Microsoft confirmed this flaw could allow Copilot Agent mode to exfiltrate sensitive data through unintended network egress — creating a potential zero-click data exfiltration scenario
  • Impact: Organizations using Microsoft 365 Copilot are at elevated risk; sensitive data could be leaked without any explicit user action
  • Priority: PATCH IMMEDIATELY — especially critical for Copilot-enabled environments

Backend-Patched Critical CVEs (No Customer Action Required)

  • Azure ACI Confidential Containers – Critical RCE (backend-patched)
  • Azure Devices Pricing Program – Critical vulnerability (backend-patched)
  • CVE-2026-23654 – GitHub PyPI Supply Chain RCE: A Critical RCE tied to an improperly controlled third-party PyPI package dependency in the GitHub repository “zero-shot-scfoundation.” A malicious package substitution during installation could compromise CI/CD pipelines and development environments. Microsoft remediated this without requiring customer action — but teams should audit their own PyPI dependencies.

SharePoint Server — Remote Code Execution

Two RCE vulnerabilities affect Microsoft SharePoint Server and require authenticated access to exploit:

  • CVE-2026-26106: Improper input validation allows an attacker with at least Site Member permissions to execute code remotely on the server
  • CVE-2026-26114: Deserialization of untrusted data — also exploitable by authenticated Site Members or higher

While authentication is required, compromised or insider accounts remain a valid threat vector. Organizations with internet-exposed SharePoint environments should prioritize these patches.

Azure & AI Infrastructure Patches

This month’s release reflects the expanding attack surface of AI-integrated and cloud-connected infrastructure.

CVE-2026-26118 – Azure MCP Server Tools (CVSS 8.8)

A Server-Side Request Forgery (SSRF) vulnerability in Azure Model Context Protocol (MCP) Server Tools enables elevation of privilege. MCP servers are increasingly deployed as connectors between large language models and agentic AI applications — making them a high-value, emerging attack surface. This is the first notable MCP-specific CVE to appear in Patch Tuesday.

Additional Azure Fixes

  • CVE-2026-26117 – Azure Connected Machine Agent: EoP vulnerability in the agent managing Azure Arc-connected on-premises systems
  • CVE-2026-26148 – Azure Entra ID SSH Login Extension for Linux: EoP in the Linux extension for Entra ID SSH authentication
  • CVE-2026-26141 – Azure IoT Explorer: Additional cloud tooling vulnerability patched this cycle

Secure Boot Certificate Rollout — Action Required Before June 2026

Microsoft continues its phased rollout of updated Secure Boot 2023 certificates to replace expiring 2011-era certificates. Organizations that fail to apply these updates before June 2026 will lose Secure Boot and Boot Manager protections, including BitLocker bypass mitigations — leaving endpoints vulnerable to boot-time attacks and UEFI-level persistence.

  • Apply March 2026 cumulative updates which include the latest Secure Boot certificate package
  • Verify UEFI/Secure Boot configuration on all managed endpoints
  • Test on a pilot group before broad rollout to catch potential boot failures

Windows 11 — New Feature Additions

Beyond security patches, the March update for Windows 11 introduces nine new features:

  • Taskbar network speed test widget
  • New Start menu option for Microsoft account users
  • Camera pan/tilt hardware controls
  • Sysmon now a native Windows 11 tool: Installable directly via Settings → Optional Features — a significant win for defenders who previously had to manage it via Sysinternals separately
  • Additional UI and accessibility improvements

Analyst Takeaway

March 2026’s Patch Tuesday is a wake-up call for organizations accelerating their Microsoft 365 Copilot and agentic AI deployments. CVE-2026-26144 demonstrates that AI productivity integrations introduce a new class of vulnerability where traditional exploitation assumptions — “the user must open a file,” “the user must click a link” — no longer hold. Zero-click data exfiltration via AI agent behavior is an emerging risk category that will require dedicated attention from both security and AI governance teams.

Similarly, CVE-2026-26118 (Azure MCP Server SSRF) signals that MCP infrastructure — the connective tissue between LLMs and enterprise data — is now firmly on threat actors’ radar. Security teams should inventory their MCP deployments and ensure they are patched promptly.

For defenders, the addition of Sysmon as a native Windows 11 feature is a welcome development — simplifying endpoint telemetry at scale.

Tags:

Comments

No comments yet. Why don’t you start the discussion?

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.