The update also addresses two publicly disclosed zero‑day vulnerabilities that could potentially expose enterprise environments to privilege escalation or service disruption if left unpatched.
Security teams are strongly advised to deploy the updates quickly because attackers often weaponize newly disclosed vulnerabilities shortly after patches are released.
According to Microsoft’s security advisory, the March release fixes a total of 79 vulnerabilities across the Microsoft ecosystem.
The vulnerabilities are categorized as follows:
Elevation of privilege issues represents the largest category. These flaws allow attackers with limited access to gain higher permissions within a system, potentially leading to full administrative control.
Remote code execution (RCE) vulnerabilities are also particularly dangerous because attackers can exploit them to execute malicious code remotely, often without user interaction.
Microsoft also addressed two zero‑day vulnerabilities that had been publicly disclosed before the release of official patches.
Although Microsoft reports no evidence of active exploitation, public disclosure increases the likelihood that threat actors may attempt to develop exploits.
The two notable zero-day vulnerabilities include:
Organizations running SQL Server databases or .NET applications should prioritize patch deployment to reduce the risk of service outages or privilege escalation attacks.
| CVE ID | Vulnerability Name | Type | Severity |
|---|
| CVE ID | Vulnerability Name | Type | Severity |
|---|---|---|---|
| CVE-2024-29059 | .NET Framework Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2024-29057 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | Low |
| CVE-2024-28916 | Xbox Gaming Services Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26247 | Microsoft Edge Security Feature Bypass Vulnerability | Security Feature Bypass | Low |
| CVE-2024-26246 | Microsoft Edge Security Feature Bypass Vulnerability | Security Feature Bypass | Low |
| CVE-2024-26204 | Outlook for Android Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2024-26203 | Azure Data Studio Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26201 | Microsoft Intune Linux Agent Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26199 | Microsoft Office Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26198 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2024-26197 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2024-26196 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | Low |
| CVE-2024-26192 | Microsoft Edge Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2024-26190 | Microsoft QUIC Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2024-26188 | Microsoft Edge Spoofing Vulnerability | Spoofing | Low |
| CVE-2024-26185 | Windows Compressed Folder Tampering Vulnerability | Tampering | Important |
| CVE-2024-26182 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26181 | Windows Kernel Denial of Service Vulnerability | Denial of Service | Important |
| CVE-2024-26178 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26177 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2024-26176 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26174 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | Important |
| CVE-2024-26173 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26170 | Windows Composite Image File System Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26169 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26167 | Microsoft Edge for Android Spoofing Vulnerability | Spoofing | Low |
| CVE-2024-26166 | Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2024-26165 | Visual Studio Code Elevation of Privilege Vulnerability | Elevation of Privilege | Important |
| CVE-2024-26164 | Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Important |
| CVE-2024-26163 | Microsoft Edge Security Feature Bypass Vulnerability | Security Feature Bypass | Low |
Security teams should take the following steps to reduce exposure:
Applying these updates promptly is critical because unpatched systems often become targets for ransomware groups and opportunistic attackers scanning the internet for vulnerable infrastructure.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Microsoft Patch Tuesday March 2026 Fixes 79 Vulnerabilities, Including Two Zero-Days appeared first on Cyber Security News.
OREGON, Ill. (WTVO) – The number of houses for sale in the Northern Illinois region…
2019’s Ready or Not was a breath of fresh air: a simple, savage game of…
The fact that Slay the Spire 2's Early Access debut plays so similarly to the…
In honor and support of Women’s History Month, state Rep. Joanna McClinton, the first woman…
The Live Nation-Ticketmaster trial is back on. Dozens of states are expected to move forward…
Less slop please. | Image: Spotify Spotify Premium users in New Zealand will be the…
This website uses cookies.