Microsoft has addressed 84 security vulnerabilities in its March 2026 update, including two flaws that were already public knowledge before the release. The patches cover a wide range of issues, with a significant majority focused on preventing unauthorized privilege escalation across various Windows components.
Microsoft's latest security update provides fixes for 84 unique vulnerabilities, eight of which are classified as critical threats to system integrity. This rollout is supplemented by ten additional fixes for the Edge browser that were released earlier in the month. Of the total vulnerabilities addressed, over half are elevation of privilege bugs, which attackers typically use to gain deeper control over a system after an initial breach. Two specific issues, a denial-of-service flaw in .NET and a privilege escalation bug in SQL Server, were publicly known prior to the patch, increasing the urgency for organizations to update their systems.
A significant portion of this month's risk involves the Windows Graphics Component and the Windows Kernel, where several bugs were identified as being more likely to be exploited. One notable vulnerability in Winlogon allows an attacker with low-level access to bypass security boundaries and achieve full system privileges without any interaction from the user. Because these types of flaws are standard tools for hackers during the secondary phase of an attack, security researchers emphasize that even low-complexity bugs can lead to a total compromise of the corporate environment if left unpatched.
Cloud and AI services also faced scrutiny in this update, with a server-side request forgery flaw discovered in the Azure Model Context Protocol. This vulnerability could allow an attacker to trick the server into sending a managed identity token to a malicious URL, effectively handing over the keys to any resources the server is authorized to access. This highlights a growing trend where modern cloud infrastructure and automated tools introduce new vectors for token theft and unauthorized network lateral movement.
Data security within productivity tools remains a primary concern, as evidenced by a critical information disclosure flaw found in Excel. This specific vulnerability could be leveraged in a zero-click attack to force Copilot Agents to exfiltrate sensitive financial or intellectual property. Experts warn that as organizations integrate more AI-powered assistants into their workflows, the risk of these agents unintentionally transmitting confidential data outside of secure boundaries becomes a significant liability that requires proactive mitigation.
To combat the increasing speed of modern cyberattacks, Microsoft is shifting the default behavior of Windows Autopatch to prioritize hotpatching. This method allows security updates to be applied to eligible devices without requiring a system restart, aiming to reach high compliance levels much faster than traditional update cycles. By implementing these changes through Microsoft Intune starting in May 2026, the company intends to help organizations close security gaps in half the time while maintaining administrative control over the deployment process.
Source: Microsoft Patches 84 Security Flaws, Including Two Public Zero-Day Bugs