The severity is rated CRITICAL due to the presence of zero-day vulnerabilities and multiple critical flaws. These issues can lead to remote code execution and elevation of privileges, which pose significant risks in real-world scenarios.
Microsoft's March 2026 Patch Tuesday addresses 79 flaws, including two publicly disclosed zero-day vulnerabilities and three critical issues. The updates impact various Microsoft products, affecting security features, remote code execution capabilities, and information disclosure mechanisms.
Affected Systems
- .NET Framework
- SQL Server
- Active Directory Domain Services
- Azure Compute Gallery
- Microsoft Office
Affected Versions: all versions prior to the March 2026 updates
Remediation
- Run Windows Update and install KB5077181 for Windows 11 and KB5075941 for Windows 11 cumulative updates.
- Update Microsoft Office to the latest version using the built-in update feature or download from official sources.
- Apply .NET Framework security patches by installing the latest update available on Microsoft's official website.
Stack Impact
The vulnerabilities affect Windows operating systems, Azure services, and Microsoft Office applications. Specific services include Azure Linux Virtual Machines, Azure MCP Server, and Broadcast DVR.