Microsoft’s March 2026 Patch Tuesday Updates Fix 8 Critical Vulnerabilities

Microsoft has released the March 2026 Patch Tuesday updates for all supported versions of Windows 11. This month’s Patch Tuesday includes fixes for 84 vulnerabilities in Windows, Office, SQL Server, Azure, .NET, and other components.

On the quality and experience updates front, Microsoft’s latest Patch Tuesday brings improvements for File Explorer search reliability and a built‑in Sysmon tool for enhanced system monitoring. It also adds a network speed test accessible from the taskbar and enables Quick Machine Recovery by default on eligible devices.

84 vulnerabilities fixed in the March 2026 Patch Tuesday updates

Microsoft has released patches to address several vulnerabilities, including privilege escalation, remote code execution (RCE), and denial of service flaws. Eight of them are rated Critical, and the rest are rated Important in severity. Here are the most critical vulnerabilities fixed with this month’s Patch Tuesday updates:

• CVE-2026-26127: This is a denial-of-service vulnerability in .NET caused by an out-of-bounds read. This bug could enable an unauthorized attacker to disrupt service over an enterprise network.
• CVE-2026-21262: This is an elevation-of-privilege vulnerability in SQL Server that could allow an authenticated user to gain SQLAdmin-level privileges over a network. This privilege escalation bug was less likely to be exploited by attackers.
• CVE-2026-26113: This is a remote code execution vulnerability in Microsoft Office caused by an untrusted pointer dereference. This security flaw carries a CVSS score of 8.4.
• CVE-2026-26110: This is another remote code execution flaw in Microsoft Office, which originates from a type confusion issue that could lead to improper memory handling when Office accesses a resource using an incompatible data type. This bug could be triggered by the Preview Pane without the file being fully opened.
• CVE-2026-26144: This information disclosure vulnerability in Microsoft Excel is connected to improper input neutralization during Web page generation. This flaw could allow Copilot Agent mode to exfiltrate sensitive data without user interaction.
• CVE-2026-23654: This is a critical remote code execution vulnerability connected to the zero-shot-scfoundation GitHub repository. It was caused by an improperly controlled third-party package dependency that could allow a malicious package to be substituted via the public PyPI registry during the installation process.

You can find the full list of CVEs included in this month’s Patch Tuesday below:

Quality and experience updates

Microsoft has released the KB5079473 update for Windows 11 versions 25H2 and 24H2. The System Monitor (Sysmon) tool is now available as an optional Windows 11 feature, and it can be enabled by heading to Settings > System > Optional features. Moreover, users can access the network speed test tool from the Wi‑Fi or Cellular Quick Settings, or by right-clicking the network icon in the system tray on Windows 11 PCs.

Additionally, the latest update adds support for Remote Server Administration Tools (RSAT) on Windows 11 Arm64 devices. The Quick Machine Recovery tool is now enabled by default on Windows Professional devices that are not domain‑joined and not enrolled in enterprise endpoint management.

Lastly, Microsoft has addressed a BitLocker bug that was previously causing Windows 11 devices to stop responding after users entered their recovery key. This patch also improves the reliability of File Explorer search when searching across multiple drives or “This PC”.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary, as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.