patch tuesday 2026

Microsoft’s March Patch Tuesday cumulative update for Windows 11 (KB5079473), released March 10, 2026, has triggered a small but noisy wave of user reports describing severe stability problems — complete freezes, repeated restarts, Blue Screens of Death (BSODs), and applications that simply...

Microsoft’s March 10, 2026 Patchday reshaped the immediate priorities for Office administrators and endpoint defenders: a focused set of Office fixes—headed by a high‑impact local privilege escalation in Office and several document‑parsing flaws—arrived alongside a broader Microsoft Patch...

Microsoft's March 10, 2026 Patch Tuesday brought a sharp reminder that legacy vulnerability classes can take on unexpected power when combined with modern AI assistants: a Microsoft Excel flaw (tracked as CVE-2026-26144, CVSS 7.5) can be weaponized as a zero-click data-exfiltration path when...

Microsoft shipped fixes for two recently disclosed critical Microsoft Office vulnerabilities—CVE‑2026‑26110 and CVE‑2026‑26113—that can lead to arbitrary code execution when a crafted file is processed locally, and defenders should treat these updates as high priority because the Outlook and...

Microsoft has released patches for two newly disclosed critical vulnerabilities in Microsoft Office—tracked as CVE-2026-26110 and CVE-2026-26113—and administrators and everyday users should treat the update as urgent: both flaws allow remote code execution in the context of the current user and...

Microsoft issued security updates on March 10, 2026 that address CVE-2026-26118, a high‑severity elevation‑of‑privilege vulnerability in the Azure MCP (Model Context Protocol) Server Tools family that security researchers and multiple vendor trackers describe as a server‑side request forgery...

Microsoft’s March 10, 2026 security roll‑up added a sharp new item to defenders’ to‑do lists: CVE‑2026‑26134, a Microsoft Office vulnerability described by the vendor as an integer overflow or wraparound that can be leveraged by an authorized local user to achieve elevation of privilege, and...

Microsoft released a security update on March 10, 2026 addressing an authenticated, network-based elevation-of-privilege (EoP) vulnerability in System Center Operations Manager (SCOM) tracked as CVE-2026-20967 — a bug stemming from improper input validation that can allow an authorized but...

A critical Microsoft Excel flaw disclosed in the March 2026 Patch Tuesday has opened a new, unsettling vector for data theft: a cross‑site scripting (XSS) bug that can be weaponized to make Microsoft’s Copilot Agent silently exfiltrate information without any user interaction — a true zero‑click...

Microsoft has recorded CVE‑2026‑25180 as an information disclosure defect in the Windows Graphics Component — an out‑of‑bounds read that can permit an unprivileged, local actor to leak sensitive memory from affected systems — and administrators should treat the advisory as actionable: verify...

Microsoft released a security update on March 10, 2026 that addresses CVE‑2026‑24297, a Windows Kerberos "Security Feature Bypass" vulnerability caused by a race condition in the Kerberos implementation; Microsoft classifies the flaw as Important and has published a patch as part of the March...

Microsoft has recorded CVE-2026-24295 as an Important local elevation‑of‑privilege vulnerability in the Windows Device Association Service (service name: DeviceAssociation), and administrators should treat the entry as a verified vendor advisory while urgently mapping it to their SKU-specific...

Microsoft has published an advisory for CVE-2026-24288, a heap-based buffer overflow in the Windows Mobile Broadband driver that Microsoft classifies as an Important remote code execution risk and for which a patch was released on March 10, 2026; administrators should treat this as urgent for...

Microsoft released the February 2026 Patch Tuesday cumulative updates for Windows 11 — KB5077181 for Windows 11 versions 25H2 and 24H2, and KB5075941 for 23H2 — delivering this month's security fixes, servicing stack updates, and several quality improvements. These packages do not introduce...

Microsoft’s February 10, 2026 cumulative updates for Windows 11 quietly carried more than routine security fixes — they continued a staged rollout that will refresh the operating system’s Secure Boot certificate chain ahead of a looming expiry window that begins in June 2026. What looks like a...

Microsoft’s February Patch Tuesday closed a dangerous loophole in the modern Notepad app that could let an attacker turn a simple Markdown (.md) file into a remote code execution (RCE) trap — a single click on a crafted link inside Notepad’s Markdown view could launch unverified protocols and...

Microsoft’s Security Update Guide records a new entry for CVE-2026-21533 — an Elevation of Privilege (EoP) vulnerability in Windows Remote Desktop Services (RDS) — and security vendors pushed detection and IPS signatures the same day as February’s Patch Tuesday, making this a high‑priority item...

Microsoft’s January update roll-out has already cost IT teams a sleepless weekend and forced two emergency fixes inside a single fortnight — a chaotic start to Windows 11 patching in 2026 that raises fresh questions about testing, packaging, and communication for Microsoft’s flagship desktop OS...

Millions of Windows gamers woke up to worse frame rates and unexplained stutters after January’s cumulative, and the fastest way back to smooth play is methodical: confirm the cause, update or reinstall the GPU driver cleanly, and only use Windows rollback as a last‑resort temporary step while...

Windows 10 users should install the January 2026 security updates without delay: Microsoft’s first Patch Tuesday of the year fixed more than a hundred vulnerabilities — including an actively exploited zero‑day in the Desktop Window Manager — and federal agencies have already been ordered to...