Microsoft Addresses Multiple Critical Vulnerabilities in March Patch Tuesday

Microsoft has released patches for multiple critical vulnerabilities, including 0-click attacks, with 8 flaws addressed by the company in its March patch update. Specific weaknesses were exposed in Microsoft Office, Active Directory Domain Services, SQL, and Microsoft Excel, with a public zero-day vulnerability mentioned.

Microsoft's March 2026 Patch Tuesday patches addressed a total of eight critical flaws, which have been identified in several of its products and services. Among these vulnerabilities, Microsoft Office was found to have two critical flaws. In a separate announcement, a zero-day security vulnerability in SQL was acknowledged by the company, for which a fix is available. Another high-severity issue was pinpointed in Active Directory Domain Services, allowing attackers to escalate privileges.

Notably, the list of vulnerabilities is not exhaustive, as another report mentioned that Microsoft Patches 84 Flaws in March Patch Tuesday, including two public zero-days. Furthermore, an entirely different critical flaw, a 0-click Microsoft Excel Security Bug, has been exposed by Forbes, allowing Copilot to steal data.

The patch update is essential for all users to protect against the potential exploitation of these vulnerabilities.