Microsoft's March 2026 Patch Tuesday addresses 67 vulnerabilities including 4 actively exploited zero-days affecting Windows kernel, NTFS, and Microsoft Management Console. Immediate patching critical.
Microsoft's March 2026 Patch Tuesday resolves 67 vulnerabilities across Windows, Office, Azure, and .NET. Four of these are actively exploited zero-days that require immediate attention.
CISA has added all four to the Known Exploited Vulnerabilities (KEV) catalog. Federal agencies must patch within 21 days; all organizations should treat as emergency.
| CVE | Component | CVSS | Impact |
|---|---|---|---|
| CVE-2026-24983 | Windows Win32 Kernel Subsystem | 7.8 | Elevation of Privilege — local attacker gains SYSTEM |
| CVE-2026-24984 | Windows NTFS | 4.6 | Information Disclosure — sensitive data via USB |
| CVE-2026-24985 | Windows Fast FAT File System | 6.8 | Remote Code Execution via malicious VHD |
| CVE-2026-24993 | Microsoft Management Console | 7.8 | Remote Code Execution via crafted .msc file |
A use-after-free vulnerability in the Win32 kernel subsystem allows a local attacker to escalate privileges to SYSTEM. This is being used as part of post-compromise chains — once an attacker has initial access, they exploit this flaw to gain full system control.
While lower severity, this NTFS flaw allows an attacker with physical access to read heap memory via a crafted USB device. This has been observed targeting high-value individuals in espionage campaigns.
A maliciously crafted VHD file triggers a heap-based buffer overflow in the Fast FAT driver. Simply mounting the file can execute arbitrary code. Attack vector: email attachments or compromised file shares.
A specially crafted .msc file sent via email or hosted on a malicious website can execute arbitrary code when opened. Social engineering is the primary delivery mechanism — attackers send these as "IT admin tools" or "system configuration files."
| Severity | Count |
|---|---|
| Critical | 7 |
| Important | 57 |
| Moderate | 3 |
AI-powered vulnerability management with 331,910+ CVEs indexed.
Start Free TrialStay secure. Stay vigilant.
🗡️ KENSAI Security Team