← Back to Security Blog
보안 브리핑 8분 읽기

Microsoft 2026년 3월 Patch Tuesday에서 제로데이 4건 패치

Microsoft's March 2026 Patch Tuesday addresses 67 취약점 including 4 actively 익스플로잇ed zero-days affecting Windows kernel, NTFS, and Microsoft Management Console. Immediate patching critical.


Patch Tuesday 개요

Microsoft's March 2026 Patch Tuesday resolves 67 취약점 across Windows, Office, Azure, and .NET. Four of these are actively 익스플로잇ed zero-days that require immediate attention.

⚠️ 4 Zero-Days Under Active Exploitation

CISA has added all four to the Known 악용 Vulnerabilities (KEV) catalog. Federal agencies must patch within 21 days; all 조직은 해야 합니다 treat as emergency.


제로데이 취약점

CVEComponentCVSS영향
CVE-2026-24983Windows Win32 Kernel Subsystem7.8Elevation of Privilege — local attacker gains SYSTEM
CVE-2026-24984Windows NTFS4.6Information Disclosure — sensitive data via USB
CVE-2026-24985Windows Fast FAT File System6.8원격 코드 실행(RCE) via malicious VHD
CVE-2026-24993Microsoft Management Console7.8원격 코드 실행(RCE) via crafted .msc file

상세 분석

CVE-2026-24983 — Windows Kernel EoP (CVSS 7.8)

A use-after-free 취약점 in the Win32 kernel subsystem allows a local attacker to escalate privileges to SYSTEM. This is being used as part of post-compromise chains — once an attacker has 초기 접근, they 익스플로잇 이 취약점은 to gain full system control.

CVE-2026-24984 — NTFS Information Disclosure (CVSS 4.6)

While lower severity, this NTFS flaw allows an attacker with physical access to read heap memory via a crafted USB device. This has been observed targeting high-value individuals in espionage campaigns.

CVE-2026-24985 — Fast FAT RCE (CVSS 6.8)

A maliciously crafted VHD file triggers a heap-based 버퍼 오버플로 in the Fast FAT driver. Simply mounting the file can execute arbitrary code. Attack vector: email attachments or compromised file shares.

CVE-2026-24993 — MMC RCE (CVSS 7.8)

A specially crafted .msc file sent via email or hosted on a malicious website can execute arbitrary code when opened. 소셜 엔지니어링 is the primary delivery mechanism — attackers send these as "IT admin tools" or "system configuration files."


전체 패치 요약

SeverityCount
치명적7
Important57
Moderate3

권장 조치

  1. Emergency patch: Deploy all four zero-day fixes within 24 hours
  2. Block .msc files: Add .msc to email attachment blocking rules
  3. Restrict VHD mounting: Limit auto-mount capabilities via Group Policy
  4. USB device control: Implement endpoint USB device whitelisting
  5. 모니터링 for 익스플로잇ation: Watch for unusual kernel driver loading and 권한 상승 events

Protect Your Organization with Kensai

AI-powered 취약점 management with 331,910+ CVEs indexed.

Start Free Trial

안전하게. 경계하며.

🗡️ KENSAI 보안팀