Security Alert (A26-03-08): Multiple Vulnerabilities in Microsoft Products (March 2026)


 

Published on: 11 March 2026

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:
https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar

 

Affected Systems:

  • Microsoft Windows 10, 11
  • Microsoft Windows Server 2012, 2012 R2, 2016, 2019, 2022, 2022 23H2 Edition, 2025
  • Microsoft Office 2016, 2019, LTSC 2021, LTSC 2024, LTSC for Mac 2021, LTSC for Mac 2024
  • Microsoft 365 Apps for Enterprise
  • Microsoft Office for Android
  • Office Online Server
  • Microsoft Excel 2016
  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Server 2019, Server Subscription Edition
  • Microsoft SQL Server 2016, 2017, 2019, 2022, 2025
  • .NET 9.0 installed on Linux, 9.0 installed on Mac OS, 9.0 installed on Windows, 10.0 installed on Linux, 10.0 installed on Mac OS, 10.0 installed on Windows
  • ASP.NET Core 8.0, 9.0, 10.0
  • GitHub Repo: Zero Shot scFoundation
  • Microsoft Authenticator for IOS, Authenticator for Android
  • Microsoft Semantic Kernel Python SDK
  • System Center Operations Manager 2019, 2022, 2025

For detailed information of the affected systems, please refer to the corresponding security advisories at vendor's website.

 

Impact:

Depending on the vulnerabilities exploited, a successful attack could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security restriction bypass or spoofing on an affected system.

 

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar
  • https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-march-2026
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20967
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21262
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23654
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23656
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23667 (to CVE-2026-23669)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23671 (to CVE-2026-23674)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24282 (to CVE-2026-24283)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24285
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24287 (to CVE-2026-24297)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25165 (to CVE-2026-25181)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25185 (to CVE-2026-25190)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26030
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26105 (to CVE-2026-26116)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26123
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26127 (to CVE-2026-26128)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26130 (to CVE-2026-26132)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26134
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26144


Tag: Microsoft , Windows , Windows Server , Microsoft Office , Microsoft 365 Apps , Office Online Server , Excel , SharePoint , SQL Server , .NET , Github Repo , Microsoft Authenticator , Semantic Kernel Python , SCOM
Tags