Microsoft March 2026 Patch Tuesday Fixes 84 Vulnerabilities Including Azure MCP Server SSRF Flaw
Published 2026-03-11Ingested 2026-04-08AI Regulation and GovernanceHigh
Summary
Microsoft's March 2026 Patch Tuesday addressed 84 security vulnerabilities across its product portfolio, including two publicly disclosed zero-days. The update covers 46 privilege escalation flaws, 18 remote code execution bugs, 10 information disclosure issues, four spoofing vulnerabilities, four denial-of-service flaws, and two security feature bypasses. One notable zero-day involves a link-following condition in the Winlogon process that allows a locally authenticated attacker with low privil
Alignment: Reinforces current position
Related Positions: agentic-workflows.md, ai-governance-and-risk.md, ai-infrastructure-strategy.md
Related Partnerships: microsoft-github.md
microsoft-patch-tuesdayazure-mcp-serverssrf-vulnerabilityprivilege-escalationzero-dayai-securitymodel-context-protocolagentic-infrastructureenterprise-securitycve-2026-26118