Skip to content
BLOG

Patch Tuesday March 2026

Brock Bingham candid headshot
Brock Bingham|March 10, 2026
Patch Tuesday
Patch Tuesday
Sections

Welcome back for a very special Patch Tuesday recap. What makes it special? I’m glad you asked. In addition to being Patch Tuesday, today is March 10, which is also known as Mario Day. Get it? Mar10.

But that’s not all. Today is also National Ranch Day, which is especially significant here at PDQ because our very own security team lead’s name is Ranch. So we’re officially dedicating this month’s Patch Tuesday recap to Ranch and everything she does to stop me from clicking suspicious links and scanning random QR codes.

With Patch Tuesday, Mario Day, and Ranch Day all happening at once, today feels pretty special. So let’s jump into the details and see what Microsoft released to celebrate this monumental occasion.

Severity

  • Total exploits patched: 78

  • Critical patches: 3

  • Important: 75

  • Moderate: 0

  • Low: 0

Vulnerability impact

  • Remote code execution: 16

  • Elevation of privilege: 43

  • Information disclosure: 9

  • Spoofing: 4

  • Tampering: 0

  • Denial of service: 4

  • Feature bypass: 2

Availability

  • Publicly disclosed: 2

  • Actively exploited: 0

Some highlights (or lowlights)

  • CVE-2026-21262: One of our highest rated, and also one of our two publicly disclosed vulnerabilities this month, is CVE-2026-21262 which impacts SQL Server. This elevation of privilege vulnerability would allow an authenticated user to elevate their privileges on vulnerable systems. As we mentioned, this is a publicly known exploit, so if you run SQL Server with lower privileged users that you don’t necessarily trust, I would prioritize this update.

  • CVE-2026-26127: Our only other publicly known vulnerability this release is CVE-2026-26127. This is an out-of-bounds read vulnerability discovered in .NET that could lead to a denial of service if exploited. 
     
    While denial of service vulnerabilities generally don’t receive as high of CVSS scores as other exploits, this one does have a network attack vector and low complexity. And with the sheer number of .NET applications in production environments, this is another update I would prioritize.

  • CVE-2026-23669: And just in case you had forgotten about PrintNightmare and all those print spooler service attacks, it made a comeback this month! As if we needed more reasons to dislike printers. 
     
    CVE-2026-23669 is another vulnerability impacting the print spooler that could lead to remote code execution over a network with just low-level privileges. Thankfully, the exploit is not publicly known at this time, so we can keep the panic to a minimum. But I’m curious if anyone out there has achieved a state of true zen by getting rid of all printers in their organization? If so, please teach me your ways.

Wrapping up

That wraps up the March 2026 Patch Tuesday recap.

Now get out there and celebrate today by applying some updates, repeatedly saying “It’s-a me” with a bad Italian accent, and dunking your pizza into some creamy, delicious ranch (because salads are gross).

And of course, a special shoutout to PDQ’s own Ranch for helping keep our environments secure and for giving us the perfect excuse to dedicate an entire Patch Tuesday recap in her honor.

Brock Bingham candid headshot
Brock Bingham

Brock Bingham is a systems administrator with 15 years of experience managing endpoints and servers, with a strong focus on automation, patching, security, and maintaining stable environments at scale. After years of hands-on IT work, he now creates content and teaches, helping other admins learn through practical, real-world guidance.

Related articles

General1 2026

Endpoint management platform buying guide for IT teams

GENERAL IT

Illustration of Power(turtle)Shell

How to get more out of your PowerShell console with PSReadLine

POWERSHELL

Illustration of computer desk and monitor with PDQ logo

Essential sysadmin toolkit for hybrid IT teams

GENERAL IT