All articles tagged with #patch tuesday
Microsoft confirms Windows 11 KB5079473 (March 2026 Patch Tuesday) does not cause BSODs, reboot loops, or major issues; reports of an inaccessible C: drive on some Samsung laptops are linked to a Galaxy Connect app bug, not the Windows update.
Windows 11’s March Patch Tuesday rollout (KB5079473) adds faster wake from sleep, a built‑in network speed test in the taskbar, a redesigned Widgets panel, Emoji 16.0, new camera controls, native Sysmon‑like monitoring, RSAT on Arm64, and various quality‑of‑life improvements across Settings, File Explorer, and more, with some features arriving gradually through Microsoft’s controlled rollout.
Microsoft released March 2026 Patch Tuesday with fixes for at least 77 vulnerabilities across Windows and related software; there are no new zero-days, but several high-severity flaws require attention, including CVE-2026-21262 (SQL Server privilege escalation), CVE-2026-26127 (.NET denial of service), and Office remote-code-execution flaws via the Preview Pane (CVE-2026-26113/26110). Additional privilege-escalation CVEs affect Windows components (CVE-2026-24291/24294/24289/25187). An AI-discovered CVE-2026-21536 in the Microsoft Devices Pricing Program is noted as an example of AI-driven vulnerability research. Microsoft also issued an out-of-band patch for Windows Server 2022 to fix a Windows Hello for Business certificate renewal issue; Adobe and Mozilla separately released updates for their products. For full details, see the SANS ISC Patch Tuesday post.
Microsoft released 84 patches in March Patch Tuesday across its software stack, including two publicly disclosed zero-days: CVE-2026-21262 in SQL Server and CVE-2026-26127 in .NET. Eight flaws are critical and 76 are important, with privilege escalation accounting for 46 fixes. Notable issues include a Winlogon privilege escalation (CVE-2026-25187, 7.8), an Azure MCP server-side request-forgery (CVE-2026-26118, 8.8) that could abuse the server’s identity, and a high-severity RCE in the Microsoft Devices Pricing Program (CVE-2026-21536, 9.8) that Microsoft says is fully mitigated. An Excel information-disclosure flaw (CVE-2026-26144, 7.5) could enable data exfiltration via Copilot Agent in a zero-click attack. Microsoft is also moving toward hotpatch security updates via Windows Autopatch by May 2026 to speed fixes, with XBOW credited for vulnerability discovery and researchers noting such bugs often enable post-compromise activity.
Microsoft's March 2026 Patch Tuesday closes 79 vulnerabilities, including two publicly disclosed zero-days: a SQL Server elevation-of-privilege flaw (CVE-2026-21262) and a .NET denial-of-service flaw (CVE-2026-26127). The update also patches two Office remote-code-execution flaws via the Preview Pane (CVE-2026-26110, CVE-2026-26113) and an Excel information-disclosure flaw potentially exposing Copilot data (CVE-2026-26144). Fixes span Windows, Edge, Azure, and more, with several critical bugs; users should update promptly.
Microsoft released Windows 11 KB5079473 as part of the March 2026 Patch Tuesday, introducing up to nine new features (including Emoji 16, built-in network speed test, WebP wallpaper support, expanded Windows Backup restore for organizations, and automatic Quick Machine Recovery for many non-domain Pro PCs) along with 58 security fixes (six actively exploited zero-days). Direct offline installers (.msu) are available via the Microsoft Update Catalog for builds 26200.8037 (25H2) and 26100.8037 (24H2). The update can be installed through Windows Update, WSUS, or deployment tools; Sysmon is now built into Windows and must be enabled manually. If install issues arise, a fresh install via Media Creation Tool is recommended.
A March 2026 Windows 11 update adds a new “Perform speed test” option on the taskbar, but it merely opens Bing’s internet speed test in your default browser instead of a native tool. The feature, tied to a Bing–Speedtest (Ookla) partnership, can’t be removed or redirected yet. Critics say Microsoft should have delivered a true built‑in network diagnostics tool, like the old Windows 8-era solution, rather than a web shortcut.
Microsoft’s March 2026 Patch Tuesday for Windows 11 brings nine notable updates: a new network speed test in the Taskbar (via Bing), a Start menu account option tweak, Camera pan/tilt controls, Sysmon as a native Windows feature, a new Widgets settings page, WebP wallpaper support, automatic Quick Machine Recovery on Pro editions, updated Settings dialogs, and File Explorer “Extract All” improvements. The release also delivers additional tweaks such as Emoji 16 and RSAT support for ARM64 as part of a broader CFR rollout.
Microsoft says a Windows 11 boot bug that caused UNMOUNTABLE_BOOT_VOLUME errors on some commercial devices after security updates is fully fixed with the February 2026 Patch Tuesday security update KB5077181. The issue, tied to December 2025 updates and worsened by January 2026 KB5074109 (and related updates), affected Windows 11 25H2 and 24H2 on physical devices, not home users or virtual machines; an initial mitigation arrived in KB5074105 on Jan 29. Devices already unbootable before the fix may still need remediation, and enterprise customers should contact Microsoft Support for Business for assistance.
Microsoft is investigating reports that some Windows 11 devices (versions 25H2 and 24H2 after KB5074109) fail to boot with the UNMOUNTABLE_BOOT_VOLUME error following the January 2026 security updates. Affected systems display a black crash screen and require manual recovery; reports are limited to physical devices so far. Microsoft is collecting feedback via the Feedback Hub and will confirm if the issue is a Windows update regression; no virtual machine reports have been noted.
Microsoft says a subset of Windows 11 devices may fail to boot after installing the January 2026 security update (KB5074109), showing a black screen with the UNMOUNTABLE_BOOT_VOLUME stop code. The company has released emergency out-of-band updates and advises using the Windows Recovery Environment to uninstall the patch for recovery. This issue follows a spate of Patch Tuesday bugs affecting various Windows versions, with Microsoft investigating fixes and workarounds.
Microsoft released a second emergency out-of-band update for Windows 11 (KB5078127) to fix a bug that left Outlook and cloud-based apps like OneDrive and Dropbox unusable after January Patch Tuesday; the update, targeting 24H2 and 25H2, includes fixes for unresponsiveness when opening/saving to cloud storage and follows an earlier OOB patch that resolved remote desktop and hibernation issues but briefly broke app compatibility. The rollout spans multiple Windows editions, with guidance to check the Windows release health dashboard for current status.
The January Patch Tuesday Windows update, designed to fix security flaws, also introduced several fresh bugs: Outlook freezing/not responding (with PSTs on OneDrive), app errors when opening cloud-saved files, and licensing/Store issues for some apps. Microsoft released at least one out-of-band fix for Remote Desktop and Secure Launch, but many problems remain unresolved. Workarounds include using Outlook on the web, moving PST files off OneDrive, or uninstalling the update while awaiting a fuller fix.
Microsoft’s January 2026 Windows 11 security update KB5074109, covering versions 24H2 and 25H2, includes over 100 fixes and three zero-days but has caused widespread stability problems—lockups, black screens, and graphics-related app failures; admins are advised to uninstall the update or use Known Issue Rollback, with GPU driver updates and certain cloud/remote desktop issues noted in ongoing remediation.
Microsoft’s January 2026 Patch Tuesday for Windows 11 (KB5074109) is rolling out for 24H2/25H2, fixing a power issue where Neural Processing Units could stay on idle and enabling a phased rollout of new Secure Boot certificates. The update also addresses networking fixes in WSL, Azure Virtual Desktop RemoteApp issues, removes certain modem drivers, and updates WinSqlite3.dll.