THE March 2026 update review notes that Adobe released eight bulletins addressing 80 unique CVEs across several products, with two bugs submitted through TrendAI ZDI. Microsoft released 84 new CVEs this month, covering Windows, Office, Edge, Azure, SQL Server, Hyper-V and ReFS, bringing the total to 94 when third‑party and Chromium updates are counted, with five bugs reported through the ZDI programme.
Among the updates, there are several notable CVEs including CVE-2026-26144, an Excel information disclosure vulnerability, and CVE-2026-23669, a Windows Print Spooler remote code execution vulnerability. The piece also highlights a batch of Chromium-related issues such as CVE-2026-3536 to CVE-2026-3545, described as RCE in various components, and notes that two vulnerabilities were publicly known at release with none listed as actively exploited.
The author observes that many critical bugs are cloud‑native and require no user action, while others in SharePoint, RRAS and RRAS‑related components demand prompt attention, and there are four denial‑of‑service bugs this month. according to Microsoft, exploitation details for several Azure IoT Explorer and related info‑disclosure bugs are described, including potential exposure of device connections, tokens and other data transmitted to IoT Hub.