Changeflow GovPing Vulnerability Alerts Microsoft Security Patches for Critical Vulnera...
Priority review Notice Added Final

Microsoft Security Patches for Critical Vulnerabilities

Favicon for www.csa.gov.sg CSA Alerts & Advisories (Singapore)
Published March 11th, 2026
Detected March 13th, 2026
Email

Summary

The Cyber Security Agency of Singapore (CSA) has issued an alert regarding Microsoft's release of security patches for critical vulnerabilities in its software. These patches address multiple security flaws, some with a base score of 9.8, requiring immediate attention from users and organizations.

View original document View source feed page

What changed

Microsoft has released security patches to address multiple critical vulnerabilities across its software and products, as detailed in their March 2026 monthly patch release. The alert highlights several vulnerabilities with high severity scores, including remote code execution and elevation of privilege flaws, with CVE numbers and direct links to Microsoft's update guide provided for detailed information.

Organizations and individuals using Microsoft products are strongly advised to review the provided links and apply the necessary security patches immediately to mitigate the risks associated with these critical vulnerabilities. Failure to do so could expose systems to potential exploitation, leading to data breaches, unauthorized access, or system compromise. This notice serves as a critical alert for IT security teams to prioritize the deployment of these updates.

What to do next

  1. Review Microsoft's security update guide for March 2026.
  2. Apply all released security patches for affected Microsoft software and products.
  3. Verify successful patch deployment and conduct vulnerability scans.

Source document (simplified)

Alerts

March 2026 Monthly Patch

11 March 2026

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://msrc.microsoft.com/update-guide/en-us/releaseNote/2026-Mar

Critical Vulnerabilities

| CVE Number | CVE Name | Base Score | Reference |
| --- | --- | --- | --- |
| CVE-2026-21536 | Microsoft Devices Pricing Program Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-21536 |
| CVE-2026-3381 | Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib | 9.8 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-3381 |
| CVE-2026-26125 | Payment Orchestrator Service Elevation of Privilege Vulnerability | 8.6 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26125 |
| CVE-2026-26113 | Microsoft Office Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26113 |
| CVE-2026-26110 | Microsoft Office Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26110 |
| CVE-2026-26144 | Microsoft Excel Information Disclosure Vulnerability | 7.5 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26144 |
| CVE-2026-26124 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability | 6.7 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26124 |
| CVE-2026-23651 | Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability | 6.7 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-23651 |
| CVE-2026-26122 | Microsoft ACI Confidential Containers Information Disclosure Vulnerability | 6.5 | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-26122 |
Back to top

Related changes

Favicon for www.gov.uk Humanitarian Assistance Exception Notification for Petroleum Products
Priority review Mar 13, 2026 OFSI All Publications Trade & Export
Favicon for www.apra.gov.au APRA Releases Quarterly ADI Statistics for December 2025
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.apra.gov.au APRA Statement on Gender Pay Gap
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.cisa.gov CISA Adds Two Exploited Vulnerabilities to KEV Catalog
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.cisa.gov CISA: Ignition Software Vulnerable to Code Execution
Priority review Mar 13, 2026 CISA ICS-CERT Advisories Government
Favicon for www.gao.gov GAO Report on DOD Cybersecurity Maturity Model Certification Program
Priority review Mar 13, 2026 GAO Reports & Testimonies Government Accountability

Source

Favicon for www.csa.gov.sg
CSA Alerts & Advisories (Singapore) csa.gov.sg/alerts-advisories
Vulnerability Alerts
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various
Published
March 11th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Technology companies
Geographic scope
National (Singapore)

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Topics
Vulnerability Management Software Updates

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Vulnerability Alerts alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CSA Alerts & Advisories (Singapore) publishes new changes.

Free. Unsubscribe anytime.