On March 10, 2026, Microsoft released its March 2026 security update addressing 83 newly disclosed vulnerabilities. Arctic Wolf has highlighted three vulnerabilities affecting Microsoft Office in this security bulletin, which Microsoft has rated as critical.

ArcticWolf's platform is a central hub for cybersecurity professionals, offering insights into managed detection and response (MDR), threat intelligence, and security operations. Through articles, reports, and webinars, ArcticWolf offers insights into detecting and responding to cybersecurity threats effectively. Security analysts can learn about threat hunting, incident response strategies, and security best practices to protect organizations from cyberattacks.

Arctic Wolf

Microsoft's March 2026 Patch Tuesday addresses 83 newly disclosed vulnerabilities. Arctic Wolf highlights three critical vulnerabilities in Microsoft Office: two Remote Code Execution flaws (a type confusion and an untrusted pointer dereference, both exploitable via the preview pane) and a cross-site scripting vulnerability in Microsoft Excel that can leverage Copilot agent mode to exfiltrate data in a zero-click attack. None of the vulnerabilities have been reported as exploited in the wild. Organizations are strongly advised to upgrade to the latest fixed versions following their patching and testing guidelines.

Microsoft Patch Tuesday: March 2026