"The March release addresses 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET - a moderate volume with two publicly disclosed zero-days affecting SQL Server and .NET (though neither is being actively exploited in the wild.)"
"The most significant change this month is the introduction of Common Log File System (CLFS) hardening with signature verification, which will affect how Windows handles log files across the operating system."
"CVE-2025-59287 - Windows Server Update Services (WSUS) - Synchronization error reporting remains intentionally disabled since October 2025 to mitigate this critical CVSS 9.8 unauthenticated RCE. Error details continue to be suppressed in the WSUS console with no timeline for restoration."
Microsoft released patches for 83 vulnerabilities across Windows, Office, SQL Server, Azure, and .NET in March. Two publicly disclosed zero-days affecting SQL Server and .NET are included, though neither is currently being actively exploited. The most significant change is the introduction of Common Log File System (CLFS) hardening with signature verification, which modifies how Windows handles log files system-wide. Critical issues include CVE-2025-59287 affecting Windows Server Update Services with intentionally disabled error reporting since October 2025, and ongoing Windows Update Standalone Installer failures when installing packages from network shares. An out-of-band update was issued for Windows Server 2022 addressing Windows Hello for Business certificate renewal issues in ADFS deployments. Previous known issues with Secure Launch and Virtual Secure Mode shutdown problems have been resolved.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]