Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Microsoft Plans Light Patch Tuesday for March

Microsoft has a relatively quiet Patch Tuesday planned for this month, with just six bulletins on the way for next week.

Microsoft has a relatively quiet Patch Tuesday planned for this month, with just six bulletins on the way for next week.

Just one of the bulletins is ‘Critical’, Microsoft’s highest severity rating. Four of the remaining five are rated ‘Important’, while the final bulletin is considered ‘Moderate.’ The most critical bulletin affects Microsoft Windows, which is also impacted by three of the other bulletins as well. The other updates are targeted at Visual Studio and Microsoft Expression Design.

Microsoft Patch Tuesday March 2011All totaled, the updates will address seven bugs across the different products.

“Organizations will have to reboot after applying the critical patch, which indicates that it is fix for a kernel-level bug,” said Marcus Carey security researcher at Rapid7. “There are two important bulletins that affect the Windows family as well. Bulletin six is labeled as moderate and only affects Windows operating systems post Windows 2003 Server. This means Bulletin six addresses issues which were introduced with Windows Vista.”

Carey speculated that the bulletin aimed at Expression Design is probably related to malicious file formats that could result in a compromise of system running the software.

“The Microsoft Expression Design bulletin will affect a small amount of consumers and organizations because of the limited distribution of the product,” he said.

“Bulletin 1 will be the most important,” noted Wolfgang Kandek, CTO of Qualys. “It is critical rated Remote Code Execution (RCE) and is applicable in all versions of Windows from XP to the latest Win 7 and Server 2008R2.”

In February, Microsoft issued fixes for a total of 21 bugs during Patch Tuesday. This month’s updates will be released March 13.

Advertisement. Scroll to continue reading.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.