Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday

The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.

Microsoft has addressed 71 security vulnerabilities in its scheduled March Patch Tuesday update – only three of which are rated critical in severity. The other 68 are all rated “important.”

Three of the bugs are listed as publicly known zero-days, but none of them are listed as having been exploited in the wild (thus far).

The issues affect the gamut of the computing giant’s portfolio, including Microsoft Windows and Windows Components, Azure Site Recovery, Microsoft Defender for Endpoint and IoT, Intune, Edge (Chromium-based), Windows HTML Platforms, Office and Office Components, Skype, .NET and Visual Studio, Windows RDP, SMB Server.

Notably, the tranche also contains the first-ever patch for the Xbox gaming console.

It’s worth noting that the update marks the second month in a row with a surprisingly low number of critical patches; in fact, February’s Patch Tuesday update didn’t list any.

“The number of critical-rated patches is again strangely low for this number of bugs,” Trend Micro Zero-Day Initiative researcher Dustin Childs noted in an email. “It’s unclear if this low percentage of bugs is just a

Read More: https://threatpost.com/microsoft-zero-days-critical-bugsmarch-patch-tuesday/178817/