pds-it
['Blog post','no']
Microsoft Technology
Blog

Patchday March 2024: Surprisingly few patches from Microsoft

Contents

    Like every month, there is also a Patchday March 2024, usually on the second Tuesday of the month. This has not changed. What is surprising, however, is that Microsoft released relatively few patches on Patchday March 2024. This can be seen as both positive and negative.

    "Only" 59 bug fixes and patches from Microsoft on Patchday March 2024

    Fewer patches on the March 2024 patch day than in February, for example, when Microsoft provided 72 patches, may be an indication that there are currently fewer bugs in Microsoft systems.

    This would mean that Windows, Office, Azure and all other Microsoft applications are currently safe from hacker attacks. So this is good news.

    On the other hand, it could also mean that Microsoft is struggling with bugs in its systems and apps for which it has not yet developed a patch. That would be bad again. However, this is quite unlikely.

    As a rule, Microsoft also uses the monthly patch day to communicate information to users. So far, however, no reports have come through that warn of dangerous bugs or security risks.

    So let's take it as it is and be happy that there seems to be so little going on on Patchday March 2024 because Microsoft's systems are currently relatively secure.

    Two critical bugs on the March 2024 patchday

    Of course, the March 2024 patch day will not pass us by completely without patches and bug fixes.

    Microsoft was able to fix two critical bugs this month. Both affect Windows Hyper-V, which can be used to virtualize hardware in Windows, for example to create virtual desktops.

    The first bug was not directly dangerous, but rather an annoyance where Hyper-V denied service under certain conditions. Fortunately, denial of service is not a door opener for cyberattacks. The bug was classified as critical because it could cause Hyper-V to crash, so to speak.

    The other critical bug allowed users on guest operating systems to inject code into the main operating system. This could of course cause great damage. As the bug was not known, Microsoft assumes that it was not used by hackers.

    Another vulnerability that could be used to inject code into programs was closed in the Microsoft Exchange Server during the March 2024 patchday. This was the classic process whereby someone can smuggle a file into a program and trick the user into opening this file in order to let a virus or Trojan into the system. The gap is now closed and files can no longer get into the Microsoft Exchange Server in this way.

    Mastering Windows Hyper-V with skill it

    In our four-day training Administering Windows Server Hybrid Core Infrastructure you will learn how to use hybrid technologies in Windows servers. In practical exercises, you will learn how to configure and manage Hyper-V, among other things.

    It goes without saying that our seminars are always secure. To ensure that you can always work securely in your programs, we also have a basic course on security with Microsoft technologies: Microsoft Security, Compliance, and Identity Fundamentals.

    Author
    Marcel Michaelsen
    Marcel writes IT content for websites as a freelancer at Textflamme. The topics range from product descriptions to complex technical articles.