Full Report
Microsoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from shutting down. [...]
Analysis Summary
# Vulnerability: Windows 10 March 2026 Security Update (KB5078885)
## CVE Details
*Note: While the article references 79 vulnerabilities fixed, it highlights the remediation of two critical zero-day flaws.*
- **CVE ID:** Not explicitly named in text (General reference to March 2026 Patch Tuesday)
- **CVSS Score:** N/A (Multiple vulnerabilities; 2 identified as Zero-Days)
- **CWE:** N/A
## Affected Systems
- **Products:** Windows 10; Windows 10 Enterprise LTSC 2021
- **Versions:**
- Windows 10 Build 19045.x
- Windows 10 Enterprise LTSC 2021 Build 19044.x
- **Configurations:** Systems enrolled in the Extended Security Update (ESU) program; systems with System Guard Secure Launch and Virtual Secure Mode (VSM) enabled; systems relying on expiring 2011 Secure Boot certificates.
## Vulnerability Description
This update addresses 79 security flaws, including two zero-day vulnerabilities. Technically significant fixes include:
- **Secure Boot Certificate Expiration:** Remediation for the upcoming June 2026 expiration of 2011 Secure Boot certificates. Failure to update permits threat actors to bypass boot-level security protections by using expired or forged signatures.
- **Secure Launch Conflict:** A bug where Secure Launch-capable PCs with VSM enabled would restart instead of shutting down or hibernating, creating potential availability and state-management issues.
- **Windows System Image Manager:** A flaw allowing potential spoofing or malicious file execution, now mitigated by a warning dialog for untrusted catalog files.
## Exploitation
- **Status:** **Exploited in the wild** (2 Zero-days)
- **Complexity:** Undisclosed (Likely Low to Medium)
- **Attack Vector:** Primarily Network/Local (Typical for OS security fixes)
## Impact
- **Confidentiality:** High (Zero-day fixes frequently impact data privacy)
- **Integrity:** High (Address Secure Boot bypasses and catalog file integrity)
- **Availability:** Medium/High (Fixes issues preventing shutdown/hibernation and systemic boot failures)
## Remediation
### Patches
- **Windows 10:** Install **KB5078885** (Updates build to 19045.7058)
- **Windows 10 Enterprise LTSC 2021:** Install **KB5078885** (Updates build to 19044.7058)
### Workarounds
- No specific workarounds are provided for the Zero-day flaws; immediate patching is recommended for systems enrolled in ESU.
- For Secure Boot: Ensure client device diagnostic data is enabled to receive high-confidence certificate targeting.
## Detection
- **Indicators of Compromise:** Monitor for unauthorized bootloader modifications or unusual system behavior related to System Image Manager catalog files.
- **Detection Methods:**
- Verify OS Build numbers (19045.7058 / 19044.7058) to ensure patch compliance.
- Monitor Event Logs for "Secure Launch" failures or unexpected system restarts during shutdown sequences.
## References
- [Vendor Advisory (KB5078885)] hxxps[:]//support[.]microsoft[.]com/en-us/topic/march-10-2026-kb5078885-os-builds-19045-7058-and-19044-7058-5738282d-0b7f-426e-a42b-bd7698ab6dbb
- [Secure Boot Certificate Updates] hxxps[:]//support[.]microsoft[.]com/topic/7ff40d33-95dc-4c3c-8725-a9b95457578e
- [BleepingComputer Coverage] hxxps[:]//www[.]bleepingcomputer[.]com/news/microsoft/microsoft-march-2026-patch-tuesday-fixes-2-zero-days-79-flaws/