John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
No confirmed actively exploited zero-days at release. That hasn’t happened on Patch Tuesday in six months. By Microsoft standards, that’s practically a spa day.
Don’t get comfortable.
Microsoft fixed somewhere between 79 and 93 vulnerabilities this round, depending on how you count. Eight rated Critical. And two were publicly disclosed before the patch dropped. “Publicly disclosed” means the technical details are already out there. Someone’s building a working exploit right now if they haven’t already.
The gap between public disclosure and weaponization keeps shrinking. You’ve got a window. It’s not a big one.
But here’s the part that might need a conversation with your team today.
CISA added a deserialization vulnerability in SolarWinds Web Help Desk to its Known Exploited Vulnerabilities catalog on March 9. The federal compliance deadline? March 12. Today. Deserialization bugs let attackers run arbitrary code by feeding garbage data to systems that trust it. SolarWinds Web Help Desk sits across enterprises and government agencies for IT service management.
And yeah, the SolarWinds name still carries weight. The 2020 supply chain attack put every SolarWinds product permanently on attackers’ radar. Any vulnerability in their software gets extra attention from threat actors who know exactly how trusted those systems tend to be inside networks.
So here’s your triage order:
SolarWinds Web Help Desk first. CISA deadline is today. If you’re running it, this is drop-everything territory.
The two publicly disclosed zero-days next. Confirm the specific CVEs from Microsoft’s release notes and fast-track them. The blueprints are already public.
The eight Critical-rated RCE vulnerabilities after that. Anything internet-facing or unauthenticated goes to the front of the line.
Then everything else. Seventy-plus patches is a lot. Triage by exposure and attack surface.
The no-active-exploitation window is a gift. Most months you’re patching while attacks are already underway. This month you’ve got a head start. Use it before it’s gone.