March 2026 Patch Tuesday forecast: Is AI security an oxymoron?

Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are these AI tools and routines themselves? Recent reports show they suffer from vulnerabilities just like any other code.

For example, Google recently provided an update for CVE-2026-0628, associated with Gemini AI implemented in the Chrome browser. This elevation of privilege vulnerability, rated High with a CVSS of 8.8, was recently reported in detail by Palo Alto Networks security research team. Per Palo Alto, “this vulnerability could have allowed malicious extensions with basic permissions to hijack the new Gemini Live in Chrome browser panel.”

In a somewhat related story, there are continued reports of users downloading ‘AI’ extensions to take advantage of the latest AI tools. As explained in the article, to all appearances these extensions may provide some expected functionality when in fact they are penetrating and collecting data from your system! Even more troublesome is that they are appearing in many app stores for easy download, piggybacking on the need for more AI tools.

Microsoft ddds Copilot data protections, issues minor server patch

On a positive note regarding AI use, Microsoft is introducing more control over which files Microsoft 365 Copilot AI assistant can access during its data processing. This is in direct response to many customers’ reporting Copilot included confidential information in its reports.

Office file data loss prevention (DLP) can be applied to files stored on OneDrive and SharePoint to prevent Copilot access, but the DLP was not carried over to files saved outside of those locations on the local system; hence the source of the confidential information. This should appear in April and will be applied by default, but it is important to note this is not a change in Copilot, but rather a change to use of Microsoft DLP settings. If you don’t want Copilot to access your files, it is imperative you start to use the proper DLP control over your Office files.

Microsoft provided a solid set of updates on last Patch Tuesday, and as a result, February was kind of lean from a Microsoft patch perspective. After a flurry of OOB patches in January addressing performance and security issues, we had none in February and only one on March 2nd.

The update was KB 5082314 for Server 2022, which according to Microsoft, “addresses an issue affecting certificate renewal for Windows Hello for Business in certain Active Directory Federation Services (ADFS)–based deployments on Windows Server 2022.” It only impacts organizations that are using ADFS deployments, so it is not critical if you are not using them. This OOB patch is cumulative, including the February Patch Tuesday updates, and will be rolled into the March updates as well.

Notepad++ 8.9.2 secures updates with double-lock design

I mentioned last month that NotePad++ reported a security exposure on their blog concerning compromised product updates. On February 16th, they announced the release of version 8.9.2 which incorporates a new ‘double lock’ design with certificate and signature verification to provide enhanced security protection to their update process. All users are encouraged to move quickly to this version to prevent compromise and to confirm the download being used is coming from notepad-plus-plus.org.

Apple releases security fixes for macOS, iOS, and Safari

Apple released major security updates for all their operating systems, plus Safari, in the shadow of Patch Tuesday on Wednesday February 11th. If you missed those, you should move quickly to update macOS Tahoe 26.3 addressing 55 CVEs, macOS Sequioa 15.7.4 addressing 36 CVEs, and macOS Sonoma 14.8.4 with 42 CVEs.

There were also same-day version 26.3 updates for iOS, iPadOS, tvOS, watchOS, visionOS, and Safari. You should have included these in your Patch Tuesday deployments for last month. Apple also provided some early March 26.3.1 updates, but they don’t have any associated CVEs listed.

March 2026 Patch Tuesday forecast

• Microsoft released a solid set of updates last month and I hope that continues with a controlled and well-tested set of vulnerabilities addressed. The usual OS and ESU updates will be released. It appears Microsoft Office will continue to update the Office 2016 apps as well as Office 2019, so expect them as well as the usual click-to-run online versions. The wildcard will always be a .NET framework, SQL server, or Exchange Server update.
• The Adobe rotation for Creative Cloud Apps updates will most likely contain Illustrator and Photoshop, and perhaps a few others. The quarterly update for Acrobat and Acrobat Reader is usually in April, but we could get a minor update this month if a critical fix is needed.
• Apple trickled out new updates for iOS and macOS Tahoe on March 4th, so be on the lookout for the remaining supported operating systems to appear in the next couple of days.
• The Google Chrome 146 beta was released late this week, so we may not see an update on Patch Tuesday. But based on my AI comments earlier regarding Gemini AI and Chrome extensions, make sure you are keeping up with the updates when they are released.
• The releases for Mozilla products next week may be very limited. They released major updates for Firefox 148, Firefox ESR 140.8, Firefox ESR 115.33, Thunderbird 148, and Thunderbird ESR 140.8 on February 24th, so it should be quiet next week, but make sure have these deployed already.

The AI craze is upon us, so it pays to be very cautious about which apps and what functionality you are allowing into your networks. Using AI technology to build more secure code or assist with business functionality is definitely needed, but be aware of the vulnerabilities which may exist within that code leading to the ‘AI security’ terminology oxymoron.