Patch [FIX] Tuesday – March 2026 [SMB Is Back and ASLR Gets Shuffled], E29

Patch [FIX] Tuesday – March 2026 [SMB Is Back and ASLR Gets Shuffled], E29

From Autonomous IT by Automox

March 10, 2026 · 22 min · Episode 29

About this episode

The episode discusses March 2026's Patch Tuesday, focusing on medium-severity vulnerabilities and their implications for cybersecurity.

March 2026's Patch Tuesday brings no active exploitations, but don't let that fool you. This month, Ryan Braunstein and Henry Smith break down why medium-severity vulnerabilities deserve your full attention. First up: a Push Message Routing Service memory leak (CVE-2026-24282, CVSS 5.5) that lets attackers scrape session tokens and private keys from heap memory. Then, a pair of GDI bugs (CVE-2026-25181 and CVE-2026-25190) that chain together to defeat ASLR and deliver remote code execution with near-perfect reliability. Henry covers a Windows Accessibility Infrastructure flaw (CVE-2026-24291) hiding in a service most teams never think to harden, plus an SMB authentication bypass (CVE-2026-24294) that echoes EternalBlue and WannaCry. What you'll learn: - How attackers chain medium-severity bugs into full compromise paths - Why the Push Message Routing Service is a target-rich environment for credential theft - How a two-stage GDI exploit defeats ASLR with near-100% reliability - Why accessibility services are blind spots on your hardening checklists - What SMB's history with EternalBlue and WannaCry means for this month's auth bypass Patch your systems. Audit your service…

People in this episode

Hosts: Ryan Braunstein, Henry Smith

Topics covered

  • vulnerabilities
  • cybersecurity
  • Patch Tuesday
  • medium-severity bugs
  • remote code execution
  • credential theft
  • ASLR

Keywords

  • Patch Tuesday
  • CVE-2026-24282
  • CVE-2026-25181
  • CVE-2026-25190
  • CVE-2026-24291
  • CVE-2026-24294
  • ASLR
  • credential theft
  • remote code execution
  • medium-severity vulnerabilities

Mentioned in this episode

Organizations: Push Message Routing Service, Windows Accessibility Infrastructure, EternalBlue, WannaCry

Products: CVE-2026-24282, CVE-2026-25181, CVE-2026-25190, CVE-2026-24291, CVE-2026-24294

More episodes of Autonomous IT

Explore listener stats, chart rankings, contacts and more on the Autonomous IT podcast page.