![Patch [FIX] Tuesday – March 2026 [SMB Is Back and ASLR Gets Shuffled], E29](https://img.transistorcdn.com/NIJMynIG4vBkjxfD-GiiNS44vyqNtAl2wG0VCFPMaKQ/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS82YjZl/Y2I0MGNhZmQzYjQ1/MDY2MzA3ZDk1MDZk/Mzc4MS5wbmc.jpg)
Patch [FIX] Tuesday – March 2026 [SMB Is Back and ASLR Gets Shuffled], E29
Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
March 2026's Patch Tuesday brings no active exploitations, but don't let that fool you. This month, Ryan Braunstein and Henry Smith break down why medium-severity vulnerabilities deserve your full attention.
First up: a Push Message Routing Service memory leak (CVE-2026-24282, CVSS 5.5) that lets attackers scrape session tokens and private keys from heap memory. Then, a pair of GDI bugs (CVE-2026-25181 and CVE-2026-25190) that chain together to defeat ASLR and deliver remote code execution with near-perfect reliability. Henry covers a Windows Accessibility Infrastructure flaw (CVE-2026-24291) hiding in a service most teams never think to harden, plus an SMB authentication bypass (CVE-2026-24294) that echoes EternalBlue and WannaCry.
What you'll learn:
- How attackers chain medium-severity bugs into full compromise paths
- Why the Push Message Routing Service is a target-rich environment for credential theft
- How a two-stage GDI exploit defeats ASLR with near-100% reliability
- Why accessibility services are blind spots on your hardening checklists
- What SMB's history with EternalBlue and WannaCry means for this month's auth bypass
Patch your systems. Audit your service accounts. Don't skip the mediums.