Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More

Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

The March Patch Tuesday is here and it's been an unfortunately busy month for Microsoft. Earlier last week they released information on a campaign targeting Microsoft Exchange Server with multiple zero-day exploits. We released information about this campaign yesterday and those affected should absolutely be working on updating their systems if they haven't already.

Today's release covers an additional 88 CVEs including 14 rated as "Critical", 73 rated as "Important", and 1 as "Low". Additional patches for MS Exchange Server are included in the Critical list and Microsoft released patches for EOL versions of MS Exchange as well via a manual Cumulative Security Update. You can read more about that here.

While the Exchange vulnerabilities are without a doubt the most pressing patches. There is plenty to be concerned about this Tuesday. On the Critical list are patches for Remote Code Execution (RCE) vulnerabilities in Windows DNS Server, Hyper-V, and Azure Sphere. The Important list includes patches for server packages like MS Exchange, Sharepoint, Visual Studio, Windows DNS, and the Update service itself. The list also patches for multiple client-side software like the MS Office suite, Internet Explorer, DirectX, ActiveX, and various media codes.

All in all, March brings with it some of the most important patches in at least a year. Please patch as soon as you can and stay safe!


Critical

Azure Sphere Unsigned Code Execution Vulnerability
CVE-2021-27074, CVE-2021-27080
Remote Code Execution

Azure Virtual Machine Information Disclosure Vulnerability
CVE-2021-27075
Information Disclosure

Git for Visual Studio Remote Code Execution Vulnerability
CVE-2021-21300
Remote Code Execution

HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-26902, CVE-2021-27061
Remote Code Execution

Internet Explorer Memory Corruption Vulnerability
CVE-2021-26411
Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065
Remote Code Execution

OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2021-26876
Remote Code Execution

Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-26897
Remote Code Execution

Windows Hyper-V Remote Code Execution Vulnerability
CVE-2021-26867
Remote Code Execution


Important

Application Virtualization Remote Code Execution Vulnerability
CVE-2021-26890
Remote Code Execution

DirectX Elevation of Privilege Vulnerability
CVE-2021-24095
Elevation of Privilege

HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-24089, CVE-2021-24110, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051
Remote Code Execution

Internet Explorer Remote Code Execution Vulnerability
CVE-2021-27085
Remote Code Execution

Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-27053, CVE-2021-27054
Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26854, CVE-2021-26858, CVE-2021-27078
Remote Code Execution

Microsoft Office ClickToRun Remote Code Execution Vulnerability
CVE-2021-27058
Remote Code Execution

Microsoft Office Remote Code Execution Vulnerability
CVE-2021-24108, CVE-2021-27057, CVE-2021-27059
Remote Code Execution

Microsoft Power BI Information Disclosure Vulnerability
CVE-2021-26859
Information Disclosure

Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2021-27056
Remote Code Execution

Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-27052
Information Disclosure

Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-27076
Remote Code Execution

Microsoft SharePoint Spoofing Vulnerability
CVE-2021-24104
Spoofing

Microsoft Visio Security Feature Bypass Vulnerability
CVE-2021-27055
Security Feature Bypass

Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
CVE-2021-26887
Elevation of Privilege

Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-26881
Remote Code Execution

Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-27082
Remote Code Execution

Remote Access API Elevation of Privilege Vulnerability
CVE-2021-26882
Elevation of Privilege

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-27083
Remote Code Execution

Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26880
Elevation of Privilege

User Profile Service Denial of Service Vulnerability
CVE-2021-26886
Denial of Service

Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
CVE-2021-27081
Remote Code Execution

Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
CVE-2021-27084
Remote Code Execution

Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-27060
Remote Code Execution

Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVE-2021-27070
Elevation of Privilege

Windows ActiveX Installer Service Information Disclosure Vulnerability
CVE-2021-26869
Information Disclosure

Windows Admin Center Security Feature Bypass Vulnerability
CVE-2021-27066
Security Feature Bypass

Windows App-V Overlay Filter Elevation of Privilege Vulnerability
CVE-2021-26860
Elevation of Privilege

Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2021-26865, CVE-2021-26891
Elevation of Privilege

Windows DNS Server Denial of Service Vulnerability
CVE-2021-26896, CVE-2021-27063
Denial of Service

Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895
Remote Code Execution

Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2021-24090
Elevation of Privilege

Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26872, CVE-2021-26898, CVE-2021-26901, CVE-2021-24107
Information Disclosure

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2021-26892
Security Feature Bypass

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-26868
Elevation of Privilege

Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-26861
Remote Code Execution

Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26862
Elevation of Privilege

Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-26884
Information Disclosure

Windows NAT Denial of Service Vulnerability
CVE-2021-26879
Denial of Service

Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2021-26874
Elevation of Privilege

Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1640, CVE-2021-26878
Elevation of Privilege

Windows Projected File System Elevation of Privilege Vulnerability
CVE-2021-26870
Elevation of Privilege

Windows Update Service Elevation of Privilege Vulnerability
CVE-2021-26866
Elevation of Privilege

Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-26889
Elevation of Privilege

Windows Update Stack Setup Elevation of Privilege Vulnerability
CVE-2021-1729
Elevation of Privilege

Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2021-26899
Elevation of Privilege

Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-26873
Elevation of Privilege

Windows Virtual Registry Provider Elevation of Privilege Vulnerability
CVE-2021-26864
Elevation of Privilege

Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-26871, CVE-2021-26885
Elevation of Privilege

Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-26863, CVE-2021-26875, CVE-2021-26900
Elevation of Privilege


Low

Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-27077
Denial of Service

About the Author

Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20- year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo