Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Patch Tuesday, March 2021

The March Patch Tuesday is here and it's been an unfortunately busy month for Microsoft. Earlier last week they released information on a campaign targeting Microsoft Exchange Server with multiple zero-day exploits. We released information about this campaign yesterday and those affected should absolutely be working on updating their systems if they haven't already.

Today's release covers an additional 88 CVEs including 14 rated as "Critical", 73 rated as "Important", and 1 as "Low". Additional patches for MS Exchange Server are included in the Critical list and Microsoft released patches for EOL versions of MS Exchange as well via a manual Cumulative Security Update. You can read more about that here.

While the Exchange vulnerabilities are without a doubt the most pressing patches. There is plenty to be concerned about this Tuesday. On the Critical list are patches for Remote Code Execution (RCE) vulnerabilities in Windows DNS Server, Hyper-V, and Azure Sphere. The Important list includes patches for server packages like MS Exchange, Sharepoint, Visual Studio, Windows DNS, and the Update service itself. The list also patches for multiple client-side software like the MS Office suite, Internet Explorer, DirectX, ActiveX, and various media codes.

All in all, March brings with it some of the most important patches in at least a year. Please patch as soon as you can and stay safe!


Azure Sphere Unsigned Code Execution Vulnerability
CVE-2021-27074, CVE-2021-27080
Remote Code Execution

Azure Virtual Machine Information Disclosure Vulnerability
Information Disclosure

Git for Visual Studio Remote Code Execution Vulnerability
Remote Code Execution

HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-26902, CVE-2021-27061
Remote Code Execution

Internet Explorer Memory Corruption Vulnerability
Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065
Remote Code Execution

OpenType Font Parsing Remote Code Execution Vulnerability
Remote Code Execution

Windows DNS Server Remote Code Execution Vulnerability
Remote Code Execution

Windows Hyper-V Remote Code Execution Vulnerability
Remote Code Execution


Application Virtualization Remote Code Execution Vulnerability
Remote Code Execution

DirectX Elevation of Privilege Vulnerability
Elevation of Privilege

HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-24089, CVE-2021-24110, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051
Remote Code Execution

Internet Explorer Remote Code Execution Vulnerability
Remote Code Execution

Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-27053, CVE-2021-27054
Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26854, CVE-2021-26858, CVE-2021-27078
Remote Code Execution

Microsoft Office ClickToRun Remote Code Execution Vulnerability
Remote Code Execution

Microsoft Office Remote Code Execution Vulnerability
CVE-2021-24108, CVE-2021-27057, CVE-2021-27059
Remote Code Execution

Microsoft Power BI Information Disclosure Vulnerability
Information Disclosure

Microsoft PowerPoint Remote Code Execution Vulnerability
Remote Code Execution

Microsoft SharePoint Server Information Disclosure Vulnerability
Information Disclosure

Microsoft SharePoint Server Remote Code Execution Vulnerability
Remote Code Execution

Microsoft SharePoint Spoofing Vulnerability

Microsoft Visio Security Feature Bypass Vulnerability
Security Feature Bypass

Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
Elevation of Privilege

Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Remote Code Execution

Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
Remote Code Execution

Remote Access API Elevation of Privilege Vulnerability
Elevation of Privilege

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
Remote Code Execution

Storage Spaces Controller Elevation of Privilege Vulnerability
Elevation of Privilege

User Profile Service Denial of Service Vulnerability
Denial of Service

Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
Remote Code Execution

Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
Remote Code Execution

Visual Studio Code Remote Code Execution Vulnerability
Remote Code Execution

Windows 10 Update Assistant Elevation of Privilege Vulnerability
Elevation of Privilege

Windows ActiveX Installer Service Information Disclosure Vulnerability
Information Disclosure

Windows Admin Center Security Feature Bypass Vulnerability
Security Feature Bypass

Windows App-V Overlay Filter Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2021-26865, CVE-2021-26891
Elevation of Privilege

Windows DNS Server Denial of Service Vulnerability
CVE-2021-26896, CVE-2021-27063
Denial of Service

Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895
Remote Code Execution

Windows Error Reporting Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26872, CVE-2021-26898, CVE-2021-26901, CVE-2021-24107
Information Disclosure

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
Security Feature Bypass

Windows Graphics Component Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Graphics Component Remote Code Execution Vulnerability
Remote Code Execution

Windows Installer Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Media Photo Codec Information Disclosure Vulnerability
Information Disclosure

Windows NAT Denial of Service Vulnerability
Denial of Service

Windows Overlay Filter Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1640, CVE-2021-26878
Elevation of Privilege

Windows Projected File System Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Update Service Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Update Stack Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Update Stack Setup Elevation of Privilege Vulnerability
Elevation of Privilege

Windows UPnP Device Host Elevation of Privilege Vulnerability
Elevation of Privilege

Windows User Profile Service Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Virtual Registry Provider Elevation of Privilege Vulnerability
Elevation of Privilege

Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-26871, CVE-2021-26885
Elevation of Privilege

Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-26863, CVE-2021-26875, CVE-2021-26900
Elevation of Privilege


Windows Win32k Elevation of Privilege Vulnerability
Denial of Service

Latest SpiderLabs Blogs

Hunting For Integer Overflows In Web Servers

Allow me to set the scene and start proceedings off with a definition of an integer overflow, according to Wikipedia:

Read More

Welcome to Adventures in Cybersecurity: The Defender Series

I’m happy to say I’m done chasing Microsoft certifications (AZ104/AZ500/SC100), and as a result, I’ve had the time to put some effort into a blog series that hopefully will entertain and inform you...

Read More

Trustwave SpiderLabs: Insights and Solutions to Defend Educational Institutions Against Cyber Threats

Security teams responsible for defending educational institutions at higher education and primary school levels often find themselves facing harsh lessons from threat actors who exploit the numerous...

Read More