Back to Blog
Detection and Response

Patch Tuesday - March 2021

Adam Bunn
Adam Bunn
|Last updated on Mar 9, 2021|1 min read
LinkedInFacebookX
Patch Tuesday - March 2021

Another Patch Tuesday (2021-Mar) is upon us and with this month comes a whopping 122 CVEs.  As usual Windows tops the list of the most patched product. However, this month it’s browser vulnerabilities taking the second place, outnumbering Office vulnerabilities 3:1! Lastly, the Exchange Server vulnerabilities this month are not to be ignored as more than half of them have been seen exploited in the wild.

Vulnerability Breakdown by Software Family

FamilyVulnerability Count
Windows59
Browser35
ESU24
Microsoft Office11
Exchange Server7
Developer Tools6
Azure3
SQL Server1

Exchange Server Vulnerabilities

Earlier this month Microsoft released out of band updates for Exchange Server. These critical updates fixed a number of publicly exploited vulnerabilities, but not before attackers were able to compromise over 30,000 internet facing instances.

Yesterday, Microsoft issued an additional set of patches for older, unsupported versions of Exchange Server. This allows customers who have not been able to update to the most recent version of Exchange the ability to defend against these widespread exploit attempts.

If you administer an Exchange Server, stop reading this blog and go patch these systems! For more information please see our blog post on the topic.

Patch those Windows systems!

Almost half of the newly announced vulnerabilities this month affect components of Windows itself. Some major highlights include:

Browser Vulnerabilities

Since going end-of-life in November 2020, we haven't seen any Internet Explorer patches from Microsoft. However, this month Microsoft has made two new updates available: CVE-2021-27085 and CVE-2021-26411. CVE-2021-26411 has been exploited in the wild, so don't delay applying patches if IE is still in your environment.

The majority of the browser vulnerabilities announced this month affect Microsoft Edge on Chromium. These patches are courtesy of vulnerabilities being fixed upstream in the Chromium project.

Summary Tables

Here are this month's patched vulnerabilities split by the product family.

Azure Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-27075Azure Virtual Machine Information Disclosure VulnerabilityNoNo6.8Yes
CVE-2021-27080Azure Sphere Unsigned Code Execution VulnerabilityNoNo9.3Yes
CVE-2021-27074Azure Sphere Unsigned Code Execution VulnerabilityNoNo6.2Yes

Browser Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-27085Internet Explorer Remote Code Execution VulnerabilityNoNo8.8No
CVE-2021-21190Chromium CVE-2021-21190 : Uninitialized Use in PDFiumNoNoN/AYes
CVE-2021-21189Chromium CVE-2021-21189: Insufficient policy enforcement in paymentsNoNoN/AYes
CVE-2021-21188Chromium CVE-2021-21188: Use after free in BlinkNoNoN/AYes
CVE-2021-21187Chromium CVE-2021-21187: Insufficient data validation in URL formattingNoNoN/AYes
CVE-2021-21186Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanningNoNoN/AYes
CVE-2021-21185Chromium CVE-2021-21185: Insufficient policy enforcement in extensionsNoNoN/AYes
CVE-2021-21184Chromium CVE-2021-21184: Inappropriate implementation in performance APIsNoNoN/AYes
CVE-2021-21183Chromium CVE-2021-21183: Inappropriate implementation in performance APIsNoNoN/AYes
CVE-2021-21182Chromium CVE-2021-21182: Insufficient policy enforcement in navigationsNoNoN/AYes
CVE-2021-21181Chromium CVE-2021-21181: Side-channel information leakage in autofillNoNoN/AYes
CVE-2021-21180Chromium CVE-2021-21180: Use after free in tab searchNoNoN/AYes
CVE-2021-21179Chromium CVE-2021-21179: Use after free in Network InternalsNoNoN/AYes
CVE-2021-21178Chromium CVE-2021-21178 : Inappropriate implementation in CompositingNoNoN/AYes
CVE-2021-21177Chromium CVE-2021-21177: Insufficient policy enforcement in AutofillNoNoN/AYes
CVE-2021-21176Chromium CVE-2021-21176: Inappropriate implementation in full screen modeNoNoN/AYes
CVE-2021-21175Chromium CVE-2021-21175: Inappropriate implementation in Site isolationNoNoN/AYes
CVE-2021-21174Chromium CVE-2021-21174: Inappropriate implementation in ReferrerNoNoN/AYes
CVE-2021-21173Chromium CVE-2021-21173: Side-channel information leakage in Network InternalsNoNoN/AYes
CVE-2021-21172Chromium CVE-2021-21172: Insufficient policy enforcement in File System APINoNoN/AYes
CVE-2021-21171Chromium CVE-2021-21171: Incorrect security UI in TabStrip and NavigationNoNoN/AYes
CVE-2021-21170Chromium CVE-2021-21170: Incorrect security UI in LoaderNoNoN/AYes
CVE-2021-21169Chromium CVE-2021-21169: Out of bounds memory access in V8NoNoN/AYes
CVE-2021-21168Chromium CVE-2021-21168: Insufficient policy enforcement in appcacheNoNoN/AYes
CVE-2021-21167Chromium CVE-2021-21167: Use after free in bookmarksNoNoN/AYes
CVE-2021-21166Chromium CVE-2021-21166: Object lifecycle issue in audioNoNoN/AYes
CVE-2021-21165Chromium CVE-2021-21165: Object lifecycle issue in audioNoNoN/AYes
CVE-2021-21164Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOSNoNoN/AYes
CVE-2021-21163Chromium CVE-2021-21163: Insufficient data validation in Reader ModeNoNoN/AYes
CVE-2021-21162Chromium CVE-2021-21162: Use after free in WebRTCNoNoN/AYes
CVE-2021-21161Chromium CVE-2021-21161: Heap buffer overflow in TabStripNoNoN/AYes
CVE-2021-21160Chromium CVE-2021-21160: Heap buffer overflow in WebAudioNoNoN/AYes
CVE-2021-21159Chromium CVE-2021-21159: Heap buffer overflow in TabStripNoNoN/AYes
CVE-2020-27844Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEGNoNoN/AYes

Browser ESU Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-26411Internet Explorer Memory Corruption VulnerabilityYesYes8.8Yes

Developer Tools Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-27060Visual Studio Code Remote Code Execution VulnerabilityNoNo7.8No
CVE-2021-27084Visual Studio Code Java Extension Pack Remote Code Execution VulnerabilityNoNoN/ANo
CVE-2021-27081Visual Studio Code ESLint Extension Remote Code Execution VulnerabilityNoNo7.8No
CVE-2021-27083Remote Development Extension for Visual Studio Code Remote Code Execution VulnerabilityNoNo7.8No
CVE-2021-27082Quantum Development Kit for Visual Studio Code Remote Code Execution VulnerabilityNoNo7.8No
CVE-2021-21300Git for Visual Studio Remote Code Execution VulnerabilityNoNo8.8No

Exchange Server Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-26412Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo9.1No
CVE-2021-26855Microsoft Exchange Server Remote Code Execution VulnerabilityYesNo9.1Yes
CVE-2021-27078Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo9.1No
CVE-2021-26857Microsoft Exchange Server Remote Code Execution VulnerabilityYesNo7.8Yes
CVE-2021-27065Microsoft Exchange Server Remote Code Execution VulnerabilityYesNo7.8Yes
CVE-2021-26858Microsoft Exchange Server Remote Code Execution VulnerabilityYesNo7.8Yes
CVE-2021-26854Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo6.6No

Microsoft Office Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-27055Microsoft Visio Security Feature Bypass VulnerabilityNoNo7Yes
CVE-2021-24104Microsoft SharePoint Spoofing VulnerabilityNoNo4.6Yes
CVE-2021-27076Microsoft SharePoint Server Remote Code Execution VulnerabilityNoNo8.8Yes
CVE-2021-27052Microsoft SharePoint Server Information Disclosure VulnerabilityNoNo5.3Yes
CVE-2021-27056Microsoft PowerPoint Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-24108Microsoft Office Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27057Microsoft Office Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27059Microsoft Office Remote Code Execution VulnerabilityNoNo7.6Yes
CVE-2021-27058Microsoft Office ClickToRun Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27053Microsoft Excel Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27054Microsoft Excel Remote Code Execution VulnerabilityNoNo7.8Yes

SQL Server Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-26859Microsoft Power BI Information Disclosure VulnerabilityNoNo7.7Yes

Windows Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-26900Windows Win32k Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26863Windows Win32k Elevation of Privilege VulnerabilityNoNo7No
CVE-2021-26871Windows WalletService Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26885Windows WalletService Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26864Windows Virtual Registry Provider Elevation of Privilege VulnerabilityNoNo8.4No
CVE-2021-1729Windows Update Stack Setup Elevation of Privilege VulnerabilityNoNo7.1No
CVE-2021-26889Windows Update Stack Elevation of Privilege VulnerabilityNoNo7.1No
CVE-2021-26866Windows Update Service Elevation of Privilege VulnerabilityNoNo7.1No
CVE-2021-26870Windows Projected File System Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26874Windows Overlay Filter Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26879Windows NAT Denial of Service VulnerabilityNoNo7.5No
CVE-2021-26884Windows Media Photo Codec Information Disclosure VulnerabilityNoNo5.5Yes
CVE-2021-26867Windows Hyper-V Remote Code Execution VulnerabilityNoNo9.9Yes
CVE-2021-26868Windows Graphics Component Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26892Windows Extensible Firmware Interface Security Feature Bypass VulnerabilityNoNo6.2No
CVE-2021-24090Windows Error Reporting Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26865Windows Container Execution Agent Elevation of Privilege VulnerabilityNoNo8.8No
CVE-2021-26891Windows Container Execution Agent Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26860Windows App-V Overlay Filter Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-27066Windows Admin Center Security Feature Bypass VulnerabilityNoNo4.3No
CVE-2021-27070Windows 10 Update Assistant Elevation of Privilege VulnerabilityNoNo7.3No
CVE-2021-26886User Profile Service Denial of Service VulnerabilityNoNo5.5No
CVE-2021-26880Storage Spaces Controller Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26876OpenType Font Parsing Remote Code Execution VulnerabilityNoNo8.8No
CVE-2021-24089HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-26902HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27061HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-24110HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27047HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27048HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27049HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27050HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27051HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-27062HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2021-24095DirectX Elevation of Privilege VulnerabilityNoNo7No
CVE-2021-26890Application Virtualization Remote Code Execution VulnerabilityNoNo7.8No

Windows ESU Vulnerabilities

CVEVulnerability TitleExploitedDisclosedCVSS3FAQ
CVE-2021-27077Windows Win32k Elevation of Privilege VulnerabilityNoYes7.8No
CVE-2021-26875Windows Win32k Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26873Windows User Profile Service Elevation of Privilege VulnerabilityNoNo7No
CVE-2021-26899Windows UPnP Device Host Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-1640Windows Print Spooler Elevation of Privilege VulnerabilityNoNo7.8Yes
CVE-2021-26878Windows Print Spooler Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26862Windows Installer Elevation of Privilege VulnerabilityNoNo6.3No
CVE-2021-26861Windows Graphics Component Remote Code Execution VulnerabilityNoNo7.8No
CVE-2021-24107Windows Event Tracing Information Disclosure VulnerabilityNoNo5.5Yes
CVE-2021-26872Windows Event Tracing Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26898Windows Event Tracing Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26901Windows Event Tracing Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26897Windows DNS Server Remote Code Execution VulnerabilityNoNo9.8Yes
CVE-2021-26877Windows DNS Server Remote Code Execution VulnerabilityNoNo9.8Yes
CVE-2021-26893Windows DNS Server Remote Code Execution VulnerabilityNoNo9.8Yes
CVE-2021-26894Windows DNS Server Remote Code Execution VulnerabilityNoNo9.8Yes
CVE-2021-26895Windows DNS Server Remote Code Execution VulnerabilityNoNo9.8Yes
CVE-2021-26896Windows DNS Server Denial of Service VulnerabilityNoNo7.5Yes
CVE-2021-27063Windows DNS Server Denial of Service VulnerabilityNoNo7.5Yes
CVE-2021-26869Windows ActiveX Installer Service Information Disclosure VulnerabilityNoNo5.5Yes
CVE-2021-26882Remote Access API Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2021-26881Microsoft Windows Media Foundation Remote Code Execution VulnerabilityNoNo7.5No
CVE-2021-26887Microsoft Windows Folder Redirection Elevation of Privilege VulnerabilityNoNo7.8Yes

Summary Graphs

output_18_2.pngoutput_25_1.pngoutput_26_1.pngoutput_20_2.png

Article Tags

Author

Adam Bunn
Adam Bunn
Authors's Posts

Related blog posts