Description:
Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Mar
Reports indicated that the remote code execution vulnerabilities in Internet Explorer (CVE-2021-26411) and Microsoft Edge (CVE-2021-21166 for Chromium-based and CVE-2021-26411 for EdgeHTML-based) are being actively exploited in the wild. In addition, the technical details of the privilege escalation vulnerability in Windows Win32k was publicly disclosed and hence the vulnerability is at a high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.
Affected Systems:
- Internet Explorer 9, 11
- Microsoft Edge
- Microsoft Windows 7, 8.1, RT 8.1, 10
- Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
- Microsoft Windows Server, version 1909, version 2004, version 20H2
- Microsoft Office 2010, 2013, 2016, 2019, 2019 for Mac
- Microsoft Office Online Server
- Microsoft Office Web Apps 2013, Server 2013
- Microsoft Excel 2010, 2013, 2013 RT, 2016
- Microsoft Powerpoint 2010, 2013, 2013 RT, 2016
- Microsoft 365 Apps for Enterprise
- Microsoft SharePoint Foundation 2013
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft Visual Studio 2017, 2019
- Microsoft Visio 2010, 2013, 2016
- Azure Container Instance, Kubernetes Service, Service Fabric, Sphere, Spring Cloud
- HEVC Video Extensions
- Microsoft Business Productivity Servers 2010 Service Pack 2
- Microsoft Quantum Development Kit for Visual Studio Code
- Microsoft Visual Studio Code ESLint extension
- Power BI Report Server version 15.0.1103.234,15.0.1104.300
- Visual Studio Code, Remote - Containers Extension, Java Extension Pack
- Windows Admin Center
Impact:
Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, information disclosure, denial of service, security feature bypass and spoofing.
Recommendation:
Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
More Information:
- https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Mar
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21166
- https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-march-2021-_20210310
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1640
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1729
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24089
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24090
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24095
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24104
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24107
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26411
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26859 (to CVE-2021-26882)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26884 (to CVE-2021-26887)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26889 (to CVE-2021-26902)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27047 (to CVE-2021-27063)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27066
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27070
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27074 (to CVE-2021-27077)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27080 (to CVE-2021-27085)