Microsoft has released its security updates for March 2021, which has fixes for 82 vulnerabilities in Microsoft products. Every month we will post our vulnerability risk and tips around each patch released, to provide advice for IT professionals and businesses.
Out of the 82 patches; 10 are classed as critical and 72 are classed as important. These do not include the 7 Microsoft Exchange and 33 Chromium Edge vulnerabilities released earlier this month. There were also 2 Zero-Days discovered this month, both fixed Monday:
- CVE-2021-26411 - Internet Explorer Memory Corruption Vulnerability.
- CVE-2021-27077 - Windows Win32k Elevation of Privilege Vulnerability.
Microsoft's out-of-band security updates for the ProxyLogon vulnerability that's being used to compromise Microsoft Exchange Servers:
- CVE-2021-26854 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-26857 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-26858 - Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft also released fixes for 3 Microsoft Exchange vulnerabilities not exploited in attacks:
- CVE-2021-26412 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-27065 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-27078 - Microsoft Exchange Server Remote Code Execution Vulnerability
Other Products:
Other companies who have released security updates this week:
- Adobe: released security updates for Adobe Creative Cloud Desktop, FrameMaker and Connect.
- Android: March security updates were released last week.
- Apple: released iOS, macOS, watchOS and Safari updates yesterday.
- Cisco: released security updates for numerous products.
- SAP: released it’s March 2021 security updates.
- VMWare: released security updates for the View Planner tool.
All the patches can be found in the table below or alternatively downloaded here.
We have also curated a downloadable Patching Best Practice Guide.
Category |
CVE IDs |
CVE Title |
Severity |
FIT Risk & Tip |
Application Virtualisation 1 |
CVE-2021-26890 |
Application Virtualization Remote Code Execution Vulnerability |
Important |
4/5 - Although important, often its worth nothing that anything marked as remote code execution, can be hazardous if left unpatched. |
Azure 1 |
CVE-2021-27075 |
Azure Virtual Machine Information Disclosure Vulnerability |
Important |
4/5 - If you have multiple parts of your infrastructure within Azure, in this case virtual machines, I'd endeavour to get this one updated sooner rather than later. |
Azure Sphere 2 |
CVE-2021-27074 CVE-2021-27080 |
Azure Sphere Unsigned Code Execution Vulnerability |
Critical |
4/5- Flagged as critical, I'd endeavour to get Azure Sphere updated as soon as possible. |
Internet Explorer 1 |
CVE-2021-26411 |
Internet Explorer Memory Corruption Vulnerability |
Critical |
4/5- Internet Explorer isn't used so much these days, but its still embedded into a lot of operating systems. As this is flagged as critical, I'd get this one patched as soon as possible. |
Internet Explorer 1 |
CVE-2021-27085 |
Internet Explorer Remote Code Execution Vulnerability |
Important |
4/5 - Internet Explorer isn't used so much these days, but its still embedded into a lot of operating systems. As this is flagged as critical, I'd get this one patched as soon as possible. |
Microsoft ActiveX 1 |
CVE-2021-24109 |
Windows ActiveX Installer Service Information Disclosure Vulnerability |
Important |
3/5- ActiveX is used daily as part of your operating systems. I'd patch this when you have the ability to. |
Microsoft Edge on Chromium 33 |
CVE-2021-21173 CVE-2021-21172 CVE-2021-21169 CVE-2021-21170 CVE-2021-21171 CVE-2021-21175 CVE-2021-21176 CVE-2021-21177 CVE-2021-21174 CVE-2021-21178 CVE-2021-21161 CVE-2021-21162 CVE-2021-21160 CVE-2021-27844 CVE-2021-21159 CVE-2021-21163 CVE-2021-21167 CVE-2021-21168 CVE-2021-21166 CVE-2021-21164 CVE-2021-21165 CVE-2021-21189 CVE-2021-21181 CVE-2021-21186 CVE-2021-21190 CVE-2021-21183 CVE-2021-21185 CVE-2021-21187 CVE-2021-21182 CVE-2021-21180 CVE-2021-21184 CVE-2021-21179 CVE-2021-21188 |
Downloadable Excel table expands on the CVE title's. |
Unknown |
4/5 - As this relates to something that end users will use on a daily basis, its potentially risky to leave vulnerabilities unpatched for web browsers, that's why I would encourage this to be updated as soon as viably possible. |
Microsoft Exchange Server 4 |
CVE-2021-26412 CVE-2021-27065 CVE-2021-26857 CVE-2021-26855 |
Microsoft Exchange Server Remote Code Execution Vulnerability |
Critical |
5/5 - Probably the most critical this month, There have been several discoveries with Microsoft Exchange which require remediation as soon as possible. I'd prioritise this and even encourage downtime if you are effected. |
Microsoft Exchange Server 3 |
CVE-2021-27078 |
Microsoft Exchange Server Remote Code Execution Vulnerability |
Important |
5/5 - Probably the most critical this month, There have been several discoveries with Microsoft Exchange which require remediation as soon as possible. I'd prioritise this and even encourage downtime if you are effected. |
Microsoft Graphics Component 1 |
CVE-2021-26876 |
OpenType Font Parsing Remote Code Execution Vulnerability |
Critical |
4/5- Flagged as critical, I'd endeavour to patch this as soon as possible. |
Microsoft Graphics Component 5 |
CVE-2021-26863 |
Windows Win32k Elevation of Privilege Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability |
Important |
3/5 - Often this will be updated when parts of the operating system or office are updated. I'd patch this when get the opportunity, perhaps during your regular maintenance cycles. |
Microsoft Office 3 |
CVE-2021-24108 |
Microsoft Office Remote Code Execution Vulnerability Microsoft Office ClickToRun Remote Code Execution Vulnerability
|
Important |
4/5 - As with anything end user related, if the end users utilises an application heavily, such as Office, I'd recommend getting it patch sooner rather than later. After all, it only takes one weak link to break a chain. |
Microsoft Office Excel 3 |
CVE-2021-27053 CVE-2021-27054 CVE-2021-27057 |
Microsoft Excel Remote Code Execution Vulnerability Microsoft Office Remote Code Execution Vulnerability |
Important |
4/5 - As with anything end user related, if the end users utilises an application heavily, such as Office, I'd recommend getting it patch sooner rather than later. After all, it only takes one weak link to break a chain. |
Microsoft PowerPoint 1 |
CVE-2021-27056 |
Microsoft PowerPoint Remote Code Execution Vulnerability |
Important |
4/5 - As with anything end user related, if the end users utilises an application heavily, such as Office, I'd recommend getting it patch sooner rather than later. After all, it only takes one weak link to break a chain. |
Microsoft Office SharePoint 3 |
CVE-2021-27052 CVE-2021-24104 CVE-2021-27076 |
Microsoft SharePoint Server Information Disclosure Vulnerability Microsoft SharePoint Spoofing Vulnerability Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
3/5 - Worth being aware that this relates to on-premise SharePoint and not Office 356's SharePoint Online. |
Microsoft Office Visio 1 |
CVE-2021-27055 |
Microsoft Visio Security Feature Bypass Vulnerability |
Important |
4/5 - As with anything end user related, if the end users utilises an application heavily, such as Office, I'd recommend getting it patch sooner rather than later. After all, it only takes one weak link to break a chain. |
Microsoft Windows Codecs Library 3 |
CVE-2021-24089 |
HEVC Video Extensions Remote Code Execution Vulnerability |
Critical |
4/5 - Flagged as critical, I'd endeavour to patch this as soon as possible. |
Microsoft Windows Codecs Library 8 |
CVE-2021-27050 |
HEVC Video Extensions Remote Code Execution Vulnerability Windows Media Photo Codec Information Disclosure Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Power BI 1 |
CVE-2021-26859 |
Microsoft Power BI Information Disclosure Vulnerability |
Important |
5/5 - Power BI is used to collate and report on your data, and if you use it I would make sure you keep it updated. If your data is compromised from Power BI you could disclose vital company information. |
Role: DNS Server 1 |
CVE-2021-26897 |
Windows DNS Server Remote Code Execution Vulnerability |
Critical |
5/5 - Most Windows Domain networks will have a DNS Server on them, I'd get this patched when you can. |
Role: DNS Server 6 |
CVE-2021-27063 CVE-2021-26893 CVE-2021-26894 CVE-2021-26895 CVE-2021-26896 CVE-2021-26877 |
Windows DNS Server Denial of Service Vulnerability Windows DNS Server Remote Code Execution Vulnerability
|
Important |
4/5 - Most Windows Domain networks will have a DNS Server on them, I'd get this patched when you can. |
Role: Hyper-V 1 |
CVE-2021-26867 |
Windows Hyper-V Remote Code Execution Vulnerability |
Critical |
5/5 - Flagged as critical, I'd endeavour to patch this as soon as possible. |
Role: Hyper-V 1 |
CVE-2021-26879 |
Windows NAT Denial of Service Vulnerability |
Important |
4/5 - As this is Hyper-V and virtualisation is often used for large scale infrastructure, I'd recommend getting this patched as soon as possible. |
Visual Studio 1 |
CVE-2021-21300 |
Git for Visual Studio Remote Code Execution Vulnerability |
Critical |
4/5 - Flagged as critical, I'd endeavour to patch this as soon as possible. |
Visual Studio 1 |
CVE-2021-27084 |
Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability |
Important |
4/5- Important if you utilise Visual Studio, I'd get this updated when you can. |
Visual Studio Code 4 |
CVE-2021-27060 CVE-2021-27081 CVE-2021-27083 CVE-2021-27082 |
Visual Studio Code Remote Code Execution Vulnerability Visual Studio Code ESLint Extension Remote Code Execution Vulnerability Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability |
Important |
4/5 - Important if you utilise Visual Studio, I'd get this updated when you can. |
Windows Admin Center 1 |
CVE-2021-27066 |
Windows Admin Center Security Feature Bypass Vulnerability |
Important |
2/5 - I only recently discovered Windows Admin Center, and it’s a brilliant tool and can make mass management much easier. If you use it, you should patch it. If you don't use it, I'd research more into it. |
Windows Container Execution Agent 2 |
CVE-2021-26891 |
Windows Container Execution Agent Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows DirectX 1 |
CVE-2021-24095 |
DirectX Elevation of Privilege Vulnerability |
Important |
4/5- This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Error Reporting 1 |
CVE-2021-24090 |
Windows Error Reporting Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Event Tracing 4 |
CVE-2021-24107 CVE-2021-26872 CVE-2021-26901 CVE-2021-26898 |
Windows Event Tracing Information Disclosure Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Extensible Firmware Interface 1 |
CVE-2021-26892 |
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability |
Important |
4/5- This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Folder Redirection 1 |
CVE-2021-26887 |
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Installer 1 |
CVE-2021-26862 |
Windows Installer Elevation of Privilege Vulnerability |
Important |
4/5- This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Media 1 |
CVE-2021-26881 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Overlay Filter 2 |
CVE-2021-26874 CVE-2021-26860 |
Windows Overlay Filter Elevation of Privilege Vulnerability Windows App-V Overlay Filter Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Print Spooler Components 2 |
CVE-2021-1640 CVE-2021-26878 |
Windows Print Spooler Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Projected File System Filter Driver 1 |
CVE-2021-26870 |
Windows Projected File System Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Registry 1 |
CVE-2021-26864 |
Windows Virtual Registry Provider Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. Windows Registry is often regarded as the keys to the castle. |
Windows Remote Access API 1 |
CVE-2021-26882 |
Remote Access API Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Storage Spaces Controller 1 |
CVE-2021-26880 |
Storage Spaces Controller Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Update Assistant 1 |
CVE-2021-27070 |
Windows 10 Update Assistant Elevation of Privilege Vulnerability |
Important |
3/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Update Stack 3 |
CVE-2021-1729 CVE-2021-26889 CVE-2021-26866 |
Windows Update Stack Setup Elevation of Privilege Vulnerability Windows Update Stack Elevation of Privilege Vulnerability |
Important |
2/5 - Servicing Stacks are always released throughout the year and naturally will be applied during routine patching. Your previous Windows Update Servicing Stack will operate fine, and applying these do not require reboots. |
Windows UPnP Device Host 1 |
CVE-2021-26899 |
Windows UPnP Device Host Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows User Profile Service 2 |
CVE-2021-26873 CVE-2021-26886 |
Windows User Profile Service Elevation of Privilege Vulnerability User Profile Service Denial of Service Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows WalletService 2 |
CVE-2021-26871 CVE-2021-26885 |
Windows WalletService Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
Windows Win32K 1 |
CVE-2021-26900 |
Windows Win32k Elevation of Privilege Vulnerability |
Important |
4/5 - This is part of the underlying operating system, so it will be updated as part of your routine maintenance cycle and the latest patch sets. |
About the Author: Lizzie Arcari
Lizzie joined Foundation IT in 2019 after graduating from University. She is excited to develop her career in the IT industry, learning from the best.