Microsoft Fixes 89 Bugs this Month, Including Critical IE Fix

There are 14 critical and 75 important fixes this month. This includes updates for Windows, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, Visual Studio, and Windows Hyper-V.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) also received updates:

• Windows 7 – 5 Important vulnerabilities fixed, with the most important one fixing an issue with pending print jobs which remain in an error state.
• Windows 2008 R2 – 1 Critical and 8 Important vulnerabilities fixed, with the worst impacting DNS as per our recommendation below.

“Today is the last scheduled release of patches for legacy Windows Edge, and going forward this will become an obsolete browser,” said Robert Brown, Head of Customer Success for Syxsense. “ You must upgrade to the newest Microsoft Edge browser which uses the new Chromium engine, similar to Mozilla and Google Chrome.”

For next month, the only updates for Microsoft Edge will be for the Chromium version. We have also seen a very serious weaponized issue fixed with Internet Explorer which has not been patched for almost four months.

Top March Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.

1. CVE-2021-26411: Internet Explorer Memory Corruption Vulnerability

An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and convince a user to view the website. Additionally, the attacker could also take advantage of compromised websites, or ones that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability.

However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.

Syxscore

• Vendor Severity: Critical
• CVSS: 8.8
• Weaponised: Yes
• Public Aware: Yes
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: Required
• Scope (Jump Point): Yes

2. CVE-2021-26867: Hyper-V Remote Code Execution Vulnerability

Microsoft Windows Hyper-V could allow a remote authenticated attacker to execute arbitrary code on the system. By executing a specially-crafted program on a Hyper-V guest, an attacker could exploit this vulnerability to execute arbitrary code on the host operating system.

Syxscore

• Vendor Severity: Critical
• CVSS: 9.9
• Weaponised: No
• Public Aware: No
• Countermeasure: Hyper-V client which is configured to use the Plan 9 file system, under Linux.

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: Low
• User Interaction: None
• Scope (Jump Point): Yes

3. CVE-2021-26897: Windows DNS Server Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in the Windows DNS Server. A remote attacker can send a specially-crafted request and execute arbitrary code on the target system which if success may result in complete compromise of vulnerable system.

Syxscore

• Vendor Severity: Critical
• CVSS: 9.8
• Weaponised: No
• Public Aware: No
• Countermeasure: Some – DNS server would need to have dynamic updates enabled.

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE	Title	Vendor Severity	CVSS Score	Publicly Aware	Weaponised	Countermeasure	Syxsense Recommended
CVE-2021-26855	Microsoft Exchange Server Remote Code Execution Vulnerability	Critical	9.1	No	Yes	No	Yes
CVE-2021-26411	Internet Explorer Memory Corruption Vulnerability	Critical	8.8	Yes	Yes	No	Yes
CVE-2021-26857	Microsoft Exchange Server Remote Code Execution Vulnerability	Critical	7.8	No	Yes	No	Yes
CVE-2021-27065	Microsoft Exchange Server Remote Code Execution Vulnerability	Critical	7.8	No	Yes	No	Yes
CVE-2021-26858	Microsoft Exchange Server Remote Code Execution Vulnerability	Important	7.8	No	Yes	No	Yes
CVE-2021-26867	Windows Hyper-V Remote Code Execution Vulnerability	Critical	9.9	No	No	Yes	Yes
CVE-2021-26897	Windows DNS Server Remote Code Execution Vulnerability	Critical	9.8	No	No	Yes	Yes
CVE-2021-26877	Windows DNS Server Remote Code Execution Vulnerability	Important	9.8	No	No	No	Yes
CVE-2021-26893	Windows DNS Server Remote Code Execution Vulnerability	Important	9.8	No	No	No	Yes
CVE-2021-26894	Windows DNS Server Remote Code Execution Vulnerability	Important	9.8	No	No	No	Yes
CVE-2021-26895	Windows DNS Server Remote Code Execution Vulnerability	Important	9.8	No	No	No	Yes
CVE-2021-27080	Azure Sphere Unsigned Code Execution Vulnerability	Critical	9.3	No	No	No	Yes
CVE-2021-26412	Microsoft Exchange Server Remote Code Execution Vulnerability	Critical	9.1	No	No	No	Yes
CVE-2021-27078	Microsoft Exchange Server Remote Code Execution Vulnerability	Important	9.1	No	No	No	Yes
CVE-2021-21300	Git for Visual Studio Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2021-26876	OpenType Font Parsing Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2021-27085	Internet Explorer Remote Code Execution Vulnerability	Important	8.8	No	No	No	Yes
CVE-2021-27076	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	8.8	No	No	No	Yes
CVE-2021-26865	Windows Container Execution Agent Elevation of Privilege Vulnerability	Important	8.8	No	No	No	Yes
CVE-2021-26864	Windows Virtual Registry Provider Elevation of Privilege Vulnerability	Important	8.4	No	No	No	Yes
CVE-2021-27077	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	Yes	No	No	Yes
CVE-2021-24089	HEVC Video Extensions Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2021-26902	HEVC Video Extensions Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2021-27061	HEVC Video Extensions Remote Code Execution Vulnerability	Critical	7.8	No	No	No	Yes
CVE-2021-27074	Azure Sphere Unsigned Code Execution Vulnerability	Critical	6.2	No	No	No	Yes
CVE-2021-26890	Application Virtualization Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24110	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27047	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27048	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27049	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27050	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27051	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27062	HEVC Video Extensions Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27053	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27054	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27058	Microsoft Office ClickToRun Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24108	Microsoft Office Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27057	Microsoft Office Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27056	Microsoft PowerPoint Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26887	Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-27082	Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26882	Remote Access API Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-27083	Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26880	Storage Spaces Controller Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-27081	Visual Studio Code ESLint Extension Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-27060	Visual Studio Code Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26860	Windows App-V Overlay Filter Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26891	Windows Container Execution Agent Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-24090	Windows Error Reporting Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26872	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26898	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26901	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26868	Windows Graphics Component Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26861	Windows Graphics Component Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26874	Windows Overlay Filter Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-1640	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26878	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26870	Windows Projected File System Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26899	Windows UPnP Device Host Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26871	Windows Wallet Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26885	Windows Wallet Service Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26875	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26900	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-26859	Microsoft Power BI Information Disclosure Vulnerability	Important	7.7	No	No	No
CVE-2021-27059	Microsoft Office Remote Code Execution Vulnerability	Important	7.6	No	No	No
CVE-2021-26881	Microsoft Windows Media Foundation Remote Code Execution Vulnerability	Important	7.5	No	No	No
CVE-2021-26896	Windows DNS Server Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2021-27063	Windows DNS Server Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2021-26879	Windows NAT Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2021-27070	Windows 10 Update Assistant Elevation of Privilege Vulnerability	Important	7.3	No	No	No
CVE-2021-26866	Windows Update Service Elevation of Privilege Vulnerability	Important	7.1	No	No	No
CVE-2021-26889	Windows Update Stack Elevation of Privilege Vulnerability	Important	7.1	No	No	No
CVE-2021-1729	Windows Update Stack Setup Elevation of Privilege Vulnerability	Important	7.1	No	No	No
CVE-2021-24095	DirectX Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-27055	Microsoft Visio Security Feature Bypass Vulnerability	Important	7	No	No	No
CVE-2021-26873	Windows User Profile Service Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-26863	Windows Win32k Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-27075	Azure Virtual Machine Information Disclosure Vulnerability	Important	6.8	No	No	No
CVE-2021-26854	Microsoft Exchange Server Remote Code Execution Vulnerability	Important	6.6	No	No	No
CVE-2021-26862	Windows Installer Elevation of Privilege Vulnerability	Important	6.3	No	No	No
CVE-2021-26892	Windows Extensible Firmware Interface Security Feature Bypass Vulnerability	Important	6.2	No	No	No
CVE-2021-26886	User Profile Service Denial of Service Vulnerability	Important	5.5	No	No	No
CVE-2021-26869	Windows ActiveX Installer Service Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-24107	Windows Event Tracing Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-26884	Windows Media Photo Codec Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-27052	Microsoft SharePoint Server Information Disclosure Vulnerability	Important	5.3	No	No	No
CVE-2021-24104	Microsoft SharePoint Spoofing Vulnerability	Important	4.6	No	No	No
CVE-2021-27066	Windows Admin Center Security Feature Bypass Vulnerability	Important	4.3	No	No	No
CVE-2021-27084	Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability	Important	NA	No	No	No