Microsoft Patch Tuesday Audit – March 2021

Home Forums Computers (software & hardware) … Windows (OS) Microsoft Patch Tuesday Audit – March 2021

Viewing 1 post (of 1 total)
  • Author
  • #12401
    UK Sentinel
    • Posts 3397
    • Skipper

    Microsoft released their March 2021 Patch Tuesday software updates to address 82 security flaws within Windows and other products, including a patch for an actively exploited Internet Explorer zero-day.

    Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. It’s color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched.

    Internet Explorer Zero-Day
    There is a bug within Internet Explorer and Edge HTML versions that has been exploited in the wild. The flaw, CVE-2021-26411, allows hackers to execute a file that they choose by getting you to visit a malicious website in Internet Explorer or Edge.

    Windows Hyper-V Remote Code Execution (RCE) Vulnerability
    The RCE vulnerability could allow an authenticated hacker to execute code on the Hyper-V server. However, this can only be done to those using the Plan-9 file system so if you are using this, we advise you urgently to patch your installations.

    Windows DNS Server Remote Code Execution (RCE) Vulnerability
    5 bugs (CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895 and CVE-2021-26897) are listed as DNS Server RCE vulnerabilities on Windows Server 2008 all the way to Windows Server 2019 but CVE-2021-26897 is the only critical one. An attacker can use these flaws to remotely install malicious software. There is a chance that this could be wormable between DNS servers.

    Read more:

    Microsoft Patch Tuesday – March 2021

    In a completely sane world, madness is the only freedom (J.G.Ballard).

Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.