Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • VERT Threat Alert: March 2021 Patch Tuesday Analysis
  • Critical Vulnerability
  • Cyber Attacks
  • Vulnerabilities

VERT Threat Alert: March 2021 Patch Tuesday Analysis

5 years ago Tyler Reguly
VERT Threat Alert: March 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-933 on Wednesday, March 10th.

In-The-Wild & Disclosed CVEs

CVE-2021-26855
CVE-2021-26857
CVE-2021-26858
CVE-2021-27065

These CVEs are part of the bundle of Exchange vulnerabilities that were patched last week, more specifically, these are the four CVEs that were experiencing active exploitation. Tripwire VERT released coverage for these in ASPL-932. While these attacks started out with the state-sponsored threat actor known as Hafnium, Microsoft has reported multiple threat actors are now abusing these vulnerabilities. Krebs on Security has published a basic timeline of the attack and ZDNet has been providing coverage as well. The Cybersecurity and Infrastructure Security Agency has issued an emergency directive related to this, as has the Canadian Centre for Cyber Security. It is critical that these systems are patched as soon as possible, especially since estimates indicate that over 30,000 servers have been compromised already.

Microsoft has rated this as Exploit Detected on the latest software release on the Exploitability Index.

CVE-2021-26411

A vulnerability in Microsoft Internet Explorer and the EdgeHTML-based Microsoft Edge is currently experiencing active exploitation. To successfully exploit this vulnerability, an attacker would need to direct the victim to a website, which would typically be accomplished via a phishing attack or some other form of social engineering.

Microsoft has rated this as Exploit Detected on the latest software release on the Exploitability Index.

CVE-2021-27077

This CVE describes a disclosed but not yet exploited vulnerability in Win32k that could allow for privilege escalation. This is a local vulnerability, meaning that an attacker must already have access to the system in order to exploit this issue.

Microsoft has rated this as Exploitation Less Likely on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag CVE Count CVEs
Windows WalletService 2 CVE-2021-26871, CVE-2021-26885
Windows Error Reporting 1 CVE-2021-24090
Windows Media 1 CVE-2021-26881
Windows Installer 1 CVE-2021-26862
Visual Studio 2 CVE-2021-21300, CVE-2021-27084
Windows Storage Spaces Controller 1 CVE-2021-26880
Windows DirectX 1 CVE-2021-24095
Internet Explorer 2 CVE-2021-26411, CVE-2021-27085
Microsoft Office SharePoint 3 CVE-2021-24104, CVE-2021-27052, CVE-2021-27076
Windows Projected File System Filter Driver 1 CVE-2021-26870
Microsoft Office PowerPoint 1 CVE-2021-27056
Microsoft Windows Codecs Library 11 CVE-2021-24089, CVE-2021-24110, CVE-2021-26884, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050, CVE-2021-27051, CVE-2021-27061, CVE-2021-27062
Visual Studio Code 4 CVE-2021-27060, CVE-2021-27081, CVE-2021-27082, CVE-2021-27083
Microsoft Office Visio 1 CVE-2021-27055
Microsoft Office Excel 3 CVE-2021-27053, CVE-2021-27054, CVE-2021-27057
Microsoft Graphics Component 6 CVE-2021-27077, CVE-2021-26861, CVE-2021-26863, CVE-2021-26868, CVE-2021-26875, CVE-2021-26876
Windows Event Tracing 4 CVE-2021-24107, CVE-2021-26872, CVE-2021-26898, CVE-2021-26901
Windows Update Assistant 1 CVE-2021-27070
Windows User Profile Service 2 CVE-2021-26873, CVE-2021-26886
Role: Hyper-V 2 CVE-2021-26867, CVE-2021-26879
Microsoft Exchange Server 7 CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078
Microsoft Office 3 CVE-2021-24108, CVE-2021-27058, CVE-2021-27059
Windows Registry 1 CVE-2021-26864
Azure Sphere 2 CVE-2021-27074, CVE-2021-27080
Application Virtualization 1 CVE-2021-26890
Power BI 1 CVE-2021-26859
Windows Overlay Filter 2 CVE-2021-26860, CVE-2021-26874
Role: DNS Server 7 CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895, CVE-2021-26896, CVE-2021-26897, CVE-2021-27063
Windows Win32K 1 CVE-2021-26900
Azure 1 CVE-2021-27075
Windows Admin Center 1 CVE-2021-27066
Microsoft Edge on Chromium 33 CVE-2020-27844, CVE-2021-21159, CVE-2021-21160, CVE-2021-21161, CVE-2021-21162, CVE-2021-21163, CVE-2021-21164, CVE-2021-21165, CVE-2021-21166, CVE-2021-21167, CVE-2021-21168, CVE-2021-21169, CVE-2021-21170, CVE-2021-21171, CVE-2021-21172, CVE-2021-21173, CVE-2021-21174, CVE-2021-21175, CVE-2021-21176, CVE-2021-21177, CVE-2021-21178, CVE-2021-21179, CVE-2021-21180, CVE-2021-21181, CVE-2021-21182, CVE-2021-21183, CVE-2021-21185, CVE-2021-21186, CVE-2021-21187, CVE-2021-21188, CVE-2021-21189, CVE-2021-21190, CVE-2021-21184
Windows Container Execution Agent 2 CVE-2021-26865, CVE-2021-26891
Windows Update Stack 3 CVE-2021-1729, CVE-2021-26866, CVE-2021-26889
Windows UPnP Device Host 1 CVE-2021-26899
Windows Print Spooler Components 2 CVE-2021-1640, CVE-2021-26878
Windows Extensible Firmware Interface 1 CVE-2021-26892
Microsoft ActiveX 1 CVE-2021-26869
Windows Folder Redirection 1 CVE-2021-26887
Windows Remote Access API 1 CVE-2021-26882

Other Information

There were no advisories included in the March security guidance.

The post ” VERT Threat Alert: March 2021 Patch Tuesday Analysis” appeared first on TripWire

Source:TripWire – Tyler Reguly

Tags: Critical Severity, Exploit, Goverment, Microsoft, Patch Tuesday, Phishing, TripWire

Continue Reading

Previous Adobe Critical Code-Execution Flaws Plague Windows Users
Next Dark Web Markets for Stolen Data See Banner Sales

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

4 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

6 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

10 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

23 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

23 hours ago [email protected] (The Hacker News)

Recent Posts

  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
  • Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT