March 2021 Patch Tuesday Index

D

on't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in March's Patch Tuesday Index below.

Microsoft addresses 89 new vulnerabilities this month, representing a 60% increase from February. Of this total, 14 are rated as “critical” with 5 that are being actively exploited in the wild, 4 of which are specific to Microsoft Exchange Server. Last week, Microsoft released a critical security update rollup for Exchange Server addressing multiple zero-day exploits being used in the wild. Anyone running vulnerable Exchange servers should update as soon as possible.

Adobe has released fixes for 17 total vulnerabilities spanning across Adobe Connect, Framemaker, Animate, Photoshop, and the Adobe Creative Cloud Desktop Application.

Automox Patch Tuesday expert Eric Feldman will be breaking down all of March's Patch Tuesday releases tomorrow, March 10, 2021. Register here so you can prioritize the patches for your environment and ask any question you may have.

Updated Live. Last Update 12:15 PM EST March 09, 2021.

firefox Mozilla Firefox
Product
Title
Identifier
Severity
Firefox 12 security vulnerabilities fixed in Firefox 86 MFSA 2021-07 High
Firefox ESR 4 security vulnerabilities fixed in Firefox ESR 78.8 MFSA 2021-08 High
Thunderbird 4 security vulnerabilities fixed in Thunderbird 78.8 MFSA 2021-09 High
adobe Adobe
Product
Title
Identifier
Severity
Adobe Connect 4 Security Vulnerabilities fixed in Adobe Connect APSB21-19 Critical
Adobe Creative Cloud 3 Security Vulnerabilities fixed in Adobe Creative Cloud Desktop Application APSB21-18 Critical
Adobe Photoshop 2 Security Vulnerabilities fixed in Adobe Photoshop APSB21-17 Critical
Adobe Animate 7 Security Vulnerabilities fixed in Adobe Animate APSB21-21 Critical
Adobe Framemaker 1 Security Vulnerability fixed in Adobe Framemaker APSB21-14 Critical
apple Google
Product
Title
Identifier
Severity
Google Chrome Chrome 89.0.4389.72 Multiple CVEs Critical
microsoft Microsoft
Product
Title
Identifier
Severity
Visual Studio Git for Visual Studio Remote Code Execution Vulnerability CVE-2021-21300 Critical
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-24089 Critical
Internet Explorer Internet Explorer Memory Corruption Vulnerability CVE-2021-26411 Critical
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-26412 Critical
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-26855 Critical
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-26857 Critical
Role: Hyper-V Windows Hyper-V Remote Code Execution Vulnerability CVE-2021-26867 Critical
Microsoft Graphics Component OpenType Font Parsing Remote Code Execution Vulnerability CVE-2021-26876 Critical
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26897 Critical
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-26902 Critical
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27061 Critical
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-27065 Critical
Azure Sphere Azure Sphere Unsigned Code Execution Vulnerability CVE-2021-27074 Critical
Azure Sphere Azure Sphere Unsigned Code Execution Vulnerability CVE-2021-27080 Critical
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-26858 High
Microsoft Graphics Component Windows Win32k Elevation of Privilege Vulnerability CVE-2021-27077 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2021-1640 High
Windows Update Stack Windows Update Stack Setup Elevation of Privilege Vulnerability CVE-2021-1729 High
Windows Error Reporting Windows Error Reporting Elevation of Privilege Vulnerability CVE-2021-24090 High
Windows DirectX DirectX Elevation of Privilege Vulnerability CVE-2021-24095 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-24104 High
Windows Event Tracing Windows Event Tracing Information Disclosure Vulnerability CVE-2021-24107 High
Microsoft Office Microsoft Office Remote Code Execution Vulnerability CVE-2021-24108 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-24110 High
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-26854 High
Power BI Microsoft Power BI Information Disclosure Vulnerability CVE-2021-26859 High
Windows Overlay Filter Windows App-V Overlay Filter Elevation of Privilege Vulnerability CVE-2021-26860 High
Microsoft Graphics Component Windows Photos App Remote Code Execution Vulnerability CVE-2021-26861 High
Windows Installer Windows Installer Elevation of Privilege Vulnerability CVE-2021-26862 High
Microsoft Graphics Component Windows Win32k Elevation of Privilege Vulnerability CVE-2021-26863 High
Windows Registry Windows Virtual Registry Provider Elevation of Privilege Vulnerability CVE-2021-26864 High
Windows Container Execution Agent Windows Container Execution Agent Elevation of Privilege Vulnerability CVE-2021-26865 High
Windows Update Stack Windows Update Service Elevation of Privilege Vulnerability CVE-2021-26866 High
Microsoft Graphics Component Windows Graphics Component Elevation of Privilege Vulnerability CVE-2021-26868 High
Microsoft ActiveX Windows ActiveX Installer Service Information Disclosure Vulnerability CVE-2021-26869 High
Windows Projected File System Filter Driver Windows Projected File System Elevation of Privilege Vulnerability CVE-2021-26870 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-26871 High
Windows Event Tracing Windows Event Tracing Elevation of Privilege Vulnerability CVE-2021-26872 High
Windows User Profile Service Windows User Profile Service Elevation of Privilege Vulnerability CVE-2021-26873 High
Windows Overlay Filter Windows Overlay Filter Elevation of Privilege Vulnerability CVE-2021-26874 High
Microsoft Graphics Component Windows Win32k Elevation of Privilege Vulnerability CVE-2021-26875 High
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26877 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2021-26878 High
Role: Hyper-V Windows NAT Denial of Service Vulnerability CVE-2021-26879 High
Windows Storage Spaces Controller Storage Spaces Controller Elevation of Privilege Vulnerability CVE-2021-26880 High
Windows Media Microsoft Windows Media Foundation Remote Code Execution Vulnerability CVE-2021-26881 High
Windows Remote Access API Remote Access API Elevation of Privilege Vulnerability CVE-2021-26882 High
Microsoft Windows Codecs Library Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-26884 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-26885 High
Windows User Profile Service User Profile Service Denial of Service Vulnerability CVE-2021-26886 High
Windows Folder Redirection Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability CVE-2021-26887 High
Windows Update Stack Windows Update Stack Elevation of Privilege Vulnerability CVE-2021-26889 High
Application Virtualization Application Virtualization Remote Code Execution Vulnerability CVE-2021-26890 High
Windows Container Execution Agent Windows Container Execution Agent Elevation of Privilege Vulnerability CVE-2021-26891 High
Windows Extensible Firmware Interface Windows Extensible Firmware Interface Security Feature Bypass Vulnerability CVE-2021-26892 High
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26893 High
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26894 High
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26895 High
Role: DNS Server Windows DNS Server Denial of Service Vulnerability CVE-2021-26896 High
Windows Event Tracing Windows Event Tracing Elevation of Privilege Vulnerability CVE-2021-26898 High
Windows UPnP Device Host Windows UPnP Device Host Elevation of Privilege Vulnerability CVE-2021-26899 High
Windows Win32K Windows Win32k Elevation of Privilege Vulnerability CVE-2021-26900 High
Windows Event Tracing Windows Event Tracing Elevation of Privilege Vulnerability CVE-2021-26901 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27047 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27048 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27049 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27050 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27051 High
Microsoft Office SharePoint Microsoft SharePoint Server Information Disclosure Vulnerability CVE-2021-27052 High
Microsoft Office Excel Microsoft Excel Remote Code Execution Vulnerability CVE-2021-27053 High
Microsoft Office Excel Microsoft Excel Remote Code Execution Vulnerability CVE-2021-27054 High
Microsoft Office Visio Microsoft Visio Security Feature Bypass Vulnerability CVE-2021-27055 High
Microsoft Office PowerPoint Microsoft PowerPoint Remote Code Execution Vulnerability CVE-2021-27056 High
Microsoft Office Excel Microsoft Office Remote Code Execution Vulnerability CVE-2021-27057 High
Microsoft Office Microsoft Office ClickToRun Remote Code Execution Vulnerability CVE-2021-27058 High
Microsoft Office Microsoft Office Remote Code Execution Vulnerability CVE-2021-27059 High
Visual Studio Code Visual Studio Code Remote Code Execution Vulnerability CVE-2021-27060 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-27062 High
Role: DNS Server Windows DNS Server Denial of Service Vulnerability CVE-2021-27063 High
Windows Admin Center Windows Admin Center Security Feature Bypass Vulnerability CVE-2021-27066 High
Windows Update Assistant Windows 10 Update Assistant Elevation of Privilege Vulnerability CVE-2021-27070 High
Azure Azure Virtual Machine Information Disclosure Vulnerability CVE-2021-27075 High
Microsoft Office SharePoint Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-27076 High
Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-27078 High
Visual Studio Code Visual Studio Code ESLint Extension Remote Code Execution Vulnerability CVE-2021-27081 High
Visual Studio Code Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability CVE-2021-27082 High
Visual Studio Code Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability CVE-2021-27083 High
Visual Studio Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability CVE-2021-27084 High
Internet Explorer Internet Explorer Remote Code Execution Vulnerability CVE-2021-27085 High


About Automox Automated Patch Management

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS and third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

More posts like this:

Patch TuesdayVulnerabilityWindows
# of endpoints

15-day free trial. No credit card required.

By submitting this form you agree to our terms of service.

Already have an account?