Microsoft released fixes for over 80 CVEs in yesterday’s Patch Tuesday update round, including a zero-day bug and several publicly disclosed vulnerabilities.
In a week dominated by the exploitation on a massive scale of four zero-day Exchange Server flaws patched out-of-band by Microsoft last week, there’s yet more to do for sysadmins.
The first is yet another zero-day, this time in Internet Explorer.
“CVE-2021-26411 is a memory corruption vulnerability that could allow an attacker to target users with specially crafted content,” explained Ivanti senior director of product management, Chris Goettl.
“An attacker could utilize specially crafted websites or websites that accept user-provided content or advertisements to host content designed to exploit this vulnerability.”
DataBreachToday
Compliance
March 29, 2021
March 31, 2021
Compliance
DougOlenick) • March 10, 2021 Get Permission
Microsoft s rerelease on Patch Tuesday of the seven patches for the widely exploited Exchange vulnerabilities has given security experts a chance to reiterate the urgent need to install these and other critical security updates. It’s imperative for organizations to ensure they’ve applied patches to address the Microsoft Exchange-related zero-days that were disclosed last week as part of an out-of-band advisory, which nation-state groups and other threat actors have exploited indiscriminately, says Satnam Narang, staff research engineer at Tenable.
On March 2, Microsoft issued emergency software patches for four zero-day vulnerabilities in Exchange email server; those were rereleased on Tuesday. The company says a China-based group it calls Hafnium has exploited the unpatche
A first phase patch for the critical vulnerability, tracked as CVE-2020-1472, was issued in August 2020. The first phase of the patch was intended to address the vulnerability on two fronts: blocking both Windows-based domain members and non-Windows PCs that have been configured to disable signing/encryption as well as making changes to the Netlogon protocol for clients that cannot use the required signing/encryption, says Satnam Narang, staff research engineer at the security firm Tenable.
The second patch completes the patching process for those who did not earlier implement enforcement by automatically turning on the protective measures that were included in the August 2020 patch. The second patch effectively brings all users up to the same level of security.