Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Microsoft March 2021 Patch Tuesday Fixes 82 Flaws, 2 Zero-days

Microsoft March 2021 Patch Tuesday Fixes 82 Flaws, 2 Zero-days

Today is Microsoft’s March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today.

With today’s update, Microsoft has fixed 82 vulnerabilities, with 10 classified as Critical and 72 as Important. These numbers do not include the 7 Microsoft Exchange and 33 Chromium Edge vulnerabilities released earlier this month.

There are also two zero-day vulnerabilities patched today that were publicly disclosed and known to be used in attacks.

For information about the non-security Windows updates, you can read about today’s Windows 10 KB5000808 & KB5000802 cumulative updates.

Microsoft Exchange ProxyLogon attacks

Last week, Microsoft released out-of-band security updates for the ProxyLogon vulnerability that are actively being used by threat actors worldwide to compromise Microsoft Exchange servers.

Threat actors exploit these vulnerabilities on publicly accessible Outlook on the Web (OWA) servers to install web shells and other malware.

These vulnerabilities are being tracked with the following CVEs:

  • CVE-2021-26855 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26857 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26858 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-27065 – Microsoft Exchange Server Remote Code Execution Vulnerability

Also Read: PDPA Compliance Singapore: 10 Areas To Work On

Microsoft has released security updates for currently supported Microsoft Exchange cumulative updates and older unsupported versions.

While installing the updates will prevent the server from being compromised, attacks have been so pervasive that admins should analyze all Exchange servers for attacks that may have occurred before the patches were installed.

Microsoft has released a PowerShell script called Test-ProxyLogon.ps1 that will check for indicators of compromise (IOC) in Exchange HttpProxy logs, Exchange log files, and Windows Application event logs.

Microsoft has also updated Microsoft Defender to detect web shells and other IOCs associated with these attacks.

Their standalone Microsoft Safety Scanner (MSERT) tool has been updated to detect web shells and other IOCs for those not using Microsoft Defender.

With the fixes for the zero-days, Microsoft also released fixes for three Microsoft Exchange vulnerabilities not exploited in attacks:

  • CVE-2021-26412 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26854 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-27078 – Microsoft Exchange Server Remote Code Execution Vulnerability

Two other zero-day vulnerabilities were fixed

Microsoft also fixed two other zero-day vulnerabilities today, with one publicly used in attacks.

In January, Google disclosed that the Lazarus group was conducting attacks against security researchers using compromised Visual Studio projects and unknown zero-day exploits. 

In February, South Korean cybersecurity firm Enki disclosed that the threat actors used an Internet Explorer zero-day vulnerability in the attacks to install custom backdoors.

This vulnerability, tracked as “CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability,” is fixed today.

Another zero-day vulnerability fixed today is tracked as “CVE-2021-27077 – Windows Win32k Elevation of Privilege Vulnerability.”

This vulnerability was publicly disclosed by Trend Micro Zero Day Initiative in January after Microsoft initially stated that they would not fix it.

Update: We incorrectly stated that the CVE-2021-27077 zero-day was used in attacks. It was just publicly disclosed.

Recent updates from other companies

Other vendors who released updates in March include:

The March 2021 Patch Tuesday Security Updates

Below is the full list of resolved vulnerabilities and released advisories in the March 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Also Read: What Does A Data Protection Officer Do? 5 Main Things

TagCVE IDCVE TitleSeverity
Application VirtualizationCVE-2021-26890Application Virtualization Remote Code Execution VulnerabilityImportant
AzureCVE-2021-27075Azure Virtual Machine Information Disclosure VulnerabilityImportant
Azure SphereCVE-2021-27074Azure Sphere Unsigned Code Execution VulnerabilityCritical
Azure SphereCVE-2021-27080Azure Sphere Unsigned Code Execution VulnerabilityCritical
Internet ExplorerCVE-2021-27085Internet Explorer Remote Code Execution VulnerabilityImportant
Internet ExplorerCVE-2021-26411Internet Explorer Memory Corruption VulnerabilityCritical
Microsoft ActiveXCVE-2021-26869Windows ActiveX Installer Service Information Disclosure VulnerabilityImportant
Microsoft Edge on ChromiumCVE-2021-21173Chromium CVE-2021-21173: Side-channel information leakage in Network InternalsUnknown
Microsoft Edge on ChromiumCVE-2021-21172Chromium CVE-2021-21172: Insufficient policy enforcement in File System APIUnknown
Microsoft Edge on ChromiumCVE-2021-21169Chromium CVE-2021-21169: Out of bounds memory access in V8Unknown
Microsoft Edge on ChromiumCVE-2021-21170Chromium CVE-2021-21170: Incorrect security UI in LoaderUnknown
Microsoft Edge on ChromiumCVE-2021-21171Chromium CVE-2021-21171: Incorrect security UI in TabStrip and NavigationUnknown
Microsoft Edge on ChromiumCVE-2021-21175Chromium CVE-2021-21175: Inappropriate implementation in Site isolationUnknown
Microsoft Edge on ChromiumCVE-2021-21176Chromium CVE-2021-21176: Inappropriate implementation in full screen modeUnknown
Microsoft Edge on ChromiumCVE-2021-21177Chromium CVE-2021-21177: Insufficient policy enforcement in AutofillUnknown
Microsoft Edge on ChromiumCVE-2021-21174Chromium CVE-2021-21174: Inappropriate implementation in ReferrerUnknown
Microsoft Edge on ChromiumCVE-2021-21178Chromium CVE-2021-21178 : Inappropriate implementation in CompositingUnknown
Microsoft Edge on ChromiumCVE-2021-21161Chromium CVE-2021-21161: Heap buffer overflow in TabStripUnknown
Microsoft Edge on ChromiumCVE-2021-21162Chromium CVE-2021-21162: Use after free in WebRTCUnknown
Microsoft Edge on ChromiumCVE-2021-21160Chromium CVE-2021-21160: Heap buffer overflow in WebAudioUnknown
Microsoft Edge on ChromiumCVE-2020-27844Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEGUnknown
Microsoft Edge on ChromiumCVE-2021-21159Chromium CVE-2021-21159: Heap buffer overflow in TabStripUnknown
Microsoft Edge on ChromiumCVE-2021-21163Chromium CVE-2021-21163: Insufficient data validation in Reader ModeUnknown
Microsoft Edge on ChromiumCVE-2021-21167Chromium CVE-2021-21167: Use after free in bookmarksUnknown
Microsoft Edge on ChromiumCVE-2021-21168Chromium CVE-2021-21168: Insufficient policy enforcement in appcacheUnknown
Microsoft Edge on ChromiumCVE-2021-21166Chromium CVE-2021-21166: Object lifecycle issue in audioUnknown
Microsoft Edge on ChromiumCVE-2021-21164Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOSUnknown
Microsoft Edge on ChromiumCVE-2021-21165Chromium CVE-2021-21165: Object lifecycle issue in audioUnknown
Microsoft Edge on ChromiumCVE-2021-21189Chromium CVE-2021-21189: Insufficient policy enforcement in paymentsUnknown
Microsoft Edge on ChromiumCVE-2021-21181Chromium CVE-2021-21181: Side-channel information leakage in autofillUnknown
Microsoft Edge on ChromiumCVE-2021-21186Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanningUnknown
Microsoft Edge on ChromiumCVE-2021-21190Chromium CVE-2021-21190 : Uninitialized Use in PDFiumUnknown
Microsoft Edge on ChromiumCVE-2021-21183Chromium CVE-2021-21183: Inappropriate implementation in performance APIsUnknown
Microsoft Edge on ChromiumCVE-2021-21185Chromium CVE-2021-21185: Insufficient policy enforcement in extensionsUnknown
Microsoft Edge on ChromiumCVE-2021-21187Chromium CVE-2021-21187: Insufficient data validation in URL formattingUnknown
Microsoft Edge on ChromiumCVE-2021-21182Chromium CVE-2021-21182: Insufficient policy enforcement in navigationsUnknown
Microsoft Edge on ChromiumCVE-2021-21180Chromium CVE-2021-21180: Use after free in tab searchUnknown
Microsoft Edge on ChromiumCVE-2021-21184Chromium CVE-2021-21184: Inappropriate implementation in performance APIsUnknown
Microsoft Edge on ChromiumCVE-2021-21179Chromium CVE-2021-21179: Use after free in Network InternalsUnknown
Microsoft Edge on ChromiumCVE-2021-21188Chromium CVE-2021-21188: Use after free in BlinkUnknown
Microsoft Exchange ServerCVE-2021-26412Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-27065Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-27078Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2021-26854Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2021-26857Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-26855Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-26858Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-26863Windows Win32k Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-27077Windows Win32k Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-26861Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-26876OpenType Font Parsing Remote Code Execution VulnerabilityCritical
Microsoft Graphics ComponentCVE-2021-26875Windows Win32k Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-26868Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2021-24108Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-27058Microsoft Office ClickToRun Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2021-27059Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-27053Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-27054Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-27057Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office PowerPointCVE-2021-27056Microsoft PowerPoint Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2021-27052Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2021-24104Microsoft SharePoint Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2021-27076Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2021-27055Microsoft Visio Security Feature Bypass VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27050HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27049HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-26884Windows Media Photo Codec Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27051HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27062HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-24110HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-24089HEVC Video Extensions Remote Code Execution VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2021-27061HEVC Video Extensions Remote Code Execution VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2021-27048HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27047HEVC Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-26902HEVC Video Extensions Remote Code Execution VulnerabilityCritical
Power BICVE-2021-26859Microsoft Power BI Information Disclosure VulnerabilityImportant
Role: DNS ServerCVE-2021-27063Windows DNS Server Denial of Service VulnerabilityImportant
Role: DNS ServerCVE-2021-26893Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2021-26897Windows DNS Server Remote Code Execution VulnerabilityCritical
Role: DNS ServerCVE-2021-26894Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2021-26895Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: DNS ServerCVE-2021-26896Windows DNS Server Denial of Service VulnerabilityImportant
Role: DNS ServerCVE-2021-26877Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: Hyper-VCVE-2021-26867Windows Hyper-V Remote Code Execution VulnerabilityCritical
Role: Hyper-VCVE-2021-26879Windows NAT Denial of Service VulnerabilityImportant
Visual StudioCVE-2021-27084Visual Studio Code Java Extension Pack Remote Code Execution VulnerabilityImportant
Visual StudioCVE-2021-21300Git for Visual Studio Remote Code Execution VulnerabilityCritical
Visual Studio CodeCVE-2021-27060Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-27081Visual Studio Code ESLint Extension Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-27083Remote Development Extension for Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-27082Quantum Development Kit for Visual Studio Code Remote Code Execution VulnerabilityImportant
Windows Admin CenterCVE-2021-27066Windows Admin Center Security Feature Bypass VulnerabilityImportant
Windows Container Execution AgentCVE-2021-26891Windows Container Execution Agent Elevation of Privilege VulnerabilityImportant
Windows Container Execution AgentCVE-2021-26865Windows Container Execution Agent Elevation of Privilege VulnerabilityImportant
Windows DirectXCVE-2021-24095DirectX Elevation of Privilege VulnerabilityImportant
Windows Error ReportingCVE-2021-24090Windows Error Reporting Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-24107Windows Event Tracing Information Disclosure VulnerabilityImportant
Windows Event TracingCVE-2021-26872Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-26901Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-26898Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Extensible Firmware InterfaceCVE-2021-26892Windows Extensible Firmware Interface Security Feature Bypass VulnerabilityImportant
Windows Folder RedirectionCVE-2021-26887Microsoft Windows Folder Redirection Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2021-26862Windows Installer Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2021-26881Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
Windows Overlay FilterCVE-2021-26874Windows Overlay Filter Elevation of Privilege VulnerabilityImportant
Windows Overlay FilterCVE-2021-26860Windows App-V Overlay Filter Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-1640Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-26878Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Projected File System Filter DriverCVE-2021-26870Windows Projected File System Elevation of Privilege VulnerabilityImportant
Windows RegistryCVE-2021-26864Windows Virtual Registry Provider Elevation of Privilege VulnerabilityImportant
Windows Remote Access APICVE-2021-26882Remote Access API Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-26880Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows Update AssistantCVE-2021-27070Windows 10 Update Assistant Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2021-1729Windows Update Stack Setup Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2021-26889Windows Update Stack Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2021-26866Windows Update Service Elevation of Privilege VulnerabilityImportant
Windows UPnP Device HostCVE-2021-26899Windows UPnP Device Host Elevation of Privilege VulnerabilityImportant
Windows User Profile ServiceCVE-2021-26873Windows User Profile Service Elevation of Privilege VulnerabilityImportant
Windows User Profile ServiceCVE-2021-26886User Profile Service Denial of Service VulnerabilityImportant
Windows WalletServiceCVE-2021-26871Windows WalletService Elevation of Privilege VulnerabilityImportant
Windows WalletServiceCVE-2021-26885Windows WalletService Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2021-26900Windows Win32k Elevation of Privilege VulnerabilityImportant

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us