March 2021 - Microsoft Releases Security Patches

  Advisory Date: MAR 10, 2021

  DESCRIPTION

In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. This update is of critical importance as it directly addresses the vulnerabilities that have been exploited by a threat actor group known as Hafnium. Microsoft acknowledged there are attacks based on these vulnerabilities.

Following the new patch information format, below are the CVEs that Trend Micro Cloud One Workload covers in the March 2021 release:

  • CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
    CVSS:3.0 9.1/8.4

  • CVE-2021-26411 - Internet Explorer Memory Corruption Vulnerability
    CVSS:3.0 8.8/7.9

  • CVE-2021-26877 - Windows DNS Server Remote Code Execution Vulnerability
    CVSS:3.0 9.8/8.5

  • CVE-2021-26897 - Windows DNS Server Remote Code Execution Vulnerability
    CVSS:3.0 9.8/8.5

  • CVE-2021-27076 - Windows DNS Server Remote Code Execution Vulnerability
    CVSS:3.0 8.8/7.7

  TREND MICRO PROTECTION INFORMATION

Cloud One Workload and Deep Security shield networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility
CVE-2021-26855 1010854 Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-26855) 9-Mar-21 YES
CVE-2021-26411 1010857 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2021-26411) 9-Mar-21 YES
CVE-2021-26877 1010863 Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2021-26877) 9-Mar-21 YES
CVE-2021-26411 1010857 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2021-26411) 9-Mar-21 YES
CVE-2021-26865 1010865 Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2021-26897) 9-Mar-21 YES
CVE-2021-27076 1010864 Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-27076) 9-Mar-21 YES