- The best portable power stations for camping in 2025: Expert tested and reviewed
- "제조 업계, 스마트 기술 전환 중··· 95%가 AI 투자 예정" 로크웰 오토메이션
- What to Do If You Book a Hotel or Airbnb and It Turns Out to Be a Scam | McAfee Blog
- Cómo evitar la fuga de cerebros en TI
- Is ChatGPT Plus still worth $20 when the free version packs so many premium features?
Patch Priority Index for March 2021 | The State of Security
Tripwire’s March 2021 Patch Priority Index (PPI) brings together important vulnerabilities from SaltStack, VWware, BIG-IP and Microsoft.
First on the patch priority list this month are patches for vulnerabilities in Microsoft Exchange (CVE-2021-27065, CVE-2021-26855), SaltStack (CVE-2021-25282, CVE-2021-25281), BIG-IP (CVE-2021-22986) and VMware vCenter (CVE-2021-21972). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.
Next on the list are patches for Internet Explorer, which resolve memory corruption and remote code execution vulnerabilities.
Up next on the patch priority list this month are patches for Microsoft Excel, Visio, PowerPoint and Office. These patches resolve seven issues including security feature bypass and remote code execution vulnerabilities.
Next are patches that affect components of the Windows operating systems. These patches resolve over 35 vulnerabilities including elevation of privilege, information disclosure, remote code execution and memory corruption vulnerabilities. These vulnerabilities affect core Windows, WalletService, Error Reporting, Windows Media, Storage Spaces Controller, DirectX, OpenType Font, Graphics, Event Tracing, User Profile Service, App-V, Update Stack and others.
Up next is a patch that resolves a denial of service and remote code execution vulnerability for Hyper-V.
Lastly, administrators should focus on server-side patches for Microsoft, which resolve issues in Microsoft SharePoint, Exchange and DNS. These patches resolve several issues including remote code execution, information disclosure, denial of service and spoofing vulnerabilities.
| BULLETIN | CVE |
| Exploit Framework – Metasploit | CVE-2021-27065, CVE-2021-26855, CVE-2021-25282, CVE-2021-25281, CVE-2021-22986, CVE-2021-21972 |
| Internet Explorer | CVE-2021-26411, CVE-2021-27085 |
| Microsoft Office | CVE-2021-27055, CVE-2021-27056, CVE-2021-27054, CVE-2021-27053, CVE-2021-27057, CVE-2021-27059, CVE-2021-24108 |
| Microsoft Windows | CVE-2021-26885, CVE-2021-26871, CVE-2021-24090, CVE-2021-26881, CVE-2021-26862, CVE-2021-26880, CVE-2021-24095, CVE-2021-26870, CVE-2021-26884, CVE-2021-26876, CVE-2021-26868, CVE-2021-26861, CVE-2021-27077, CVE-2021-26875, CVE-2021-26863, CVE-2021-26901, CVE-2021-26872, CVE-2021-26898, CVE-2021-24107, CVE-2021-27070, CVE-2021-26886, CVE-2021-26873, CVE-2021-26864, CVE-2021-26890, CVE-2021-26860, CVE-2021-26874, CVE-2021-26900, CVE-2021-26865, CVE-2021-26891, CVE-2021-26866, CVE-2021-26889, CVE-2021-1729, CVE-2021-26899, CVE-2021-1640, CVE-2021-26878, CVE-2021-26892, CVE-2021-26869, CVE-2021-26882 |
| Hyper-V | CVE-2021-26867, CVE-2021-26879 |
| Exchange Server | CVE-2021-27065, CVE-2021-27078, CVE-2021-26858, CVE-2021-26857, CVE-2021-26854, CVE-2021-26855, CVE-2021-26412 |
| Microsoft Office SharePoint | CVE-2021-27052, CVE-2021-27076, CVE-2021-24104 |
| Microsoft DNS Server | CVE-2021-27063, CVE-2021-26896, CVE-2021-26877, CVE-2021-26893, CVE-2021-26897, CVE-2021-26894, CVE-2021-26895 |
