Well, another round of this war has been concluded now that the March Patch Tuesday updates are here, as new reports of discovered CVEs have been brought to light. So far, 2021 has been quite abundant in CVEs, with the following numbers being discovered each month:
January: 91 February: 106
Well, it seems that the month of March is quite abundant as well, with 97 CVEs discovered, all of which will be discussed in greater detail in the article below:
The March CVE report includes 97 identified CVEs
Vulnerabilities found in Adobe products
Of the 97 CVEs found this month, only 8 belonged to Adobe programs, more precisely Adobe Connect, Creative Cloud Desktop, and Framemaker. Of the 8 identified CVEs, 4 were rated as being Critical while the other 4 were rated as Important.
Vulnerabilities found in Microsoft products
As always, Microsoft products hold the bulk of identified CVEs, with 89 found this month alone. These CVes affected multiple Microsoft services, including Microsoft Windows components, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office , and more. 4 of these vulnerabilities were considered under active attack, so a smaller patch to fix them right away was released before the regular Patch Tuesday schedule. SPONSORED Of these 89 bugs, they were rated as follows:
14 are listed as Critical 75 are listed as Important in severity.
Which were some of the most severe CVEs?
While all CVEs should be deemed as noteworthy, there were some that stood out due to their severity, or the way they behaved:
CVE-2021-26897 Windows DNS Server Remote Code Execution Vulnerability CVE-2021-26867 Windows Hyper-V Remote Code Execution Vulnerability CVE-2021-27076 Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-26411 Internet Explorer Memory Corruption Vulnerability
All other identified CVEs are listed in the table below: January and February 2021 already started off with an ascending trend in terms of the number of CVEs, but March seems to have brought fewer for a change. Remember that if you use any of the Microsoft or Adobe products and services mentioned above, you stand a greater risk because of the aforementioned vulnerabilities, so remember to download and install the latest Patch Tuesday updates. It could also help to use third-party antivirus tools, but that means spending some more, while the Patch Tuesday updates are, and will always be free. What’s your take on this month’s CVE report? Let us know whether CVEs should be a concern for the general public by leaving us your feedback in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ