انتشار به روزرسانی سه شنبه های مایکروسافت – مارچ 2021

patch tuesday march2021

دیروز مایکروسافت بسته امنیتی سه شنبه ماه مارچ را منتشر کرد. در این به روز رسانی  82 آسیب پذیری رفع شده که 10 مورد از آنها از جمله آسیب پذیری های حیاتی هستند. این 82 مورد شامل 7 آسیب پذیری Exchange و 33 آسیب پذیری Chromium Edge که قبلا منتشر شده بود، نیست.


ضمنا دو آسیب پذیری Zero-day که به صورت عمومی منتشر شده و توسط مهاجمین استفاده شده اند، در این به روزرسانی رفع شده اند.


Microsoft Exchange ProxyLogon attacks

هفته پیش مایکروسافت یک آپدیت فوری بابت این آسیب پذیری منتشر کرد و ما نیز در خبرهای قبلی و کانال تلگرام این شرکت اطلاع رسانی های مربوطه را انجام دادیم.
مهاجمین از این آسیب پذیری ها بهره برداری کرده و Web Shellها و سایر بدافزارها را نصب می کنند.
کدهای شناسایی این آسیب پذیری ها :


CVE-2021-26854 - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26857 - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-26858 - Microsoft Exchange Server Remote Code Execution Vulnerability

مایکروسافت یک اسکریپ PowerShell نیز به نام  Test-ProxyLogon.ps1  منتشر نموده که IOC ها را در لاگهای Exchange HttpProxy،Exchange log filesو Windows Application event بررسی می کند.
برای سه آسیب پذیری Microsoft Exchange که در حمله ای مورد بهره برداری قرار نگرفته اند، با کدهای شناسایی زیر نیز به روز رسانی هایی منتشر شده است :


    "CVE-2021-26412 - Microsoft Exchange Server Remote Code Execution Vulnerability"
    "CVE-2021-27065 - Microsoft Exchange Server Remote Code Execution Vulnerability"
    "CVE-2021-27078 - Microsoft Exchange Server Remote Code Execution Vulnerability"

 

همچنین این کمپانی، Microsoft Defender را به منظور شناسایی Web shellها و IOCهای مرتبط با این حمله، آپدیت نموده است.


دو آسیب پذیری Zero-day

در ماه ژانویه گوگل کشف کرد که گروه Lazarus حملاتی را با استفاده از پروژه های Visual Studio در معرض خطر و اکسپلویت های Zero-day ناشناخته، هدایت می کنند.
در ماه فوریه محققین امنیتی کره جنوبی کشف کردن که مهاجمین از یک آسیب پذیری Zero-day در اینترنت اکسپلورر برای نصب Backdoorها بهره برداری می کنند.
آسیب پذیری مذکور با کد شناسایی CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability) در به روز رسانی ماه مارچ رفع شده است.
آسیب پذیری Zero-day دیگر با کد شناسایی CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability) نیز رفع شده است. این آسیب پذیری توسط Trend Micro افشا شده بود.

لیست کامل به روز رسانی های این ماه در جدول زیر ارائه می گردد :

TagCVE IDCVE TitleSeverity
Application Virtualization CVE-2021-26890 Application Virtualization Remote Code Execution Vulnerability Important
Azure CVE-2021-27075 Azure Virtual Machine Information Disclosure Vulnerability Important
Azure Sphere CVE-2021-27074 Azure Sphere Unsigned Code Execution Vulnerability Critical
Azure Sphere CVE-2021-27080 Azure Sphere Unsigned Code Execution Vulnerability Critical
Internet Explorer CVE-2021-27085 Internet Explorer Remote Code Execution Vulnerability Important
Internet Explorer CVE-2021-26411 Internet Explorer Memory Corruption Vulnerability Critical
Microsoft ActiveX CVE-2021-26869 Windows ActiveX Installer Service Information Disclosure Vulnerability Important
Microsoft Edge on Chromium CVE-2021-21173 Chromium CVE-2021-21173: Side-channel information leakage in Network Internals Unknown
Microsoft Edge on Chromium CVE-2021-21172 Chromium CVE-2021-21172: Insufficient policy enforcement in File System API Unknown
Microsoft Edge on Chromium CVE-2021-21169 Chromium CVE-2021-21169: Out of bounds memory access in V8 Unknown
Microsoft Edge on Chromium CVE-2021-21170 Chromium CVE-2021-21170: Incorrect security UI in Loader Unknown
Microsoft Edge on Chromium CVE-2021-21171 Chromium CVE-2021-21171: Incorrect security UI in TabStrip and Navigation Unknown
Microsoft Edge on Chromium CVE-2021-21175 Chromium CVE-2021-21175: Inappropriate implementation in Site isolation Unknown
Microsoft Edge on Chromium CVE-2021-21176 Chromium CVE-2021-21176: Inappropriate implementation in full screen mode Unknown
Microsoft Edge on Chromium CVE-2021-21177 Chromium CVE-2021-21177: Insufficient policy enforcement in Autofill Unknown
Microsoft Edge on Chromium CVE-2021-21174 Chromium CVE-2021-21174: Inappropriate implementation in Referrer Unknown
Microsoft Edge on Chromium CVE-2021-21178 Chromium CVE-2021-21178 : Inappropriate implementation in Compositing Unknown
Microsoft Edge on Chromium CVE-2021-21161 Chromium CVE-2021-21161: Heap buffer overflow in TabStrip Unknown
Microsoft Edge on Chromium CVE-2021-21162 Chromium CVE-2021-21162: Use after free in WebRTC Unknown
Microsoft Edge on Chromium CVE-2021-21160 Chromium CVE-2021-21160: Heap buffer overflow in WebAudio Unknown
Microsoft Edge on Chromium CVE-2020-27844 Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG Unknown
Microsoft Edge on Chromium CVE-2021-21159 Chromium CVE-2021-21159: Heap buffer overflow in TabStrip Unknown
Microsoft Edge on Chromium CVE-2021-21163 Chromium CVE-2021-21163: Insufficient data validation in Reader Mode Unknown
Microsoft Edge on Chromium CVE-2021-21167 Chromium CVE-2021-21167: Use after free in bookmarks Unknown
Microsoft Edge on Chromium CVE-2021-21168 Chromium CVE-2021-21168: Insufficient policy enforcement in appcache Unknown
Microsoft Edge on Chromium CVE-2021-21166 Chromium CVE-2021-21166: Object lifecycle issue in audio Unknown
Microsoft Edge on Chromium CVE-2021-21164 Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOS Unknown
Microsoft Edge on Chromium CVE-2021-21165 Chromium CVE-2021-21165: Object lifecycle issue in audio Unknown
Microsoft Edge on Chromium CVE-2021-21189 Chromium CVE-2021-21189: Insufficient policy enforcement in payments Unknown
Microsoft Edge on Chromium CVE-2021-21181 Chromium CVE-2021-21181: Side-channel information leakage in autofill Unknown
Microsoft Edge on Chromium CVE-2021-21186 Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanning Unknown
Microsoft Edge on Chromium CVE-2021-21190 Chromium CVE-2021-21190 : Uninitialized Use in PDFium Unknown
Microsoft Edge on Chromium CVE-2021-21183 Chromium CVE-2021-21183: Inappropriate implementation in performance APIs Unknown
Microsoft Edge on Chromium CVE-2021-21185 Chromium CVE-2021-21185: Insufficient policy enforcement in extensions Unknown
Microsoft Edge on Chromium CVE-2021-21187 Chromium CVE-2021-21187: Insufficient data validation in URL formatting Unknown
Microsoft Edge on Chromium CVE-2021-21182 Chromium CVE-2021-21182: Insufficient policy enforcement in navigations Unknown
Microsoft Edge on Chromium CVE-2021-21180 Chromium CVE-2021-21180: Use after free in tab search Unknown
Microsoft Edge on Chromium CVE-2021-21184 Chromium CVE-2021-21184: Inappropriate implementation in performance APIs Unknown
Microsoft Edge on Chromium CVE-2021-21179 Chromium CVE-2021-21179: Use after free in Network Internals Unknown
Microsoft Edge on Chromium CVE-2021-21188 Chromium CVE-2021-21188: Use after free in Blink Unknown
Microsoft Exchange Server CVE-2021-26412 Microsoft Exchange Server Remote Code Execution Vulnerability Critical
Microsoft Exchange Server CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability Critical
Microsoft Exchange Server CVE-2021-27078 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Exchange Server CVE-2021-26854 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Exchange Server CVE-2021-26857 Microsoft Exchange Server Remote Code Execution Vulnerability Critical
Microsoft Exchange Server CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability Critical
Microsoft Exchange Server CVE-2021-26858 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2021-26863 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2021-27077 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2021-26861 Windows Graphics Component Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2021-26876 OpenType Font Parsing Remote Code Execution Vulnerability Critical
Microsoft Graphics Component CVE-2021-26875 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2021-26868 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2021-24108 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2021-27058 Microsoft Office ClickToRun Remote Code Execution Vulnerability Important
Microsoft Office CVE-2021-27059 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2021-27053 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2021-27054 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2021-27057 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office PowerPoint CVE-2021-27056 Microsoft PowerPoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2021-27052 Microsoft SharePoint Server Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2021-24104 Microsoft SharePoint Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2021-27076 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2021-27055 Microsoft Visio Security Feature Bypass Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-27050 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-27049 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-26884 Windows Media Photo Codec Information Disclosure Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-27051 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-27062 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-24110 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-24089 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2021-27061 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2021-27048 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-27047 HEVC Video Extensions Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2021-26902 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Power BI CVE-2021-26859 Microsoft Power BI Information Disclosure Vulnerability Important
Role: DNS Server CVE-2021-27063 Windows DNS Server Denial of Service Vulnerability Important
Role: DNS Server CVE-2021-26893 Windows DNS Server Remote Code Execution Vulnerability Important
Role: DNS Server CVE-2021-26897 Windows DNS Server Remote Code Execution Vulnerability Critical
Role: DNS Server CVE-2021-26894 Windows DNS Server Remote Code Execution Vulnerability Important
Role: DNS Server CVE-2021-26895 Windows DNS Server Remote Code Execution Vulnerability Important
Role: DNS Server CVE-2021-26896 Windows DNS Server Denial of Service Vulnerability Important
Role: DNS Server CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability Important
Role: Hyper-V CVE-2021-26867 Windows Hyper-V Remote Code Execution Vulnerability Critical
Role: Hyper-V CVE-2021-26879 Windows NAT Denial of Service Vulnerability Important
Visual Studio CVE-2021-27084 Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability Important
Visual Studio CVE-2021-21300 Git for Visual Studio Remote Code Execution Vulnerability Critical
Visual Studio Code CVE-2021-27060 Visual Studio Code Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2021-27081 Visual Studio Code ESLint Extension Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2021-27083 Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2021-27082 Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability Important
Windows Admin Center CVE-2021-27066 Windows Admin Center Security Feature Bypass Vulnerability Important
Windows Container Execution Agent CVE-2021-26891 Windows Container Execution Agent Elevation of Privilege Vulnerability Important
Windows Container Execution Agent CVE-2021-26865 Windows Container Execution Agent Elevation of Privilege Vulnerability Important
Windows DirectX CVE-2021-24095 DirectX Elevation of Privilege Vulnerability Important
Windows Error Reporting CVE-2021-24090 Windows Error Reporting Elevation of Privilege Vulnerability Important
Windows Event Tracing CVE-2021-24107 Windows Event Tracing Information Disclosure Vulnerability Important
Windows Event Tracing CVE-2021-26872 Windows Event Tracing Elevation of Privilege Vulnerability Important
Windows Event Tracing CVE-2021-26901 Windows Event Tracing Elevation of Privilege Vulnerability Important
Windows Event Tracing CVE-2021-26898 Windows Event Tracing Elevation of Privilege Vulnerability Important
Windows Extensible Firmware Interface CVE-2021-26892 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability Important
Windows Folder Redirection CVE-2021-26887 Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability Important
Windows Installer CVE-2021-26862 Windows Installer Elevation of Privilege Vulnerability Important
Windows Media CVE-2021-26881 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important
Windows Overlay Filter CVE-2021-26874 Windows Overlay Filter Elevation of Privilege Vulnerability Important
Windows Overlay Filter CVE-2021-26860 Windows App-V Overlay Filter Elevation of Privilege Vulnerability Important
Windows Print Spooler Components CVE-2021-1640 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Print Spooler Components CVE-2021-26878 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Projected File System Filter Driver CVE-2021-26870 Windows Projected File System Elevation of Privilege Vulnerability Important
Windows Registry CVE-2021-26864 Windows Virtual Registry Provider Elevation of Privilege Vulnerability Important
Windows Remote Access API CVE-2021-26882 Remote Access API Elevation of Privilege Vulnerability Important
Windows Storage Spaces Controller CVE-2021-26880 Storage Spaces Controller Elevation of Privilege Vulnerability Important
Windows Update Assistant CVE-2021-27070 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2021-1729 Windows Update Stack Setup Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2021-26889 Windows Update Stack Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability Important
Windows UPnP Device Host CVE-2021-26899 Windows UPnP Device Host Elevation of Privilege Vulnerability Important
Windows User Profile Service CVE-2021-26873 Windows User Profile Service Elevation of Privilege Vulnerability Important
Windows User Profile Service CVE-2021-26886 User Profile Service Denial of Service Vulnerability Important
Windows WalletService CVE-2021-26871 Windows WalletService Elevation of Privilege Vulnerability Important
Windows WalletService CVE-2021-26885 Windows WalletService Elevation of Privilege Vulnerability Important
Windows Win32K CVE-2021-26900 Windows Win32k Elevation of Privilege Vulnerability Important

 

منبع : https://www.bleepingcomputer.com

 

 

افزودن دیدگاه جدید

نظر خودتان را ارسال کنید

کاربر گرامی چنانچه تمایل دارید، نقد یا نظر شما به نام خودتان در سایت ثبت شود، لطفا وارد سایت شوید.

طراحی سایت طراحی سایت طراحی سایت طراحی سایت

کلیه حقوق این سایت محفوظ و متعلق به شرکت مهندسی تحقیق و توسعه ارتباط پانا می باشد.

گفتگوی آنلاین