Security News

On the off chance you were looking for more security to-dos from Microsoft todaythe company released software updates to plug more than 82 security flaws in Windows and other supported software. This is probably a good place to quote Ghacks.net's Martin Brinkman: This is the last patch hurrah for the legacy Microsoft Edge web browser, which is being retired by Microsoft.

Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall. Included in the slew are 14 critical flaws and 75 important-severity flaws.

Patches for four actively exploited Exchange Server vulnerabilities have already been delivered with the updates for supported versions released last week. Among the vulnerabilities patched by Microsoft on this March 2021 Patch Tuesday are several deserving extra attention.

It's raining patches in the Microsoft Windows ecosystem. Software giant on Tuesday dropped a mega-batch of security updates with patches for a whopping 89 documented vulnerabilities, including one used in zero-day attacks against some in the white-hat hacker community.

Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. With today's update, Microsoft has fixed 82 vulnerabilities, with 10 classified as Critical and 72 as Important.

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content. According to the update notes posted by Apple, the flaw stems from a memory corruption issue that could lead to arbitrary code execution when processing specially crafted web content.

Exchange Servers targeted via zero-day exploits, have yours been hit?Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. March 2021 Patch Tuesday forecast: Off to an early startMicrosoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates for actively exploited bugs in Exchange Server.

Microsoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates this week to address four zero-day vulnerabilities in Exchange Server. Early reports from the field indicate the updates apply smoothly following Microsoft's directions, with a reboot required.

"CISA has determined that this exploitation of Microsoft Exchange on-premises products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action," reads the March 3 alert. "With organizations migrating to Microsoft Office 365 en masse over the last few years, it's easy to forget that on-premises Exchange servers are still in service," Saryu Nayyar, CEO, Gurucul, said via email.

The Department of Homeland Security's cybersecurity unit has ordered federal agencies to urgently update or disconnect Microsoft Exchange on-premises products on their networks. CISA "Strongly" recommended federal agencies to examine their networks to detect malicious activity related to zero-day attacks targeting Exchange servers.