Security News

Patches for four actively exploited Exchange Server vulnerabilities have already been delivered with the updates for supported versions released last week. Among the vulnerabilities patched by Microsoft on this March 2021 Patch Tuesday are several deserving extra attention.

Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. With today's update, Microsoft has fixed 82 vulnerabilities, with 10 classified as Critical and 72 as Important.

Exchange Servers targeted via zero-day exploits, have yours been hit?Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. March 2021 Patch Tuesday forecast: Off to an early startMicrosoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates for actively exploited bugs in Exchange Server.

Microsoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates this week to address four zero-day vulnerabilities in Exchange Server. Early reports from the field indicate the updates apply smoothly following Microsoft's directions, with a reboot required.

Microsoft has removed a faulty servicing stack update, which was causing issues for Windows users when they tried to install last week's Patch Tuesday security updates. Microsoft said that the erroneous servicing-stack update froze installations for the "Cumulative Update" from the recent Windows Update.

Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. Windows 10 users should note that while the operating system installs all monthly patch roll-ups in one go, that rollup does not typically include.

For its February Patch Day, Microsoft released security advisories covering 56 CVE-assigned vulnerabilities, 11 of them rated critical. The Windows giant managed to publish a misspelled URL on the landing page for its February updates that instead of taking visitors to the intended Microsoft Security Response Center post about API changes, pointed to msrc-blog.

The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors. Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.

Microsoft has plugged 56 security holes, including one actively exploited privilege escalation flaw. Adobe has released security updates for Acrobat and Reader, Dreamweaver, Photoshop, Illustrator, Animate, and the Magento CMS. Out of all of those, the Acrobat and Reader updates should be tested and deployed as soon as possible, as they fix a bucketload of critical and important issues in widely used solutions, including one bug that is being exploited in "Limited" attacks on Reader for Windows.

Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day. With today's update, Microsoft has fixed for 56 vulnerabilities, with eleven classified as Critical, two as Moderate, and 43 as Important.