Mar 11, 2021
Microsoft Security Update Releases
Hash: SHA256
**************************************************************************************
Title: Microsoft Security Update Releases
Issued: March 11, 2021
**************************************************************************************
Summary
=======
The following CVE and advisory have undergone a revision increments:
Critical CVEs
============================
* CVE-2021-26855 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
* CVE-2021-27065 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065
* CVE-2021-26857 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857
Important CVEs
============================
* CVE-2021-26858 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26858
Publication information
===========================
- Microsoft Exchange Server Remote Code Execution Vulnerability
- See preceding list for links
- Version 4.0
- Reason for Revision: Microsoft is releasing the final set of security updates for
CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several
Cumulative Updates that are out of support, including Exchange Server 2019, CU1
and CU2; and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. These updates address
only those CVEs. Customers who want to be protected from these vulnerabilities can
apply these updates if they are not Exchange Server on a supported cumulative update.
Microsoft strongly recommends that customers update to the latest supported cumulative
updates.
- Originally posted: March 2, 2021
- Updated: March 11, 2021
ADV990001
- ADV990001 | Latest Servicing Stack Updates
- https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
- Version 34.1
- Reason for Revision: Removed information for Windows 10 versions 2004 and 20H2
as these service stack updates have been rolled into the cumulative update.
- Originally posted: March 2, 2021
- Updated: November 13, 2018