Please see Security Advisories for the week ending March 19, 2021
- Zero-Day in Google Chrome Browser Actively Exploited in the Wild
- Microsoft Releases Exchange On-premises Mitigation Tool
- Cisco Releases Security Updates for Several Products
________________________________
Zero-Day in Google Chrome Browser Actively Exploited in the Wild
Situation
On March 12, 2021 Google has released Chrome version 89.0.4389.90 for Windows, Mac, and Linux operating systems. Google is now aware of reports that one of the vulnerabilities CVE-2021-21193 exploits currently exists in the wild.
Problem
The vulnerability CVE-2021-21193 is caused by a use-after-free bug in Google Chrome’s browser engine Blink, which is used to convert HTML code to a beautiful webpage. This vulnerability currently has exploits that exists in the wild.
Implication
If a remote attacker is able to successfully exploit CVE-2021-21193 it could allow them to perform arbitrary remote code execution and take control of the affected device.
Need
Google recommends updating to Chrome version 89.0.4389.90 for Windows, Mac, and Linux operating systems to protect against this vulnerability.
For a more technical overview:
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_12.html
________________________________
Microsoft Releases Exchange On-premises Mitigation Tool
Situation
Microsoft has released the one-click Exchange On-Premises Mitigation Tool that can automate portions of both the detection and patching process. This tool is used to help customers who do not have dedicated security or IT teams to apply security updates.
Problem
This tool is designed to help customers mitigate the threat posed by four actively exploited vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) that impact On-Premises Exchange Server 2013, 2016, and 2019. This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching.
Need
Microsoft recommend that all customers who have not yet applied the on-premises Exchange security update to download the tool and run it on your Exchange servers immediately. Microsoft also strongly recommends applying on-premises Exchange security update as soon as possible. Additional information can be found in the link below.
For a more technical overview:
________________________________
Cisco Releases Security Updates for Several Products
Situation
Cisco released multiple security patches in several of their products that they found vulnerabilities in, where remote attackers might be able to remotely attack and take control of the product or devices or further compromise the internal infrastructure.
Problem
Cisco has found vulnerabilities in the following products that could allow an attacker to remotely take over the affected systems. Cisco Email Security, Cisco WebEx Meetings, and SD-WAN vManage.
Implication
If the vulnerable software is left unpatched it leaves an attack surface that might allow the attackers to remotely control the affected device or software. This would allow the remote attackers potential full control over the devices and software.
Need
Cisco advises installing all available updates to patch known vulnerabilities.
For a brief overview,
https://us-cert.cisa.gov/ncas/current-activity/2021/03/04/cisco-releases-security-updates
For a more technical overview:
https://tools.cisco.com/security/center/publicationListing.x
