Severity
High
Analysis Summary
Last night, Microsoft released patches for 115 vulnerabilities in different products. Of these vulnerabilities, 24 are classified as Critical, 88 as Important, and 3 as Moderate. The vulnerabilities can be exploited for a number of malicious activities including privilege escalation, denial of service, server tampering, spoofing, information disclosure, remote code execution, memory corruption and cross-site scripting. Below are the affected products that have been patched.
Impact
- Privilege Escalation
- Denial of Service
- Server Tampering
- Spoofing
- Information Disclosure
- Remote Code Execution
- Memory Corruption
- Cross-site Scripting
Affected Vendors
Microsoft
Affected Products
- Azure DevOps Server and Team Foundation Services
- Microsoft Browsers
- Microsoft Dynamics
- Microsoft Edge
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Scripting Engine
- Microsoft Windows
- Open Source Application Inspector
- Remote Desktop Connection Manager
- Visual Studio Extension Installer Service
- Windows Defender
- Windows Diagnostic Hub
- Windows IIS
- Windows Installer
- Windows Kernel
- Windows Servers
Remediation
Apply updates as soon as possible. Find below the links for security updates.
https://www.bleepingcomputer.com/microsoft-patch-tuesday-reports/March-2020.html