Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5000807
HistoryMar 09, 2021 - 8:00 a.m.

March 9, 2021—KB5000807 (OS Build 10240.18874)

2021-03-0908:00:00
Microsoft
support.microsoft.com
10

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.277 Low

EPSS

Percentile

96.8%

JSON

March 9, 2021—KB5000807 (OS Build 10240.18874)

NEW 3/9/21 **IMPORTANT **As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update (WU) and Windows Server Update Services (WSUS). Installing KB4577586 will remove Adobe Flash Player permanently from your Windows device. Once installed, you cannot uninstall KB4577586. For more details about Microsoft’s plans, see Update on Adobe Flash Player End of Support.

12/8/20
For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1507 update history home page.

Highlights

  • Updates to improve security when using Microsoft Office products.
  • Updates security for the Windows user interface.

Improvements and fixes

This security update includes quality improvements. Key changes include:

  • Addresses an elevation of privilege security vulnerability documented in CVE-2021-1640 related to print jobs submitted to “FILE:” ports. After installing Windows updates from March 9, 2021 and later, print jobs that are in a pending state before restarting the print spooler service or restarting the OS will remain in an error state. Manually delete the affected print jobs and resubmit them to the print queue when the print spooler service is online.
  • Security updates to the Windows Shell, Windows User Account Control (UAC), Windows Fundamentals, Windows Core Networking, the Microsoft Graphics Component, Internet Explorer, Microsoft Edge Legacy, and Windows Media.
    If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new Security Update Guide website.

Windows Update ImprovementsMicrosoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn’t apply to long-term servicing editions.

Known issues in this update

Symptom Workaround
After installing updates released March 9, 2021 or March 15, 2021, you might get unexpected results when printing from some apps. Issues might include:
  • Elements of the document might print as solid black/color boxes or might be missing, including barcodes, QR codes, and graphics elements, such as logos.
  • Table lines might be missing. Other alignment or formatting issues might also be present.
  • Printing from some apps or to some printers might result in a blank page or label.
    | This issue is resolved in KB5001631.

How to get this update

Before installing this updateMicrosoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB5001079) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.Install this update****Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows 10Classification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for cumulative update 5000807.

Related

nessus 11
openvas 3
mskb 15
kaspersky 3
attackerkb 4
githubexploit 2
mscve 23
prion 23
cve 23
zdi 16
checkpoint_advisories 2
krebs 1
thn 9
malwarebytes 1
cisa_kev 1
rapid7blog 1
securelist 3
threatpost 3
qualysblog 3
avleonov 1
googleprojectzero 1
nessus
nessus
KB5000807: Windows 10 March 2021 Security Update
2021-03-09 00:00:00
KB5000840: Windows Server 2012 March 2021 Security Update
2021-03-09 00:00:00
KB5000809: Windows 10 Version 1803 March 2021 Security Update
2021-03-09 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5000807)
2021-03-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5000847)
2021-03-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5000802)
2021-03-10 00:00:00
mskb
mskb
March 9, 2021—KB5000809 (OS Build 17134.2087)
2021-03-09 08:00:00
March 9, 2021—KB5000847 (Monthly Rollup)
2021-03-09 08:00:00
March 9, 2021—KB5000848 (Monthly Rollup)
2021-03-09 08:00:00
kaspersky
kaspersky
KLA12112 Multiple vulnerabilities in Microsoft Products (ESU)
2021-03-09 00:00:00
KLA12111 Multiple vulnerabilities in Microsoft Windows
2021-03-09 00:00:00
KLA12108 Multiple vulnerabilities in Microsoft Browser
2021-03-09 00:00:00
attackerkb
attackerkb
CVE-2021-27077
2021-03-11 00:00:00
CVE-2021-26899
2021-03-11 00:00:00
CVE-2021-26868
2021-03-11 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2021-03-25 02:38:08
Exploit for Vulnerability in Microsoft
2021-03-11 21:13:51
mscve
mscve
Windows WalletService Elevation of Privilege Vulnerability
2021-03-09 08:00:00
Windows Update Service Elevation of Privilege Vulnerability
2021-03-09 08:00:00
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
2021-03-09 08:00:00
prion
prion
Remote code execution
2021-03-11 16:15:00
Denial of service
2021-03-11 16:15:00
Privilege escalation
2021-03-11 16:15:00
cve
cve
CVE-2021-26879
2021-03-11 16:15:00
CVE-2021-26885
2021-03-11 16:15:00
CVE-2021-26871
2021-03-11 16:15:00
zdi
zdi
Microsoft Windows win32kfull MulLineTo Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-04-29 00:00:00
Microsoft Windows win32kfull MulStrokePath Untrusted Pointer Dereference Privilege Escalation Vulnerability
2021-04-28 00:00:00
Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability
2021-03-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (CVE-2021-26411)
2021-03-09 00:00:00
Microsoft Windows Graphics Component Elevation of Privilege (CVE-2021-26868)
2021-03-09 00:00:00
krebs
krebs
Microsoft Patch Tuesday, March 2021 Edition
2021-03-10 01:42:39
thn
thn
Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
2021-07-29 15:18:00
Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
2023-10-19 13:47:00
New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer
2022-04-28 08:20:00
malwarebytes
malwarebytes
Crimea “manifesto” deploys VBA Rat using double attack vectors
2021-07-29 15:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Memory Corruption Vulnerability
2021-11-03 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2021
2021-03-09 22:13:03
securelist
securelist
Updated MATA attacks industrial companies in Eastern Europe
2023-10-18 10:00:51
IT threat evolution in Q3 2021. PC statistics
2021-11-26 12:00:36
IT threat evolution Q1 2021. Non-mobile statistics
2021-05-31 10:00:05
threatpost
threatpost
InkySquid State Actor Exploiting Known IE Bugs
2021-08-19 20:19:04
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
2021-03-09 22:12:56
Safari Zero-Day Used in Malicious LinkedIn Campaign
2021-07-15 11:04:49
qualysblog
qualysblog
March 2021 Patch Tuesday – 82 Vulnerabilities, 10 Critical, Adobe
2021-03-09 21:33:26
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
avleonov
avleonov
Vulristics: Microsoft Patch Tuesdays Q1 2021
2021-03-26 02:47:52
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L

7.6 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.277 Low

EPSS

Percentile

96.8%

JSON
Related for KB5000807
nessus11openvas3mskb15kaspersky3attackerkb4githubexploit2mscve23prion23cve23zdi16checkpoint_advisories2krebs1thn9malwarebytes1cisa_kev1rapid7blog1securelist3threatpost3qualysblog3avleonov1googleprojectzero1