Microsoft has updated/published two security advisories: Microsoft Guidance for Addressing Security Feature Bypass in GRUB and Microsoft Edge (Chromium-based).
************************************************************************************** Title: Microsoft Security Update Releases Issued: March 5, 2021 ************************************************************************************** Summary ======= The following advisory has undergone a major revision increment: - ADV200011 | Microsoft Guidance for Addressing Security Feature Bypass in GRUB - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1730 - Version 2.0 - Reason for Revision: Advisory updated to add the following CVEs: CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-3418, CVE-2021-20225, CVE-2021-20233. A new mitigation option will become available soon for these new CVEs. When this option does become available, customers will be notified via revision to this advisory. We recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See https://technet.microsoft.com/en-us/security/dd252948. - Originally posted: July 29, 2020 - Updated: March 4, 2021 - Aggregate CVE Severity Rating: Important ======================================================================================= The following Chrome CVEs have been released on March 4, 2021. These CVE were assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses these vulnerabilities. Please see Google Chrome Releases (https://chromereleases.googleblog.com/2021) for more information. See https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/ for more information about third-party CVEs in the Security Update Guide. *CVE-2021-21159 *CVE-2021-21175 *CVE-2021-21160 *CVE-2021-21176 *CVE-2021-21161 *CVE-2021-21177 *CVE-2021-21162 *CVE-2021-21178 *CVE-2021-21163 *CVE-2021-21179 *CVE-2021-21164 *CVE-2021-21180 *CVE-2021-21165 *CVE-2021-27844 *CVE-2021-21166 *CVE-2020-21181 *CVE-2021-21167 *CVE-2021-21182 *CVE-2021-21168 *CVE-2021-21183 *CVE-2021-21169 *CVE-2021-21184 *CVE-2021-21170 *CVE-2021-21185 *CVE-2021-21171 *CVE-2021-21186 *CVE-2021-21172 *CVE-2021-21187 *CVE-2021-21173 *CVE-2021-21188 *CVE-2021-21174 *CVE-2021-21189 *CVE-2021-21190 Revision Information: ===================== - Version 1.0 - Reason for Revision: Information published. - Originally posted: March 4, 2021