Security 10806 Published by

Microsoft has updated/published two security advisories: Microsoft Guidance for Addressing Security Feature Bypass in GRUB and Microsoft Edge (Chromium-based).





**************************************************************************************
Title: Microsoft Security Update Releases
Issued: March 5, 2021
**************************************************************************************

Summary
=======

The following advisory has undergone a major revision increment:

 - ADV200011 | Microsoft Guidance for Addressing Security Feature Bypass in GRUB
 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1730
 - Version 2.0
 - Reason for Revision: Advisory updated to add the following CVEs: CVE-2020-14372,
   CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-3418, 
   CVE-2021-20225, CVE-2021-20233. A new mitigation option will become available soon
   for these new CVEs. When this option does become available, customers will be 
   notified via revision to this advisory. We recommend that you register for the 
   security notifications mailer to be alerted of content changes to this advisory. 
   See https://technet.microsoft.com/en-us/security/dd252948.
 - Originally posted: July 29, 2020
 - Updated: March 4, 2021
 - Aggregate CVE Severity Rating: Important

=======================================================================================

The following Chrome CVEs have been released on March 4, 2021.

These CVE were assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, 
which addresses these vulnerabilities. Please see Google Chrome Releases
(https://chromereleases.googleblog.com/2021) for more information.

See 
https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/
for more information about third-party CVEs in the Security Update Guide.

*CVE-2021-21159         *CVE-2021-21175
*CVE-2021-21160         *CVE-2021-21176
*CVE-2021-21161         *CVE-2021-21177
*CVE-2021-21162         *CVE-2021-21178
*CVE-2021-21163         *CVE-2021-21179 
*CVE-2021-21164         *CVE-2021-21180
*CVE-2021-21165         *CVE-2021-27844
*CVE-2021-21166         *CVE-2020-21181
*CVE-2021-21167         *CVE-2021-21182
*CVE-2021-21168         *CVE-2021-21183
*CVE-2021-21169         *CVE-2021-21184
*CVE-2021-21170         *CVE-2021-21185
*CVE-2021-21171         *CVE-2021-21186
*CVE-2021-21172         *CVE-2021-21187
*CVE-2021-21173         *CVE-2021-21188 
*CVE-2021-21174         *CVE-2021-21189 
                        *CVE-2021-21190 
Revision Information:
=====================

 - Version 1.0
 - Reason for Revision: Information published.
 - Originally posted: March 4, 2021