Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.
With today's update, Microsoft has fixed for 56 vulnerabilities, with eleven classified as Critical, two as Moderate, and 43 as Important.
There is also one zero-day vulnerability and six previously disclosed vulnerabilities fixed as part of the February 2021 updates.
For information about the non-security Windows updates, you can read about today's Windows 10 KB4601315 & KB4601319 cumulative updates.
Zero-day and publicly disclosed vulnerabilities fixed
Microsoft fixed both a zero-day and numerous publicly disclosed vulnerabilities as part of the months security updates.
The actively exploited zero-day is tracked as 'CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability' and allows an attacker or malicious program to elevate their privileges to administrative privileges.
This vulnerability was discovered by researchers at DBAPPSecurity Co., Ltd.
In addition to the zero-day vulnerability, Microsoft also states that they also patched numerous publicly disclosed vulnerabilities:
- CVE-2021-1721 - .NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2021-1727 - Windows Installer Elevation of Privilege Vulnerability
- CVE-2021-1733 - Sysinternals PsExec Elevation of Privilege Vulnerability
- CVE-2021-24098 - Windows Console Driver Denial of Service Vulnerability
- CVE-2021-24106 - Windows DirectX Information Disclosure Vulnerability
- CVE-2021-26701 - .NET Core Remote Code Execution Vulnerability
Supply chain attack fix
Today, Microsoft fixed a vulnerability tracked as CVE-2021-24105 in their Azure Artifactory product that was discovered after researchers used it in a PoC attack against Microsoft's systems.
This vulnerability allowed threat actors to create malicious public packages that have the same name as internal packages used by internal company applications. When these applications are built, they would instead pull down the malicious package rather than using their own internal one, and trigger a supply chain attack.
This attack affected numerous companies including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla, Yelp, Tesla, and Uber.
More information about this vulnerability can be found in our dedicated 'Researcher hacks Microsoft, Apple, more in novel supply chain attack' article.
Recent updates from other companies
Other vendors who released updates in February include:
- Adobe released numerous fixes for Adobe Acrobat and Reader.
- Android's February security updates were released last week.
- Apple released macOS and Safari updates at the beginning of the month.
- Cisco released security updates for the Cisco iOS, Cisco Security Manager, Identity Manager, and for an RCE vulnerability in their SMB VPN routers.
- Fortinet released security fixes for FortiProxy SSL VPN and FortiWeb.
- SAP released its February 2021 security updates.
- SonicWall released a fix for their SMA-100 zero day vulnerability.
The February 2021 Patch Tuesday Security Updates
Below is the full list of resolved vulnerabilities and released advisories in the February 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Core | CVE-2021-26701 | .NET Core Remote Code Execution Vulnerability | Critical |
| .NET Core | CVE-2021-24112 | .NET Core Remote Code Execution Vulnerability | Critical |
| .NET Core & Visual Studio | CVE-2021-1721 | .NET Core and Visual Studio Denial of Service Vulnerability | Important |
| .NET Framework | CVE-2021-24111 | .NET Framework Denial of Service Vulnerability | Important |
| Azure IoT | CVE-2021-24087 | Azure IoT CLI extension Elevation of Privilege Vulnerability | Important |
| Developer Tools | CVE-2021-24105 | Package Managers Configurations Remote Code Execution Vulnerability | Important |
| Microsoft Azure Kubernetes Service | CVE-2021-24109 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | Moderate |
| Microsoft Dynamics | CVE-2021-24101 | Microsoft Dataverse Information Disclosure Vulnerability | Important |
| Microsoft Dynamics | CVE-2021-1724 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | Important |
| Microsoft Edge for Android | CVE-2021-24100 | Microsoft Edge for Android Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2021-24085 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2021-1730 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Graphics Component | CVE-2021-24093 | Windows Graphics Component Remote Code Execution Vulnerability | Critical |
| Microsoft Office Excel | CVE-2021-24067 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2021-24068 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2021-24069 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2021-24070 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-24071 | Microsoft SharePoint Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1726 | Microsoft SharePoint Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-24066 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-24072 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Teams | CVE-2021-24114 | Microsoft Teams iOS Information Disclosure Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-24081 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | Critical |
| Microsoft Windows Codecs Library | CVE-2021-24091 | Windows Camera Codec Pack Remote Code Execution Vulnerability | Critical |
| Role: DNS Server | CVE-2021-24078 | Windows DNS Server Remote Code Execution Vulnerability | Critical |
| Role: Hyper-V | CVE-2021-24076 | Microsoft Windows VMSwitch Information Disclosure Vulnerability | Important |
| Role: Windows Fax Service | CVE-2021-24077 | Windows Fax Service Remote Code Execution Vulnerability | Critical |
| Role: Windows Fax Service | CVE-2021-1722 | Windows Fax Service Remote Code Execution Vulnerability | Critical |
| Skype for Business | CVE-2021-24073 | Skype for Business and Lync Spoofing Vulnerability | Important |
| Skype for Business | CVE-2021-24099 | Skype for Business and Lync Denial of Service Vulnerability | Important |
| SysInternals | CVE-2021-1733 | Sysinternals PsExec Elevation of Privilege Vulnerability | Important |
| System Center | CVE-2021-1728 | System Center Operations Manager Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2021-1639 | Visual Studio Code Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2021-26700 | Visual Studio Code npm-script Extension Remote Code Execution Vulnerability | Important |
| Windows Address Book | CVE-2021-24083 | Windows Address Book Remote Code Execution Vulnerability | Important |
| Windows Backup Engine | CVE-2021-24079 | Windows Backup Engine Information Disclosure Vulnerability | Important |
| Windows Console Driver | CVE-2021-24098 | Windows Console Driver Denial of Service Vulnerability | Important |
| Windows Defender | CVE-2021-24092 | Microsoft Defender Elevation of Privilege Vulnerability | Important |
| Windows DirectX | CVE-2021-24106 | Windows DirectX Information Disclosure Vulnerability | Important |
| Windows Event Tracing | CVE-2021-24102 | Windows Event Tracing Elevation of Privilege Vulnerability | Important |
| Windows Event Tracing | CVE-2021-24103 | Windows Event Tracing Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2021-1727 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2021-24096 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2021-1732 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2021-1698 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Windows Mobile Device Management | CVE-2021-24084 | Windows Mobile Device Management Information Disclosure Vulnerability | Important |
| Windows Network File System | CVE-2021-24075 | Windows Network File System Denial of Service Vulnerability | Important |
| Windows PFX Encryption | CVE-2021-1731 | PFX Encryption Security Feature Bypass Vulnerability | Important |
| Windows PKU2U | CVE-2021-25195 | Windows PKU2U Elevation of Privilege Vulnerability | Important |
| Windows PowerShell | CVE-2021-24082 | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | Important |
| Windows Print Spooler Components | CVE-2021-24088 | Windows Local Spooler Remote Code Execution Vulnerability | Critical |
| Windows Remote Procedure Call | CVE-2021-1734 | Windows Remote Procedure Call Information Disclosure Vulnerability | Important |
| Windows TCP/IP | CVE-2021-24086 | Windows TCP/IP Denial of Service Vulnerability | Important |
| Windows TCP/IP | CVE-2021-24074 | Windows TCP/IP Remote Code Execution Vulnerability | Critical |
| Windows TCP/IP | CVE-2021-24094 | Windows TCP/IP Remote Code Execution Vulnerability | Critical |
| Windows Trust Verification API | CVE-2021-24080 | Windows Trust Verification API Denial of Service Vulnerability | Moderate |
Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks
Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now