IaaS, Azure & IT News | Foundation IT

Patch Tuesday Update - February 2021 | Foundation IT

Written by Lizzie Arcari | Feb 11, 2021 4:56:00 PM

Microsoft has released its security updates for February 2021, which has fixes for 56 vulnerabilities in Microsoft products. Every month we will post our vulnerability risk and tips around each patch released, to provide advice for IT professionals and businesses.

Out of the 56 patches; 11 are classed as critical, 43 are classed as important and 2 moderate. There was 1 Zero-Day discovered this month:

  • CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability.

As well as 6 publicly disclosed vulnerabilities, which should be your top vulnerabilities:

  1. CVE-2021-1721 - .NET Core and Visual Studio Denial of Service Vulnerability
  2. CVE-2021-1727 - Windows Installer Elevation of Privilege Vulnerability 
  3. CVE-2021-1733 - Sysinternals PsExec Elevation of Privilege Vulnerability 
  4. CVE-2021-24098 - Windows Console Driver Denial of Service Vulnerability 
  5. CVE-2021-24106 - Windows DirectX Information Disclosure Vulnerability 
  6. CVE-2021-26701 - .NET Core Remote Code Execution Vulnerability 

Other Products:

Other companies who have released security updates this week:

  • Adobe: released numerous fixed for Adobe Acrobat and Reader.
  • Android: February security updates were released last week.
  • Apple: released macOS and Safari updates at the beginning of the month.
  • Cisco: released security updates for the Cisco iOS, Cisco Security Manager, Identity Manager and for an RCE vulnerability in their SMB VPN routers.
  • Fortinet: released security fixes for FortiProxy SSL VPN and FortiWeb.
  • SAP: released it’s February 2021 security updates.
  • SonicWall: released a fix for their SMA-100 zero day vulnerability.

 

All the patches can be found in the table below or alternatively downloaded here.

We have also curated a downloadable Patching Best Practice Guide.

Category

CVE IDs

CVE Title

Severity

FIT Risk & Tip

.NET Repository
2

CVE-2021-26701

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

Critical

Very High- This attack requires an attacker to invest a great deal of effort to execute but it can be done from various levels of the network stack up to the entire internet so we would install this as soon as possible.

.NET core & Visual Studio
1

CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

Important

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

.NET Framework
1

CVE-2021-24111

.NET Framework Denial of Service Vulnerability

Important

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

Azure IoT
1

CVE-2021-24087

Azure IoT CLI extension Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Developer Tools
1

CVE-2021-24105

Package Managers Configurations Remote Code Execution Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Microsoft Azure Kubernetes Service
1

CVE-2021-24109

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Moderate

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Microsoft Dynamics
2

CVE-2021-24101
CVE-2021-1724

Microsoft Dataverse Information Disclosure Vulnerability
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Microsoft Edge for Android
1

CVE-2021-24100

Microsoft Edge for Android Information Disclosure Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Microsoft Exchange Server
2

CVE-2021-24085
CVE-2021-1730

Microsoft Exchange Server Spoofing Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Microsoft Graphics Component
1

CVE-2021-24093

Windows Graphics Component Remote Code Execution Vulnerability

Critical 

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Microsoft Office Excel
4

CVE-2021-24067
CVE-2021-24068
CVE-2021-24069
CVE-2021-24070

Microsoft Excel Remote Code Execution Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Microsoft Office SharePoint
4

CVE-2021-24071
CVE-2021-1726
CVE-2021-24066
CVE-2021-24072

Microsoft SharePoint Information Disclosure Vulnerability
Microsoft SharePoint Spoofing Vulnerability
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Microsoft Teams
1

CVE-2021-24114

Microsoft Teams iOS Information Disclosure Vulnerability

Important

High- This attack requires local or network access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Microsoft Windows Codecs Library
2

CVE-2021-24081
CVE-2021-24091

Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Windows Camera Codec Pack Remote Code Execution Vulnerability

Critical

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Role: DNS Server
1

CVE-2021-24078

Windows DNS Server Remote Code Execution Vulnerability

Critical

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Role: Hyper-V
1

CVE-2021-24076

Microsoft Windows VMSwitch Information Disclosure Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user so we would recommend to install as part of regular updates.

Role: Windows Fax Service
2

CVE-2021-24077
CVE-2021-1722

Windows Fax Service Remote Code Execution Vulnerability

Critical

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Skype for Business
2

CVE-2021-24073
CVE-2021-24099

Skype for Business and Lync Spoofing Vulnerability
Skype for Business and Lync Denial of Service Vulnerability

Important 

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

SysInternals
1

CVE-2021-1733

Sysinternals PsExec Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

System Center
1

CVE-2021-1728

System Center Operations Manager Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Visual Studio
1

CVE-2021-1639

Visual Studio Code Remote Code Execution Vulnerability

Important

Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Visual Studio Code
1

CVE-2021-26700

Visual Studio Code npm-script Extension Remote Code Execution Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Visual Address Book
1

CVE-2021-24083

Windows Address Book Remote Code Execution Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Windows Backup Engine
1

CVE-2021-24079

Windows Backup Engine Information Disclosure Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Windows Console Driver
1

CVE-2021-1662

Windows Console Driver Denial of Service Vulnerability

Important

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

Windows Defender
1

CVE-2021-24092

Microsoft Defender Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows DirectX
1

CVE-2021-24106

Windows DirectX Information Disclosure Vulnerability

Important

Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Windows Event Tracing
2

CVE-2021-24102
CVE-2021-24103

Windows Event Tracing Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows Installer
1

CVE-2021-1727

Windows Installer Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows Kernal
3

CVE-2021-24096
CVE-2021-1732
CVE-2021-1698

Windows Kernel Elevation of Privilege Vulnerability
Windows Win32k Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows Mobile Device Management
1

CVE-2021-24084

Windows Mobile Device Management Information Disclosure Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Windows Network File System
1

CVE-2021-24075

Windows Network File System Denial of Service Vulnerability

Important

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

Windows PFX Encryption
1

CVE-2021-1731

PFX Encryption Security Feature Bypass Vulnerability

Important

Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware.

Windows PKU2U
1

CVE-2021-25195

Windows PKU2U Elevation of Privilege Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows PowerShell
1

CVE-2021-24082

Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability

Important

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Windows Print Spooler Components
1

CVE-2021-24088

Windows Local Spooler Remote Code Execution Vulnerability

Critical

Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible.

Windows Remote Procedure Call
1

CVE-2021-1734

Windows Remote Procedure Call Information Disclosure Vulnerability

Important

Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows TCP/IP
2

CVE-2021-24074
CVE-2021-24094

Windows TCP/IP Remote Code Execution Vulnerability

Critical 

High - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates.

Windows TCP/IP
1

CVE-2021-24086

Windows TCP/IP Denial of Service Vulnerability

Important

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.

Windows Trust Verification API
1

CVE-2021-24080

Windows Trust Verification API Denial of Service Vulnerability

Moderate

High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high.