S Security Patches for January 2021 Fix 83 Security Vulnerabilities
Total Page:16
File Type:pdf, Size:1020Kb
Microsoft's Security Patches for January 2021 Fix 83 Security Vulnerabilities Overview Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft RPC, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows DNS, SQL Server, Visual Studio, Windows AppX Deployment Extensions, Windows CryptoAPI, Windows CSC Service, Windows Diagnostic Hub, Windows DP API, Windows Event Logging Service, Windows Event Tracing, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Media, Windows NTLM, Windows Print Spooler Components, Windows Projected File System Filter Driver, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows splwow64, Windows TPM Device Driver, Windows Update Stack, and Windows WalletService. Description of Critical and Important Vulnerabilities Some critical and important vulnerabilities are described as follows: @NSFOCUS 2021 http://www.nsfocus.com Microsoft Defender Remote Code Execution Vulnerability (CVE-2021-1647) This vulnerability was in the 0-day state and was found exploited in the wild. Its impact traces back to certain versions of Windows 2008. Remote attackers could exploit this vulnerability to execute arbitrary code on the computer. Microsoft indicated that users can protect against this vulnerability without additional update measures. The update for this vulnerability is part of updates released by Microsoft regularly for its anti-malware products. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647 Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2021-1707) Microsoft SharePoint contains several important vulnerabilities. The most noteworthy vulnerability is CVE-2021-1707 which allows attackers, by taking advantage of the logged-in user that has proper privileges, to gain access to create SharePoint websites and remotely execute arbitrary code in the kernel. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1707 Windows Win32k Privilege Escalation Vulnerability (CVE-2021-1709) The Win32k system process contains another important vulnerability (CVE-2021-1709) which requires no user interaction. Attackers could exploit this local computer for privilege escalation and execute other attacks with these privileges. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1709 Microsoft splwow64 Elevation of Privilege Vulnerability (CVE-2021-1648) Before this vulnerability CVE-2021-1648 is discovered, researchers from ZDI and Google found the vulnerability CVE-2020-0986 and submitted it to Microsoftware. After the first round of remediation of this vulnerability, researchers found that patches introduced a new out- of-bounds read condition that can lead to privilege escalation. The two vulnerabilities are fixed in patches released in January. As the @NSFOCUS 2021 http://www.nsfocus.com vulnerability CVE-2021-1648 has been exploited in the wild, it is highly likely that this vulnerability CVE-2020-0986 has also been exploited in the wild too. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1648 The following table lists these vulnerabilities. Product CVE ID CVE Title Severity Bot Framework SDK Information .NET Repository CVE-2021-1725 Important Disclosure Vulnerability ASP.NET Core and Visual Studio ASP.NET core & .NET core CVE-2021-1723 Important Denial-of-Service Vulnerability Azure Active Directory Pod Azure Active Directory Pod Identity CVE-2021-1677 Important Identity Spoofing Vulnerability Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1683 Important Feature Bypass Vulnerability Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1684 Important Feature Bypass Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Windows Bluetooth Security Microsoft Bluetooth Driver CVE-2021-1638 Important Feature Bypass Vulnerability Microsoft DTV-DVD Video Microsoft DTV-DVD Video Decoder CVE-2021-1668 Decoder Remote Code Execution Critical Vulnerability Microsoft Edge (HTML-based) Microsoft Edge (HTML-based) CVE-2021-1705 Moderate Memory Corruption Vulnerability GDI+ Remote Code Execution Microsoft Graphics Component CVE-2021-1665 Critical Vulnerability Windows Graphics Component Microsoft Graphics Component CVE-2021-1696 Information Disclosure Important Vulnerability Windows GDI+ Information Microsoft Graphics Component CVE-2021-1708 Important Disclosure Vulnerability Windows Win32k Privilege Microsoft Graphics Component CVE-2021-1709 Important Escalation Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Microsoft Defender Remote Code Microsoft Malware Protection Engine CVE-2021-1647 Critical Execution Vulnerability Microsoft Office Remote Code Microsoft Office CVE-2021-1711 Important Execution Vulnerability Microsoft Excel Remote Code Microsoft Office CVE-2021-1713 Important Execution Vulnerability Microsoft Excel Remote Code Microsoft Office CVE-2021-1714 Important Execution Vulnerability Microsoft Word Remote Code Microsoft Office CVE-2021-1715 Important Execution Vulnerability Microsoft Word Remote Code Microsoft Office CVE-2021-1716 Important Execution Vulnerability Microsoft SharePoint Spoofing Microsoft Office SharePoint CVE-2021-1641 Important Vulnerability Microsoft SharePoint Server Microsoft Office SharePoint CVE-2021-1707 Remote Code Execution Important Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Microsoft SharePoint Privilege Microsoft Office SharePoint CVE-2021-1712 Important Escalation Vulnerability Microsoft SharePoint Server Microsoft Office SharePoint CVE-2021-1718 Important Tampering Vulnerability Microsoft SharePoint Spoofing Microsoft Office SharePoint CVE-2021-1717 Important Vulnerability Microsoft SharePoint Privilege Microsoft Office SharePoint CVE-2021-1719 Important Escalation Vulnerability Windows Remote Procedure Call Microsoft RPC CVE-2021-1702 Runtime Privilege Escalation Important Vulnerability Windows Fax Compose Form Microsoft Windows CVE-2021-1657 Remote Code Execution Important Vulnerability Windows NT Lan Manager Datagram Receiver Driver Microsoft Windows CVE-2021-1676 Important Information Disclosure Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Windows Multipoint Management Microsoft Windows CVE-2021-1689 Important Privilege Escalation Vulnerability Windows Runtime C++ Template Microsoft Windows CVE-2021-1650 Library Privilege Escalation Important Vulnerability Active Template Library Privilege Microsoft Windows CVE-2021-1649 Important Escalation Vulnerability Windows WLAN Service Privilege Microsoft Windows CVE-2021-1646 Important Escalation Vulnerability Windows (modem.sys) Information Microsoft Windows CVE-2021-1699 Important Disclosure Vulnerability Windows LUAFV Privilege Microsoft Windows CVE-2021-1706 Important Escalation Vulnerability HEVC Video Extensions Remote Microsoft Windows Codecs Library CVE-2021-1644 Important Code Execution Vulnerability HEVC Video Extensions Remote Microsoft Windows Codecs Library CVE-2021-1643 Critical Code Execution Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Windows DNS Query Information Microsoft Windows DNS CVE-2021-1637 Important Disclosure Vulnerability Microsoft SQL Privilege Escalation SQL Server CVE-2021-1636 Important Vulnerability Visual Studio Remote Code Visual Studio CVE-2020-26870 Important Execution Vulnerability Windows AppX Deployment Windows AppX Deployment Extensions CVE-2021-1642 Extensions Privilege Escalation Important Vulnerability Windows AppX Deployment Windows AppX Deployment Extensions CVE-2021-1685 Extensions Privilege Escalation Important Vulnerability Windows CryptoAPI Denial-of- Windows CryptoAPI CVE-2021-1679 Important Service Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1652 Important Escalation Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Windows CSC Service Privilege Windows CSC Service CVE-2021-1653 Important Escalation Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1654 Important Escalation Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1655 Important Escalation Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1659 Important Escalation Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1688 Important Escalation Vulnerability Windows CSC Service Privilege Windows CSC Service CVE-2021-1693 Important Escalation Vulnerability Diagnostics Hub Standard Windows Diagnostic Hub CVE-2021-1651 Collector Privilege Escalation Important Vulnerability @NSFOCUS 2021 http://www.nsfocus.com Diagnostics Hub Standard Windows Diagnostic Hub CVE-2021-1680 Collector Privilege Escalation Important Vulnerability Windows Docker Information Windows DP API CVE-2021-1645 Important Disclosure Vulnerability Windows Event Logging Service Windows Event Logging Service CVE-2021-1703 Important Privilege Escalation Vulnerability Windows Event Tracing Privilege Windows Event Tracing CVE-2021-1662 Important Elevation Vulnerability Windows Hyper-V Denial-of- Windows Hyper-V CVE-2021-1691 Important Service Vulnerability Windows Hyper-V Denial-of- Windows Hyper-V CVE-2021-1692 Important Service Vulnerability Windows Hyper-V Privilege Windows Hyper-V CVE-2021-1704