Microsoft February 2021 Patch Tuesday Resolves 56 Vulnerabilities

Microsoft fixed 56 bugs this month — the first time this number has dropped under 60 in over a year.

There are 11 Critical, 43 Important, and 2 Moderate patches. Fixes this month are for:

• .NET Framework
• Azure IoT
• Azure Kubernetes Service
• Microsoft Edge for Android
• Exchange Server
• Office and Office Services and Web Apps
• Skype for Business and Lync
• Windows Defender

Second Year of Extended Support Starts

Windows 7 and Windows Server 2008 (including R2) have 2 Critical and 3 Important vulnerabilities fixed.

Robert Brown, Head of Customer Success for Syxsense said, “With a release of 59 fixes, a total of 10 of these are either Weaponized, Public Aware, or have an extremely high CVSS score rating, which some experts, including our own, would rank as Zero Day status. Never have we seen Microsoft release almost 20% of their fixes to tackle such high-severity vulnerabilities. If you expected an easy Patch Tuesday, think again — these must be deployed urgently.”

Top February Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend our customers enter the CVE numbers below into your patch management solution and deploy as soon as possible.

1. CVE-2021-1732: Windows Win32k Elevation of Privilege Vulnerability

The bug was exploited after attackers gained access to a Windows system in order to obtain SYSTEM-level access. This vulnerability has already been Weaponized and is being recommended as a high priority deployment by CISA Cybersecurity & Infrastructure Security Agency.

Syxscore

• Vendor Severity: Important
• CVSS: 7.8
• Weaponized: Yes
• Public Aware: No
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

2. CVE-2021-26701: Multiple Vulnerabilities in Microsoft .NET Core and Visual Studio

The vulnerability exists due to insufficient validation of user-supplied input in .NET Core. A remote attacker can pass specially-crafted input to the application and execute arbitrary code on the target system.

Syxscore

• Vendor Severity: Critical
• CVSS: 8.1
• Weaponized: No
• Public Aware: Yes
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: High
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

3. CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability

This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems. This is also potentially wormable, although only between DNS servers. The vulnerability exists due to insufficient validation of user-supplied input in Windows DNS Server.

Syxscore

• Vendor Severity: Critical
• CVSS: 9.8
• Weaponized: No
• Public Aware: No
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

CVE Reference	Description	Vendor Severity	CVSS Score	Countermeasure	Publicly Aware	Weaponized	Syxsense Recommended
CVE-2021-1732	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	Yes	Yes
CVE-2021-26701	.NET Core and Visual Studio Remote Code Execution Vulnerability	Critical	8.1	No	Yes	No	Yes
CVE-2021-1733	Sysinternals PsExec Elevation of Privilege Vulnerability	Important	7.8	No	Yes	No	Yes
CVE-2021-1727	Windows Installer Elevation of Privilege Vulnerability	Important	7.8	No	Yes	No	Yes
CVE-2021-1721	.NET Core and Visual Studio Denial of Service Vulnerability	Important	6.5	No	Yes	No	Yes
CVE-2021-24098	Windows Console Driver Denial of Service Vulnerability	Important	5.5	No	Yes	No	Yes
CVE-2021-24106	Windows DirectX Information Disclosure Vulnerability	Important	5.5	No	Yes	No	Yes
CVE-2021-24078	Windows DNS Server Remote Code Execution Vulnerability	Critical	9.8	No	No	No	Yes
CVE-2021-24077	Windows Fax Service Remote Code Execution Vulnerability	Critical	9.8	Yes	No	No	Yes
CVE-2021-24074	Windows TCP/IP Remote Code Execution Vulnerability	Critical	9.8	Yes	No	No	Yes
CVE-2021-24094	Windows TCP/IP Remote Code Execution Vulnerability	Critical	9.8	No	No	No	Yes
CVE-2021-24093	Windows Graphics Component Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2021-24088	Windows Local Spooler Remote Code Execution Vulnerability	Critical	8.8	No	No	No	Yes
CVE-2021-24066	Microsoft SharePoint Remote Code Execution Vulnerability	Important	8.8	No	No	No
CVE-2021-24072	Microsoft SharePoint Server Remote Code Execution Vulnerability	Important	8.8	No	No	No
CVE-2021-1728	System Center Operations Manager Elevation of Privilege Vulnerability	Important	8.8	No	No	No
CVE-2021-24105	Package Managers Configurations Remote Code Execution Vulnerability	Important	8.4	No	No	No
CVE-2021-24112	.NET Core for Linux Remote Code Execution Vulnerability	Critical	8.1	No	No	No
CVE-2021-1722	Windows Fax Service Remote Code Execution Vulnerability	Critical	8.1	Yes	No	No
CVE-2021-1726	Microsoft SharePoint Spoofing Vulnerability	Important	8	No	No	No
CVE-2021-24081	Microsoft Windows Codecs Library Remote Code Execution Vulnerability	Critical	7.8	No	No	No
CVE-2021-24091	Windows Camera Codec Pack Remote Code Execution Vulnerability	Critical	7.8	No	No	No
CVE-2021-24092	Microsoft Defender Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-24067	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24068	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24069	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24070	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-26700	Visual Studio Code npm-script Extension Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24083	Windows Address Book Remote Code Execution Vulnerability	Important	7.8	No	No	No
CVE-2021-24102	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-24103	Windows Event Tracing Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-24096	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-25195	Windows PKU2U Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-1698	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	No
CVE-2021-24111	.NET Framework Denial of Service Vulnerability	Important	7.5	No	No	No
CVE-2021-1734	Windows Remote Procedure Call Information Disclosure Vulnerability	Important	7.5	No	No	No
CVE-2021-24086	Windows TCP/IP Denial of Service Vulnerability	Important	7.5	Yes	No	No
CVE-2021-24087	Azure IoT CLI extension Elevation of Privilege Vulnerability	Important	7	No	No	No
CVE-2021-1639	Visual Studio Code Remote Code Execution Vulnerability	Important	7	No	No	No
CVE-2021-24075	Windows Network File System Denial of Service Vulnerability	Important	6.8	No	No	No
CVE-2021-24109	Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability	Moderate	6.8	No	No	No
CVE-2021-24101	Microsoft Dataverse Information Disclosure Vulnerability	Important	6.5	No	No	No
CVE-2021-24085	Microsoft Exchange Server Spoofing Vulnerability	Important	6.5	No	No	No
CVE-2021-24099	Skype for Business and Lync Denial of Service Vulnerability	Important	6.5	No	No	No
CVE-2021-24073	Skype for Business and Lync Spoofing Vulnerability	Important	6.5	No	No	No
CVE-2021-24080	Windows Trust Verification API Denial of Service Vulnerability	Moderate	6.5	No	No	No
CVE-2021-1724	Microsoft Dynamics Business Central Cross-site Scripting Vulnerability	Important	6.1	No	No	No
CVE-2021-24114	Microsoft Teams iOS Information Disclosure Vulnerability	Important	5.7	No	No	No
CVE-2021-24076	Microsoft Windows VMSwitch Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-1731	PFX Encryption Security Feature Bypass Vulnerability	Important	5.5	No	No	No
CVE-2021-24079	Windows Backup Engine Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-24084	Windows Mobile Device Management Information Disclosure Vulnerability	Important	5.5	No	No	No
CVE-2021-1730	Microsoft Exchange Server Spoofing Vulnerability	Important	5.4	No	No	No
CVE-2021-24071	Microsoft SharePoint Information Disclosure Vulnerability	Important	5.3	No	No	No
CVE-2021-24100	Microsoft Edge for Android Information Disclosure Vulnerability	Important	5	No	No	No
CVE-2021-24082	Microsoft PowerShell Utility Module WDAC Security Feature Bypass Vulnerability