February Patch Tuesday 2021 Fixes 56 Vulnerabilities

February Patch Tuesday 2021 Fixes 56 Flaws and Windows Zero-Day

Microsoft February 2021 Patch Tuesday Resolves 56 Vulnerabilities

Microsoft fixed 56 bugs this month — the first time this number has dropped under 60 in over a year.

There are 11 Critical, 43 Important, and 2 Moderate patches. Fixes this month are for:

  • .NET Framework
  • Azure IoT
  • Azure Kubernetes Service
  • Microsoft Edge for Android
  • Exchange Server
  • Office and Office Services and Web Apps
  • Skype for Business and Lync
  • Windows Defender

Second Year of Extended Support Starts

Windows 7 and Windows Server 2008 (including R2) have 2 Critical and 3 Important vulnerabilities fixed.

Robert Brown, Head of Customer Success for Syxsense said, “With a release of 59 fixes, a total of 10 of these are either Weaponized, Public Aware, or have an extremely high CVSS score rating, which some experts, including our own, would rank as Zero Day status. Never have we seen Microsoft release almost 20% of their fixes to tackle such high-severity vulnerabilities. If you expected an easy Patch Tuesday, think again — these must be deployed urgently.”

Top February Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend our customers enter the CVE numbers below into your patch management solution and deploy as soon as possible.

1. CVE-2021-1732: Windows Win32k Elevation of Privilege Vulnerability

The bug was exploited after attackers gained access to a Windows system in order to obtain SYSTEM-level access. This vulnerability has already been Weaponized and is being recommended as a high priority deployment by CISA Cybersecurity & Infrastructure Security Agency.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-26701: Multiple Vulnerabilities in Microsoft .NET Core and Visual Studio

The vulnerability exists due to insufficient validation of user-supplied input in .NET Core. A remote attacker can pass specially-crafted input to the application and execute arbitrary code on the target system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.1
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

3. CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability

This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems. This is also potentially wormable, although only between DNS servers. The vulnerability exists due to insufficient validation of user-supplied input in Windows DNS Server.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

CVE Reference Description Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponized Syxsense Recommended
CVE-2021-1732 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-26701 .NET Core and Visual Studio Remote Code Execution Vulnerability Critical 8.1 No Yes No Yes
CVE-2021-1733 Sysinternals PsExec Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-1727 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-1721 .NET Core and Visual Studio Denial of Service Vulnerability Important 6.5 No Yes No Yes
CVE-2021-24098 Windows Console Driver Denial of Service Vulnerability Important 5.5 No Yes No Yes
CVE-2021-24106 Windows DirectX Information Disclosure Vulnerability Important 5.5 No Yes No Yes
CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-24077 Windows Fax Service Remote Code Execution Vulnerability Critical 9.8 Yes No No Yes
CVE-2021-24074 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 Yes No No Yes
CVE-2021-24094 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-24093 Windows Graphics Component Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-24088 Windows Local Spooler Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-24066 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 No No No
CVE-2021-24072 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No No
CVE-2021-1728 System Center Operations Manager Elevation of Privilege Vulnerability Important 8.8 No No No
CVE-2021-24105 Package Managers Configurations Remote Code Execution Vulnerability Important 8.4 No No No
CVE-2021-24112 .NET Core for Linux Remote Code Execution Vulnerability Critical 8.1 No No No
CVE-2021-1722 Windows Fax Service Remote Code Execution Vulnerability Critical 8.1 Yes No No
CVE-2021-1726 Microsoft SharePoint Spoofing Vulnerability Important 8 No No No
CVE-2021-24081 Microsoft Windows Codecs Library Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-24091 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-24092 Microsoft Defender Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24067 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24068 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24070 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24102 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24103 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24096 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-25195 Windows PKU2U Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-1698 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24111 .NET Framework Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-1734 Windows Remote Procedure Call Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability Important 7.5 Yes No No
CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-1639 Visual Studio Code Remote Code Execution Vulnerability Important 7 No No No
CVE-2021-24075 Windows Network File System Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Moderate 6.8 No No No
CVE-2021-24101 Microsoft Dataverse Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-24085 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-24099 Skype for Business and Lync Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-24073 Skype for Business and Lync Spoofing Vulnerability Important 6.5 No No No
CVE-2021-24080 Windows Trust Verification API Denial of Service Vulnerability Moderate 6.5 No No No
CVE-2021-1724 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 6.1 No No No
CVE-2021-24114 Microsoft Teams iOS Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-24076 Microsoft Windows VMSwitch Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability Important 5.5 No No No
CVE-2021-24079 Windows Backup Engine Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-24084 Windows Mobile Device Management Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-1730 Microsoft Exchange Server Spoofing Vulnerability Important 5.4 No No No
CVE-2021-24071 Microsoft SharePoint Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-24100 Microsoft Edge for Android Information Disclosure Vulnerability Important 5 No No No
CVE-2021-24082 Microsoft PowerShell Utility Module WDAC Security Feature Bypass Vulnerability

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Related Posts

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
Automating Patch and Vulnerability Management for Compliance Success

Automating Patch and Vulnerability Management for Compliance Success

March 21, 2024
March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 12, 2024
Third-Party Patching: Don’t Be a Sitting Duck

Third-Party Patching: Don’t Be a Sitting Duck

February 14, 2024