February Patch Tuesday 2021 Fixes 56 Flaws and Windows Zero-Day

Microsoft February 2021 Patch Tuesday Resolves 56 Vulnerabilities

Microsoft fixed 56 bugs this month — the first time this number has dropped under 60 in over a year.

There are 11 Critical, 43 Important, and 2 Moderate patches. Fixes this month are for:

• .NET Framework
• Azure IoT
• Azure Kubernetes Service
• Microsoft Edge for Android
• Exchange Server
• Office and Office Services and Web Apps
• Skype for Business and Lync
• Windows Defender

Second Year of Extended Support Starts

Windows 7 and Windows Server 2008 (including R2) have 2 Critical and 3 Important vulnerabilities fixed.

Robert Brown, Head of Customer Success for Syxsense said, “With a release of 59 fixes, a total of 10 of these are either Weaponized, Public Aware, or have an extremely high CVSS score rating, which some experts, including our own, would rank as Zero Day status. Never have we seen Microsoft release almost 20% of their fixes to tackle such high-severity vulnerabilities. If you expected an easy Patch Tuesday, think again — these must be deployed urgently.”

Top February Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend our customers enter the CVE numbers below into your patch management solution and deploy as soon as possible.

1. CVE-2021-1732: Windows Win32k Elevation of Privilege Vulnerability

The bug was exploited after attackers gained access to a Windows system in order to obtain SYSTEM-level access. This vulnerability has already been Weaponized and is being recommended as a high priority deployment by CISA Cybersecurity & Infrastructure Security Agency.

Syxscore

• Vendor Severity: Important
• CVSS: 7.8
• Weaponized: Yes
• Public Aware: No
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

2. CVE-2021-26701: Multiple Vulnerabilities in Microsoft .NET Core and Visual Studio

The vulnerability exists due to insufficient validation of user-supplied input in .NET Core. A remote attacker can pass specially-crafted input to the application and execute arbitrary code on the target system.

Syxscore

• Vendor Severity: Critical
• CVSS: 8.1
• Weaponized: No
• Public Aware: Yes
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: High
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

3. CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability

This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems. This is also potentially wormable, although only between DNS servers. The vulnerability exists due to insufficient validation of user-supplied input in Windows DNS Server.

Syxscore

• Vendor Severity: Critical
• CVSS: 9.8
• Weaponized: No
• Public Aware: No
• Countermeasure: No

Syxscore Risk Alert

• Attack Vector: Network
• Attack Complexity: Low
• Privileges: None
• User Interaction: None
• Scope (Jump Point): No

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.