High Threat Security Alert (A21-01-02): Multiple Vulnerabilities in Microsoft Products (January 2021)


 

Published on: 13 January 2021

  
  

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:

https://support.microsoft.com/en-us/help/20210112/security-update-deployment-information-january-12-2021

The January 2021 security updates released by Microsoft addressed a remote code execution vulnerability (CVE-2021-1647) that is under active exploitation. The vulnerability could affect Windows Defender running on Windows and Windows Server platforms. In addition to the remote code execution vulnerability, the proof-of-concept exploit against the privilege escalation vulnerability (CVE-2021-1648) in Windows splwow64 service has been observed. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Windows 7, 8.1, RT 8.1, 10
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
  • Microsoft Windows Server, version 1909, version 2004, version 20H2
  • Microsoft Office 2010, 2013, 2013 RT, 2016, 2019, 2019 for Mac
  • Microsoft Office Online Server
  • Microsoft Office Web Apps 2010
  • Microsoft Office Web Apps Server 2013
  • Microsoft Excel 2010, 2013, 2013 RT, 2016
  • Microsoft Word 2010, 2013, 2013 RT, 2016
  • Microsoft 365 Apps for Enterprise
  • Microsoft SharePoint Foundation 2010, 2013
  • Microsoft SharePoint Enterprise Server 2013, 2016
  • Microsoft SharePoint Server 2010, 2019
  • Microsoft SQL Server 2012 2014, 2016, 2017, 2019
  • Microsoft Visual Studio 2015, 2017, 2019
  • ASP.NET Core 3.1, 5.0
  • Bot Framework SDK for .NET Framework, JavaScript, Python
  • Excel Services
  • HEVC Video Extensions
  • Microsoft Azure Kubernetes Service
  • Microsoft Remote Desktop, Remote Desktop for Android
  • Microsoft Security Essentials
  • Microsoft System Center Endpoint Protection, 2012, 2012 R2
  • Remote Desktop client for Windows Desktop
  • Windows Defender

 

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, information disclosure, denial of service, security feature bypass, spoofing and tampering.

 

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Jan
https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-jan-2021-_20210113
https://us-cert.cisa.gov/ncas/current-activity/2021/01/12/microsoft-releases-january-2021-security-updates
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1636 (to CVE-2021-1638)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1641 (to CVE-2021-1674)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1676 (to CVE-2021-1697)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1699 (to CVE-2021-1719)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1723
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1725

 



Tag: Microsoft , Edge , Windows , Windows Server , Microsoft Office , Excel , Word , Microsoft 365 Apps , SharePoint , SQL Server , Visual Studio , ASP.NET Core , Bot Framework SDK , HEVC Video Extensions , Azure Kubernetes Service , Remote Desktop , Security Essentials , System Centre Endpoint Protection , Windows Defender
Tags