High Threat Security Alert (A21-02-05): Multiple Vulnerabilities in Microsoft Products (February 2021)


 

Published on: 10 February 2021

  
  

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:

https://support.microsoft.com/en-us/office/security-update-deployment-information-february-9-2021-kb20210209-58e63612-6217-07af-721d-670a11235a7f

Reports indicated that the privilege escalation vulnerability (CVE-2021-1732) in Windows Win32k is being actively exploited in the wild and two remote code execution vulnerabilities (CVE-2021-24074, CVE-2021-24094) in Windows TCP/IP are also at a high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

  • Microsoft Edge for Android
  • Microsoft Windows 7, 8.1, RT 8.1, 10
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
  • Microsoft Windows Server, version 1903, version 1909, version 2004, version 20H2
  • Microsoft Office 2019, 2019 for Mac
  • Microsoft Office Online Server
  • Microsoft Office Web Apps Server 2013
  • Office Online Server
  • Microsoft Excel 2010, 2013, 2013 RT, 2016
  • Microsoft 365 Apps for Enterprise
  • Microsoft Exchange Server 2016, 2019
  • Microsoft SharePoint Foundation 2010, 2013
  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Server 2019
  • Microsoft Visual Studio 2017, 2019
  • Microsoft Security Essentials
  • Microsoft Endpoint Protection
  • Microsoft System Center Endpoint Protection, 2012, 2012 R2
  • Windows Defender
  • Microsoft Azure Kubernetes Service
  • Microsoft Dynamics 365 (on-premises) version 8.2, 9.0
  • Microsoft Dynamics 365 Business Central 2020 Release Wave 1, Release Wave 2
  • Microsoft Dynamics NAV 2015, 2016, 2017, 2018
  • Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)
  • Microsoft Lync Server 2013
  • Microsoft Teams for iOS
  • Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2/4.8
  • .NET Core 2.1, Core 3.1, 5.0
  • azure-iot-cli-extension
  • Package Manager Configurations
  • PsExec
  • Skype for Business Server 2015, 2019
  • System Center 2019 Operations Manager
  • Visual Studio Code, Visual Studio Code - npm-script Extension

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, information disclosure, denial of service, security feature bypass and spoofing.

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

  • https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Feb
  • https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-feb-2021-_20210210
  • https://us-cert.cisa.gov/ncas/current-activity/2021/02/09/microsoft-releases-february-2021-security-updates
  • https://us-cert.cisa.gov/ncas/current-activity/2021/02/09/microsoft-warns-windows-win32k-privilege-escalation
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17162
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1639
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1698
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1721
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1722
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1724
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1726 (to CVE-2021-1728)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1730 (to CVE-2021-1734)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24066 (to CVE-2021-24088)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24091 (to CVE-2021-24094)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24096
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24098 (to CVE-2021-24103)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24105
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24106
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24109
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24111
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24112
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24114
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25195
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26700
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26701


Tag: Microsoft , Edge , Windows , Windows Server , Microsoft Office , Office Online Server , Microsoft Office Web Apps , Excel , Microsoft 365 Apps , Microsoft Exchange Server , SharePoint , Visual Studio , Security Essentials , Endpoint Protection , System Center , Windows Defender , Azure Kubernetes Service , Dynamics 365 , Dynamics NAV , Lync , Microsoft Teams , .NET Framework , .NET Core , azure-iot-cli-extension , Package Manager Configurations , PsExec , Skype , Visual Studio Code
Tags