Microsoft has released its security updates for February 2021, which has fixes for 56 vulnerabilities in Microsoft products. Every month we will post our vulnerability risk and tips around each patch released, to provide advice for IT professionals and businesses.
Out of the 56 patches; 11 are classed as critical, 43 are classed as important and 2 moderate. There was 1 Zero-Day discovered this month:
- CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability.
As well as 6 publicly disclosed vulnerabilities, which should be your top vulnerabilities:
- CVE-2021-1721 - .NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2021-1727 - Windows Installer Elevation of Privilege Vulnerability
- CVE-2021-1733 - Sysinternals PsExec Elevation of Privilege Vulnerability
- CVE-2021-24098 - Windows Console Driver Denial of Service Vulnerability
- CVE-2021-24106 - Windows DirectX Information Disclosure Vulnerability
- CVE-2021-26701 - .NET Core Remote Code Execution Vulnerability
Other Products:
Other companies who have released security updates this week:
- Adobe: released numerous fixed for Adobe Acrobat and Reader.
- Android: February security updates were released last week.
- Apple: released macOS and Safari updates at the beginning of the month.
- Cisco: released security updates for the Cisco iOS, Cisco Security Manager, Identity Manager and for an RCE vulnerability in their SMB VPN routers.
- Fortinet: released security fixes for FortiProxy SSL VPN and FortiWeb.
- SAP: released it’s February 2021 security updates.
- SonicWall: released a fix for their SMA-100 zero day vulnerability.
All the patches can be found in the table below or alternatively downloaded here.
We have also curated a downloadable Patching Best Practice Guide.
Category |
CVE IDs |
CVE Title |
Severity |
FIT Risk & Tip |
.NET Repository |
CVE-2021-26701 CVE-2021-24112 |
.NET Core Remote Code Execution Vulnerability |
Critical |
Very High- This attack requires an attacker to invest a great deal of effort to execute but it can be done from various levels of the network stack up to the entire internet so we would install this as soon as possible. |
.NET core & Visual Studio |
CVE-2021-1721 |
.NET Core and Visual Studio Denial of Service Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
.NET Framework |
CVE-2021-24111 |
.NET Framework Denial of Service Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
Azure IoT |
CVE-2021-24087 |
Azure IoT CLI extension Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Developer Tools |
CVE-2021-24105 |
Package Managers Configurations Remote Code Execution Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Microsoft Azure Kubernetes Service |
CVE-2021-24109 |
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability |
Moderate |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Microsoft Dynamics |
CVE-2021-24101 |
Microsoft Dataverse Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Microsoft Edge for Android |
CVE-2021-24100 |
Microsoft Edge for Android Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Microsoft Exchange Server |
CVE-2021-24085 |
Microsoft Exchange Server Spoofing Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Microsoft Graphics Component |
CVE-2021-24093 |
Windows Graphics Component Remote Code Execution Vulnerability |
Critical |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Microsoft Office Excel |
CVE-2021-24067 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Microsoft Office SharePoint |
CVE-2021-24071 |
Microsoft SharePoint Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Microsoft Teams |
CVE-2021-24114 |
Microsoft Teams iOS Information Disclosure Vulnerability |
Important |
High- This attack requires local or network access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Microsoft Windows Codecs Library |
CVE-2021-24081 |
Microsoft Windows Codecs Library Remote Code Execution Vulnerability |
Critical |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Role: DNS Server |
CVE-2021-24078 |
Windows DNS Server Remote Code Execution Vulnerability |
Critical |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Role: Hyper-V |
CVE-2021-24076 |
Microsoft Windows VMSwitch Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user so we would recommend to install as part of regular updates. |
Role: Windows Fax Service |
CVE-2021-24077 |
Windows Fax Service Remote Code Execution Vulnerability |
Critical |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Skype for Business |
CVE-2021-24073 |
Skype for Business and Lync Spoofing Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
SysInternals |
CVE-2021-1733 |
Sysinternals PsExec Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
System Center |
CVE-2021-1728 |
System Center Operations Manager Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Visual Studio |
CVE-2021-1639 |
Visual Studio Code Remote Code Execution Vulnerability |
Important |
Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Visual Studio Code |
CVE-2021-26700 |
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Visual Address Book |
CVE-2021-24083 |
Windows Address Book Remote Code Execution Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Windows Backup Engine |
CVE-2021-24079 |
Windows Backup Engine Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Windows Console Driver |
CVE-2021-1662 |
Windows Console Driver Denial of Service Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
Windows Defender |
CVE-2021-24092 |
Microsoft Defender Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows DirectX |
CVE-2021-24106 |
Windows DirectX Information Disclosure Vulnerability |
Important |
Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Windows Event Tracing |
CVE-2021-24102 |
Windows Event Tracing Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows Installer |
CVE-2021-1727 |
Windows Installer Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows Kernal |
CVE-2021-24096 |
Windows Kernel Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows Mobile Device Management |
CVE-2021-24084 |
Windows Mobile Device Management Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Windows Network File System |
CVE-2021-24075 |
Windows Network File System Denial of Service Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
Windows PFX Encryption |
CVE-2021-1731 |
PFX Encryption Security Feature Bypass Vulnerability |
Important |
Medium- This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user through malware. |
Windows PKU2U |
CVE-2021-25195 |
Windows PKU2U Elevation of Privilege Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows PowerShell |
CVE-2021-24082 |
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability |
Important |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Windows Print Spooler Components |
CVE-2021-24088 |
Windows Local Spooler Remote Code Execution Vulnerability |
Critical |
Very High - This attack requires little effort investment and can be remotely executed from the network stack up to the entire internet so we would recommend installing this as soon as possible. |
Windows Remote Procedure Call |
CVE-2021-1734 |
Windows Remote Procedure Call Information Disclosure Vulnerability |
Important |
Medium - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows TCP/IP |
CVE-2021-24074 |
Windows TCP/IP Remote Code Execution Vulnerability |
Critical |
High - This attack requires local or remote access to accomplish and requires high amounts of effort to execute. It can also be achieved via interaction with a local user or via man in the middle methods so we would recommend to install as part of regular updates. |
Windows TCP/IP |
CVE-2021-24086 |
Windows TCP/IP Denial of Service Vulnerability |
Important |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
Windows Trust Verification API |
CVE-2021-24080 |
Windows Trust Verification API Denial of Service Vulnerability |
Moderate |
High - DDoS style which requires low effort investment from an attacker with high chances of success. However, it would require some actions from a user to complete so we would recommend to install as soon as possible if number of users are high. |
About the Author: Lizzie Arcari
Lizzie joined Foundation IT in 2019 after graduating from University. She is excited to develop her career in the IT industry, learning from the best.