IaaS, Azure & IT News | Foundation IT

Patch Tuesday Update - January 2021 | Foundation IT

Written by Lizzie Arcari | Jan 14, 2021 12:00:00 AM

Microsoft has released its first security updates of 2021, which has fixes for 83 vulnerabilities in Microsoft products. Every month we will post our vulnerability score and tips around each patch released, to provide advice for IT professionals and businesses.

Out of the 83 patches, 10 are classed as critical and 73 are classed as important. There was 1 Zero-Day (CVE-2021-1647) and a publicly disclosed vulnerability (CVE-2021-1648) discovered this month.

Adobe has now gone EOL and implemented a block as of the 12th January. Microsoft have released KB4577586 which is classified as “Update” and optional to remove flash from Windows Systems.

Other Products:

Other companies who have released security updates this week:

  • Adobe: numerous fixes for Photoshop, Illustrator, Animate and more.
  • Android: January secuity updates were released last week.
  • Apple: released iOS 12.5.1 on January 11th.
  • Cisco: released security updates for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
  • SAP: released it’s January 2021 Security update.

 

All the patches can be found in the table below or alternatively downloaded here.

We have also curated a downloadable Patching Best Practice Guide.

.NET Repository
1

CVE-2021-1725

Bot Framework SDK Information Disclosure Vulnerability

Important

3/5 - .NET Framework is used by multiple applications, and should be updated as is often installed on all Windows based devices.

ASP.NET core & .NET core
1

CVE-2021-1723

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Important

3/5 - Microsoft released multiple updates for the Azure stack this month, showing that Azure also suffers with vulnerabilities much like an on premise environment. These need to be applied based on what is used by your business.

Azure Active Directory Pod Identity
1

CVE-2021-1677

Azure Active Directory Pod Identity Spoofing Vulnerability

Important

3/5 - Microsoft released multiple updates for the Azure stack this month, showing that Azure also suffers with vulnerabilities much like an on premise environment. These need to be applied based on what is used by your business.

Microsoft Bluetooth Driver
3

CVE-2021-1683
CVE-2021-1638
CVE-2021-1684

Windows Bluetooth Security Feature Bypass Vulnerability

Important

2/5 - Worth updating if you have the Microsoft Bluetooth Driver in use.

Microsoft DTV-DVD Video Decoder
1

CVE-2021-1668

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

Critical

4/5 - Classified as Critical and should be applied and treated as such.

Microsoft Edge (HTML-based)
1

CVE-2021-1705

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

Critical

4/5 - Most modern machines have a Microsoft Edge installed, even if not used, making this critical for installation, if applicable.

Microsoft Graphics Component
1

CVE-2021-1665

GDI+ Remote Code Execution Vulnerability

Critical

4/5 - Classified as Critical and should be applied and treated as such.

Microsoft Graphics Component
3

CVE-2021-1709
CVE-2021-1696
CVE-2021-1708

Windows Win32k Elevation of Privilege Vulnerability.
Windows Graphics Component Information Disclosure Vulnerability.
Windows GDI+ Information Disclosure Vulnerability.

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Microsoft Malware Protection Engine
1

CVE-2021-1647

Microsoft Defender Remote Code Execution Vulnerability

Critical

5/5 - This is the Zero-Day for January, anyone who is using Defender or has Defender on their systems should ensure it has updated to match the fixed number.

Microsoft Office
5

CVE-2021-1713
CVE-2021-1714
CVE-2021-1711
CVE-2020-1715
CVE-2021-1716

Microsoft Excel Remote Code Execution Vulnerability.
Microsoft Office Remote Code Execution Vulnerability.
Microsoft Word Remote Code Execution Vulnerability.

Important 

4/5 - Anything that an end user could be affected by, should be patched as soon as possible. Remember a chain is only as strong, as its weakest link.

Microsoft Office Sharepoint
6

CVE-2021-1712
CVE-2021-1707
CVE-2021-1718
CVE-2021-1717
CVE-2021-1719
CVE-2021-1641

Microsoft SharePoint Elevation of Privilege Vulnerability.
Microsoft SharePoint Server Remote Code Execution Vulnerability.
Microsoft SharePoint Server Tampering Vulnerability.
Microsoft SharePoint Spoofing Vulnerability.

Important

4/5 - Much like Exchange, SharePoint on-premise is being less and less utilised and anyone using SharePoint Online will have these vulnerability fixes applied automatically. Worth applying sooner rather than later for your on-premise if applicable.

Microsoft RPC
1

CVE-2021-1702

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Microsoft Windows
8

CVE-2021-1649
CVE-2021-1676
CVE-2021-1689
CVE-2021-1657
CVE-2021-1646
CVE-2021-1650
CVE-2021-1706
CVE-2021-1699

Active Template Library Elevation of Privilege Vulnerability.
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability.
Windows Multipoint Management Elevation of Privilege Vulnerability.
Windows Fax Compose Form Remote Code Execution Vulnerability.
Windows WLAN Service Elevation of Privilege Vulnerability.
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability.
Windows LUAFV Elevation of Privilege Vulnerability.
Windows (modem.sys) Information Disclosure Vulnerability.

Important

3/5 - Classified as critical by Microsoft this is on update that should be applied as soon as possible.

Microsoft Windows Codecs Library
1

CVE-2021-1643

HEVC Video Extensions Remote Code Execution Vulnerability

Critical

4/5 - Classified as Critical and should be applied and treated as such.

Microsoft Windows Codecs Library
1

CVE-2021-1644

HEVC Video Extensions Remote Code Execution Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Microsoft Windows DNS
1

CVE-2021-1637

Windows DNS Query Information Disclosure Vulnerability

Important

3/5 - Most Windows based networks utilises its domain controllers with a DNS service. Its a fundamental service and should not be overlooked.

SQL Server
1

CVE-2021-1636

Microsoft SQL Elevation of Privilege Vulnerability

Important

4/5 - Most applications are powered by a SQL backend, Ensuring SQL is up to date should be a priority.

Visual Studio
1

CVE-2020-26870

Visual Studio Remote Code Execution Vulnerability

Important 

 

Windows AppX Deployment Extensions
2

CVE-2021-1685
CVE-2021-1642

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows CryptoAPI
1

CVE-2021-1679

Windows CryptoAPI Denial of Service Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows CSC Service
7

CVE-2021-1652
CVE-2021-1654
CVE-2021-1659
CVE-2021-1653
CVE-2021-1655
CVE-2021-1693
CVE-2021-1688

Windows CSC Service Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows Diagnostic Hub
2

CVE-2021-1680
CVE-2021-1651

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows DP API
1

CVE-2021-1645

Windows Docker Information Disclosure Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows Event Logging Service
1

CVE-2021-1703

Windows Event Logging Service Elevation of Privilege Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows Event Tracing
1

CVE-2021-1662

Windows Event Tracing Elevation of Privilege Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows Hyper-V
3

CVE-2021-1691
CVE-2021-1704
CVE-2021-1692

Hyper-V Denial of Service Vulnerability.
Windows Hyper-V Elevation of Privilege Vulnerability.
Hyper-V Denial of Service Vulnerability.

Important

4/5 - If you use Hyper-V, this update should be a priority so that your virtual machines aren't comprised.

Windows Installer
2

CVE-2021-1661
CVE-2021-1697

Windows Installer Elevation of Privilege Vulnerability.
Windows InstallService Elevation of Privilege Vulnerability.

Important

4/5 - Windows Installer is used to execute any installations within the OS and therefore should be updated as soon as possible.

Windows Kernel
1

CVE-2021-1682

Windows Kernel Elevation of Privilege Vulnerability

Important

4/5 - Windows kernel is the key to the operating system and therefore should be a priority.

Windows Media
1

CVE-2021-1710

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows NTLM
1

CVE-2021-1678

NTLM Security Feature Bypass Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows Print Spooler Components
1

CVE-2021-1695

Windows Print Spooler Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows Projected File System Filter Driver
3

CVE-2021-1663
CVE-2021-1672
CVE-2021-1670

Windows Projected File System FS Filter Driver Information Disclosure Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows Remote Desktop
2

CVE-2021-1674
CVE-2021-1669

Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability.
Windows Remote Desktop Security Feature Bypass Vulnerability.

Important

4/5 - Remote Desktop is often used by alot of infrastructure administrators, so due to heavy use and the control it provides, should be prioritised.

Windows Remote Procedure Call Runtime
5

CVE-2021-1666
CVE-2021-1673
CVE-2021-1658
CVE-2021-1667
CVE-2021-1660

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Critical

4/5 - Classified as Critical and should be applied and treated as such.

Windows Remote Procedure Call Runtime
4

CVE-2021-1701
CVE-2021-1700
CVE-2021-1664
CVE-2021-1671

Remote Procedure Call Runtime Remote Code Execution Vulnerability

Important

3/5 - Classified as important this update should be applied within your normal cycles.

Windows splwow64
1

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.

Windows TPM Device Driver
1

CVE-2021-1656

TPM Device Driver Information Disclosure Vulnerability

Important

4/5 - TPM is the hardware security component of machines and should therefore, due to its purpose, be treated as important.

Windows Update Stack
1

CVE-2021-1694

Windows Update Stack Elevation of Privilege Vulnerability

Important

4/5 - Often i find any updates flagged for the Windows Update system should be treated as important or critical. Most updates, even those applied by a different system, utilise core Windows Update to apply.

Windows WalletService
4

CVE-2021-1686
CVE-2021-1681
CVE-2021-1690
CVE-2021-1687

Windows WalletService Elevation of Privilege Vulnerability

Important

3/5 - Classified as important, this is a subcomponent of the OS and is used on a day to day basis and should be updated within your cycles.