This month we got patches for 56 vulnerabilities. Of these, 11 are critical, 1 is being exploited and 6 were previously disclosed.
The exploited vulnerability is an elevation of privilege vulnerability affecting Win32k (CVE-2021-1732). This is a local vulnerability, which means that to exploit the vulnerability, an attacker would have to have local access to the machine (console or SSH for example) or rely on user interaction, like a user opening a malicious document. The CVSS v3 score for this vulnerability is 7.80.
The highest CVSS score this month (9.80) was given to 4 vulnerabilities. One of those is a critical Remote Code Execution (RCE) vulnerability in Microsoft DNS Server (CVE-2021-24078). This vulnerability would allow a remote unauthenticated attacker to execute code with the service privilege on the target host. As this vulnerability does not require user interaction, this is a potentially wormable vulnerability that requires your attention if you have Microsoft DNS Server in your network – specially exposed to the Internet.
There are also two RCEs worth mentioning this month affecting Windows TCP/IP. The first (CVE-2021-24074) affects IPV4 and involve source routing. Despite source routing being blocked by default in Windows, the system will process the request and return an ICMP message denying the request. There is a workaround for this vulnerability documented in Microsoft advisory that will cause the system to drop these requests altogether without any processing. The vulnerability affecting IPV6 (CVE-2021-24094) is related to package fragmentation. Both vulnerabilities are CVSS v3 9.80.
Amongst already disclosed vulnerabilities, there is a critical RCE affecting .Net Core 2.0, 3.1 and 5.0 (CVE-2021-26701). The CVSS v3 for this vulnerability is 8.10. There are no details.
See Renato’s dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.
February 2021 Security Updates
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Core Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24112%% | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.3 |
| %%cve:2021-26701%% | Yes | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
| .NET Core and Visual Studio Denial of Service Vulnerability | |||||||
| %%cve:2021-1721%% | Yes | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| .NET Framework Denial of Service Vulnerability | |||||||
| %%cve:2021-24111%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Azure IoT CLI extension Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-24087%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-24109%% | No | No | Less Likely | Less Likely | Moderate | 6.8 | 5.9 |
| Microsoft Dataverse Information Disclosure Vulnerability | |||||||
| %%cve:2021-24101%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| Microsoft Defender Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-24092%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | |||||||
| %%cve:2021-1724%% | No | No | Less Likely | Less Likely | Important | 6.1 | 5.5 |
| Microsoft Edge for Android Information Disclosure Vulnerability | |||||||
| %%cve:2021-24100%% | No | No | Less Likely | Less Likely | Important | 5.0 | 4.5 |
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24067%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2021-24068%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2021-24069%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2021-24070%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Exchange Server Spoofing Vulnerability | |||||||
| %%cve:2021-24085%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| %%cve:2021-1730%% | No | No | Less Likely | Less Likely | Important | 5.4 | 4.9 |
| Microsoft SharePoint Information Disclosure Vulnerability | |||||||
| %%cve:2021-24071%% | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24066%% | No | No | More Likely | More Likely | Important | 8.8 | 7.7 |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24072%% | No | No | More Likely | More Likely | Important | 8.8 | 7.7 |
| Microsoft SharePoint Spoofing Vulnerability | |||||||
| %%cve:2021-1726%% | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
| Microsoft Teams iOS Information Disclosure Vulnerability | |||||||
| %%cve:2021-24114%% | No | No | Less Likely | Less Likely | Important | 5.7 | 5.0 |
| Microsoft Windows Codecs Library Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24081%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 7.0 |
| Microsoft Windows VMSwitch Information Disclosure Vulnerability | |||||||
| %%cve:2021-24076%% | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | |||||||
| %%cve:2021-24082%% | No | No | Less Likely | Less Likely | Important | 4.3 | 3.8 |
| PFX Encryption Security Feature Bypass Vulnerability | |||||||
| %%cve:2021-1731%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Package Managers Configurations Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24105%% | No | No | Less Likely | Less Likely | Important | 8.4 | 7.6 |
| Skype for Business and Lync Denial of Service Vulnerability | |||||||
| %%cve:2021-24099%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Skype for Business and Lync Spoofing Vulnerability | |||||||
| %%cve:2021-24073%% | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
| Sysinternals PsExec Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-1733%% | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| System Center Operations Manager Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-1728%% | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
| Visual Studio Code Remote Code Execution Vulnerability | |||||||
| %%cve:2021-1639%% | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| Visual Studio Code npm-script Extension Remote Code Execution Vulnerability | |||||||
| %%cve:2021-26700%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Address Book Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24083%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Backup Engine Information Disclosure Vulnerability | |||||||
| %%cve:2021-24079%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Camera Codec Pack Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24091%% | No | No | Less Likely | Less Likely | Critical | 7.8 | 6.8 |
| Windows Console Driver Denial of Service Vulnerability | |||||||
| %%cve:2021-24098%% | Yes | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows DNS Server Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24078%% | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
| Windows DirectX Information Disclosure Vulnerability | |||||||
| %%cve:2021-24106%% | Yes | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-24102%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| %%cve:2021-24103%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Fax Service Remote Code Execution Vulnerability | |||||||
| %%cve:2021-1722%% | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
| %%cve:2021-24077%% | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
| Windows Graphics Component Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24093%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
| Windows Installer Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-1727%% | Yes | No | More Likely | More Likely | Important | 7.8 | 7.0 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-24096%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Local Spooler Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24088%% | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
| Windows Mobile Device Management Information Disclosure Vulnerability | |||||||
| %%cve:2021-24084%% | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Network File System Denial of Service Vulnerability | |||||||
| %%cve:2021-24075%% | No | No | Less Likely | Less Likely | Important | 6.8 | 5.9 |
| Windows PKU2U Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-25195%% | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Remote Procedure Call Information Disclosure Vulnerability | |||||||
| %%cve:2021-1734%% | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Windows TCP/IP Denial of Service Vulnerability | |||||||
| %%cve:2021-24086%% | No | No | More Likely | More Likely | Important | 7.5 | 6.5 |
| Windows TCP/IP Remote Code Execution Vulnerability | |||||||
| %%cve:2021-24074%% | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
| %%cve:2021-24094%% | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
| Windows Trust Verification API Denial of Service Vulnerability | |||||||
| %%cve:2021-24080%% | No | No | Less Likely | Less Likely | Moderate | 6.5 | 5.7 |
| Windows Win32k Elevation of Privilege Vulnerability | |||||||
| %%cve:2021-1732%% | No | Yes | Detected | Detected | Important | 7.8 | 7.2 |
| %%cve:2021-1698%% | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
—
Renato Marinho
Morphus Labs| LinkedIn|Twitter
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
