Microsoft January 2021 Patch Tuesday

Published: 2021-01-12. Last Updated: 2021-01-12 18:45:18 UTC
by Renato Marinho (Version: 1)

This month we got patches for 83 vulnerabilities. Of these, 10 are critical, one was previously disclosed, and one is already being exploited according to Microsoft.

Amongst critical vulnerability, let’s start with the already being exploited CVE-2021-1647. It is related to a remote code execution (RCE) vulnerability affecting Microsoft Defender until version 1.1.17600. The CVSS for this vulnerability is 7.80.

There is also a RCE on Windows RPC Runtime (CVE-2021-1658). According to the advisory, it requires no user interaction, low privileges, and low attack complexity. This vulnerability had the highest CVSS score for this month: 8.80.

And finally, the previously disclosed one is a privilege escalation vulnerability affecting splwow64 (CVE-2021-1648). This zero-day has been publicly disclosed Google Project Zero (PZ2096) and the Zero Day Initiative (ZDI-CAN-11349 through 11351). According to ZDI advisory, the specific issue that may result in privilege escalation exists within the user-mode printer driver host process splwow64.exe due to lack of proper validation of user-supplied data. CVSS: 7.80.

See Renato's dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

January 2021 Security Updates

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
ASP.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1723	No	No	Less Likely	Less Likely	Important	7.5	6.5
Active Template Library Elevation of Privilege Vulnerability
CVE-2021-1649	No	No	Less Likely	Less Likely	Important	7.8	6.8
Azure Active Directory Pod Identity Spoofing Vulnerability
CVE-2021-1677	No	No	Less Likely	Less Likely	Important	5.5	4.8
Bot Framework SDK Information Disclosure Vulnerability
CVE-2021-1725	No	No	Less Likely	Less Likely	Important	5.5	4.8
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1651	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1680	No	No	Less Likely	Less Likely	Important	7.8	6.8
GDI+ Remote Code Execution Vulnerability
CVE-2021-1665	No	No	Less Likely	Less Likely	Critical	7.8	6.8
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-1644	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1643	No	No	Less Likely	Less Likely	Critical	7.8	7.0
Hyper-V Denial of Service Vulnerability
CVE-2021-1691	No	No	Less Likely	Less Likely	Important	7.7	6.7
CVE-2021-1692	No	No	Less Likely	Less Likely	Important	7.7	6.7
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVE-2021-1668	No	No	Less Likely	Less Likely	Critical	7.8	6.8
Microsoft Defender Remote Code Execution Vulnerability
CVE-2021-1647	No	Yes	Detected	Detected	Critical	7.8	7.0
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
CVE-2021-1705	No	No	Less Likely	Less Likely	Critical	4.2	3.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-1713	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1714	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-1711	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft SQL Elevation of Privilege Vulnerability
CVE-2021-1636	No	No	Less Likely	Less Likely	Important	8.8	7.7
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2021-1712	No	No	Less Likely	Less Likely	Important	8.0	7.0
CVE-2021-1719	No	No	Less Likely	Less Likely	Important	8.0	7.0
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-1707	No	No	More Likely	More Likely	Important	8.8	7.7
Microsoft SharePoint Server Tampering Vulnerability
CVE-2021-1718	No	No	Less Likely	Less Likely	Important	8.0	7.0
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1641	No	No	Less Likely	Less Likely	Important	4.6	4.0
CVE-2021-1717	No	No	Less Likely	Less Likely	Important	4.6	4.0
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-1710	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-1715	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1716	No	No	Less Likely	Less Likely	Important	7.8	6.8
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2021-1648	Yes	No	Less Likely	Less Likely	Important	7.8	7.0
NTLM Security Feature Bypass Vulnerability
CVE-2021-1678	No	No	Less Likely	Less Likely	Important	4.3	3.8
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2021-1658	No	No	Less Likely	Less Likely	Critical	8.8	7.7
CVE-2021-1660	No	No	Less Likely	Less Likely	Critical	8.8	7.7
CVE-2021-1664	No	No	Less Likely	Less Likely	Important	8.8	7.7
CVE-2021-1666	No	No	Less Likely	Less Likely	Critical	8.8	7.7
CVE-2021-1667	No	No	Less Likely	Less Likely	Critical	8.8	7.7
CVE-2021-1671	No	No	Less Likely	Less Likely	Important	8.8	7.7
CVE-2021-1673	No	No	Less Likely	Less Likely	Critical	8.8	7.7
CVE-2021-1700	No	No	Less Likely	Less Likely	Important	8.8	7.7
CVE-2021-1701	No	No	Less Likely	Less Likely	Important	8.8	7.7
TPM Device Driver Information Disclosure Vulnerability
CVE-2021-1656	No	No	Less Likely	Less Likely	Important	5.5	4.8
Visual Studio Remote Code Execution Vulnerability
CVE-2020-26870	No	No	Less Likely	Less Likely	Important	7.0	6.1
Windows (modem.sys) Information Disclosure Vulnerability
CVE-2021-1699	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2021-1642	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1685	No	No	Less Likely	Less Likely	Important	7.3	6.4
Windows Bluetooth Security Feature Bypass Vulnerability
CVE-2021-1683	No	No	Less Likely	Less Likely	Important	5.0	4.4
CVE-2021-1684	No	No	Less Likely	Less Likely	Important	5.0	4.4
CVE-2021-1638	No	No	Less Likely	Less Likely	Important	7.7	6.7
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2021-1652	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1653	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1654	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1655	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1659	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1688	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1693	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows CryptoAPI Denial of Service Vulnerability
CVE-2021-1679	No	No	Less Likely	Less Likely	Important	6.5	5.7
Windows DNS Query Information Disclosure Vulnerability
CVE-2021-1637	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Docker Information Disclosure Vulnerability
CVE-2021-1645	No	No	Less Likely	Less Likely	Important	5.0	4.4
Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2021-1703	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-1662	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Fax Compose Form Remote Code Execution Vulnerability
CVE-2021-1657	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows GDI+ Information Disclosure Vulnerability
CVE-2021-1708	No	No	Less Likely	Less Likely	Important	5.7	5.0
Windows Graphics Component Information Disclosure Vulnerability
CVE-2021-1696	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2021-1704	No	No	Less Likely	Less Likely	Important	7.3	6.4
Windows InstallService Elevation of Privilege Vulnerability
CVE-2021-1697	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1661	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-1682	No	No	Less Likely	Less Likely	Important	7.0	6.1
Windows LUAFV Elevation of Privilege Vulnerability
CVE-2021-1706	No	No	Less Likely	Less Likely	Important	7.3	6.4
Windows Multipoint Management Elevation of Privilege Vulnerability
CVE-2021-1689	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2021-1676	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1695	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVE-2021-1663	No	No	Less Likely	Less Likely	Important	5.5	4.8
CVE-2021-1670	No	No	Less Likely	Less Likely	Important	5.5	4.8
CVE-2021-1672	No	No	Less Likely	Less Likely	Important	5.5	4.8
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
CVE-2021-1674	No	No	Less Likely	Less Likely	Important	8.8	7.7
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2021-1669	No	No	Less Likely	Less Likely	Important	8.8	7.7
Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability
CVE-2021-1702	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Runtime C++ Template Library Elevation of Privilege Vulnerability
CVE-2021-1650	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-1694	No	No	Less Likely	Less Likely	Important	7.5	6.5
Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2021-1646	No	No	Less Likely	Less Likely	Important	6.6	5.8
Windows WalletService Elevation of Privilege Vulnerability
CVE-2021-1681	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1686	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1687	No	No	Less Likely	Less Likely	Important	7.8	6.8
CVE-2021-1690	No	No	Less Likely	Less Likely	Important	7.8	6.8
Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-1709	No	No	More Likely	More Likely	Important	7.0	6.1

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:

0 comment(s)

Internet Storm Center

Microsoft January 2021 Patch Tuesday

Comments