January, 2021: Patch Tuesday: One Vulnerability Exploited in the Wild

Welcome to this January Patch Tuesday Bulletin. This month there are 83 unique CVE’s affecting 10 technologies, 4 technologies with critical vulnerabilities, 1 exploited technology, and 1 technology with publicly disclosed vulnerability details. CVE-2021-1647 was exploited in the wild and affects the Malware Protection Engine but updates are applied automatically. CVE-2021-1648 was publicly disclosed and is a privilege escalation vulnerability in Windows but Microsoft states that exploitation is less likely. Microsoft does rate CVE-2021-1709 and CVE-2021-1707 as more likely to be exploited so make sure that these vulnerabilities are remediated. CVE-2021-1709 is an elevation of privilege vulnerability affecting Windows and CVE-2021-1707 is a remote code execution vulnerability affecting SharePoint.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.

Patch data provided by:

Technology

Products Affected

Severity

Reference

Workaround/ Exploited

Vulnerability Info

Windows

Remote Desktop

Remote Desktop Client for Windows Desktop

Windows 8.1, RT 8.1, 10

Server 2012, 2016, 2019

Critical

CVE-2021-1637

CVE-2021-1638

CVE-2021-1642

CVE-2021-1645

CVE-2021-1646

CVE-2021-1648**

CVE-2021-1649

CVE-2021-1650

CVE-2021-1651

CVE-2021-1652

CVE-2021-1653

CVE-2021-1654

CVE-2021-1655

CVE-2021-1656

CVE-2021-1657

CVE-2021-1658

CVE-2021-1659

CVE-2021-1660

CVE-2021-1661

CVE-2021-1662

CVE-2021-1663

CVE-2021-1664

CVE-2021-1665

CVE-2021-1666

CVE-2021-1667

CVE-2021-1668

CVE-2021-1669

CVE-2021-1670

CVE-2021-1671

CVE-2021-1672

CVE-2021-1673

CVE-2021-1674

CVE-2021-1676

CVE-2021-1678

CVE-2021-1679

CVE-2021-1680

CVE-2021-1681

CVE-2021-1682

CVE-2021-1683

CVE-2021-1684

CVE-2021-1685

CVE-2021-1686

CVE-2021-1687

CVE-2021-1688

CVE-2021-1689

CVE-2021-1690

CVE-2021-1691

CVE-2021-1692

CVE-2021-1693

CVE-2021-1694

CVE-2021-1695

CVE-2021-1696

CVE-2021-1697

CVE-2021-1699

CVE-2021-1700

CVE-2021-1701

CVE-2021-1702

CVE-2021-1703

CVE-2021-1704

CVE-2021-1706

CVE-2021-1708

CVE-2021-1709

CVE-2021-1710

 

*Workaround: No

**Public: Yes

Exploited: No

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass

Edge

EdgeHTML-based

Critical

  CVE-2021-1705

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Office, Office Services, and Web Apps

365 Apps for Enterprise

Excel 2010, 2013, 2016

Office 2010, 2013, 2016, 2019, 2019 for Mac, Online Server

Web Apps 2010, server 2013

SharePoint Enterprise Server 2013, 2016

SharePoint Foundation 2010, 2013

SharePoint Server 2010, 2019

Word 2010, 2013, 2016

Important

CVE-2021-1641

CVE-2021-1707

CVE-2021-1711

CVE-2021-1712

CVE-2021-1713

CVE-2021-1714

CVE-2021-1715

CVE-2021-1716

CVE-2021-1717

CVE-2021-1718

CVE-2021-1719

 

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Windows Codecs Library

HEVC Video Extension

Critical

CVE-2021-1644

CVE-2021-1643

 

*Workaround: No

**Public: No

Exploited: No

Remote Code Execution

Visual Studio

Visual Studio 2015, 2017, 2019

Important

CVE-2020-26870

CVE-2021-1651

CVE-2021-1680

CVE-2021-1723

 

*Workaround: No

**Public: No

Exploited: No

Denial of Service

Elevation of Privilege

Remote Code Execution

SQL Server

SQL Server 2012, 2014, 2016, 2017, 2019

Important

   CVE-2021-1636

*Workaround: No

**Public: No

Exploited: No

Elevation of Privilege

Malware Protection Engine

Security Essentials

System Center 2012, Endpoint Protection

Defender

 

Critical

   CVE-2021-1647

*Workaround: No

**Public: No

Exploited: Yes

Remote Code Execution

.NET Repository

.NET 4.6.0 - 4.10.2

Important

  CVE-2021-1725

*Workaround: No

**Public: No

Exploited: No

Information Disclosure

ASP .NET

ASP.NET Core 3.1, 5.0

Important

   CVE-2021-1723

*Workaround: No

**Public: No

Exploited: No

Denial of Service

Azure

Azure Kubernetes Service

Important

   CVE-2021-1677

*Workaround: No

**Public: No

Exploited: No

Spoofing