Home / Technology / Microsoft Patch Tuesday, January 2021 Edition – Krebs on Security

Microsoft Patch Tuesday, January 2021 Edition – Krebs on Security



Microsoft Today released an update to plug more than 80 security holes into it. Windows Operating systems and other software, including operating systems used, and one released earlier today. The ten flaws are rated Microsoft’s worst “critical”, which means they may be exploited by malware or attackers to hold remote controls over unmatched systems with Little or no interaction from Windows users.

Most of the time involved in this month’s series is likely a major mistake. (CVE-2021-1647) in Microsoft’s default anti-malware suite – Windows Defender -That is an active exploitation.Microsoft recently stopped providing many details in its vulnerability advisory, so it̵

7;s unclear how it’s exploited.

but Kevin BreenDirector of Research at Realistic labSaid that depending on the flaw vector, it can be a bit of a leverage.

“It can be as simple as sending a file,” he said. “Users don’t have to interact with anything, because the Defender has instant access to the system.”

Fortunately, this bug may have already been fixed by Microsoft on end-user systems as the company continually updated Defender outside of its regular monthly patch cycles.

Breen calls attention to another critical vulnerability this month – CVE-2020-1660. This is a remote code execution flaw in almost all versions of Windows that received a CVSS rating of 8.8 (10 is the most dangerous).

“They classify the vulnerability as low in complexity, which means that attacks can happen easily,” Breen said. Without the full context of this vulnerability, we have to rely on Microsoft to make decisions on our behalf. ”

CVE-2020-1660 It’s just one of five bugs in a core Microsoft service called Call remote steps (RPC), which is responsible for the massive heavy lifting of Windows.Worms, noteworthy over a decade, are automatically spread using RPC vulnerabilities.

Allan Liska, Senior security architect at Future savedIt said that while many vulnerabilities surrounding the same component were released simultaneously, two previous vulnerabilities in the RPC – CVE-2019-1409 and CVE-2018-8514 – were not widely exploited.

The remaining 70 or more bugs that were fixed this month made Microsoft a less “important” rating, not to say that the security flaws were less to the point: CVE-2021-. 1709 This is a “elevation” flaw in Windows 8 through 10 and Windows Server 2008 through 2019.

“Unfortunately, these vulnerabilities are often rapidly attacked by attackers,” Liska said. “For example, CVE-2019-1458. It was announced on December 10, 2019, and by December 19, an attacker was seen selling a vulnerability in the underground marketplace. So while CVE-2021-1709 Has been rated as [an information exposure flaw] Where Microsoft should prioritize editing “

Trend Micro’s ZDI Initiative Point out another flaw that it says “important” – CVE-2021-1648. This is a privilege flaw in Windows 8, 10, and some editions of Windows Server 2012 and 2019 that ZDI made public before today.

“Google has also found out, presumably this patch fixes a bug caused by a previous patch,” said ZDI. Dustin Childs “The previous CVE was wildly exploited, so it is reasonable to think that this CVE will be actively exploited as well.”

Adobe has released security updates to address at least eight vulnerabilities in a wide range of products, including: Adobe Photoshop and IllustratorNo Flash Player Updated because Adobe retired browser plugins in December. (hallelujah!) and Microsoft’s update cycle from last month removed the program from Microsoft’s browser.

Windows 10 users should be aware that the operating system downloads updates and installs all at once on a schedule, close any active programs, and reboot the system. If you want to make sure Windows is set to pause updates so that you have ample opportunity to backup your files and / or system, check out this guide.

Please backup your system before applying any of these updates. Windows 10 also has built-in tools to help you do that, either by file / folder-by-file or by making a complete hard drive copy and Can boot at the same time You never know when compiling a patch will damage your system or even damage important files. For those looking for flexible and feature-rich backup options. (Plus additional backups) Acronis and Macrium are the two I’ve used before and are worth a look.

That said, there doesn’t appear to be any major issues with this month’s update pack. But before you apply the update, visit AskWoody.com, where there are usually reports of problematic patches.

As always, if you’ve found any bugs or problems installing these fixes this month, please consider leaving a comment on them below. There’s a better chance that even other readers have experienced the same, and might chime with some helpful advice here.

Tags: Allan Liska, AskWoody.com, CVE-2018-8514, CVE-2019-1409, CVE-2019-1458, CVE-2020-1660, CVE-2021-1647, CVE-2021-1648, CVE-2021- 1709, Dustin Childs, Immersive Labs, Kevin Breen, Saved Future, Trend Micro’s ZDI Initiative, Windows Defender.

This entry was posted on Tuesday, January 12, 2021 at 8:32 PM, and was sent under Time to Patch. You can follow any comments on this list via RSS 2.0 feed. You can skip to the end and Can comment Ping is not allowed at this time.


Source link