Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Security

Patch Tuesday – January 2021

It’s a quiet start for Microsoft in 2021 as it issues patches for only 80 vulnerabilities, which is considerably lower than most months. Among them are a fix for a zero-day bug in Microsoft’s Defender software and a fix for a flaw publicly disclosed at the tail of end last year by Trend Micro ZDI.

Windows and Windows Server

This month Microsoft fixed a critical zero-day flaw (CVE-2021-1647) in its Defender product, the built-in malware protection software in Windows. The vulnerability is being actively exploited and while Microsoft hasn’t published details, it’s believed that the flaw can be easily exploited by hackers.

KerbsOnSecurity quotes Kevin Breen, director of research at Immersive Labs, as saying “It could be as simple as sending a file. The user doesn’t need to interact with anything, as Defender will access it as soon as it is placed on the system.” The patches for Microsoft Defender are automatically installed by Windows Update unless explicitly blocked by system administrators.

A critical remote code execution (RCE) bug (CVE-2020-1660) in the Remote Procedure Call (RPC) runtime gets patched. RPC is often used to manage communications between Windows devices and it has in the past been a popular mechanism for viruses known as worms. Worms can spread easily between computers without any user interaction. CVE-2020-1660 is one of 5 RPC bugs patched this month.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

An elevation of privilege (EoP) bug in the splwow64 service, made public last month by Trend Micro’s Zero-Day Initiative (ZDI) project, has also been patched. Microsoft says that while details about CVE-2021-1648 were publicly available, it wasn’t exploited in the wild.

Exchange, SQL, and SharePoint Server

Microsoft released a patch for an EoP bug in Microsoft SQL Server 2012, 2014, 2016, 2017, and 2019. It is rated important and Microsoft says that an authenticated attacker could send data over a network to an affected SQL Server when configured to run an Extended Event session.

There are 9 patches for SharePoint Server. All are rated important and include EoP, spoofing, and RCE flaws. There are no patches for Exchange Server this month.

Microsoft Office

Microsoft 365 Apps for Enterprise (Click-to-Run) get patches for five important RCE vulnerabilities. Microsoft Office 2010 through 2019 also gets a series of patches for RCE bugs, all rated important.

Adobe Software

Flash Player is now officially dead but that doesn’t mean there won’t be important patches from Adobe. This month sees Adobe patch flaws in Photoshop, Illustrator, Animate, Campaign Classic, InCopy, Captivate, and Bridge. You can find more information about the patches on Adobe’s website here.

And that’s it for another month. Happy patching!

 

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: