Security News > 2021 > January > Microsoft emits 83 security fixes – and miscreants are already exploiting one of the vulns in Windows Defender
One of these bugs is publicly known, according to Microsoft, while another, a remote-code execution hole in the Windows Defender security system, is actively being exploited.
CVE-2021-1647 is a Microsoft Defender remote code execution vulnerability.
In a blog post, Zero Day Initiative's Dustin Childs speculates that the flaw, which for some may already have been patched automatically, could have played a role in the SolarWinds fiasco.
Conspicuously absent from January's Patch Tuesday is a fix to address a bypass for CVE-2020-16875, an Exchange Server RCE supposedly repaired in September, 2020.
Infosec researcher Steven Seeley, who says he reported the initial flaw through Microsoft's Office 365 Cloud Bounty program, subsequently identified two ways around the patch, one of which was fixed last month via CVE-2020-17132.
On Monday, Mozilla issued a critical fix for Thunderbird, CVE-2020-16044, a user-after-free write bug that's been patched to prevent potential usage for running arbitrary remote code.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/01/12/patch_tuesday_fixes/
Related news
- Microsoft: January Windows security updates break audio playback (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Windows 11 installation media bug causes security update failures (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Windows 11 Media Update Bug Stops Security Updates (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Windows 10 users urged to upgrade to avoid "security fiasco" (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2020-16044 | Use After Free vulnerability in Google Chrome Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. | 8.8 |
| 2021-01-12 | CVE-2021-1647 | Unspecified vulnerability in Microsoft products Microsoft Defender Remote Code Execution Vulnerability | 0.0 |
| 2020-12-10 | CVE-2020-17132 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Remote Code Execution Vulnerability | 0.0 |
| 2020-09-11 | CVE-2020-16875 | Improper Privilege Management vulnerability in Microsoft Exchange Server 2016/2019 <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. | 0.0 |