Security News > 2021 > January > Microsoft Patch Tuesday: 83 Vulnerabilities, 10 Critical, 1 Actively Exploited

Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a "Critical" bug in the Defender security product that's being actively exploited.
Security experts are urging security response personnel to pay special attention to CVE-2021-1647, which describes a remote code execution flaw in Microsoft Defender, the company's flagship anti-malware product.
The Microsoft Defender update comes with an "Exploitation detected" warning and was shipped via the Microsoft Malware Protection Engine, a utility used to clean-up remnants of known malware attacks.
Of the 83 vulnerabilities documented for January, 10 are rated "Critical," Microsoft's highest severity rating.
The January batch of patches cover serious security holes in Microsoft Office, Microsoft Office Services and Web Apps, Microsoft WIndows, Visual Studio,.
According to Dustin Childs, a research who tracks security updates for ZDI, the major bug in the Microsoft Malware Protection Engine may already be patched as the engine auto-updates as needed.
News URL
Related news
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-12 | CVE-2021-1647 | Unspecified vulnerability in Microsoft products Microsoft Defender Remote Code Execution Vulnerability | 0.0 |