Security News > 2021 > February > Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day
Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.
With today's update, Microsoft has fixed for 56 vulnerabilities, with eleven classified as Critical, two as Moderate, and 43 as Important.
There is also one zero-day vulnerability and six previously disclosed vulnerabilities fixed as part of the February 2021 updates.
Microsoft fixed both a zero-day and numerous publicly disclosed vulnerabilities as part of the months security updates.
Today, Microsoft fixed a vulnerability tracked as CVE-2021-24105 in their Azure Artifactory product that was discovered after researchers used it in a PoC attack against Microsoft's systems.
Below is the full list of resolved vulnerabilities and released advisories in the February 2021 Patch Tuesday updates.
News URL
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-25 | CVE-2021-24105 | Unspecified vulnerability in Microsoft Package Manager Configurations <p>Depending on configuration of various package managers it is possible for an attacker to insert a malicious package into a package manager's repository which can be retrieved and used during development, build, and release processes. | 8.4 |