Security News > 2021 > February > Microsoft February 2021 Patch Tuesday fixes 56 flaws, 1 zero-day
Today is Microsoft's February 2021 Patch Tuesday, so please be buy your Windows administrators some snacks to keep their energy up throughout the day.
With today's update, Microsoft has fixed for 56 vulnerabilities, with eleven classified as Critical, two as Moderate, and 43 as Important.
There is also one zero-day vulnerability and six previously disclosed vulnerabilities fixed as part of the February 2021 updates.
Microsoft fixed both a zero-day and numerous publicly disclosed vulnerabilities as part of the months security updates.
Today, Microsoft fixed a vulnerability tracked as CVE-2021-24105 in their Azure Artifactory product that was discovered after researchers used it in a PoC attack against Microsoft's systems.
Below is the full list of resolved vulnerabilities and released advisories in the February 2021 Patch Tuesday updates.
News URL
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Microsoft Patched 6 Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-25 | CVE-2021-24105 | Unspecified vulnerability in Microsoft Package Manager Configurations <p>Depending on configuration of various package managers it is possible for an attacker to insert a malicious package into a package manager's repository which can be retrieved and used during development, build, and release processes. | 8.4 |