Security News > 2021 > February > Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw
The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors.
Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.
In addition to the bug under active exploitation, Microsoft mentioned that six separate vulnerabilities are publicly known and exploit code may be available but the company did not provide additional documentation.
An attacker would entice a user to open a specially crafted PDF, which would result in code execution through the Reader bug then escalation through this bug.
This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems.
The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.
News URL
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)