Security News > 2021 > February > Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw
The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors.
Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.
In addition to the bug under active exploitation, Microsoft mentioned that six separate vulnerabilities are publicly known and exploit code may be available but the company did not provide additional documentation.
An attacker would entice a user to open a specially crafted PDF, which would result in code execution through the Reader bug then escalation through this bug.
This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems.
The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.
News URL
Related news
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- Windows kernel bug now exploited in attacks to gain SYSTEM privileges (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft confirms game audio issues on Windows 11 24H2 PCs (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs (source)