Security News > 2021 > February > Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw
The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors.
Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.
In addition to the bug under active exploitation, Microsoft mentioned that six separate vulnerabilities are publicly known and exploit code may be available but the company did not provide additional documentation.
An attacker would entice a user to open a specially crafted PDF, which would result in code execution through the Reader bug then escalation through this bug.
This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems.
The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.
News URL
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)