Security News > 2021 > February > Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw

The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors.
Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.
In addition to the bug under active exploitation, Microsoft mentioned that six separate vulnerabilities are publicly known and exploit code may be available but the company did not provide additional documentation.
An attacker would entice a user to open a specially crafted PDF, which would result in code execution through the Reader bug then escalation through this bug.
This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems.
The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.
News URL
Related news
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)