Security News > 2021 > February > Patch Tuesday: Microsoft Warns of Under-Attack Windows Kernel Flaw
The Microsoft patch drop adds to the workloads for weary defenders struggling to keep pace with the volume and pace of security updates from major vendors.
Earlier Tuesday, Adobe shipped fixes for multiple dangerous security holes, including a bug in the Adobe Reader that is being exploited in "Limited targeted attacks" against Windows OS users.
In addition to the bug under active exploitation, Microsoft mentioned that six separate vulnerabilities are publicly known and exploit code may be available but the company did not provide additional documentation.
An attacker would entice a user to open a specially crafted PDF, which would result in code execution through the Reader bug then escalation through this bug.
This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems.
The IPv6 bug involves packet fragmentation where a large number of fragments could lead to code execution.
News URL
Related news
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
- June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft (source)
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- New Latrodectus malware attacks use Microsoft, Cloudflare themes (source)
- Microsoft says April Windows updates break VPN connections (source)
- Microsoft: April Windows Server updates cause NTLM auth failures (source)