Microsoft January Patch Tuesday

Patch Tuesday Series
A new year and we have a new set of vulnerabilities to patch just like every month :)

Microsoft patched 83 CVEs in the January 2021 Patch Tuesday release, including 10 CVEs rated as critical and 73 rated as important.

Adobe announced that support for Flash Player ended after December 31, 2020 and that Adobe will begin blocking Flash content from running in Flash Player beginning on January 12. Flash's history of security vulnerabilities spans more than a decade and has been a popular avenue for attackers.

Let's explore some of the interesting facts

CVE-2021-1648 is a Microsoft splwow64 Elevation of Privilege Vulnerability (EoP) which is a patch bypass for CVE-2020-0986, which was exploited in the wild as a zero-day. Proof of concept (PoC) is public but this one is considered as important vulnerability, not critical. Attackers will need local access with low privileges to exploit this vulnerability and that's a relief.

Then we have a SharePoint remote code execution vulnerability which is CVE-2021-1707. Attack vector for this is network and need low privileges to exploit this. It is marked by Microsoft as exploitation more likely probably due ease of exploitation. However, PoC is not out yet.

Then we have, Microsoft Defender Remote Code Execution Vulnerability which is CVE-2021-1647 was exploited in the wild. This bug in the Microsoft Malware Protection Engine may already be patched on your system as the engine auto-updates as needed. However, if your systems are not connected to the Internet, you'll need to manually apply the patch.

Once you patch the above, test and approve the rest of the 9 critical vulnerabilities.

And that's it for this month, Happy Patching and Happy New Year!