Written by Rafael Silva

The February 2021 Security Update Review

The February 2021 Security Update Review

https://ift.tt/3pbP6XK

CVE Title Severity CVSS Public Exploited Type
CVE-2021-1732 Windows Win32k Elevation of Privilege
Vulnerability 		Important 7.8 No Yes EoP
CVE-2021-26701 .NET Core and Visual Studio Remote Code
Execution Vulnerability 		Critical 8.1 Yes No RCE
CVE-2021-1721 .NET Core and Visual Studio Denial of
Service Vulnerability 		Important 6.5 Yes No DoS
CVE-2021-1733 Sysinternals PsExec Elevation of Privilege
Vulnerability 		Important 7.8 Yes No EoP
CVE-2021-24098 Windows Console Driver Denial of Service
Vulnerability 		Important 5.5 Yes No DoS
CVE-2021-24106 Windows DirectX Information Disclosure
Vulnerability 		Important 5.5 Yes No Info
CVE-2021-1727 Windows Installer Elevation of Privilege
Vulnerability 		Important 7.8 Yes No EoP
CVE-2021-24112 .NET Core for Linux Remote Code Execution
Vulnerability 		Critical 8.1 No No RCE
CVE-2021-24081 Microsoft Windows Codecs Library Remote Code
Execution Vulnerability 		Critical 7.8 No No RCE
CVE-2021-24091 Windows Camera Codec Pack Remote Code
Execution Vulnerability 		Critical 7.8 No No RCE
CVE-2021-24078 Windows DNS Server Remote Code Execution
Vulnerability 		Critical 9.8 No No RCE
CVE-2021-1722 Windows Fax Service Remote Code Execution
Vulnerability 		Critical 8.1 No No RCE
CVE-2021-24077 Windows Fax Service Remote Code Execution
Vulnerability 		Critical 8.4 No No RCE
CVE-2021-24093 Windows Graphics Component Remote Code
Execution Vulnerability 		Critical 8.8 No No RCE
CVE-2021-24088 Windows Local Spooler Remote Code Execution
Vulnerability 		Critical 8.8 No No RCE
CVE-2021-24074 Windows TCP/IP Remote Code Execution
Vulnerability 		Critical 9.8 No No RCE
CVE-2021-24094 Windows TCP/IP Remote Code Execution
Vulnerability 		Critical 9.8 No No RCE
CVE-2021-24111 .NET Framework Denial of Service
Vulnerability 		Important 7.5 No No DoS
CVE-2021-24087 Azure IoT CLI extension Elevation of
Privilege Vulnerability 		Important 7 No No EoP
CVE-2021-24101 Microsoft Dataverse Information Disclosure
Vulnerability 		Important 6.5 No No Info
CVE-2021-24092 Microsoft Defender Elevation of Privilege
Vulnerability 		Important 7.8 No No Info
CVE-2021-1724 Microsoft Dynamics Business Central
Cross-site Scripting Vulnerability 		Important 6.1 No No XSS
CVE-2021-24100 Microsoft Edge for Android Information
Disclosure Vulnerability 		Important 5 No No Info
CVE-2021-24067 Microsoft Excel Remote Code Execution
Vulnerability 		Important 7.8 No No RCE
CVE-2021-24068 Microsoft Excel Remote Code Execution
Vulnerability 		Important 7.8 No No RCE
CVE-2021-24069 Microsoft Excel Remote Code Execution
Vulnerability 		Important 7.8 No No RCE
CVE-2021-24070 Microsoft Excel Remote Code Execution
Vulnerability 		Important 7.8 No No RCE
CVE-2021-1730 Microsoft Exchange Server Spoofing
Vulnerability 		Important 5.4 No No Spoof
CVE-2021-24085 Microsoft Exchange Server Spoofing
Vulnerability 		Important 6.5 No No Spoof
CVE-2021-24071 Microsoft SharePoint Information Disclosure
Vulnerability 		Important 5.3 No No Info
CVE-2021-24066 Microsoft SharePoint Remote Code Execution
Vulnerability 		Important 8.8 No No RCE
CVE-2021-24072 Microsoft SharePoint Server Remote Code
Execution Vulnerability 		Important 8.8 No No RCE
CVE-2021-1726 Microsoft SharePoint Spoofing
Vulnerability 		Important 8 No No Spoof
CVE-2021-24114 Microsoft Teams iOS Information Disclosure
Vulnerability 		Important 5.7 No No Info
CVE-2021-24076 Microsoft Windows VMSwitch Information
Disclosure Vulnerability 		Important 5.5 No No Info
CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC
Security Feature Bypass Vulnerability 		Important 4.3 No No SFB
CVE-2021-24105 Package Managers Configurations Remote Code
Execution Vulnerability 		Important 7.8 No No RCE
CVE-2021-1731 PFX Encryption Security Feature Bypass
Vulnerability 		Important 5.5 No No SFB
CVE-2021-24099 Skype for Business and Lync Denial of
Service Vulnerability 		Important 6.5 No No DoS
CVE-2021-24073 Skype for Business and Lync Spoofing
Vulnerability 		Important 6.5 No No Spoof
CVE-2021-1728 System Center Operations Manager Elevation
of Privilege Vulnerability 		Important 8.8 No No EoP
CVE-2021-26700 Visual Studio Code npm-script Extension
Remote Code Execution Vulnerability 		Important 7.8 No No RCE
CVE-2021-1639 Visual Studio Code Remote Code Execution
Vulnerability 		Important 7 No No RCE
CVE-2021-24083 Windows Address Book Remote Code Execution
Vulnerability 		Important 7.8 No No RCE
CVE-2021-24079 Windows Backup Engine Information Disclosure
Vulnerability 		Important 5.5 No No Info
CVE-2021-24102 Windows Event Tracing Elevation of Privilege
Vulnerability 		Important 7.8 No No EoP
CVE-2021-24103 Windows Event Tracing Elevation of Privilege
Vulnerability 		Important 7.8 No No EoP
CVE-2021-24096 Windows Kernel Elevation of Privilege
Vulnerability 		Important 7.8 No No EoP
CVE-2021-24084 Windows Mobile Device Management Information
Disclosure Vulnerability 		Important 5.5 No No Info
CVE-2021-24075 Windows Network File System Denial of
Service Vulnerability 		Important 6.8 No No DoS
CVE-2021-25195 Windows PKU2U Elevation of Privilege
Vulnerability 		Important 7.8 No No EoP
CVE-2021-1734 Windows Remote Procedure Call Information
Disclosure Vulnerability 		Important 7.5 No No Info
CVE-2021-24086 Windows TCP/IP Denial of Service
Vulnerability 		Important 7.5 No No DoS
CVE-2021-1698 Windows Win32k Elevation of Privilege
Vulnerability 		Important 7.8 No No EoP
CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation
of Privilege Vulnerability 		Moderate 6.8 No No EoP
CVE-2021-24080 Windows Trust Verification API Denial of
Service Vulnerability 		Moderate 6.5 No No DoS

Security

via Zero Day Initiative – Blog https://ift.tt/325QsZG

February 9, 2021 at 06:33PM
Dustin Childs