We arrive at the first Patch Tuesday of 2021 (2021-Jan) with 83 vulnerabilities across our standard spread of products. Windows Operating System vulnerabilities dominated this month's advisories, followed by Microsoft Office (which includes the SharePoint family of products), and lastly some from less frequent products such as Microsoft System Center and Microsoft SQL Server.
Vulnerability Breakdown by Software Family
| Family | Vulnerability Count |
|---|
| Windows | 65 |
| ESU | 35 |
| Microsoft Office | 11 |
| Developer Tools | 5 |
| SQL Server | 1 |
| Apps | 1 |
| System Center | 1 |
| Azure | 1 |
| Browser | 1 |
CVE-2021-1647 is marked as a CVSS 7.8, actively exploited, remote code execution vulnerability through the Microsoft Malware Protection Engine (mpengine.dll) between version 1.1.17600.5 up to 1.1.17700.4.
As a default, Microsoft's affected antimalware software will automatically keep the Microsoft Malware Protection Engine up to date. What this means, however, is that no further action is needed to resolve this vulnerability unless non-standard configurations are used.
This vulnerability affects Windows Defender or the supported Endpoint Protection pieces of the System Center family of products (2012, 2012 R2, and namesake version: Microsoft System Center Endpoint Protection).
Patching Windows Operating Systems Next
Another confirmation of the standard advice of prioritizing Operating System patches whenever possible is that 11 of the 13 top CVSS-scoring (CVSSv3 8.8) vulnerabilities addressed in this month's Patch Tuesday would be immediately covered through these means. As an interesting observation, the Windows Remote Procedure Call Runtime component appears to have been given extra scrutiny this month. This RPC Runtime component accounts for the 9 of the 13 top CVSS scoring vulnerabilities along with half of all the 10 Critical Remote Code Execution vulnerabilities being addressed.
More Work to be Done
Lastly, some minor calls to note that this Patch Tuesday includes SQL Server as that is an atypical family covered during Patch Tuesdays and, arguably more notable, is a reminder that Adobe Flash has officially reached end-of-life and would've been actively removed from all browsers via Windows Update (already).
Summary Tables
Here are this month's patched vulnerabilities split by the product family.
Azure Vulnerabilities
| CVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1677 | Azure Active Directory Pod Identity Spoofing Vulnerability | No | No | 5.5 | Yes |
Browser Vulnerabilities
| CVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1705 | Microsoft Edge (HTML-based) Memory Corruption Vulnerability | No | No | 4.2 | No |
| cve | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2020-26870 | Visual Studio Remote Code Execution Vulnerability | No | No | 7 | Yes |
| CVE-2021-1725 | Bot Framework SDK Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1723 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | No | No | 7.5 | No |
| CVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1651 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1680 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | No | No | 7.8 | No |
Microsoft Office Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1715 | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-1716 | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-1641 | Microsoft SharePoint Spoofing Vulnerability | No | No | 4.6 | No |
| CVE-2021-1717 | Microsoft SharePoint Spoofing Vulnerability | No | No | 4.6 | No |
| CVE-2021-1718 | Microsoft SharePoint Server Tampering Vulnerability | No | No | 8 | No |
| CVE-2021-1707 | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes |
| CVE-2021-1712 | Microsoft SharePoint Elevation of Privilege Vulnerability | No | No | 8 | No |
| CVE-2021-1719 | Microsoft SharePoint Elevation of Privilege Vulnerability | No | No | 8 | No |
| CVE-2021-1711 | Microsoft Office Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-1713 | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-1714 | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
SQL Server Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1636 | Microsoft SQL Elevation of Privilege Vulnerability | No | No | 8.8 | Yes |
System Center Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1647 | Microsoft Defender Remote Code Execution Vulnerability | Yes | No | 7.8 | Yes |
Windows Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1681 | Windows WalletService Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1686 | Windows WalletService Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1687 | Windows WalletService Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1690 | Windows WalletService Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1646 | Windows WLAN Service Elevation of Privilege Vulnerability | No | No | 6.6 | No |
| CVE-2021-1650 | Windows Runtime C++ Template Library Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1663 | Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1670 | Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1672 | Windows Projected File System FS Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1689 | Windows Multipoint Management Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1682 | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7 | No |
| CVE-2021-1697 | Windows InstallService Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1662 | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1703 | Windows Event Logging Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1645 | Windows Docker Information Disclosure Vulnerability | No | No | 5 | Yes |
| CVE-2021-1637 | Windows DNS Query Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1638 | Windows Bluetooth Security Feature Bypass Vulnerability | No | No | 7.7 | No |
| CVE-2021-1683 | Windows Bluetooth Security Feature Bypass Vulnerability | No | No | 5 | No |
| CVE-2021-1684 | Windows Bluetooth Security Feature Bypass Vulnerability | No | No | 5 | No |
| CVE-2021-1642 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1685 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | No | No | 7.3 | No |
| CVE-2021-1648 | Microsoft splwow64 Elevation of Privilege Vulnerability | No | Yes | 7.8 | Yes |
| CVE-2021-1710 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | No | No | 7.8 | No |
| CVE-2021-1691 | Hyper-V Denial of Service Vulnerability | No | No | 7.7 | No |
| CVE-2021-1692 | Hyper-V Denial of Service Vulnerability | No | No | 7.7 | No |
| CVE-2021-1643 | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-1644 | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
Windows Apps Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1669 | Windows Remote Desktop Security Feature Bypass Vulnerability | No | No | 8.8 | Yes |
Windows ESU Vulnerabilities
| CVE | title | Exploited | Disclosed | CVSS3 | FAQ? |
|---|
| CVE-2021-1709 | Windows Win32k Elevation of Privilege Vulnerability | No | No | 7 | No |
| CVE-2021-1694 | Windows Update Stack Elevation of Privilege Vulnerability | No | No | 7.5 | Yes |
| CVE-2021-1702 | Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1674 | Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability | No | No | 8.8 | No |
| CVE-2021-1695 | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1676 | Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1706 | Windows LUAFV Elevation of Privilege Vulnerability | No | No | 7.3 | No |
| CVE-2021-1661 | Windows Installer Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1704 | Windows Hyper-V Elevation of Privilege Vulnerability | No | No | 7.3 | No |
| CVE-2021-1696 | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1708 | Windows GDI+ Information Disclosure Vulnerability | No | No | 5.7 | Yes |
| CVE-2021-1657 | Windows Fax Compose Form Remote Code Execution Vulnerability | No | No | 7.8 | No |
| CVE-2021-1679 | Windows CryptoAPI Denial of Service Vulnerability | No | No | 6.5 | No |
| CVE-2021-1652 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1653 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1654 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1655 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1659 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1688 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1693 | Windows CSC Service Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-1699 | Windows (modem.sys) Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1656 | TPM Device Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-1658 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1660 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1666 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1667 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1673 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1664 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1671 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1700 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1701 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | No | No | 8.8 | No |
| CVE-2021-1678 | NTLM Security Feature Bypass Vulnerability | No | No | 4.3 | No |
| CVE-2021-1668 | Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability | No | No | 7.8 | No |
| CVE-2021-1665 | GDI+ Remote Code Execution Vulnerability | No | No | 7.8 | No |
| CVE-2021-1649 | Active Template Library Elevation of Privilege Vulnerability | No | No | 7.8 | No |
Summary Graphs
Note: Graph data is reflective of data presented by Microsoft's CVRF at the time of writing.
