Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Malware
  • VERT Threat Alert: January 2021 Patch Tuesday Analysis
  • Malware
  • Vulnerabilities

VERT Threat Alert: January 2021 Patch Tuesday Analysis

5 years ago Tyler Reguly
VERT Threat Alert: January 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th.

In-The-Wild & Disclosed CVEs

CVE-2021-1647

A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since the MMPE is updated regularly with malware definitions, your products have likely already updated. If you want to be certain, check to see that your MMPE version is 1.1.17700.4 or later. If you have a lower version, you should force a manual software update.

Microsoft has rated this as Exploit Detected on the latest software release on the Exploitability Index.

CVE-2021-1648

This CVE is a little tricky as this is the vulnerability previously disclosed by Google Project Zero and ZDI, in December, which was publicly referred to as CVE-2020-17008 at the time. Please note that the CVE from December does not match the CVE issued today. Microsoft has made the unprecedented move of changing the existing CVE to match the year the patch was released. To assist our customers in identifying this vulnerability and ensuring all systems are patched, we have associated both CVEs with our detection logic for this vulnerability. We believe this may cause confusion in the patching process and we highly recommend sharing this information across your organization.

Microsoft has rated this as Exploitation Less Likely on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag CVE Count CVEs
Windows Hyper-V 3 CVE-2021-1691, CVE-2021-1692, CVE-2021-1704
Windows WalletService 4 CVE-2021-1681, CVE-2021-1686, CVE-2021-1687, CVE-2021-1690
Microsoft Windows 8 CVE-2021-1657, CVE-2021-1676, CVE-2021-1689, CVE-2021-1650, CVE-2021-1649, CVE-2021-1646, CVE-2021-1699, CVE-2021-1706
Microsoft Malware Protection Engine 1 CVE-2021-1647
Windows Media 1 CVE-2021-1710
Windows Installer 2 CVE-2021-1661, CVE-2021-1697
Visual Studio 1 CVE-2020-26870
Windows Projected File System Filter Driver 3 CVE-2021-1663, CVE-2021-1670, CVE-2021-1672
Microsoft DTV-DVD Video Decoder 1 CVE-2021-1668
Microsoft Bluetooth Driver 3 CVE-2021-1683, CVE-2021-1684, CVE-2021-1638
Microsoft Windows Codecs Library 2 CVE-2021-1644, CVE-2021-1643
Azure Active Directory Pod Identity 1 CVE-2021-1677
SQL Server 1 CVE-2021-1636
Windows CryptoAPI 1 CVE-2021-1679
Microsoft Graphics Component 4 CVE-2021-1665, CVE-2021-1696, CVE-2021-1708, CVE-2021-1709
Windows Event Tracing 1 CVE-2021-1662
Windows Kernel 1 CVE-2021-1682
Microsoft Office SharePoint 6 CVE-2021-1641, CVE-2021-1707, CVE-2021-1712, CVE-2021-1718, CVE-2021-1717, CVE-2021-1719
Microsoft Office 5 CVE-2021-1711, CVE-2021-1713, CVE-2021-1714, CVE-2021-1715, CVE-2021-1716
Windows Remote Procedure Call Runtime 9 CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701
Windows Remote Desktop 2 CVE-2021-1669, CVE-2021-1674
Windows NTLM 1 CVE-2021-1678
Windows AppX Deployment Extensions 2 CVE-2021-1642, CVE-2021-1685
.NET Repository 1 CVE-2021-1725
Windows Diagnostic Hub 2 CVE-2021-1651, CVE-2021-1680
Microsoft RPC 1 CVE-2021-1702
Microsoft Edge (HTML-based) 1 CVE-2021-1705
ASP.NET core & .NET core 1 CVE-2021-1723
Windows Event Logging Service 1 CVE-2021-1703
Windows DP API 1 CVE-2021-1645
Windows TPM Device Driver 1 CVE-2021-1656
Windows Update Stack 1 CVE-2021-1694
Windows Print Spooler Components 1 CVE-2021-1695
Microsoft Windows DNS 1 CVE-2021-1637
Windows splwow64 1 CVE-2021-1648
Windows CSC Service 7 CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693

Other Information

There were no advisories included in the January security guidance.

The post ” VERT Threat Alert: January 2021 Patch Tuesday Analysis” appeared first on TripWire

Source:TripWire – Tyler Reguly

Tags: Exploit, Google, Microsoft, Patch Tuesday, TripWire

Continue Reading

Previous Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
Next More Lessons Learned About Trying Harder and Passing the Offensive Security Certified Professional Exam (OSCP)

More Stories

  • Vulnerabilities

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

16 hours ago [email protected] (The Hacker News)
  • Malware

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

18 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Malware

Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware

20 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

22 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Vulnerabilities

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

2 days ago [email protected] (The Hacker News)
  • Vulnerabilities

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

2 days ago [email protected] (The Hacker News)

Recent Posts

  • Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
  • TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
  • Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
  • AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
  • We Are At War

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT