January 2021 Patch Tuesday fixes 83 vulnerabilities

Patch Tuesday

As IT administrators do their best to cope with business continuity plans, it’s imperative that they understand and manage patch updates. With cybersecurity threats on the rise thanks to the pandemic, it is essential to gain a better understanding of the Patch Tuesday releases, and find ways to deploy them to remote endpoints efficiently. Microsoft has released fixes for 83 vulnerabilities this Patch Tuesday, among which 10 are classified as critical and 73 as Important. Along with these vulnerabilities, Microsoft has also released fixes for one zero-day, and one publicly disclosed vulnerability this month.

A lineup of significant updates

Microsoft security updates have been released for:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Office, Microsoft Office Services and Web Apps
  • Microsoft Windows Codecs Library
  • Visual Studio
  • SQL Server
  • Microsoft Malware Protection Engine
  • .NET Core
  • .NET Repository
  • ASP .NET
  • Azure

Microsoft Defender Zero-day vulnerability

CVE-2021-1647 is a remote code execution vulnerability in the Windows Defender. Microsoft has fixed this vulnerability in Microsoft Malware Protection Engine version 1.1.17700.4 and above. Though exploited in the wild, Microsoft says, this exploit is only at its proof-of-concept level, and is not functional.

To prevent further attacks, in its latest updates of Microsoft Malware Protection Engine, Microsoft has released patches that do not require any user interaction, and updates are automatically installed. unless blocked specifically by the system administrators.

Publicly disclosed Windows EoP vulnerability

The Microsoft splwow64 Elevation of Privilege vulnerability, identified as CVE-2021-1648, has been fixed by Microsoft this month. This flaw in the Microsoft splwow64 service was abused to elevate the privileges of an attacker’s code.

Noteworthy updates

Here are a few vulnerabilities that are especially noteworthy:

Shedding some light on this month’s critical updates

10 Critical vulnerabilities have been reported this Patch Tuesday; those are listed below.

Product

CVE Title

CVE ID

Microsoft DTV-DVD Video DecoderMicrosoft DTV-DVD Video Decoder Remote Code Execution VulnerabilityCVE-2021-1668
Microsoft Edge (HTML-based)Microsoft Edge (HTML-based) Memory Corruption VulnerabilityCVE-2021-1705
Microsoft Graphics ComponentGDI+ Remote Code Execution VulnerabilityCVE-2021-1665
Microsoft Malware Protection EngineMicrosoft Defender Remote Code Execution VulnerabilityCVE-2021-1647
Microsoft Windows Codecs LibraryHEVC Video Extensions Remote Code Execution VulnerabilityCCVE-2021-1643
Windows Remote Procedure Call RuntimeRemote Procedure Call Runtime Remote Code Execution VulnerabilityCVE-2021-1666
Windows Remote Procedure Call RuntimeRemote Procedure Call Runtime Remote Code Execution VulnerabilityCVE-2021-1673
Windows Remote Procedure Call RuntimeRemote Procedure Call Runtime Remote Code Execution VulnerabilityCVE-2021-1658
Windows Remote Procedure Call RuntimeRemote Procedure Call Runtime Remote Code Execution VulnerabilityCVE-2021-1667
Windows Remote Procedure Call RuntimeRemote Procedure Call Runtime Remote Code Execution VulnerabilityCVE-2021-1660

Third-party updates released this month

Coinciding with this month’s Patch Tuesday, Adobe has released security updates for Photoshop, Illustrator, and Animate. We also have notable security updates from Apple, Android, SAP, Intel, Cisco, and VMware.

Keep reading for a few best practices that are ideal in a remote patch management scenario.

  • Prioritize security updates over non-security and optional updates.
  • Download patches directly to endpoints rather than saving them on your server, and distributing them to remote locations.
  • Schedule automation tasks specifically for deploying critical patches for timely updates.
  • Always test the newly incoming patches before deploying them to your endpoints.
  • Plan to set broad deployment windows so critical updates aren’t missed due to unavoidable hindrances.
  • Allow end users to skip deployments to avoid disturbing their productivity.
  • Ensure the machines under your scope aren’t running any end-of-life OSs or applications.
  • Ensure you use a secure gateway server to establish a safe connection between your remote endpoints.

With Desktop Central or Patch Manager Plus, you can completely automate the entire process of patch management, from testing patches to deploying them. You can also tailor the patch tasks according to your current situation. For hands-on experience with either of these products, start a 30-day free trial and keep thousands of applications patched and secure.

** Optrics Inc. is a ManageEngine partner


The original article can be found here:

https://blogs.manageengine.com/desktop-mobile/patch-manager-plus/2021/01/13/january-2021-patch-tuesday-fixes-83-vulnerabilities.html

Leave a Reply