February 2021 Patch Tuesday – 56 Vulnerabilities, 11 Critical, Adobe

Animesh Jain

This month’s Microsoft Patch Tuesday addresses 56 vulnerabilities, of which 11 are rated as Critical. Adobe released patches today for Reader, Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver.

TCP/IP Trio

Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074 and CVE-2021-24094) and an Important Denial of Service (DoS) vulnerability (CVE-2021-24086). While there is no evidence that these vulnerabilities are exploited in wild, these vulnerabilities should be prioritized given their impact.

Windows Fax Service

Microsoft released patches to fix a remote code execution vulnerability in Windows Fax Service (CVE-2021-24077). This vulnerability has a CVSSv3 base score of 9.8 and should be prioritized for patching.

Windows DNS Server

Microsoft released patches to fix a remote code execution vulnerability in Windows DNS Server (CVE-2021-24078). This vulnerability has a CVSSv3 base score of 9.8 and should be prioritized for patching.

Windows Win32k Elevation of Privilege

Microsoft released updates to fix a local privilege escalation vulnerability in Win32K (CVE-2021-1732). This vulnerability is reportedly exploited in the wild and should be prioritized for patching.

Workstation Patches

Microsoft Office vulnerabilities should be prioritized for workstation-type devices.

Adobe

Adobe issued patches today covering multiple vulnerabilities in Adobe Reader, Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver. Patching Adobe Acrobat and Reader should be prioritized as Adobe has received reports of CVE-2021-21017 exploited in wild targeting Adobe Reader users on Windows.

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday, followed shortly after by PT dashboards.

Show Comments (1)

Comments

Your email address will not be published. Required fields are marked *