{"id":6615,"date":"2021-01-14T16:06:24","date_gmt":"2021-01-14T16:06:24","guid":{"rendered":"https:\/\/www.n-able.com\/?p=6615"},"modified":"2024-05-14T16:43:29","modified_gmt":"2024-05-14T15:43:29","slug":"january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","title":{"rendered":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be"},"content":{"rendered":"

Here we are in a new year and Microsoft has released their first set of patches. This month we continue the recent trend of less than 100 vulnerabilities fixed by Microsoft. While there are some critical vulnerabilities (and one that will get fixed without you having to deploy a patch), I was still struck by how few critical fixes were included this month.<\/p>\n

All in all, we saw 83 vulnerabilities fixed, with 10 marked\u00a0critical<\/b>\u00a0and 71 marked\u00a0important<\/b>. Interestingly, the important fixes are the ones marked with a higher likelihood of being exploited. So let\u2019s review those\u00a0<\/b>critical ones along with the others that warrant attention.<\/p>\n

Operating system<\/h2>\n

Most of the operating system vulnerabilities this month all have the same description and details. There are five vulnerabilities titled\u00a0Remote Procedure Call Runtime Remote Code Execution Vulnerability<\/b>.<\/i>\u00a0<\/b>CVE-2021-1658<\/a>,\u00a0CVE-2021-1660<\/a>,\u00a0CVE-2021-1667<\/a>,\u00a0CVE-2021-1673<\/a>, and\u00a0CVE-2021-1666<\/a>\u00a0are all RPC vulnerabilities which can be executed across the network without user interaction required. These vulnerabilities all have a CVSS score of 8.8, the highest in this month\u2019s batch. This vulnerability affects Windows 7 through the current version of Windows 10, including the corresponding server and core versions.<\/p>\n

Next is a\u00a0GDI+ Remote Code Execution Vulnerability<\/b>, CVE-2021-1665<\/a>. This vulnerability requires user interaction by clicking on an attachment and would give the attacker full access to the target system. It has a CVSS of 7.8 and is listed by Microsoft as\u00a0exploitation less likely<\/b>.<\/p>\n

CVE-2021-1643<\/a>\u00a0is a\u00a0HEVC Video Extensions Remote Code Execution Vulnerability\u00a0<\/b>in the Microsoft Store Apps that uses the video extension. It\u2019s listed as\u00a0exploitation less likely.<\/b>\u00a0These apps generally update themselves unless you have blocked updates in the Windows Store. The vulnerability in the link includes a PowerShell script you can use to determine if you need to update any affected apps by checking the version of the extension\u2019s package.<\/p>\n

The final \u201cCritical\u201d on the operating system side is\u00a0CVE-2021-1668<\/a>, titled\u00a0Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability<\/b>. This vulnerability requires user interaction (such as opening a malicious file) on the system and would give the attacker the ability to execute code. It\u2019s also listed as\u00a0exploitation less likely.<\/b><\/p>\n

Browsers<\/h2>\n

There is only one critical vulnerability in the browsers this month.\u00a0CVE-2021-1705<\/a>\u00a0is a\u00a0Microsoft Edge (HTML-based) Memory Corruption Vulnerability\u00a0<\/b>which would grant an attacker full access to a system if a user visited a malicious site from a spam or phishing email. It\u2019s also listed as\u00a0exploitation less likely<\/b>. This vulnerability affects all systems that support the Edge-HTML version of Microsoft Edge. As you\u2019re aware, the newest versions of Edge are based on Chromium and self-update. It might be time to consider moving to that flavor if you have not already.<\/p>\n

Other applications<\/h2>\n

CVE-2021-1647<\/a>\u00a0is a\u00a0Microsoft Defender Remote Code Execution Vulnerability\u00a0<\/b>that Microsoft states is currently under active attack. Listed as\u00a0exploitation detected<\/b>, this vulnerability requires access to the system. Vulnerabilities like this are used many times in multi-stage attacks, using one vector to gain access to the system, and then a vulnerability like this to execute additional code for the next stage in their attack. Luckily, Microsoft updates their engine along with their definitions in regular updates. Simply ensure any systems running Windows Defender are configured for regular updates and it will resolve itself. In this case, make sure Defender is running Microsoft Malware Protection Engine version 1.1.17700.4 or later.<\/p>\n

Important vulnerabilities worth some attention<\/h2>\n

We often run across vulnerabilities that are only listed as\u00a0important<\/b>\u00a0but Microsoft marks them as\u00a0exploitation more likely<\/b>. This month we have two of those.<\/p>\n

CVE-2021-1707<\/a>\u00a0is a\u00a0Microsoft SharePoint Server Remote Code Execution Vulnerability\u00a0<\/b>that would allow code to be executed on the kernel of the system hosting SharePoint if an application package were uploaded to the server. This is a higher-complexity attack as the attacker needs to have access to a user account with permissions to upload to SharePoint. It also has a CVSS score of 8.8, which is on the higher end of the scale. This vulnerability affects SharePoint Foundation 2010 and 2013, SharePoint Enterprise Server 2016, and SharePoint Server 2019.<\/p>\n

Finally, we have a\u00a0Windows Win32k Elevation of Privilege Vulnerability<\/b>,\u00a0CVE-2021-1709<\/a>. It\u2019s a locally exploited vulnerability that requires no user interaction. An attacker could use this vulnerability to gain higher privileges during an attack with the intention of moving to other systems during a multi-stage attack. It has a CVSS of 7.0, and affects Windows 7 up to the current version of Windows 10, including Server and Core versions.<\/p>\n

Microsoft also issued fixes for Office, SQL, Windows Installer, ASP.Net, Hyper-V, and Windows DNS. From a priority standpoint, if you\u2019re running Windows Defender, make sure it\u2019s receiving updates as expected. Next, focus on workstations, your SharePoint servers, and then move to your SQL and Office updates. Also make sure you take the time to update any DNS servers in your environment, as they can sometimes get skipped in favor of maintaining uptime.<\/p>\n

 <\/p>\n

Gill Langston is head security nerd for N‑able MSP. You can follow Gill on Twitter at\u00a0@cybersec_nerd<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-6615","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"\nJanuary 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able<\/title>\n<meta name=\"description\" content=\"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able\" \/>\n<meta property=\"og:description\" content=\"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-14T16:06:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-14T15:43:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Gill Langston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Gill Langston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\"},\"author\":{\"name\":\"Gill Langston\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\"},\"headline\":\"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be\",\"datePublished\":\"2021-01-14T16:06:24+00:00\",\"dateModified\":\"2024-05-14T15:43:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\"},\"wordCount\":861,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\",\"url\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\",\"name\":\"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr#website\"},\"datePublished\":\"2021-01-14T16:06:24+00:00\",\"dateModified\":\"2024-05-14T15:43:29+00:00\",\"description\":\"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/fr\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/fr#website\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/fr?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/fr#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\",\"name\":\"Gill Langston\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"caption\":\"Gill Langston\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able","description":"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","og_locale":"fr_FR","og_type":"article","og_title":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able","og_description":"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.","og_url":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2021-01-14T16:06:24+00:00","article_modified_time":"2024-05-14T15:43:29+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Gill Langston","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"\u00c9crit par":"Gill Langston","Dur\u00e9e de lecture estim\u00e9e":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be"},"author":{"name":"Gill Langston","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a"},"headline":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be","datePublished":"2021-01-14T16:06:24+00:00","dateModified":"2024-05-14T15:43:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be"},"wordCount":861,"publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","url":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be","name":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr#website"},"datePublished":"2021-01-14T16:06:24+00:00","dateModified":"2024-05-14T15:43:29+00:00","description":"The first Patch Tuesday of the new year sees 100 vulnerabilities fixed by Microsoft with just 10 listed as critical and 71 marked as important.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/fr\/blog\/january-2021-patch-tuesday-one-actively-exploited-vulnerability-and-few-likely-be#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/fr\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/fr#website","url":"https:\/\/www.n-able.com\/fr","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/fr?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/fr#organization","name":"N-able","url":"https:\/\/www.n-able.com\/fr","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a","name":"Gill Langston","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","caption":"Gill Langston"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/6615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/comments?post=6615"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/6615\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/media?parent=6615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}