Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
.NET Core CVE-2021-26701 .NET Core Remote Code Execution Vulnerability
.NET Core CVE-2021-24112 .NET Core Remote Code Execution Vulnerability
.NET Core & Visual Studio CVE-2021-1721 .NET Core and Visual Studio Denial of Service Vulnerability
.NET Framework CVE-2021-24111 .NET Framework Denial of Service Vulnerability
Azure IoT CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability
Developer Tools CVE-2021-24105 Package Managers Configurations Remote Code Execution Vulnerability
Microsoft Azure Kubernetes Service CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
Microsoft Dynamics CVE-2021-24101 Microsoft Dataverse Information Disclosure Vulnerability
Microsoft Dynamics CVE-2021-1724 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
Microsoft Edge for Android CVE-2021-24100 Microsoft Edge for Android Information Disclosure Vulnerability
Microsoft Exchange Server CVE-2021-24085 Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server CVE-2021-1730 Microsoft Exchange Server Spoofing Vulnerability
Microsoft Graphics Component CVE-2021-24093 Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-24067 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-24068 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-24070 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2021-24071 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2021-1726 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2021-24066 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2021-24072 Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Teams CVE-2021-24114 Microsoft Teams iOS Information Disclosure Vulnerability
Microsoft Windows Codecs Library CVE-2021-24081 Microsoft Windows Codecs Library Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-24091 Windows Camera Codec Pack Remote Code Execution Vulnerability
Role: DNS Server CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability
Role: Hyper-V CVE-2021-24076 Microsoft Windows VMSwitch Information Disclosure Vulnerability
Role: Windows Fax Service CVE-2021-24077 Windows Fax Service Remote Code Execution Vulnerability
Role: Windows Fax Service CVE-2021-1722 Windows Fax Service Remote Code Execution Vulnerability
Skype for Business CVE-2021-24073 Skype for Business and Lync Spoofing Vulnerability
Skype for Business CVE-2021-24099 Skype for Business and Lync Denial of Service Vulnerability
SysInternals CVE-2021-1733 Sysinternals PsExec Elevation of Privilege Vulnerability
System Center CVE-2021-1728 System Center Operations Manager Elevation of Privilege Vulnerability
Visual Studio CVE-2021-1639 Visual Studio Code Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
Windows Address Book CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability
Windows Backup Engine CVE-2021-24079 Windows Backup Engine Information Disclosure Vulnerability
Windows Console Driver CVE-2021-24098 Windows Console Driver Denial of Service Vulnerability
Windows Defender CVE-2021-24092 Microsoft Defender Elevation of Privilege Vulnerability
Windows DirectX CVE-2021-24106 Windows DirectX Information Disclosure Vulnerability
Windows Event Tracing CVE-2021-24102 Windows Event Tracing Elevation of Privilege Vulnerability
Windows Event Tracing CVE-2021-24103 Windows Event Tracing Elevation of Privilege Vulnerability
Windows Installer CVE-2021-1727 Windows Installer Elevation of Privilege Vulnerability
Windows Kernel CVE-2021-24096 Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel CVE-2021-1732 Windows Win32k Elevation of Privilege Vulnerability
Windows Kernel CVE-2021-1698 Windows Win32k Elevation of Privilege Vulnerability
Windows Mobile Device Management CVE-2021-24084 Windows Mobile Device Management Information Disclosure Vulnerability
Windows Network File System CVE-2021-24075 Windows Network File System Denial of Service Vulnerability
Windows PFX Encryption CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability
Windows PKU2U CVE-2021-25195 Windows PKU2U Elevation of Privilege Vulnerability
Windows PowerShell CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
Windows Print Spooler Components CVE-2021-24088 Windows Local Spooler Remote Code Execution Vulnerability
Windows Remote Procedure Call CVE-2021-1734 Windows Remote Procedure Call Information Disclosure Vulnerability
Windows TCP/IP CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability
Windows TCP/IP CVE-2021-24074 Windows TCP/IP Remote Code Execution Vulnerability
Windows TCP/IP CVE-2021-24094 Windows TCP/IP Remote Code Execution Vulnerability
Windows Trust Verification API CVE-2021-24080 Windows Trust Verification API Denial of Service Vulnerability

CVE-2021-1639 - Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1639
MITRE
NVD		 CVE Title: Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1639
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.8 Release Notes (Security Update) Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Visual Studio Code Release Notes (Security Update) Important Remote Code Execution None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1639 David Dworken

CVE-2021-1721 - .NET Core and Visual Studio Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1721
MITRE
NVD		 CVE Title: .NET Core and Visual Studio Denial of Service Vulnerability
CVSS:

CVSS:3.0 6.5/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1721
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
.NET 5.0 Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
.NET Core 2.1 Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
.NET Core 3.1 Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe
Microsoft Visual Studio 2019 version 16.8 Release Notes (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1721 None

CVE-2021-1724 - Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1724
MITRE
NVD		 CVE Title: Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVSS:

CVSS:3.0 6.1/5.5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1724
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise) 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics 365 Business Central 2020 Release Wave 1 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics 365 Business Central 2020 Release Wave 2 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics NAV 2015 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics NAV 2016 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics NAV 2017 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics NAV 2018 4602915 (Security Update) Important Spoofing None Base: 6.1
Temporal: 5.5
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1724 Piotr Cielas@EY

CVE-2021-1728 - System Center Operations Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1728
MITRE
NVD		 CVE Title: System Center Operations Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

In what instances do I need to install the security update for this vulnerability?

This vulnerability only affects machines that have any of the following System Center 2019 - Operations Manager (SCOM) components installed:

  • Management Server
  • Microsoft Monitoring Agent
  • Gateway

Do I need to install the update if I do not have "Enable Service log on" feature enabled?

No. This update is required if “Service Log on” or “Interactive Log on” is enabled for customers on System Center 2019 – Operations Manager.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1728
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
System Center 2019 Operations Manager Important Elevation of Privilege None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1728 None

CVE-2021-1731 - PFX Encryption Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1731
MITRE
NVD		 CVE Title: PFX Encryption Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What security feature might be bypassed by this vulnerability?

When exporting a SID-protected PFX file, keys encrypted using AES are not properly protected. Any SID-protected PFX files using AES for key encryption should be regenerated and exported after this update is installed.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1731
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1731 Michael J. Lyons of the Xbox Console OS team

CVE-2021-1732 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1732
MITRE
NVD		 CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1732
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1732 JinQuan, MaDongZe, TuXiaoYi, and LiHao of DBAPPSecurity Co., Ltd

CVE-2021-1733 - Sysinternals PsExec Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1733
MITRE
NVD		 CVE Title: Sysinternals PsExec Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What version of PSExec contains the update to resolve this vulnerability?

PsExec v2.32 is not longer affected by this vulneratiblity.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1733
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
PsExec Release Notes (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1733 David Wells (@CE2Wells) of Tenable

CVE-2021-1734 - Windows Remote Procedure Call Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1734
MITRE
NVD		 CVE Title: Windows Remote Procedure Call Information Disclosure Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1734
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Information Disclosure 4598231 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Information Disclosure 4598231 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Information Disclosure 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Information Disclosure 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Information Disclosure 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Information Disclosure 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Information Disclosure 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Information Disclosure 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Information Disclosure 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Information Disclosure 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Information Disclosure 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1734 Yuki Chen

CVE-2021-1698 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1698
MITRE
NVD		 CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1698
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1698 Jarvis_1oop of Pinduoduo Security Research Lab

CVE-2021-1722 - Windows Fax Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1722
MITRE
NVD		 CVE Title: Windows Fax Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.1/7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

In what scenarios is my computer vulnerable?

To exploit this vulnerability, the Windows Fax and Scan feature needs to be enabled, and the Fax service needs to be running. Systems that do not have the Fax service running are not vulnerable.

How can I verify whether the Fax service is running?

  1. Hold the Windows key and press R on your keyboard. This will open the Run dialog.
  2. Type services.msc and press Enter to open the Services window.
  3. Scroll through the list and locate the Fax service.
    • If the Fax service is not listed, Windows Fax and Scan is not enabled and the system is not vulnerable.
    • If the Fax service is listed but the status is not Running, then the system is not vulnerable at the time, but could be targeted if the service was started. The update should be installed as soon as possible or the Fax service should be removed if not needed.

Mitigations:
None
Workarounds:

The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place:

Uninstall the Windows Fax and Scan feature

  1. Click Start, click Settings or Control Panel depending on your version of Windows.
  2. For Windows 7 and 8.1, select Programs. For Windows 10, select Apps.
  3. Select Turn Windows features on or off on Windows 7 and 8.1. Select Optional Features on Windows 10.
  4. Uncheck the Windows Fax and Scan feature.
  5. Restart the computer.

Impact of Workaround

Removing the Windows Fax and Scan service will prevent the computer from sending or receiving faxes.

How to undo the workaround

Follow the steps above, but check the box next to Windows Fax and Scan in step 4.


Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1722
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Critical Remote Code Execution 4598285
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1722 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng)

CVE-2021-25195 - Windows PKU2U Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-25195
MITRE
NVD		 CVE Title: Windows PKU2U Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What is PKU2U?

PKU2U is a peer-to-peer authentication protocol. This setting prevents online identities from authenticating to domain-joined systems. Authentication will be centrally managed with Windows user accounts.

How do I know if my servers are exploitable by this vulnerability?

If your servers are not configured to allow the use of PKU2U authentication, they would not be vulnerable. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you do not use PKU2U authentication. Please see Network security Allow PKU2U authentication requests to this computer to use online identities for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-25195
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-25195 Maxwell Whitaker of Microsoft’s Security Assurance and Vulnerability Research team

CVE-2021-24085 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24085
MITRE
NVD		 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.0 6.5/5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What is the nature of the spoofing?

An authenticated attacker can leak a cert file which results in a CSRF token to be generated.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24085
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2016 Cumulative Update 18 4602269 (Security Update) Important Spoofing 4593465
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 4602269 (Security Update) Important Spoofing 4593465
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4602269 (Security Update) Important Spoofing 4593465
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 4602269 (Security Update) Important Spoofing 4593465
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24085 Steven Seeley (mr_me) of Source Incite Source Incite


CVE-2021-24087 - Azure IoT CLI extension Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24087
MITRE
NVD		 CVE Title: Azure IoT CLI extension Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What can an attacker do with this vulnerability?

An elevation of privilege vulnerability exists in the way Azure CLI and Azure IoT CLI extension generates new symmetric keys for encryption, allowing an attacker to predict the randomness of the key. An attacker could derive the keys from the way they are generated and use them to access a user's IoT hub.

How do I know if I need to install the update?

This update addresses the vulnerability by randomizing the key generation within Azure IoT CLI extension. https://github.com/Azure/azure-iot-cli-extension/pull/279/files https://docs.microsoft.com/en-us/cli/azure/release-notes-azure-cli?tabs=azure-cli#december-29-2020

Which versions are affected? IoT extension versions affected are 0.10.2 – 0.10.6 All versions before 2.17.0 in Azure CLI are affected


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24087
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
azure-iot-cli-extension Pull Request (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24087 Cristian Pop of Azure IoT

CVE-2021-24093 - Windows Graphics Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24093
MITRE
NVD		 CVE Title: Windows Graphics Component Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24093
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24093 Dominik Röttsches of Google and Mateusz Jurczyk of Google Project Zero

CVE-2021-24096 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24096
MITRE
NVD		 CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24096
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24096 James Forshaw of Google Project Zero

CVE-2021-24100 - Microsoft Edge for Android Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24100
MITRE
NVD		 CVE Title: Microsoft Edge for Android Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.0/4.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

This vulnerability discloses personally identifiable information and payment information of a user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24100
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge for Android Important Information Disclosure None Base: 5.0
Temporal: 4.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24100 Kirtikumar Anandrao Ramchandani

CVE-2021-24101 - Microsoft Dataverse Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24101
MITRE
NVD		 CVE Title: Microsoft Dataverse Information Disclosure Vulnerability
CVSS:

CVSS:3.0 6.5/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

This vulnerability discloses data stored in the underlying datasets in Dataverse, that could include Personal Identifiable Information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24101
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8.2 4595463 (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Dynamics 365 (on-premises) version 9.0 4595460 (Security Update) Important Information Disclosure None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24101 Prodware

CVE-2021-24112 - .NET Core Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24112
MITRE
NVD		 CVE Title: .NET Core Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.1/7.3
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability? When a .NET application utilizing libgdiplus on a non-Windows system accepts input, an attacker could send a specially crafted request that could result in remote code execution.

Does this vulnerability affect applications running on Windows? No, Windows utilizes GDI+ to process these requests, and is not affected by this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24112
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
.NET 5.0 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Maybe
.NET Core 2.1 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Maybe
.NET Core 3.1 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.3
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24112 None

CVE-2021-26700 - Visual Studio Code npm-script Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26700
MITRE
NVD		 CVE Title: Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would need to convince a targeted user to clone a malicious repository. Attacker-specified code would execute once the targeted user viewed contents of the repository in Visual Studio Code.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26700
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code - npm-script Extension Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26700 Jack Adamson (@jadamson08)

CVE-2021-26701 - .NET Core Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26701
MITRE
NVD		 CVE Title: .NET Core Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.1/7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is Visual Studio affected by this vulnerability? Visual Studio contains the binaries for .NET, but Visual Studio is not vulnerable to this issue. The update is offered to include the .NET files so any future applications built in Visual Studio which include .NET functionality will be protected from this issue.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26701
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
.NET 5.0 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
.NET Core 2.1 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
.NET Core 3.1 Release Notes (Security Update) Critical Remote Code Execution None Base: 8.1
Temporal: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26701 None

CVE-2021-24114 - Microsoft Teams iOS Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24114
MITRE
NVD		 CVE Title: Microsoft Teams iOS Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.7/5.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information is disclosed by this vulnerability?

This vulnerability exposes the Skype token value in the preview URL for images in Teams iOS app.


How do I get the update for Microsoft Teams for iOS?

  1. Tap the Settings icon
  2. Tap the** iTunes & App Store**
  3. Turn on AUTOMATIC DOWNLOADS for Apps

Alternatively

  1. Tap the** App Store** icon
  2. Scroll down to find Microsoft Teams
  3. Tap the Update button

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24114
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Teams for iOS Release Notes (Security Update) Important Information Disclosure None Base: 5.7
Temporal: 5.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24114 Numan TÜRLE of Gais Security


CVE-2021-1726 - Microsoft SharePoint Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1726
MITRE
NVD		 CVE Title: Microsoft SharePoint Spoofing Vulnerability
CVSS:

CVSS:3.0 8.0/7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What is the nature of the spoofing?

An authenticated attacker could manipulate a SharePoint blog sharing functionality to trigger messaging or a link that appears to be from the SharePoint target site.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1726
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493195 (Security Update) Important Spoofing 4493163
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4493223 (Security Update) Important Spoofing 4493187
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493210 (Security Update) Important Spoofing 4493175
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Server 2019 4493194 (Security Update) Important Spoofing 4493162
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1726 Huynh Phuoc Hung, @hph0var

CVE-2021-1727 - Windows Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1727
MITRE
NVD		 CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1727
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1727 None

CVE-2021-1730 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1730
MITRE
NVD		 CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.0 5.4/4.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Why are the updates listed those that were released in September?

This vulnerability was found in the Exchange Server Installer. This type of vulnerability can only be addressed in a complete release as opposed to a cumulative update. We allowed time for customers to move to the September release prior to disclosing the vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1730
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2016 Cumulative Update 18 4571788 (Security Update) Important Spoofing 4577352
 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 4571787 (Security Update) Important Spoofing 4577352
 Base: 5.4
Temporal: 4.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1730 Mohamed Sayed of IBM X-Force

CVE-2021-24066 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24066
MITRE
NVD		 CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What is the attack vector for this vulnerability?

In a network-based attack an attacker would need to have the privileges to create a site. By creating a site using specific code, the attacker could execute code remotely on the target server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24066
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493195 (Security Update) Important Remote Code Execution 4493163
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4493223 (Security Update) Important Remote Code Execution 4493187
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493210 (Security Update) Important Remote Code Execution 4493175
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Server 2019 4493194 (Security Update) Important Remote Code Execution 4493162
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24066 Anonymous working with Trend Micro Zero Day Initiative

CVE-2021-24067 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24067
MITRE
NVD		 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24067
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 RT Service Pack 1 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (32-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (64-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office 2019 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft Office Online Server 4493192 (Security Update) Important Remote Code Execution 4493160 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Office Web Apps Server 2013 Service Pack 1 4493204 (Security Update) Important Remote Code Execution 4493171 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Office Online Server 4493192 (Security Update) Important Remote Code Execution 4493160 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24067 Anonymous working with Trend Micro Zero Day Initiative

CVE-2021-24068 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24068
MITRE
NVD		 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24068
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 RT Service Pack 1 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Office Web Apps Server 2013 Service Pack 1 4493204 (Security Update) Important Remote Code Execution 4493171 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24068 None

CVE-2021-24069 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24069
MITRE
NVD		 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24069
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 RT Service Pack 1 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (32-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (64-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office 2019 for Mac Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft Office Web Apps Server 2013 Service Pack 1 4493204 (Security Update) Important Remote Code Execution 4493171 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Office Online Server 4493192 (Security Update) Important Remote Code Execution 4493160 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24069 None

CVE-2021-24070 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24070
MITRE
NVD		 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24070
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4493222 (Security Update) Important Remote Code Execution 4493186 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 RT Service Pack 1 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493211 (Security Update) Important Remote Code Execution 4493176 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (32-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Excel 2016 (64-bit edition) 4493196 (Security Update) Important Remote Code Execution 4493165 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 No
Microsoft Office Web Apps Server 2013 Service Pack 1 4493204 (Security Update) Important Remote Code Execution 4493171 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Office Online Server 4493192 (Security Update) Important Remote Code Execution 4493160 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24070 kdot working with Trend Micro’s Zero Day Initiative

CVE-2021-24071 - Microsoft SharePoint Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24071
MITRE
NVD		 CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.3/4.8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability relates to SQL table columns that would normally be restricted.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24071
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493195 (Security Update) Important Information Disclosure 4493163
 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2010 Service Pack 2 4493223 (Security Update) Important Information Disclosure 4493187
 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493210 (Security Update) Important Information Disclosure 4493175
 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe
Microsoft SharePoint Server 2019 4493194 (Security Update) Important Information Disclosure 4493162
 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24071 Steven Seeley (mr_me)


CVE-2021-24072 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24072
MITRE
NVD		 CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24072
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493195 (Security Update) Important Remote Code Execution 4493163
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493210 (Security Update) Important Remote Code Execution 4493175
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft SharePoint Server 2019 4493194 (Security Update) Important Remote Code Execution 4493162
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24072 Yuhao Weng (@cjm00nw) & Zhiniang Peng(@edwardzpeng) of Sangfor Lights Lab


CVE-2021-24073 - Skype for Business and Lync Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24073
MITRE
NVD		 CVE Title: Skype for Business and Lync Spoofing Vulnerability
CVSS:

CVSS:3.0 6.5/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24073
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Lync Server 2013 5000688 (Security Update) Important Spoofing None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
 Maybe
Skype for Business Server 2015 CU 8 5000688 (Security Update) Important Spoofing None Base: 6.5
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24073 Anonymous working with the Responsible Disclosure program of de Volksbank


Amit Avrahamov @avr4mit

CVE-2021-24074 - Windows TCP/IP Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24074
MITRE
NVD		 CVE Title: Windows TCP/IP Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Where can I find more information about this vulnerability?

Please see MSRC Blog regarding the TCP/IP vulnerabilities discussed in CVE-2021-24074, CVE-2021-24086, and CVE-2021-24094.


Mitigations:
None
Workarounds:

1. Set sourceroutingbehavior to "drop"

Use the following command:

netsh int ipv4 set global sourceroutingbehavior=drop

For more information about ipv4 registry settings see Additional Registry Settings

Impact of workaround

IPv4 Source routing is considered insecure and is blocked by default in Windows; however, a system will process the request and return an ICMP message denying the request. The workaround will cause the system to drop these requests altogether without any processing.

How to undo the workaround

To restore to default setting "Dontforward":

netsh int ipv4 set global sourceroutingbehavior=dontforward

2. Configure firewall or load balancers to disallow source routing requests


Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24074
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24074 None

CVE-2021-24075 - Windows Network File System Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24075
MITRE
NVD		 CVE Title: Windows Network File System Denial of Service Vulnerability
CVSS:

CVSS:3.0 6.8/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24075
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24075 None

CVE-2021-24076 - Microsoft Windows VMSwitch Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24076
MITRE
NVD		 CVE Title: Microsoft Windows VMSwitch Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/5.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24076
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for x64-based Systems 4601331 (Security Update) Important Information Disclosure 4598231 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 5.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24076 None

CVE-2021-24077 - Windows Fax Service Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24077
MITRE
NVD		 CVE Title: Windows Fax Service Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

In what scenarios is my computer vulnerable?

To exploit this vulnerability, the Windows Fax and Scan feature needs to be enabled, and the Fax service needs to be running. Systems that do not have the Fax service running are not vulnerable.

How can I verify whether the Fax service is running?

  1. Hold the Windows key and press R on your keyboard. This will open the Run dialog.
  2. Type services.msc and press Enter to open the Services window.
  3. Scroll through the list and locate the Fax service.
    • If the Fax service is not listed, Windows Fax and Scan is not enabled and the system is not vulnerable.
    • If the Fax service is listed but the status is not Running, then the system is not vulnerable at the time, but could be targeted if the service was started. The update should be installed as soon as possible or the Fax service should be removed if not needed.

Mitigations:
None
Workarounds:

The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave this workaround in place:

Uninstall the Windows Fax and Scan feature

  1. Click Start, click Settings or Control Panel depending on your version of Windows.
  2. For Windows 7 and 8.1, select Programs. For Windows 10, select Apps.
  3. Select Turn Windows features on or off on Windows 7 and 8.1. Select Optional Features on Windows 10.
  4. Uncheck the Windows Fax and Scan feature.
  5. Restart the computer.

Impact of Workaround

Removing the Windows Fax and Scan service will prevent the computer from sending or receiving faxes.

How to undo the workaround

Follow the steps above, but check the box next to Windows Fax and Scan in step 4.


Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24077
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24077 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng)


CVE-2021-24078 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24078
MITRE
NVD		 CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24078
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24078 Quan Luo from Codesafe Team of Legendsec at Qi'anxin Group

CVE-2021-24079 - Windows Backup Engine Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24079
MITRE
NVD		 CVE Title: Windows Backup Engine Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24079
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Information Disclosure 4598231 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Information Disclosure 4598231 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Information Disclosure 4598285
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Information Disclosure 4598278
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Information Disclosure 4598285
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Information Disclosure 4598243
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24079 khangkito - Tran Van Khang of VinCSS

CVE-2021-24080 - Windows Trust Verification API Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24080
MITRE
NVD		 CVE Title: Windows Trust Verification API Denial of Service Vulnerability
CVSS:

CVSS:3.0 6.5/5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Moderate Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24080
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Moderate Denial of Service 4598231 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Moderate Denial of Service 4598231 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Moderate Denial of Service 4598243
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Moderate Denial of Service 4598243
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Moderate Denial of Service 4598245 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Moderate Denial of Service 4598245 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Moderate Denial of Service 4598245 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Moderate Denial of Service 4598230
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Moderate Denial of Service 4598230
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Moderate Denial of Service 4598230
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Moderate Denial of Service 4598229
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Moderate Denial of Service 4598229
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Moderate Denial of Service 4598229
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Moderate Denial of Service 4598279
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Moderate Denial of Service 4598279
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Moderate Denial of Service 4598285
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Moderate Denial of Service 4598285
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Moderate Denial of Service 4598285
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Moderate Denial of Service 4598288
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Moderate Denial of Service 4598288
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Moderate Denial of Service 4598288
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Moderate Denial of Service 4598288
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Moderate Denial of Service 4598279
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Moderate Denial of Service 4598279
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Moderate Denial of Service 4598278
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Moderate Denial of Service 4598278
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Moderate Denial of Service 4598285
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Moderate Denial of Service 4598285
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Moderate Denial of Service 4598243
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Moderate Denial of Service 4598243
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Moderate Denial of Service 4598230
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Moderate Denial of Service 4598230
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Moderate Denial of Service 4598229
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Moderate Denial of Service 4598242
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24080 Symeon Paraschoudis of Pen Test Partners LLP (https://www.pentestpartners.com/)

CVE-2021-24081 - Microsoft Windows Codecs Library Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24081
MITRE
NVD		 CVE Title: Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24081
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24081 Hossein Lotfi of Trend Micro Zero Day Initiative

CVE-2021-24082 - Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24082
MITRE
NVD		 CVE Title: Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 4.3/3.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24082
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Security Feature Bypass 4598243
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Security Feature Bypass 4598243
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Security Feature Bypass 4598245 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Security Feature Bypass 4598243
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Security Feature Bypass 4598243
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Security Feature Bypass 4598230
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Security Feature Bypass 4598229
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Security Feature Bypass 4598242
 Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24082 Krishna Yalavarthi, WSD-ASCI team


CVE-2021-24083 - Windows Address Book Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24083
MITRE
NVD		 CVE Title: Windows Address Book Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24083
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Remote Code Execution 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Remote Code Execution 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Remote Code Execution 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Remote Code Execution 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Remote Code Execution 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Remote Code Execution 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Remote Code Execution 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Remote Code Execution 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Remote Code Execution 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Remote Code Execution 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Remote Code Execution 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Remote Code Execution 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Remote Code Execution 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Remote Code Execution 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Remote Code Execution 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Remote Code Execution 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24083 Mat Powell of Trend Micro Zero Day Initiative

CVE-2021-24084 - Windows Mobile Device Management Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24084
MITRE
NVD		 CVE Title: Windows Mobile Device Management Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24084
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24084 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative

CVE-2021-24086 - Windows TCP/IP Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24086
MITRE
NVD		 CVE Title: Windows TCP/IP Denial of Service Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Where can I find more information about this vulnerability?

Please see MSRC Blog regarding the TCP/IP vulnerabilities discussed in CVE-2021-24074, CVE-2021-24086, and CVE-2021-24094.


Mitigations:

Workarounds:

1. Set global reassemblylimit to 0

The following command disables packet reassembly. Any out-of-order packets are dropped. Valid scenarios should not exceed more than 50 out-of-order fragments. We recommend testing prior to updating production systems.

Netsh int ipv6 set global reassemblylimit=0

Further netsh guidance can be found at netsh.

Impact of workaround

There is a potential for packet loss when discarding out-of-order packets.

How to undo the workaround

To restore to default setting "267748640":

Netsh int ipv6 set global reassemblylimit=267748640

2. Configure firewall or load balancers to disallow IPv6 UDP fragmentation


Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24086
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Denial of Service 4598231 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Denial of Service 4598231 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Denial of Service 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Denial of Service 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Denial of Service 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Denial of Service 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Denial of Service 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Denial of Service 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Denial of Service 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Denial of Service 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Denial of Service 4598288
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Denial of Service 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Denial of Service 4598279
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Denial of Service 4598278
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Denial of Service 4598278
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Denial of Service 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Denial of Service 4598285
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Denial of Service 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Denial of Service 4598230
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Denial of Service 4598229
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24086 None

CVE-2021-24088 - Windows Local Spooler Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24088
MITRE
NVD		 CVE Title: Windows Local Spooler Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24088
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Critical Remote Code Execution 4598285
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24088 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng)

CVE-2021-24091 - Windows Camera Codec Pack Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24091
MITRE
NVD		 CVE Title: Windows Camera Codec Pack Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24091
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24091 Hossein Lotfi of Trend Micro Zero Day Initiative

CVE-2021-24092 - Microsoft Defender Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24092
MITRE
NVD		 CVE Title: Microsoft Defender Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
References Identification
Last version of the Microsoft Malware Protection Engine affected by this vulnerability Version 1.1.17700.4
First version of the Microsoft Malware Protection Engine with this vulnerability addressed Version 1.1.17800.5

Why is no action required to install this update? In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Microsoft Malware Protection Engine. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner.

For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating.

Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Microsoft Malware Protection Engine updates and malware definitions, is working as expected in their environment.

How often are the Microsoft Malware Protection Engine and malware definitions updated? Microsoft typically releases an update for the Microsoft Malware Protection Engine once a month or as needed to protect against new threats. Microsoft also typically updates the malware definitions three times daily and can increase the frequency when needed.

Depending on which Microsoft antimalware software is used and how it is configured, the software may search for engine and definition updates every day when connected to the Internet, up to multiple times daily. Customers can also choose to manually check for updates at any time.

What is the Microsoft Malware Protection Engine? The Microsoft Malware Protection Engine, mpengine.dll, provides the scanning, detection, and cleaning capabilities for Microsoft antivirus and antispyware software.

Does this update contain any additional security-related changes to functionality? Yes. In addition to the changes that are listed for this vulnerability, this update includes defense-in-depth updates to help improve security-related features.

Where can I find more information about Microsoft antimalware technology? For more information, visit the Microsoft Malware Protection Center website.

Suggested Actions Verify that the update is installed Customers should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed for their Microsoft antimalware products.

For more information on how to verify the version number for the Microsoft Malware Protection Engine that your software is currently using, see the section, "Verifying Update Installation", in Microsoft Knowledge Base Article 2510781.

For affected software, verify that the Microsoft Malware Protection Engine version is 1.1.17800.5 or later.

If necessary, install the update Administrators of enterprise antimalware deployments should ensure that their update management software is configured to automatically approve and distribute engine updates and new malware definitions. Enterprise administrators should also verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded, approved and deployed in their environment.

For end-users, the affected software provides built-in mechanisms for the automatic detection and deployment of this update. For these customers, the update will be applied within 48 hours of its availability. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.

End users that do not wish to wait can manually update their antimalware software.

For more information on how to manually update the Microsoft Malware Protection Engine and malware definitions, refer to Microsoft Knowledge Base Article 2510781.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24092
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Endpoint Protection Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft Security Essentials Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft System Center 2012 Endpoint Protection Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft System Center 2012 R2 Endpoint Protection Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Microsoft System Center Endpoint Protection Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1607 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1607 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1803 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1803 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1803 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1809 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1809 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1809 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1903 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1903 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1903 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1909 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1909 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 1909 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 2004 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 2004 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 2004 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 20H2 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 20H2 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 10 Version 20H2 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 7 for 32-bit Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 7 for x64-based Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 8.1 for 32-bit systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows 8.1 for x64-based systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2008 for 32-bit Systems Service Pack 2 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2012 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2012 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2012 R2 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2012 R2 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2016 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2016 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2019 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server 2019 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server, version 1903 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server, version 1909 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server, version 2004 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown
Windows Defender on Windows Server, version 20H2 (Server Core Installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24092 None

CVE-2021-24094 - Windows TCP/IP Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24094
MITRE
NVD		 CVE Title: Windows TCP/IP Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Where can I find more information about this vulnerability?

Please see MSRC Blog regarding the TCP/IP vulnerabilities discussed in CVE-2021-24074, CVE-2021-24086, and CVE-2021-24094.


Mitigations:

Workarounds:

1. Set global reassemblylimit to 0

The following command disables packet reassembly. Any out-of-order packets are dropped. Valid scenarios should not exceed more than 50 out-of-order fragments. We recommend testing prior to updating production systems.

Netsh int ipv6 set global reassemblylimit=0

Further netsh guidance can be found at netsh.

Impact of workaround

There is a potential for packet loss when discarding out-of-order packets.

How to undo the workaround

To restore to default setting "267748640":

Netsh int ipv6 set global reassemblylimit=267748640

2. Configure firewall or load balancers to disallow IPv6 UDP fragmentation


Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24094
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Critical Remote Code Execution 4598231 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Critical Remote Code Execution 4598245 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Critical Remote Code Execution 4598288
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Critical Remote Code Execution 4598279
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Critical Remote Code Execution 4598278
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Critical Remote Code Execution 4598285
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Critical Remote Code Execution 4598243
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Critical Remote Code Execution 4598230
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Critical Remote Code Execution 4598229
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Critical Remote Code Execution 4598242
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24094 None

CVE-2021-24098 - Windows Console Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24098
MITRE
NVD		 CVE Title: Windows Console Driver Denial of Service Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is user interaction required to exploit this vulnerability?

Yes. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24098
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Denial of Service 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Denial of Service 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Denial of Service 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Denial of Service 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Denial of Service 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Denial of Service 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24098 Walied Assar


songmingxuan by JD logistics security

CVE-2021-24099 - Skype for Business and Lync Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24099
MITRE
NVD		 CVE Title: Skype for Business and Lync Denial of Service Vulnerability
CVSS:

CVSS:3.0 6.5/5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24099
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Lync Server 2013 5000675 (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Skype for Business Server 2015 CU 8 5000675 (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Skype for Business Server 2019 CU2 5000675 (Security Update) Important Denial of Service None Base: 6.5
Temporal: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24099 Markus Wulftange of Code White GmbH (@codewhitesec)

CVE-2021-24102 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24102
MITRE
NVD		 CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24102
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24102 Yuki Chen

CVE-2021-24103 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24103
MITRE
NVD		 CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24103
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 for x64-based Systems 4601331 (Security Update) Important Elevation of Privilege 4598231 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Elevation of Privilege 4598245 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for 32-bit Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 7 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for 32-bit systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows 8.1 for x64-based systems 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows RT 8.1 4601384 (Monthly Rollup) Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4601360 (Monthly Rollup)
4601366 (Security Only)		 Important Elevation of Privilege 4598288
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4601347 (Monthly Rollup)
4601363 (Security Only)		 Important Elevation of Privilege 4598279
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 (Server Core installation) 4601348 (Monthly Rollup)
4601357 (Security Only)		 Important Elevation of Privilege 4598278
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2012 R2 (Server Core installation) 4601384 (Monthly Rollup)
4601349 (Security Only)		 Important Elevation of Privilege 4598285
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Elevation of Privilege 4598243
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Elevation of Privilege 4598230
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Elevation of Privilege 4598229
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Elevation of Privilege 4598242
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24103 Yuki Chen

CVE-2021-24105 - Package Managers Configurations Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24105
MITRE
NVD		 CVE Title: Package Managers Configurations Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.4/7.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I protect my systems or organization from this vulnerability?

This remote code execution vulnerability can only be addressed by reconfiguring installation tools and workflows, and not by correcting anything in the package repositories themselves. Some package repositories may be able to reduce the likelihood of a successful attack.

Where can I find guidance for configuring my installation tools and workflows to be protected from this vulnerability?

Depending on the package manager used and how it is configured, there are several mitigations available to protect against this vulnerability. Follow the guidance for your specific language as outlined in 3 Ways to Mitigate Risk Using Private Package Feeds

See also Changes to Azure Artifact Upstream Behavior.

References


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24105
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Package Manager Configurations Important Remote Code Execution None Base: 8.4
Temporal: 7.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
 Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24105 Alex Birsan


CVE-2021-24106 - Windows DirectX Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24106
MITRE
NVD		 CVE Title: Windows DirectX Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24106
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Information Disclosure 4598245 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for 32-bit Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for ARM64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1809 for x64-based Systems 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for 32-bit Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for ARM64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 1909 for x64-based Systems 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 2004 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for 32-bit Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for ARM64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows 10 Version 20H2 for x64-based Systems 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server 2019 (Server Core installation) 4601345 (Security Update) Important Information Disclosure 4598230
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 1909 (Server Core installation) 4601315 (Security Update) Important Information Disclosure 4598229
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 2004 (Server Core installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes
Windows Server, version 20H2 (Server Core Installation) 4601319 (Security Update) Important Information Disclosure 4598242
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24106 madongze(@YanZiShuang) of DBAPPSecurity Co., Ltd


Simon Barsky (@expend20)


liuxiaoliang and pjf


k0shl

CVE-2021-24109 - Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24109
MITRE
NVD		 CVE Title: Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 6.8/5.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I know if I need to install the update?

Customer should verify if they are running virtual nodes or virtual-kubelet by running the following command: kubectl get nodes -o wide, the kubelet version will report like vk-<version>

Which virtual node version versions are affected?

The affected versions are v1.18.4-vk-azure-aci-v1.3.2 (virtual node version below this should do an upgrade.)

Where can I install the update?

Customers using Azure Kubernetes Service are automatically upgraded with the new patched version. If you are installing using the helm chart or image, you can update the image reference to mcr.microsoft.com/oss/virtual-kubelet/virtual-kubelet:1.3.2


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Moderate Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24109
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Azure Kubernetes Service Moderate Elevation of Privilege None Base: 6.8
Temporal: 5.9
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24109 None

CVE-2021-24111 - .NET Framework Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24111
MITRE
NVD		 CVE Title: .NET Framework Denial of Service Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-02-09T08:00:00Z    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24111
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 4603005 (Monthly Rollup)
4602961 (Security Only)		 Important Denial of Service 4598503, 4579980
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 4603005 (Monthly Rollup)
4602961 (Security Only)		 Important Denial of Service 4598503, 4579980
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 4601318 (Security Update) Important Denial of Service 4598243
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-based systems 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 4603004 (Monthly Rollup) Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 4601887 (Security Update)
4602959 (Security Only)		 Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 4602959 (Security Only)
4603003 (Monthly Rollup)		 Important Denial of Service
4598501, 4579978		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for ARM64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems 4601354 (Security Update) Important Denial of Service 4598245 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Yes
Microsoft .NET Framework 4.7.2 on Windows Server 2019 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2019 (Server Core installation) 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 4601051 (Security Update) Important Denial of Service 4597247, 4578969
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 4601051 (Security Update) Important Denial of Service 4597247, 4578969
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for 32-bit Systems 4601054 (Security Update) Important Denial of Service 4597249, 4578972
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1803 for x64-based Systems 4601054 (Security Update) Important Denial of Service 4597249, 4578972
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1809 for 32-bit Systems 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1809 for x64-based Systems 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1909 for 32-bit Systems 4601056 (Security Update) Important Denial of Service 4586878, 4598301, 4578974
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1909 for ARM64-based Systems 4601056 (Security Update) Important Denial of Service 4586878, 4598301, 4578974
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1909 for x64-based Systems 4601056 (Security Update) Important Denial of Service 4586878, 4598301, 4578974
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 2004 for 32-bit Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 2004 for ARM64-based Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 2004 for x64-based Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for 32-bit Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for ARM64-based Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for x64-based Systems 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows RT 8.1 4603004 (Monthly Rollup) Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4603002 (Monthly Rollup)
4602958 (Security Only)		 Important Denial of Service 4598500, 4579977
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 4602959 (Security Only)
4603003 (Monthly Rollup)		 Important Denial of Service
4598501, 4579978		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 4602959 (Security Only)
4603003 (Monthly Rollup)		 Important Denial of Service
4598501, 4579978		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 4603004 (Monthly Rollup)
4602960 (Security Only)		 Important Denial of Service 4598502, 4579979
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2016 4601051 (Security Update) Important Denial of Service 4597247, 4578969
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 4601051 (Security Update) Important Denial of Service 4597247, 4578969
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2019 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server 2019 (Server Core installation) 4601887 (Security Update) Important Denial of Service 4598499, 4598461, 4579976
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server, version 1909 (Server Core installation) 4601056 (Security Update) Important Denial of Service 4586878, 4598301, 4578974
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server, version 2004 (Server Core installation) 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe
Microsoft .NET Framework 4.8 on Windows Server, version 20H2 (Server Core Installation) 4601050 (Security Update) Important Denial of Service 4586876, 4598299, 4578968
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24111 None