Please see Security Advisories for the week ending February 12, 2021
- Microsoft Releases February 2021 Security Updates
- Windows Win32k privilege escalation currently being exploited in the wild
- Adobe Releases Security Updates in Several Products
- Mozilla Releases Security Updates for Firefox and Firefox ESR in Windows
- Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)
________________________________
Microsoft Releases February 2021 Security Updates
Situation
Microsoft has released multiple patches to address multiple vulnerabilities in their operating systems some of the vulnerabilities could be exploited to gain remote control of the affected system.
Problem
Microsoft has discovered and patched multiple vulnerabilities in their latest operating systems which if exploited could lead to remote takeover.
Implication
Leaving any operating system unpatched leaves, it vulnerable to exploits in the software that may allow remote takeover.
Need
Microsoft recommends installing all pending updates and security update to further secure the systems.
For a brief overview:
For a more technical overview:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Feb
________________________________
Windows Win32k privilege escalation currently being exploited in the wild
Situation
Microsoft has released a security advisory to address a privilege escalation vulnerability (CVE-2021-1732) found in the Microsoft Win32k component, which is currently being exploited in the wild.
Problem
The vulnerability (CVE-2021-1732) is a Windows Win32k elevation of privilege vulnerability and can allow an attacker or malicious program to elevate their privileges to administrative level privileges.
Implication
If a local attacker is able to successfully exploit this vulnerability it could allow them to take control of the affected system.
Need
This vulnerability was patched with Microsoft February 2021 Patch Tuesday. Microsoft recommends installing all available updates to patch known vulnerabilities. For additional information regarding this vulnerability, please visit Microsoft's advisory for CVE-2021-1732 in the link below.
For a brief overview:
For a more detailed overview:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1732
________________________________
Adobe Releases Security Updates in Several Products
Situation
Adobe has released security updates for several products: Magento, Acrobat/Reader, Photoshop, Animate, Illustrator, and Dreamweaver. These affect all versions on both Windows and macOS platforms.
Problem
A large number of vulnerabilities have been found and fixed in the latest update including buffer overflows, improper access control, improper input validation, out-of-bound read/writes, and more.
Implication
Attackers can exploit these vulnerabilities to perform actions such as denial of service, arbitrary code execution, privilege escalation, and more.
Need
If you use any of the listed Adobe products, update to the latest version as soon as possible.
________________________________
Mozilla Releases Security Updates for Firefox and Firefox ESR in Windows
Situation
Mozilla has released security updates for Firefox and Firefox ESR.
Problem
A critical level buffer overflow vulnerability was discovered in the Angles graphic library. This only affects the Windows operating system.
Implication
An attacker can exploit this vulnerability to take control of the affected system.
Need
Windows Firefox users should update to the latest version as soon as possible.
For a brief overview:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/#MOZ-2021-0001
________________________________
Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)
Situation
Microsoft has released a security advisory for the previous vulnerability (CVE-2020-1472) to inform users of a new security update to make changes to windows domain controllers requiring devices to use more secure communication.
Problem
Patching the vulnerability (CVE-2020-1472) will make it difficult to connect to windows servers unless they use RPC or have an exception. This is to prevent remote attackers from bypassing security.
Implication
Increasing security by patching (CVE-2020-1472) will make Microsoft servers more secure requiring secure connections before establishing the remote desktop tunnel. Unpatched Servers are still vulnerable to the net logon remote vulnerability.
Need
Microsoft recommends installing all pending updates and security updates.
For a brief overview:
For a more detailed overview:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472
