Skip to main content

Microsoft Monthly Security Update (Jan 2021)

Release Date: 13 Jan 2021 834 Views

RISK: Extremely High Risk

TYPE: Opeartion Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
WindowsMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure
Security Restriction Bypass
Denial of Service
 
Microsoft OfficeMedium Risk Medium RiskSpoofing
Remote Code Execution
Elevation of Privilege
Data Manipulation
 
SQL ServerMedium Risk Medium RiskElevation of Privilege 
System CenterExtremely High Risk Extremely High RiskRemote Code Execution

Exploited in the wild:

CVE-2021-1647

Developer ToolsMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
Denial of Service
Information Disclosure
 
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Information Disclosure
Remote Code Execution
Security Restriction Bypass
Denial of Service
 
AppsMedium Risk Medium RiskSecurity Restriction Bypass 
AzureLow Risk Low RiskSpoofing 
BrowserMedium Risk Medium RiskRemote Code Execution 

 

Number of 'Extremely High Risk' product(s): 1

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 7

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': Extremely High Risk


Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing
  • Data Manipulation

System / Technologies affected

  • Windows
  • Microsoft Office
  • SQL Server
  • System Center
  • Developer Tools
  • Extended Security Updates (ESU)
  • Apps
  • Azure
  • Browser

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier


Source


Related Link