Home Cyber Security News Microsoft Patch Tuesday February Updates Address 56 Bugs Including A Zero-Day And Other Publicly Known Vulnerabilities

Microsoft Patch Tuesday February Updates Address 56 Bugs Including A Zero-Day And Other Publicly Known Vulnerabilities

by Abeerah Hashim
Microsoft Patch Tuesday February

This week arrived the Microsoft Patch Tuesday update bundle for February 2021. This one is the second Patch Tuesday of the year. And, like the January update, this one also addresses a serious zero-day alongside some other publicly known bugs. Yet, the overall update bundle isn’t as huge as the previous one, addressing 56 vulnerabilities only.

Zero-Day And Publicly Known Vulnerabilities

The first notable vulnerability that Microsoft addressed with February Patch Tuesday is a zero-day affecting the Win32k component.

Identified as CVE-2021-1732, it was an important severity bug that achieved a CVSS score of 7.8. Exploiting this vulnerability could allow a logged-in adversary with local access to run codes at elevated privileges, including admin privileges.

While the bug remained veiled from the public, it still went under exploit in the wild as Microsoft admitted. Thus, US CISA has also issued an alert for all Windows admins to apply the patch immediately.

Also, Microsoft has released fixes for 1 critical-severity vulnerability (CVE-2021-26701) and 5 important-severity bugs in different components that became public before the tech giant could release a fix. However, Microsoft has confirmed no active exploitation of these flaws.

Other Microsoft Patch Tuesday February Updates

Apart from the above, Microsoft addressed 49 other vulnerabilities across different components. These include 10 critical severity flaws that could lead to remote code execution upon exploitation.

From these 10, Microsoft has specifically warned of the two critical bugs (CVE-2021-24074 and CVE-2021-24094) alongside an important severity flaw (CVE-2021-24086) leading to a denial of service affecting Windows TCP/IP implementation. As stated in Microsoft’s blog post,

The two RCE vulnerabilities are complex which make it difficult to create functional exploits, so they are not likely in the short term. We believe attackers will be able to create DoS exploits much more quickly and expect all three issues might be exploited with a DoS attack shortly after release. Thus, we recommend customers move quickly to apply Windows security updates this month.

Another important vulnerability worth mentioning here is CVE-2021-24105.

Discovered by security researcher Alex Birsan, the vulnerability allows a novel supply chain attack that potentially posed a threat to 35+ major firms including PayPal, Apple, Microsoft, Shopify, Tesla, Netflix, Uber, and Yelp. The researcher has explained the details of his findings in a post.

Besides, all of the remaining important severity vulnerabilities affecting different components, this month’s update bundle also addressed 2 moderate severity issues. These include a privilege escalation vulnerability (CVE-2021-24109) affecting the Microsoft Azure Kubernetes Service, and a DoS issue (CVE-2021-24080) in the Windows Trust Verification API.

Microsoft has already rolled out the updates for all Windows users. Now, it’s up to the users to update their devices at the earliest to remain safe from said issues.

You may also like

Latest Hacking News

Privacy Preference Center

Necessary

The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.

cookie_notice_accepted and gdpr[allowed_cookies] are used to identify the choices made from the user regarding cookie consent.

For example, if a visitor is in a coffee shop where there may be several infected machines, but the specific visitor's machine is trusted (for example, because they completed a challenge within your Challenge Passage period), the cookie allows Cloudflare to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.

__cfduid, cookie_notice_accepted, gdpr[allowed_cookies]

Advertising

DoubleClick by Google refers to the DoubleClick Digital Marketing platform which is a separate division within Google. This is Google’s most advanced advertising tools set, which includes five interconnected platform components.

DoubleClick Campaign Manager: the ad-serving platform, called an Ad Server, that delivers ads to your customers and measures all online advertising, even across screens and channels.

DoubleClick Bid Manager – the programmatic bidding platform for bidding on high-quality ad inventory from more than 47 ad marketplaces including Google Display Network.

DoubleClick Ad Exchange: the world’s largest ad marketplace for purchasing display, video, mobile, Search and even Facebook inventory.

DoubleClick Search: is more powerful than AdWords and used for purchasing search ads across Google, Yahoo, and Bing.

DoubleClick Creative Solutions: for designing, delivering and measuring rich media (video) ads, interactive and expandable ads.

doubleclick

Analytics

The _ga is asssociated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.

The _gat global object is used to create and retrieve tracker objects, from which all other methods are invoked. Therefore the methods in this list should be run only off a tracker object created using the _gat global variable. All other methods should be called using the _gaq global object for asynchronous tracking.

_gid works as a user navigates between web pages, they can use the gtag.js tagging library to record information about the page the user has seen (for example, the page's URL) in Google Analytics. The gtag.js tagging library uses HTTP Cookies to "remember" the user's previous interactions with the web pages.

_ga, _gat, _gid