Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Microsoft patches actively exploited Windows kernel flaw

February 11, 2021

This month’s comparatively humble bundle of safety updates fixes 56 vulnerabilities, together with a zero-day bug and 11 flaws rated as essential

Yesterday was the second Tuesday of the month, which implies that Microsoft is rolling out patches for safety vulnerabilities present in Home windows and its different merchandise. This 12 months’s second batch of safety updates brings fixes for 56 vulnerabilities, together with a zero-day flaw that’s being actively exploited within the wild.

The elevation of privilege flaw vulnerability, tracked as CVE-2021-1732 and ranked as “necessary” on the Common Vulnerability Scoring System (CVSS) scale, resides in Home windows’ Win32k kernel element. In line with the SANS Technology Institute, it’s a native vulnerability and “an attacker must have native entry to the machine (console or SSH for instance) or depend on consumer interplay, like a consumer opening a malicious doc.”

The safety loophole a prompted a response from the Cybersecurity and Infrastructure Safety Company (CISA) which issued a security advisory: “CISA encourages customers and directors to assessment Microsoft Advisory for CVE-2021-1732 and apply the mandatory patch to Home windows 10 and Home windows 2019 servers.”

Past the zero-day bug, the most recent spherical of updates additionally consists of fixes for 11 safety flaws that acquired the best rating of “essential”, whereas 6 safety holes are listed as publicly identified on the time of the discharge. The overwhelming majority of the remaining have been ranked as “necessary” and two have been labeled as “average” in severity.

RELATED READING: Google: Better patching could have prevented 1 in 4 zero‑days last year

Amongst these ranked as essential, 4 vulnerabilities earned an virtually “excellent rating” of 9.8 out of 10 on the CVSS scale and have been labeled as distant code execution (RCE) vulnerabilities.

The primary one, tracked as CVE-2021-24078, may be discovered within the Microsoft DNS server and will enable a distant attacker to run arbitrary code with service on the goal host. The SANS Institute additionally warned that for the reason that bug doesn’t require any consumer interplay, it may probably be wormable.

In the meantime, two different essential RCEs listed as CVE-2021-24074 and CVE-2021-24094 have been discovered to have an effect on the Home windows TCP/IP implementation. Though Microsoft said that it could be troublesome to create useful exploits for them, the Redmond big believes attackers may exploit them along with a Denial of Service (DoS) vulnerability tracked as CVE-2021-24086 in a DoS assault.

Safety updates have been launched for varied flavors of Home windows merchandise, Microsoft Workplace, Skype for Enterprise in addition to different choices in Microsoft’s portfolio.

As all the time, each system directors and common customers are suggested to use the patches as quickly as potential.

Posted in SecurityTags:
Write a comment