GET A FREE TRIAL
cover
03 March 2021 Wednesday

February 2021 Patch Tuesday Rundown

By Kent Weigle
In: #patching
0 Comments

Microsoft rolled out the February 2021 Patch Tuesday update on the 9th of February 2021. With this batch of updates, the focus is on improving the general functionality of the OS and fixing the current bugs. The February updates are all about enhancing the security of most apps and Windows components.

What are the Major Changes?

Microsoft Products and Services Updates

Major versions of Windows 10 have received collective updates ranging from Windows 10 v1507 to Windows 10 v2004. The following are the major highlights of the February Patch Tuesday updates according to Microsoft: Updates to improve security when using Microsoft Office products. Updates to improve security when using external devices, such as game controllers, printers, and web cameras.

Patch Tuesday List of CVEs

While 91 CVEs were identified in January, it appears that February managed to top the record with 106 CVEs of different severity.

Adobe Products

50 vulnerabilities were found, and they affected Adobe Dreamweaver, Animate, Illustrator, Magneto, Photoshop and Reader.

Microsoft Product Vulnerabilities

The remaining vulnerabilities affected Microsoft products. 43 were rated as important. Regardless of the service that’s affected or the severity level of the CVE, Microsoft advises that all users should install the latest patches as quickly as they become available.

Are There Best Practices for Patch Tuesday?

Yes, there are some things that you can do to ensure that your computer installs the latest Patch Tuesday updates without any problems. Everyone knows that Windows updates may initiate errors. In some cases, they may also render your PC totally useless. You need to follow some tips in order to ensure the update install process is effectively done.

How to Download the Latest Patch Tuesday Updates

While the Patch Tuesday updates are of major importance compared to other patches that Microsoft always releases, installing them is done the same way. You can perform the basic actions by following these procedures:

1. Make sure that no other apps are running in the background.

2. Go to one of these sources to get the updates:

  • The Windows Update menu.
  • The Windows Server Update Service (WSUS).
  • A Group Policy created by a network administrator.
  • The Windows Update Catalog (This allows for individual updates to be downloaded one by one manually).

3. After downloading the updates, ensure nothing interrupts the update process until it’s finished.

4. Reboot your PC once the updates are complete to finish the installation.

Exploit Wednesday and Uninstall Thursday

Immediately after Patch Tuesday, cyber attackers may try to exploit the vulnerabilities that are unpatched by Microsoft. This leads to an increase in the number of cyber attacks. Also, some users often decide to uninstall the Patch Tuesday updates some hours after installation because of issues they triggered. This is what brings out the name Uninstall Thursday.

Questions and Answers about Patch Tuesday

When is Patch Tuesday?

Microsoft rolls out new Patch Tuesday updates on the second Tuesday of every month. The next Patch Tuesday update is expected on the 9th of March, 2021.

What is the Bandwidth Impact of Patch Tuesday?

When downloading updates, you may notice slow connection issues on your Windows 10 computer. This occurs when updating different PCs at the same time. The best solution is to distribute the updates locally through WSUS. This means downloading the updates from Microsoft Servers. Consequently, your Windows 10 computers can share the updates in a peer-to-peer mode over the local network which will lead to a quick update procedure.

Troubleshooting Patch Tuesday

Most times, Patch Tuesday updates activate different errors on Windows computers. These may range from little faults to technical issues that may render your computer useless.

Critical Vulnerabilities Patched. These Vulnerabilities Are Rated Critical:
  • CVE-2021-24074, CVE-2021-24086, and CVE-2021-24094 are vulnerabilities affecting the Windows TCP/IP stack. Two of these (24074 and 24094) are rated as critical remote code execution vulnerabilities. 24086 is an essential Denial of Service vulnerability. The RCE exploits could be used to take control of an affected system and the DoS issue could be exploited to remotely stop error.
  • CVE-2021-1722 is a Windows Fax Service Remote Code Execution Vulnerability that affects server operating systems and all supported versions of Windows clients and is rated critical. For those who are not able to apply the update, there is a workaround that involves uninstalling the Windows Fax and Scan feature.
  • CVE-2021-24081 is a Microsoft Windows Codecs Library Remote Code Execution Vulnerability that is labeled as proof-of-concept code, which means that the code or technique is not functional in all situations and may require considerable modifications by a skilled attacker. Nevertheless, it carries a high risk to integrity, confidentiality and availability. Therefore, it is rated as critical. It affects Windows 10 versions 1809, 1903, 1909, 2004 and Windows Server 2019.
  • CVE-2021-26701 is a .NET Core Remote Code Execution Vulnerability that is rated critical, with high risk to integrity, availability and confidentiality. It affects .NET 5.0 and .NET Core 2.1 and 3.1. Visual Studio is not vulnerable to this issue. The update is offered to include the .NET files so any future applications built-in Visual Studio which include .NET functionality will be protected from this issue. Exploitation is rated as less likely.

General Issues

Before installing updates, you must research whether there are known issues that may affect your particular machines and configuration before updating your systems. There are many known issues that affect February updates.

Malicious Software Removal Tool (MSRT) Update

The MSRT is used to locate and eliminate malicious software from Windows systems and its definitions are always updated. The updates are typically installed via Windows Update. However, if you need to download and install them manually, you will find the links for the 32 and 64-bit versions in KB890830.

Third-Party Releases

Additionally, based on Microsoft’s security update, February Tuesday brought six updates from Adobe to find solutions to fifty vulnerabilities across their products which include Reader, Acrobat, Photoshop, Dreamweaver, Animate, Illustrator and Magneto CMS. These include one vulnerability which is CVE-2021-21017. This has already been used in limited attacks.

Do you want to learn more about February Patch Tuesday and find a solution to your cyber security needs? If yes, Vicarius is your go-to cybersecurity company. TOPIA is a vulnerability management software that targets cybersecurity officers and operators, as well as IT managers and operators from the U.S market.

 

Photo by Joao Tzanno on Unsplash

Written by Kent Weigle

Leave a Reply

    Categories

    See all

    Related Post

    What is OS Fingerprinting?

    How OS Fingerprinting  Works: Fundamentals You Need to Know

    By Kent Weigle

    Can Old Vulnerabilities Learn New Tricks?

    The public’s favorite government agency, CISA (not the CIA) has recently added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, the living, breathing, exponentially growing list of vulnerabilities that have seen active exploitation in the wild.

    By Evan Kling
    In: #patching

    Mac Patching Best Practices

    As vulnerabilities and threats become more sophisticated, having a reliable and automated Mac patch management solution for your organization's devices is essential. This is important if you are using a lot of custom applications that may be hard to update. 

    By Kent Weigle
    In: #patching

    Strong Cyber Hygiene is only One Click Away

    Want to take TOPIA for a free ride? Schedule A Meeting with our 🐺team!

    Let us know what would like to see 😀
    GET A FREE TRIAL
    16
    Vicarius analyzes, prioritizes and even acts against software exploitation in real-time across your organization's digital landscape.

    Blog

    Website

    Contact us

    info@vicarius.io
    1-605-593-5454
    Copyright © 2024 Vicarius LTD. All Rights Reserved.