Lagos, Nigeria
info@ezefidelity.com

106 vulnerabilities were discovered in February during Patch Tuesday


Well, CVEs were identified this month as well, and we will be listing a brief rundown of how they behave, and what services they affected.


The February CVE report includes 106 identified CVEs

Vulnerabilities found in Adobe products

This month was quite abundant in terms of Adobe-related CVEs, as 50 were discovered with affecting Adobe Dreamweaver, Illustrator, Animate, Photoshop, Magento, and Reader.

Adobe Reader alone was the target of 23 CVEs, 17 of which were rated as Critical.

Magento came second place in terms of sheer CVE numbers, with 18 vulnerabilities discovered, although they were of lesser severity.


Vulnerabilities found in Microsoft products

As always, Microsoft products hold the lead in terms of total CVEs discovered, although not by such a large margin this month, with only 6 more compared to Adobe, totaling 56.

These CVEs covered Microsoft Windows components, .NET Framework, Azure IoT, Azure Kubernetes Service, Microsoft Edge for Android, Exchange Server, Office and Office Services and Web Apps, Skype for Business and Lync, and Windows Defender.

Of the 56, 43 were rated as Important


Which were some of the most severe CVEs?

All other identified CVEs are listed in the table below:

CVE

Title

Severity

CVE-2021-1732 Windows Win32k Elevation of Privilege Vulnerability Important
CVE-2021-26701 .NET Core and Visual Studio Remote Code Execution Vulnerability Critical
CVE-2021-1721 .NET Core and Visual Studio Denial of Service Vulnerability Important
CVE-2021-1733 Sysinternals PsExec Elevation of Privilege Vulnerability Important
CVE-2021-24098 Windows Console Driver Denial of Service Vulnerability Important
CVE-2021-24106 Windows DirectX Information Disclosure Vulnerability Important
CVE-2021-1727 Windows Installer Elevation of Privilege Vulnerability Important
CVE-2021-24112 .NET Core for Linux Remote Code Execution Vulnerability Critical
CVE-2021-24081 Microsoft Windows Codecs Library Remote Code Execution Vulnerability Critical
CVE-2021-24091 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical
CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability Critical
CVE-2021-1722 Windows Fax Service Remote Code Execution Vulnerability Critical
CVE-2021-24077 Windows Fax Service Remote Code Execution Vulnerability Critical
CVE-2021-24093 Windows Graphics Component Remote Code Execution Vulnerability Critical
CVE-2021-24088 Windows Local Spooler Remote Code Execution Vulnerability Critical
CVE-2021-24074 Windows TCP/IP Remote Code Execution Vulnerability Critical
CVE-2021-24094 Windows TCP/IP Remote Code Execution Vulnerability Critical
CVE-2021-24111 .NET Framework Denial of Service Vulnerability Important
CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability Important
CVE-2021-24101 Microsoft Dataverse Information Disclosure Vulnerability Important
CVE-2021-24092 Microsoft Defender Elevation of Privilege Vulnerability Important
CVE-2021-1724 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important
CVE-2021-24100 Microsoft Edge for Android Information Disclosure Vulnerability Important
CVE-2021-24067 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2021-24068 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2021-24070 Microsoft Excel Remote Code Execution Vulnerability Important
CVE-2021-1730 Microsoft Exchange Server Spoofing Vulnerability Important
CVE-2021-24085 Microsoft Exchange Server Spoofing Vulnerability Important
CVE-2021-24071 Microsoft SharePoint Information Disclosure Vulnerability Important
CVE-2021-24066 Microsoft SharePoint Remote Code Execution Vulnerability Important
CVE-2021-24072 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
CVE-2021-1726 Microsoft SharePoint Spoofing Vulnerability Important
CVE-2021-24114 Microsoft Teams iOS Information Disclosure Vulnerability Important
CVE-2021-24076 Microsoft Windows VMSwitch Information Disclosure Vulnerability Important
CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability Important
CVE-2021-24105 Package Managers Configurations Remote Code Execution Vulnerability Important
CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability Important
CVE-2021-24099 Skype for Business and Lync Denial of Service Vulnerability Important
CVE-2021-24073 Skype for Business and Lync Spoofing Vulnerability Important
CVE-2021-1728 System Center Operations Manager Elevation of Privilege Vulnerability Important
CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability Important
CVE-2021-1639 Visual Studio Code Remote Code Execution Vulnerability Important
CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability Important
CVE-2021-24079 Windows Backup Engine Information Disclosure Vulnerability Important
CVE-2021-24102 Windows Event Tracing Elevation of Privilege Vulnerability Important
CVE-2021-24103 Windows Event Tracing Elevation of Privilege Vulnerability Important
CVE-2021-24096 Windows Kernel Elevation of Privilege Vulnerability Important
CVE-2021-24084 Windows Mobile Device Management Information Disclosure Vulnerability Important
CVE-2021-24075 Windows Network File System Denial of Service Vulnerability Important
CVE-2021-25195 Windows PKU2U Elevation of Privilege Vulnerability Important
CVE-2021-1734 Windows Remote Procedure Call Information Disclosure Vulnerability Important
CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability Important
CVE-2021-1698 Windows Win32k Elevation of Privilege Vulnerability Important
CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Moderate
CVE-2021-24080 Windows Trust Verification API Denial of Service Vulnerability Moderate

While January started off with quite a large number of CVE, February seems to have topped it off by quite a bit, and it seems that there is a chance that 2021 may have more CVEs compared to 2020.

Keep in mind that if you happen to use any of the affected products mentioned above, you may have exposed yourself to such vulnerabilities, so make sure you take the appropriate measures.



This post was written by Teodor Nechita and was first posted to WindowsReport



Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.


Tags: , , ,

%d bloggers like this: