OnlyFm252
Patch Tuesday Archive

Patch Tuesday January 2021

Total CVEs

82

Critical

10

Important

72

Exploited

1

Publicly Disclosed

1

All CVEs this month 82

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2021-1643 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 Microsoft Windows Codecs Library - -
CVE-2021-1647 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 Microsoft Malware Protection Engine Yes -
CVE-2021-1658 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1660 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1665 GDI+ Remote Code Execution Vulnerability Critical 7.8 Microsoft Graphics Component - -
CVE-2021-1666 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1667 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1668 Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability Critical 7.8 Microsoft DTV-DVD Video Decoder - -
CVE-2021-1673 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1705 Microsoft Edge (HTML-based) Memory Corruption Vulnerability Critical 4.2 Microsoft Edge (HTML-based) - -
CVE-2021-1636 Microsoft SQL Elevation of Privilege Vulnerability Important 8.8 SQL Server - -
CVE-2021-1637 Windows DNS Query Information Disclosure Vulnerability Important 5.5 Microsoft Windows DNS - -
CVE-2021-1638 Windows Bluetooth Security Feature Bypass Vulnerability Important 7.7 Microsoft Bluetooth Driver - -
CVE-2021-1641 Microsoft SharePoint Server Spoofing Vulnerability Important 4.6 Microsoft Office SharePoint - -
CVE-2021-1642 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7.8 Windows AppX Deployment Extensions - -
CVE-2021-1644 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 Microsoft Windows Codecs Library - -
CVE-2021-1645 Windows Docker Information Disclosure Vulnerability Important 5 Windows DP API - -
CVE-2021-1646 Windows WLAN Service Elevation of Privilege Vulnerability Important 6.6 Microsoft Windows - -
CVE-2021-1648 Microsoft splwow64 Elevation of Privilege Vulnerability Important 7.8 Windows splwow64 - Yes
CVE-2021-1649 Active Template Library Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2021-1650 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2021-1651 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Important 7.8 Windows Diagnostic Hub - -
CVE-2021-1652 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1653 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1654 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1655 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1656 TPM Device Driver Information Disclosure Vulnerability Important 5.5 Windows TPM Device Driver - -
CVE-2021-1657 Windows Fax Compose Form Remote Code Execution Vulnerability Important 7.8 Microsoft Windows - -
CVE-2021-1659 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1661 Windows Installer Elevation of Privilege Vulnerability Important 7.8 Windows Installer - -
CVE-2021-1662 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 Windows Event Tracing - -
CVE-2021-1663 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Important 5.5 Windows Projected File System Filter Driver - -
CVE-2021-1664 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1669 Windows Remote Desktop Security Feature Bypass Vulnerability Important 8.8 Windows Remote Desktop - -
CVE-2021-1670 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Important 5.5 Windows Projected File System Filter Driver - -
CVE-2021-1671 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1672 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Important 5.5 Windows Projected File System Filter Driver - -
CVE-2021-1674 Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability Important 8.8 Windows Remote Desktop - -
CVE-2021-1676 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability Important 5.5 Microsoft Windows - -
CVE-2021-1677 Azure Active Directory Pod Identity Spoofing Vulnerability Important 5.5 Azure Active Directory Pod Identity - -
CVE-2021-1678 Windows Print Spooler Spoofing Vulnerability Important 8.8 Windows NTLM - -
CVE-2021-1679 Windows CryptoAPI Denial of Service Vulnerability Important 6.5 Windows CryptoAPI - -
CVE-2021-1680 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Important 7.8 Windows Diagnostic Hub - -
CVE-2021-1681 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 Windows WalletService - -
CVE-2021-1682 Windows Kernel Elevation of Privilege Vulnerability Important 7 Windows Kernel - -
CVE-2021-1683 Windows Bluetooth Security Feature Bypass Vulnerability Important 5 Microsoft Bluetooth Driver - -
CVE-2021-1684 Windows Bluetooth Security Feature Bypass Vulnerability Important 5 Microsoft Bluetooth Driver - -
CVE-2021-1685 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7.3 Windows AppX Deployment Extensions - -
CVE-2021-1686 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 Windows WalletService - -
CVE-2021-1687 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 Windows WalletService - -
CVE-2021-1688 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1689 Windows Multipoint Management Elevation of Privilege Vulnerability Important 7.8 Microsoft Windows - -
CVE-2021-1690 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 Windows WalletService - -
CVE-2021-1691 Windows Hyper-V Denial of Service Vulnerability Important 7.7 Windows Hyper-V - -
CVE-2021-1692 Windows Hyper-V Denial of Service Vulnerability Important 7.7 Windows Hyper-V - -
CVE-2021-1693 Windows CSC Service Elevation of Privilege Vulnerability Important 7.8 Windows CSC Service - -
CVE-2021-1694 Windows Update Stack Elevation of Privilege Vulnerability Important 7.5 Windows Update Stack - -
CVE-2021-1695 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 Windows Print Spooler Components - -
CVE-2021-1696 Windows Graphics Component Information Disclosure Vulnerability Important 5.5 Microsoft Graphics Component - -
CVE-2021-1697 Windows InstallService Elevation of Privilege Vulnerability Important 7.8 Windows Installer - -
CVE-2021-1699 Windows (modem.sys) Information Disclosure Vulnerability Important 5.5 Microsoft Windows - -
CVE-2021-1700 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1701 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 Windows Remote Procedure Call Runtime - -
CVE-2021-1702 Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability Important 7.8 Windows Remote Procedure Call - -
CVE-2021-1703 Windows Event Logging Service Elevation of Privilege Vulnerability Important 7.8 Windows Event Logging Service - -
CVE-2021-1704 Windows Hyper-V Elevation of Privilege Vulnerability Important 7.3 Windows Hyper-V - -
CVE-2021-1706 Windows LUAFV Elevation of Privilege Vulnerability Important 7.3 Microsoft Windows - -
CVE-2021-1707 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 Microsoft Office SharePoint - -
CVE-2021-1708 Windows GDI+ Information Disclosure Vulnerability Important 5.7 Microsoft Graphics Component - -
CVE-2021-1709 Windows Win32k Elevation of Privilege Vulnerability Important 7 Microsoft Graphics Component - -
CVE-2021-1710 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 Windows Media - -
CVE-2021-1711 Microsoft Office Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2021-1712 Microsoft SharePoint Elevation of Privilege Vulnerability Important 8 Microsoft Office SharePoint - -
CVE-2021-1713 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2021-1714 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2021-1715 Microsoft Word Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2021-1716 Microsoft Word Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2021-1717 Microsoft SharePoint Server Spoofing Vulnerability Important 4.6 Microsoft Office SharePoint - -
CVE-2021-1718 Microsoft SharePoint Server Tampering Vulnerability Important 8 Microsoft Office SharePoint - -
CVE-2021-1719 Microsoft SharePoint Elevation of Privilege Vulnerability Important 8 Microsoft Office SharePoint - -
CVE-2021-1723 ASP.NET Core and Visual Studio Denial of Service Vulnerability Important 7.5 ASP.NET core & .NET core - -
CVE-2021-1725 Bot Framework SDK Information Disclosure Vulnerability Important 5.5 .NET Repository - -

    Threat Categories 7

    Threat Category CVEs Critical
    Elevation of Privilege 34 -
    Remote Code Execution 23 10
    Information Disclosure 11 -
    Security Feature Bypass 5 -
    Spoofing 4 -
    Denial of Service 4 -
    Tampering 1 -

    Affected Products 35

    Product CVEs Exploited
    Windows Remote Procedure Call Runtime 9 -
    Microsoft Windows 8 -
    Windows CSC Service 7 -
    Microsoft Office SharePoint 6 -
    Microsoft Office 5 -
    Microsoft Graphics Component 4 -
    Windows WalletService 4 -
    Microsoft Bluetooth Driver 3 -
    Windows Projected File System Filter Driver 3 -
    Windows Hyper-V 3 -
    Microsoft Windows Codecs Library 2 -
    Windows AppX Deployment Extensions 2 -
    Windows Diagnostic Hub 2 -
    Windows Installer 2 -
    Windows Remote Desktop 2 -
    Microsoft Malware Protection Engine 1 1
    Microsoft DTV-DVD Video Decoder 1 -
    Microsoft Edge (HTML-based) 1 -
    SQL Server 1 -
    Microsoft Windows DNS 1 -
    Windows DP API 1 -
    Windows splwow64 1 -
    Windows TPM Device Driver 1 -
    Windows Event Tracing 1 -
    Azure Active Directory Pod Identity 1 -
    Windows NTLM 1 -
    Windows CryptoAPI 1 -
    Windows Kernel 1 -
    Windows Update Stack 1 -
    Windows Print Spooler Components 1 -
    Windows Remote Procedure Call 1 -
    Windows Event Logging Service 1 -
    Windows Media 1 -
    ASP.NET core & .NET core 1 -
    .NET Repository 1 -