OnlyFm252
Patch Tuesday Archive

Patch Tuesday February 2021

Total CVEs

58

Critical

11

Important

45

Exploited

1

Publicly Disclosed

6

All CVEs this month 58

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2021-1722 Windows Fax Service Remote Code Execution Vulnerability Critical 8.1 Role: Windows Fax Service - -
CVE-2021-24074 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 Windows TCP/IP - -
CVE-2021-24077 Windows Fax Service Remote Code Execution Vulnerability Critical 9.8 Role: Windows Fax Service - -
CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability Critical 9.8 Role: DNS Server - -
CVE-2021-24081 Microsoft Windows Codecs Library Remote Code Execution Vulnerability Critical 7.8 Microsoft Windows Codecs Library - -
CVE-2021-24088 Windows Local Spooler Remote Code Execution Vulnerability Critical 8.8 Windows Print Spooler Components - -
CVE-2021-24091 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 Microsoft Windows Codecs Library - -
CVE-2021-24093 Windows Graphics Component Remote Code Execution Vulnerability Critical 8.8 Microsoft Graphics Component - -
CVE-2021-24094 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 Windows TCP/IP - -
CVE-2021-24112 .NET Core Remote Code Execution Vulnerability Critical 8.1 .NET Core - -
CVE-2021-26701 .NET Core Remote Code Execution Vulnerability Critical 8.1 .NET Core - Yes
CVE-2020-17162 Microsoft Windows Security Feature Bypass Vulnerability Important 8.8 Microsoft Windows - -
CVE-2021-1639 Visual Studio Code Remote Code Execution Vulnerability Important 7 Visual Studio - -
CVE-2021-1698 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Kernel - -
CVE-2021-1721 .NET Core and Visual Studio Denial of Service Vulnerability Important 6.5 Developer Tools - Yes
CVE-2021-1724 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 6.1 Microsoft Dynamics - -
CVE-2021-1726 Microsoft SharePoint Server Spoofing Vulnerability Important 8 Microsoft Office SharePoint - -
CVE-2021-1727 Windows Installer Elevation of Privilege Vulnerability Important 7.8 Windows Installer - Yes
CVE-2021-1728 System Center Operations Manager Elevation of Privilege Vulnerability Important 8.8 System Center - -
CVE-2021-1730 Microsoft Exchange Server Spoofing Vulnerability Important 5.4 Microsoft Exchange Server - -
CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability Important 5.5 Windows PFX Encryption - -
CVE-2021-1732 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Kernel Yes -
CVE-2021-1733 Sysinternals PsExec Elevation of Privilege Vulnerability Important 7.8 SysInternals - Yes
CVE-2021-1734 Windows Remote Procedure Call Information Disclosure Vulnerability Important 7.5 Windows Remote Procedure Call - -
CVE-2021-24066 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 Microsoft Office SharePoint - -
CVE-2021-24067 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2021-24068 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2021-24070 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2021-24071 Microsoft SharePoint Information Disclosure Vulnerability Important 5.3 Microsoft Office SharePoint - -
CVE-2021-24072 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 Microsoft Office SharePoint - -
CVE-2021-24073 Skype for Business and Lync Spoofing Vulnerability Important 6.5 Skype for Business - -
CVE-2021-24075 Microsoft Windows VMSwitch Denial of Service Vulnerability Important 6.8 Windows Network File System - -
CVE-2021-24076 Microsoft Windows VMSwitch Information Disclosure Vulnerability Important 5.5 Role: Windows Hyper-V - -
CVE-2021-24079 Windows Backup Engine Information Disclosure Vulnerability Important 5.5 Windows Backup Engine - -
CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability Important 4.3 Windows PowerShell - -
CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability Important 7.8 Windows Address Book - -
CVE-2021-24084 Windows Mobile Device Management Information Disclosure Vulnerability Important 5.5 Windows Mobile Device Management - -
CVE-2021-24085 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 Microsoft Exchange Server - -
CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability Important 7.5 Windows TCP/IP - -
CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability Important 7 Azure IoT - -
CVE-2021-24092 Microsoft Defender Elevation of Privilege Vulnerability Important 7.8 Windows Defender - -
CVE-2021-24096 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 Windows Kernel - -
CVE-2021-24098 Windows Console Driver Denial of Service Vulnerability Important 5.5 Windows Console Driver - Yes
CVE-2021-24099 Skype for Business and Lync Denial of Service Vulnerability Important 6.5 Skype for Business - -
CVE-2021-24100 Microsoft Edge for Android Information Disclosure Vulnerability Important 5 Microsoft Edge for Android - -
CVE-2021-24101 Microsoft Dataverse Information Disclosure Vulnerability Important 6.5 Microsoft Dynamics - -
CVE-2021-24102 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 Windows Event Tracing - -
CVE-2021-24103 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 Windows Event Tracing - -
CVE-2021-24105 Package Managers Configurations Remote Code Execution Vulnerability Important 8.4 Developer Tools - -
CVE-2021-24106 Windows DirectX Information Disclosure Vulnerability Important 5.5 Windows DirectX - Yes
CVE-2021-24111 .NET Framework Denial of Service Vulnerability Important 7.5 .NET Framework - -
CVE-2021-24113 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Important 5.4 Microsoft Edge (Chromium-based) - -
CVE-2021-24114 Microsoft Teams iOS Information Disclosure Vulnerability Important 5.7 Microsoft Teams - -
CVE-2021-25195 Windows PKU2U Elevation of Privilege Vulnerability Important 7.8 Windows PKU2U - -
CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability Important 7.8 Visual Studio Code - -
CVE-2021-24080 Windows Trust Verification API Denial of Service Vulnerability Moderate 6.5 Windows Trust Verification API - -
CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Moderate 6.8 Microsoft Azure Kubernetes Service - -

    Threat Categories 6

    Threat Category CVEs Critical
    Remote Code Execution 21 11
    Elevation of Privilege 12 -
    Information Disclosure 9 -
    Denial of Service 7 -
    Spoofing 5 -
    Security Feature Bypass 4 -

    Affected Products 40

    Product CVEs Exploited
    Microsoft Office SharePoint 4 -
    Microsoft Office Excel 4 -
    Windows TCP/IP 3 -
    Windows Kernel 3 1
    Role: Windows Fax Service 2 -
    Microsoft Windows Codecs Library 2 -
    .NET Core 2 -
    Developer Tools 2 -
    Microsoft Dynamics 2 -
    Microsoft Exchange Server 2 -
    Skype for Business 2 -
    Windows Event Tracing 2 -
    Role: DNS Server 1 -
    Windows Print Spooler Components 1 -
    Microsoft Graphics Component 1 -
    Microsoft Windows 1 -
    Visual Studio 1 -
    Windows Installer 1 -
    System Center 1 -
    Windows PFX Encryption 1 -
    SysInternals 1 -
    Windows Remote Procedure Call 1 -
    Windows Network File System 1 -
    Role: Windows Hyper-V 1 -
    Windows Backup Engine 1 -
    Windows PowerShell 1 -
    Windows Address Book 1 -
    Windows Mobile Device Management 1 -
    Azure IoT 1 -
    Windows Defender 1 -
    Windows Console Driver 1 -
    Microsoft Edge for Android 1 -
    Windows DirectX 1 -
    .NET Framework 1 -
    Microsoft Edge (Chromium-based) 1 -
    Microsoft Teams 1 -
    Windows PKU2U 1 -
    Visual Studio Code 1 -
    Windows Trust Verification API 1 -
    Microsoft Azure Kubernetes Service 1 -