Microsoft Patch Tuesday for Jan. 2021 — Snort rules and prominent vulnerabilities

Microsoft Patch Tuesday for Jan. 2021 — Snort rules and prominent vulnerabilities


By Jon Munshaw, with contributions from Asheer Malhotra. 


Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across its suite of products to kick-off 2021. 


There are only 10 critical vulnerabilities as part of this release, while there are two moderate-severity exploits, and the remainder is considered “important.” Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs.  


The security updates cover several different products and services, including the Microsoft Defender antivirus software, the Microsoft Remote Procedure Call tools and Bluetooth communication with Windows devices.


Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For complete details, check out the latest Snort advisory here

One of the most serious vulnerabilities exists in Microsoft Defender. CVE-2021-1647 affects some versions of Windows dating back to Windows 2008. An attacker could exploit this vulnerability to execute arbitrary code on the victim machine. No action is required to install this update and protect against this vulnerability, according to Microsoft, as the fix is part of Microsoft’s regular updates to its anti-malware products.  


The SharePoint service contains several “important” vulnerabilities. The most notable is CVE-2021-1707, which an attacker could exploit to gain access to create a SharePoint site and then execute code remotely within the kernel if the logge ..