On 9th Feb 2020, Microsoft released an updated patch the fixed the 56 flaws that include zero-day exploit and other 55 bugs that were actively exploited and misused.

In this update, Microsoft fixes the bugs in which 11 are very critical and 43 are listed as important, whereas 2 are moderate. Apart from that 6 are already listed in old vulnerabilities.

The entire updates that Microsoft releases covered .NET framework, Microsoft Dynamics, Azure IoT, Microsoft Edge, Microsoft Exchange Server, Microsoft Office, Windows Codecs, Skype, Windows Defender, Visual Studio, and other core components that consist Kernel, TCP/IP, Remote Procedure Call, and Print Spooler.

Windows 32 Vulnerabilities

Microsoft also fixes the most critical bugs present in Windows 32K that escalate the vulnerability named as CVE-2021-1732 and CVSS score 7.8 that authorize the attackers to run the malicious code with evaluated permissions on the targeted system. Microsoft credited the authorities that discovered and report the vulnerability present.

According to the researcher, this zero-day is the new type of vulnerability that was caused by win32k callback and it could also be used to escape the sandbox of Internet Explorer or Adobe Reader on the latest Windows 10 version. Vulnerability is very complicated and exploitation is very critical.

The researcher also added that the zero-day exploit that was detected is very limited and located from china by the attacker named bitter APT. The attack was discovered in December 2020.

Whereas Microsoft and Abode, don’t say anything related to this issue and two flaws increase the chances that the vulnerability is lead to the wild attack.

Netlogon Enforcement Mode Operates Consequence

Microsoft updates also covered multiple remote code execution flaws present in Windows DNS server, .NET core and in Visual studio (CVE-2021-26701) and Microsoft Windows Codecs Library (CVE-2021-24081) and Fax services (CVE-2021-1722 and CVE-2021-24077)

The remote code execution in Windows Domain Name Server is rated very high at 9.8 for severity, while it makes the vulnerability very complicated and if it left remains unpatched that it authorize the hackers to execute arbitrary code and other legitimate traffic to different servers.

Microsoft also taking this month to launch another round to fix the remaining bugs or Zerologon flaw reported as CVE-2020-1472 that was originated in August 2020 and targeting the unpatched systems that were emerged in September 2020.

While releasing this patch Microsoft also improves the bugs present in Edge browser for Android that leads to disclosing the sensitive user information and payment info to the attackers.

Windows TCP/IP RCE Bug Stack

At last, Windows also released an update that fixes TCP/IP flaws named CVE-2021-24074 and CVE-2021-24094 and one DOS vulnerability spotted as CVE-2021-24086 that could initiate the DoS attack.

Microsoft released an advisory and reported that these DOS exploits permit the remote hacker to cause a stop error and customers have received a blue screen on the Windows system that redirects it to the internet. Therefore, we recommend all the users update the security patch asap.

It is also noted that the complexity of these two TCP/IP RCE flaws would be difficult to develop the functional exploits and it is also leveraging the hackers to initiate DOS exploit easily, that turning the security weakness into the ideal candidate for exploitation.

While installing the updates, users have to navigate Start>Settings>Update & Security> Windows Update or they can simply visit the “Check for Windows Updates” section.