Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Microsoft Updates

491

Warning Date: 13 January, 2021

Severity Level ● High

Warning Number: 2021-2310

Target Sector: All

Description:

Microsoft has released a security updates to address several vulnerabilities in the following products:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft Windows Codecs Library
  • Visual Studio
  • SQL Server
  • Microsoft Malware Protection Engine
  • .NET Core
  • .NET Repository
  • ASP .NET
  • Azure
  • Azure Active Directory Pod Identity
  • Microsoft Bluetooth Driver
  • Microsoft DTV-DVD Video Decoder
  • Microsoft Graphics Component
  • Microsoft Office SharePoint
  • Microsoft RPC
  • Microsoft Windows DNS
  • SQL Server
  • Windows AppX Deployment Extensions
  • Windows CryptoAPI
  • Windows CSC Service
  • Windows Diagnostic Hub
  • Windows DP API
  • Windows Event Logging Service
  • Windows Event Tracing
  • Windows Hyper-V
  • Windows Installer
  • Windows Kernel
  • Windows Media
  • Windows NTLM
  • Windows Print Spooler Components
  • Windows Projected File System Filter Driver
  • Windows Remote Desktop
  • Windows Remote Procedure Call Runtime
  • Windows splwow64
  • Windows TPM Device Driver
  • Windows Update Stack
  • Windows WalletService

Threats:

An attacker could exploit these vulnerabilities by doing the following:

  • Spoofing
  • Security feature bypass
  • Execute arbitrary code - remotely
  • Memory corruption
  • Elevation of Privilege
  • Unauthorized disclosure of information
  • Denial of Service (DoS)

Best practice and Recommendations:

The CERT team encourages users to review Microsoft security advisory and apply the necessary updates:

Update Instructions:

Last updated at 13 January, 2021