Security research

0x00 漏洞概述

On February 10, 2021, Microsoft issued a risk notice, which fixed 83 security problems, including:

.NET Core
.NET Framework
Azure IoT
Developer Tools
Microsoft Azure Kubernetes service
Microsoft Dynamics
Microsoft Edge for Android
Microsoft Exchange Server
Microsoft Graphics Component
Microsoft Office Excel
Microsoft Office SharePoint
Microsoft Windows  codec library
Role: DNS server
Role: Hyper-V
Role: Windows fax service
Skype for Business
SysInternals
System Center
Visual Studio
Windows address book
Windows backup engine
Windows Console Driver
Windows Defender
Windows DirectX
Windows event tracking
Windows Installer
Windows Installer
Windows Kernel
Windows Kernel
Windows mobile device management
Windows network file system
Windows PFX encryption
Windows PKU2 U
Windows Power Shell
Windows spooler components
Windows remote procedure call
Windows TCP/IP
Windows trust authentication API

Among the vulnerabilities repaired in Microsoft's monthly update this month, there are 10 serious vulnerabilities and 73 high-risk vulnerabilities.

0x01   Vulnerability description

CVE-2021-1732

Vulnerability type: privilege escalation

Impact: this vulnerability is easy to form a combination with Code Execution Vulnerability to achieve remote direct access to the high-level control authority of the target computer.

Details: https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-1723

CVE-2021-24078

Vulnerability type: remote code execution

Impact: the host that starts the windows DNS server service is affected by the vulnerability. An attacker can directly launch an attack without authorization. The vulnerability has the characteristic of worm propagation between windows DNS servers.

Details: https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-24078

CVE-2021-24074

Vulnerability type: remote code execution

Impact: any windows host with external open ports is affected by this vulnerability. The attacker can obtain the control permission of the target host through a specially crafted traffic packet.

Details: https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-24074

CVE-2021-26701

Vulnerability type: remote code execution

Impact: the details of the vulnerability have been disclosed. Users and developers are advised to carefully open and use. Net related components and applications.

Details: https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-26701

CVE-2021-1727

Vulnerability type: privilege promotion; Code execution

Impact: Microsoft has officially repaired the recent installer, and the vulnerability utilization and information have been made public. It is recommended that users repair the vulnerability.

Details: https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-1727

0x02 repair suggestions

Microsoft has officially released a security patch for supported product versions. It is strongly recommended that affected users install the patch for protection as soon as possible. The official download link is as follows:

https://msrc.microsoft.com/update-guide/zh-cn/release Note/2021-Feb

https://msrc.microsoft.com/update-guide/zh-cn/release Note/2021-Feb

View updates

Right click the windows icon, select "Settings", select "update and security" - "Windows Update" to view the prompt information on this page, or click "view update history" to view the historical update.

For the unsuccessfully installed updates, you can click the update name to jump to the Microsoft official download page. It is recommended that users click the link on this page, go to the "Microsoft Update directory" website, download the independent package and install it.