D

on't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in January's Patch Tuesday Index below.

The first Patch Tuesday of 2021 brings 83 new Microsoft vulnerabilities, including 10 critical updates. All critical CVEs are remote code execution (RCE) bugs with the only exception being a memory corruption vulnerability.

Vulnerabilities of note include CVE-2021-1647, a zero-day Microsoft Defender remote code execution vulnerability with exploitation detected in the wild. Two Important-rated vulnerabilities are deemed more likely to be exploited, these are CVE-2021-1707 and -1709.

Automox Patch Tuesday expert Justin Knapp will be breaking down all of January's Patch Tuesday releases tomorrow, January 13, 2021. Register here so you can prioritize the patches for your environment and ask any question you may have.

Updated Live. Last Update 1:09 PM EST January 12, 2021.

firefox Mozilla Firefox
Product
Title
Identifier
Severity
Firefox, Firefox ESR, Firefox for Android 1 security vulnerability fixed in Firefox, Firefox ESR, & Firefox for Android MFSA 2021-01 Critical
Thunderbird 1 security vulnerability fixed in Thunderbird 78.6.1 MFSA 2021-02 Critical
adobe Adobe
Product
Title
Identifier
Severity
Adobe Bridge 2 Security Vulnerabilities fixed in Adobe Bridge APSB21-07 Critical
Adobe Captivate 1 Security Hotfix fixed in Adobe Captivate APSB21-06 Important
Adobe InCopy 1 Security Vulnerability fixed in Adobe InCopy APSB21-05 Critical
Adobe Campaign Classic 1 Security Vulnerability fixed in Adobe Campaign Classic APSB21-04 Critical
Adobe Animate 1 Security Vulnerability fixed in Adobe Animate APSB21-03 Critical
Adobe Illustrator 1 Security Vulnerability fixed in Adobe Illustrator APSB21-02 Critical
Adobe Photoshop 1 Security Vulnerability fixed in Adobe Photoshop APSB21-01 Critical
microsoft Microsoft
Product
Title
Identifier
Severity
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-1643 Critical
Microsoft Malware Protection Engine Microsoft Defender Remote Code Execution Vulnerability CVE-2021-1647 Critical
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1658 Critical
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1660 Critical
Microsoft Graphics Component GDI+ Remote Code Execution Vulnerability CVE-2021-1665 Critical
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1666 Critical
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1667 Critical
Microsoft DTV-DVD Video Decoder Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability CVE-2021-1668 Critical
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1673 Critical
Microsoft Edge (HTML-based) Microsoft Edge (HTML-based) Memory Corruption Vulnerability CVE-2021-1705 Critical
Microsoft Office SharePoint Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2021-1707 High
Microsoft Graphics Component Windows Win32k Elevation of Privilege Vulnerability CVE-2021-1709 High
Visual Studio Visual Studio Remote Code Execution Vulnerability CVE-2020-26870 High
SQL Server Microsoft SQL Elevation of Privilege Vulnerability CVE-2021-1636 High
Microsoft Windows DNS Windows DNS Query Information Disclosure Vulnerability CVE-2021-1637 High
Microsoft Bluetooth Driver Windows Bluetooth Security Feature Bypass Vulnerability CVE-2021-1638 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-1641 High
Windows AppX Deployment Extensions Windows AppX Deployment Extensions Elevation of Privilege Vulnerability CVE-2021-1642 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2021-1644 High
Windows DP API Windows Docker Information Disclosure Vulnerability CVE-2021-1645 High
Microsoft Windows Windows WLAN Service Elevation of Privilege Vulnerability CVE-2021-1646 High
Windows splwow64 Microsoft splwow64 Elevation of Privilege Vulnerability CVE-2021-1648 High
Microsoft Windows Active Template Library Elevation of Privilege Vulnerability CVE-2021-1649 High
Microsoft Windows Windows Runtime C++ Template Library Elevation of Privilege Vulnerability CVE-2021-1650 High
Windows Diagnostic Hub Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability CVE-2021-1651 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1652 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1653 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1654 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1655 High
Windows TPM Device Driver TPM Device Driver Information Disclosure Vulnerability CVE-2021-1656 High
Microsoft Windows Windows Fax Compose Form Remote Code Execution Vulnerability CVE-2021-1657 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1659 High
Windows Installer Windows Installer Elevation of Privilege Vulnerability CVE-2021-1661 High
Windows Event Tracing Windows Event Tracing Elevation of Privilege Vulnerability CVE-2021-1662 High
Windows Projected File System Filter Driver Windows Projected File System FS Filter Driver Information Disclosure Vulnerability CVE-2021-1663 High
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1664 High
Windows Remote Desktop Windows Remote Desktop Services ActiveX Client Security Feature Bypass Vulnerability CVE-2021-1669 High
Windows Projected File System Filter Driver Windows Projected File System FS Filter Driver Information Disclosure Vulnerability CVE-2021-1670 High
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1671 High
Windows Projected File System Filter Driver Windows Projected File System FS Filter Driver Information Disclosure Vulnerability CVE-2021-1672 High
Windows Remote Desktop Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability CVE-2021-1674 High
Microsoft Windows Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability CVE-2021-1676 High
Azure Active Directory Pod Identity Azure Active Directory Pod Identity Spoofing Vulnerability CVE-2021-1677 High
Windows NTLM NTLM Security Feature Bypass Vulnerability CVE-2021-1678 High
Windows CryptoAPI Windows CryptoAPI Denial of Service Vulnerability CVE-2021-1679 High
Windows Diagnostic Hub Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability CVE-2021-1680 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-1681 High
Windows Kernel Windows Kernel Elevation of Privilege Vulnerability CVE-2021-1682 High
Microsoft Bluetooth Driver Windows Bluetooth Security Feature Bypass Vulnerability CVE-2021-1683 High
Microsoft Bluetooth Driver Windows Bluetooth Security Feature Bypass Vulnerability CVE-2021-1684 High
Windows AppX Deployment Extensions Windows AppX Deployment Extensions Elevation of Privilege Vulnerability CVE-2021-1685 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-1686 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-1687 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1688 High
Microsoft Windows Windows Multipoint Management Elevation of Privilege Vulnerability CVE-2021-1689 High
Windows WalletService Windows WalletService Elevation of Privilege Vulnerability CVE-2021-1690 High
Windows Hyper-V Hyper-V Denial of Service Vulnerability CVE-2021-1691 High
Windows Hyper-V Hyper-V Denial of Service Vulnerability CVE-2021-1692 High
Windows CSC Service Windows CSC Service Elevation of Privilege Vulnerability CVE-2021-1693 High
Windows Update Stack Windows Update Stack Elevation of Privilege Vulnerability CVE-2021-1694 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2021-1695 High
Microsoft Graphics Component Windows Graphics Component Information Disclosure Vulnerability CVE-2021-1696 High
Windows Installer Windows InstallService Elevation of Privilege Vulnerability CVE-2021-1697 High
Microsoft Windows Windows (modem.sys) Information Disclosure Vulnerability CVE-2021-1699 High
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1700 High
Windows Remote Procedure Call Runtime Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-1701 High
Microsoft RPC Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability CVE-2021-1702 High
Windows Event Logging Service Windows Event Logging Service Elevation of Privilege Vulnerability CVE-2021-1703 High
Windows Hyper-V Windows Hyper-V Elevation of Privilege Vulnerability CVE-2021-1704 High
Microsoft Windows Windows LUAFV Elevation of Privilege Vulnerability CVE-2021-1706 High
Microsoft Graphics Component Windows GDI+ Information Disclosure Vulnerability CVE-2021-1708 High
Windows Media Microsoft Windows Media Foundation Remote Code Execution Vulnerability CVE-2021-1710 High
Microsoft Office Microsoft Office Remote Code Execution Vulnerability CVE-2021-1711 High
Microsoft Office SharePoint Microsoft SharePoint Elevation of Privilege Vulnerability CVE-2021-1712 High
Microsoft Office Microsoft Excel Remote Code Execution Vulnerability CVE-2021-1713 High
Microsoft Office Microsoft Excel Remote Code Execution Vulnerability CVE-2021-1714 High
Microsoft Office Microsoft Word Remote Code Execution Vulnerability CVE-2021-1715 High
Microsoft Office Microsoft Word Remote Code Execution Vulnerability CVE-2021-1716 High
Microsoft Office SharePoint Microsoft SharePoint Spoofing Vulnerability CVE-2021-1717 High
Microsoft Office SharePoint Microsoft SharePoint Server Tampering Vulnerability CVE-2021-1718 High
Microsoft Office SharePoint Microsoft SharePoint Elevation of Privilege Vulnerability CVE-2021-1719 High
ASP.NET core & .NET core .NET Core and Visual Studio Denial of Service Vulnerability CVE-2021-1723 High
.NET Repository Bot Framework SDK Information Disclosure Vulnerability CVE-2021-1725 High

More posts like this:

Patch TuesdayVulnerabilityWindows
# of endpoints

15-day free trial. No credit card required.

By submitting this form you agree to our terms of service.

Already have an account?