Virtual Administrator’s January 2021 Patch Recommendations
This month Microsoft released patches for 83 vulnerabilities with 10 rated “Critical” and 73 “Important” in severity.
All patches have been approved in our patch policy.
Microsoft released a moderate number of patches to start the new year. Microsoft patched a zero-day vulnerability (CVE-2021-1647) in Defender antivirus. Windows Defender systems are automatically updated. CVE-2021-1648 is a publicly disclosed elevation of privilege vulnerability in the splwow64 process. There are 5 Remote Procedure Call (RPC) runtime vulnerabilities – CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667 and CVE-2021-1673. No significant known issues reported with any patched this month. There are a few new SSUs for Windows 10.
FYI – Adobe Flash Player was killed off on January 12th. Microsoft made a removal tool (KB4577586) available last October but has not yet released it in Windows Updates. From what we have read KB4577586 will be released as an Optional Update soon then incorporated into the Cumulative Update/Monthly Rollup in the early summer of 2021 – effectively making it mandatory.
Update for the removal of Adobe Flash Player: October 27, 2020
https://support.microsoft.com/en-us/help/4577586/update-for-removal-of-adobe-flash-player
Adobe Flash Player EOL General Information Page
https://www.adobe.com/products/flashplayer/end-of-life.html
Disclosed: CVE-2021-1648
Exploited: CVE-2021-1647
Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com
Affected software include:
- Microsoft Windows
- Microsoft Edge (EdgeHTML-based)
- Microsoft Office and Microsoft Office Services and Web Apps
- Microsoft Windows Codecs Library
- Visual Studio
- SQL Server
- Microsoft Malware Protection Engine
- .NET Core
- .NET Repository
- ASP .NET
- Azure
Microsoft Security Advisories
ADV990001 | Latest Servicing Stack Updates (Published:11/13/2018 | Last Updated:0/12/2021)
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
Reason for Revision: A Servicing Stack Update has been released for some versions of Windows.
ADV200002 | Chromium Security Updates for Microsoft Edge (Chromium-Based) (Published:01/28/2020 | Last Updated:1/07/2020)
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV200002
This advisory will be updated whenever Microsoft releases a version of Microsoft Edge (Chromium-based) which incorporates publicly disclosed security updates from the Chromium project. Microsoft will document separately any vulnerabilities in Microsoft Edge (Chromium-based), that are not in Chromium, under a Microsoft-assigned CVE number (see, for example: CVE-2020-1341).
Known Issues
No significant issues reported so far this month.
Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.
Microsoft fixed this issue on December 21, 2020
Boot issue caused by KB4592438 Windows 10 (OS Builds 19041.685 and 19042.685)
https://support.microsoft.com/en-us/help/4592438/windows-10-update-kb4592438
A small number of devices that have installed this update have reported that when running chkdsk /f, their file system might get damaged and the device might not boot.
Good resource for known issues with Windows 10 patches. Click on the version in the left column for the status of known issues.
Windows 10 release information
https://docs.microsoft.com/en-us/windows/release-information/
Monthly Rollup/Security Only/Windows 10/Server 2016,2019 KBs
Links are https://support.microsoft.com/en-us/help/####### with the KB number only.
Security and Quality Rollup
- KB4598279 – Windows 7, Windows Server 2008 R2 (ESU)
- KB4535680 – Windows 8.1, Windows Server 2012 R2
- KB4598278 – Windows Server 2012
- KB4598288 – Windows Server 2008 (ESU)
Security Only Update
- KB4598289 – Windows 7, Windows Server 2008 R2 (ESU)
- KB4598275 – Windows 8.1, Windows Server 2012 R2
- KB4598297 – Windows Server 2012
- KB4598287 – Windows Server 2008 (ESU)
Cumulative Update for Windows 10
- KB4598231 – Original release version 1507 (OS Build 10240)
- None – Version 1511 (OS Build 10586)
- KB4598243 – Version 1607 “Anniversary Update” (OS Build 14393)
- KB4599208 – Version 1703 “Creators Update” (OS Build 15063)
- None – Version 1709 “Fall Creators Update” (OS Build 16299)
- KB4598245 – Version 1803 “Spring Creators Update” (OS Build 17134)
- KB4598230 – Version 1809 “October 2018 Update” (OS Build 17763)
- None – Version 1903 “May 2019 Update” (OS Build 18362)
- KB4598229 – Version 1909 “November 2019 Update” (OS Build 18363)
- KB4598242 – Version 2004 “May 2020 Update” (OS Build 19041)
- KB4598242 – Version 20H2 “October 2020 Update” (OS Build 19042)
Note: Server 2016 uses the same KB as Windows 10 Version 1607. Server 2019 uses the same KB as Windows 10 Version 1809.
KB4577586 – Update for Removal of Adobe Flash Player
January 2021 updates for Microsoft Office
https://support.microsoft.com/en-us/help/4583559/january-2021-updates-for-microsoft-office
Notable CVEs
CVE-2021-1647 | Microsoft Defender Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647
CVE-2021-1648 | Microsoft splwow64 Elevation of Privilege Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1648
CVE-2021-1660 | Remote Procedure Call Runtime Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1660
(Associated RPC vulnerabilities CVE-2021-1658, CVE-2021-1666, CVE-2021-1667 and CVE-2021-1673)
CVE-2021-1665 | GDI+ Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1665
CVE-2021-1709 | Windows Win32k Elevation of Privilege Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1709