Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th.

In-The-Wild & Disclosed CVEs

CVE-2021-1732

A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The Cybersecurity and Infrastructure Security Agency (CISA) released a note about this vulnerability under the National Cyber Awareness System.

Microsoft has rated this as Exploit Detected on the latest software release on the Exploitability Index.

CVE-2021-1727

Microsoft has labeled this vulnerability in the Windows Installer, which could allow for privilege escalation, as Exploitation More Likely, meaning that attackers could create reliable exploit code for this vulnerability. The vulnerability has been publicly disclosed.

Microsoft has rated this as Exploitation More Likely on the latest software release on the Exploitability Index.

CVE-2021-1721

A publicly disclosed vulnerability in .NET Core and Visual Studio could lead to a denial of service. Affected products include .NET 5.0, .NET Core 2.1 and 3.2, as well as Visual Studio 2017 and 2019. 

Microsoft has rated this as Exploitation Less Likely on the latest software release on the Exploitability Index.

CVE-2021-1733

A vulnerability in SysInternals PsExec has been publicly disclosed that could lead to local privilege escalation. Successful exploitation of the vulnerability requires that the attacker create a named pipe and wait for PsExec to be run.

Microsoft has rated this as Exploitation Less Likely on the latest software release on the Exploitability Index.

CVE-2021-26701

This is the second publicly disclosed vulnerability in .NET Core this month, however this one could lead to code execution rather than just a denial of service. .NET 5.1 and .NET Core 2.1 and 3.1 are vulnerable and have updates available.

Microsoft has rated this as Exploitation Less Likely (Read more...)