Patch Tuesday of 2021 addressed 83 flaws spanning as many as 11 products and services.
Microsoft Patch Tuesday — 2021
Patch Tuesday is an unofficial term used to refer to when Microsoft, Adobe, Oracle and others regularly releases software patches for their software products.
In addition, The January 2021 security release consists of security updates for the following software:
- Microsoft Windows
- Microsoft Edge (EdgeHTML-based)
- Visual Studio
- Microsoft Office and Microsoft Office Services and Web Apps
- Microsoft Windows Codecs Library
- SQL Server
- Microsoft Malware Protection Engine
- .NET Core
- .NET Repository
- ASP .NET
- Azure
According to the release, 10 of the security vulnerabilities are rated as critical, 73 are listed as important in severity.
After successful exploitation of the RCE bugs, the attackers could install malicious programs, view, change, and delete data, as well as create their own admin accounts on compromised Windows devices.
| Tag | CVE ID | CVE Title | Severity |
| Microsoft Office | CVE-2021-1713 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-1714 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-1711 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-1715 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-1716 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1712 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1707 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1718 | Microsoft SharePoint Server Tampering Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1717 | Microsoft SharePoint Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1719 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-1641 | Microsoft SharePoint Spoofing Vulnerability | Important |
In addition, a zero-day vulnerability in the Microsoft Defender antivirus, exploited in the wild by threat actors before the patch was released.
List of Patched Security Vulnerabilities — 2021
In BleepingComputer post, mentioned the security vulnerabilities, product wise.
However, To download the security update, select the below product links > click “How to download and install the update” section on that particular corresponding article.
Importantly, Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates.
Microsoft Office 2016
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2016 | Security update for Excel 2016 (KB4493165) |
| Office 2016 | Security update for Office 2016 (KB4493168) |
| Office 2016 | Security update for Office 2016 (KB4486755) |
| Word 2016 | Security update for Word 2016 (KB4493156) |
Microsoft Office 2013
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2013 | Security update for Excel 2013 (KB4493176) |
| Office 2013 | Security update for Office 2013 (KB4486762) |
| Office 2013 | Security update for Office 2013 (KB4486759) |
| Word 2013 | Security update for Word 2013 (KB4486764) |
Microsoft Office 2010
| Product | Knowledge Base article title and number |
|---|---|
| Excel 2010 | Security update for Excel 2010 (KB4493186) |
| Office 2010 | Security update for Office 2010 (KB4493143) |
| Office 2010 | Security update for Office 2010 (KB4493142) |
| Office 2010 | Security update for Office 2010 (KB4493181) |
| Word 2010 | Security update for Word 2010 (KB4493145) |
Microsoft SharePoint Server 2019
| Product | Knowledge Base article title and number |
|---|---|
| Office Online Server | Security update for Office Online Server (KB4493160) |
| SharePoint Server 2019 | Security update for SharePoint Server 2019 (KB4493162) |
| SharePoint Server 2019 Language Pack | Security update for SharePoint Server 2019 Language Pack (KB4493161) |
Microsoft SharePoint Server 2016
| Product | Knowledge Base article title and number |
|---|---|
| SharePoint Enterprise Server 2016 | Security update for SharePoint Enterprise Server 2016 (KB4493163) |
| SharePoint Enterprise Server 2016 | Security update for SharePoint Enterprise Server 2016 (KB4493167) |
Microsoft SharePoint Server 2013
| Product | Knowledge Base article title and number |
|---|---|
| Office Web Apps Server 2013 | Security update for Office Web Apps Server 2013 (KB4493171) |
| Project Server 2013 | Cumulative update for Project Server 2013 (KB4493173) |
| SharePoint Enterprise Server 2013 | Security update for SharePoint Enterprise Server 2013 (KB4486724) |
| SharePoint Enterprise Server 2013 | Security update for SharePoint Enterprise Server 2013 (KB4486683) |
| SharePoint Enterprise Server 2013 | Cumulative update for SharePoint Enterprise Server 2013 (KB4493150) |
| SharePoint Foundation 2013 | Security update for SharePoint Foundation 2013 (KB4493175) |
| SharePoint Foundation 2013 | Cumulative update for SharePoint Foundation 2013 (KB4493172) |
Microsoft SharePoint Server 2010
| Product | Knowledge Base article title and number |
|---|---|
| Project Server 2010 | Cumulative update for Project Server 2010 (KB4493182) |
| SharePoint Foundation 2010 | Security update for SharePoint Foundation 2010 (KB4493187) |
| SharePoint Server 2010 | Security update for SharePoint Server 2010 (KB4493178) |
| SharePoint Server 2010 | Security update for SharePoint Server 2010 (KB4486736) |
| SharePoint Server 2010 | Cumulative update for SharePoint Server 2010 (KB4493184) |
| SharePoint Server 2010 Office Web Apps | Security update for SharePoint Server 2010 Office Web Apps (KB4493183) |
Follow Us on: Twitter, Instagram, Facebook to get latest security news!
Leave A Comment