KB4598231: Windows 10 January 2021 Security Update

high Nessus Plugin ID 144873
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 9

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities:

- Windows DNS Query Information Disclosure Vulnerability (CVE-2021-1637)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. (CVE-2021-1652)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. (CVE-2021-1653)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. (CVE-2021-1654)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1659, CVE-2021-1688, CVE-2021-1693. (CVE-2021-1655)

- TPM Device Driver Information Disclosure Vulnerability (CVE-2021-1656)

- Windows Fax Compose Form Remote Code Execution Vulnerability (CVE-2021-1657)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1658)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1688, CVE-2021-1693. (CVE-2021-1659)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1660)

- Windows Installer Elevation of Privilege Vulnerability (CVE-2021-1661)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1664)

- GDI+ Remote Code Execution Vulnerability (CVE-2021-1665)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1666)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1667)

- Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability (CVE-2021-1668)

- Windows Remote Desktop Security Feature Bypass Vulnerability (CVE-2021-1669)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1671)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1700, CVE-2021-1701. (CVE-2021-1673)

- Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability (CVE-2021-1674)

- Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability (CVE-2021-1676)

- Windows CryptoAPI Denial of Service Vulnerability (CVE-2021-1679)

- Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1651. (CVE-2021-1680)

- Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1686, CVE-2021-1687, CVE-2021-1690. (CVE-2021-1681)

- Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684. (CVE-2021-1683)

- Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683. (CVE-2021-1684)

- Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642. (CVE-2021-1685)

- Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1687, CVE-2021-1690. (CVE-2021-1686)

- Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1690. (CVE-2021-1687)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1693. (CVE-2021-1688)

- Windows Multipoint Management Elevation of Privilege Vulnerability (CVE-2021-1689)

- Windows WalletService Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1681, CVE-2021-1686, CVE-2021-1687. (CVE-2021-1690)

- Hyper-V Denial of Service Vulnerability This CVE ID is unique from CVE-2021-1691. (CVE-2021-1692)

- Windows CSC Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1659, CVE-2021-1688. (CVE-2021-1693)

- Windows Update Stack Elevation of Privilege Vulnerability (CVE-2021-1694)

- Windows Print Spooler Elevation of Privilege Vulnerability (CVE-2021-1695)

- Windows Graphics Component Information Disclosure Vulnerability (CVE-2021-1696)

- Windows InstallService Elevation of Privilege Vulnerability (CVE-2021-1697)

- Windows GDI+ Information Disclosure Vulnerability (CVE-2021-1708)

- Windows Win32k Elevation of Privilege Vulnerability (CVE-2021-1709)

- Microsoft Windows Media Foundation Remote Code Execution Vulnerability (CVE-2021-1710)

- Windows Runtime C++ Template Library Elevation of Privilege Vulnerability (CVE-2021-1650)

- Active Template Library Elevation of Privilege Vulnerability (CVE-2021-1649)

- Microsoft splwow64 Elevation of Privilege Vulnerability (CVE-2021-1648)

- NTLM Security Feature Bypass Vulnerability (CVE-2021-1678)

- Windows (modem.sys) Information Disclosure Vulnerability (CVE-2021-1699)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701. (CVE-2021-1700)

- Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700. (CVE-2021-1701)

- Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability (CVE-2021-1702)

- Windows Hyper-V Elevation of Privilege Vulnerability (CVE-2021-1704)

- Microsoft Edge (HTML-based) Memory Corruption Vulnerability (CVE-2021-1705)

- Windows LUAFV Elevation of Privilege Vulnerability (CVE-2021-1706)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply Cumulative Update KB4598231.

See Also

http://www.nessus.org/u?2a8452c3

Plugin Details

Severity: High

ID: 144873

File Name: smb_nt_ms21_jan_4598231.nasl

Version: 1.9

Type: local

Agent: windows

Published: 1/12/2021

Updated: 2/12/2021

Dependencies: smb_check_rollup.nasl, smb_hotfixes.nasl, ms_bulletin_checks_possible.nasl

Risk Information

Risk Factor: High

VPR Score: 9

CVSS Score Source: CVE-2021-1668

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 1/12/2021

Vulnerability Publication Date: 1/12/2021

Reference Information

CVE: CVE-2021-1637, CVE-2021-1648, CVE-2021-1649, CVE-2021-1650, CVE-2021-1652, CVE-2021-1653, CVE-2021-1654, CVE-2021-1655, CVE-2021-1656, CVE-2021-1657, CVE-2021-1658, CVE-2021-1659, CVE-2021-1660, CVE-2021-1661, CVE-2021-1664, CVE-2021-1665, CVE-2021-1666, CVE-2021-1667, CVE-2021-1668, CVE-2021-1669, CVE-2021-1671, CVE-2021-1673, CVE-2021-1674, CVE-2021-1676, CVE-2021-1678, CVE-2021-1679, CVE-2021-1680, CVE-2021-1681, CVE-2021-1683, CVE-2021-1684, CVE-2021-1685, CVE-2021-1686, CVE-2021-1687, CVE-2021-1688, CVE-2021-1689, CVE-2021-1690, CVE-2021-1692, CVE-2021-1693, CVE-2021-1694, CVE-2021-1695, CVE-2021-1696, CVE-2021-1697, CVE-2021-1699, CVE-2021-1700, CVE-2021-1701, CVE-2021-1702, CVE-2021-1704, CVE-2021-1705, CVE-2021-1706, CVE-2021-1708, CVE-2021-1709, CVE-2021-1710

IAVA: 2021-A-0015, 2021-A-0022, 2021-A-0023

MSKB: 4598231

MSFT: MS21-4598231