I was told that all issues would go away when 2020 ended, but what happens on the second Tuesday of the first month? Patches! It turns out we still have security vulnerabilities and need to close those up. There are 83 in total and nine critical. Maybe things are looking up!
Some highlights (or lowlights)
CVE-2021-1647: I think anytime there is a critical patch for your antivirus that has already been exploited, you might want to talk about it, call me old fashioned like that. We don’t know the extent that it was exploited, but it is not wormable and has been patched. Defender is going to update on its own, and rather quickly. There is a decent chance this is already patched before I finish typing this sentence.
CVE-2021-1643: This is a remotely executable bug that involves High-Efficiency Video Coding (HEVC). It does require user interaction and is not wormable, so it is not considered likely to be exploited, but it is critical, so getting it patched is essential.
CVE-2021-1648: This one is named splWOW64 is not listed as critical, but it is worth mentioning because it is publicly known, which does always increase the importance of getting patched. This is an elevation of privilege that appears to be for only Windows 10 20H2.
In review
Holy cow! January had everything for a Patch Tuesday: already known exploits, actively used exploits, a moderate level bug was even patched. I am glad you guys joined me on this rollercoaster ride. While I have enjoyed our time on this adventure, it might be time to install these things in your lab environment, test 'em out, and then perhaps roll it out to production after a well-defined time frame? I am not going to tell you how to systems administrate, though.
