January 2021 security patches are here.
The first batch of patches from the new year consisted of software updates from Microsoft, Cisco, Apple, Adobe, and Android… to name a few.
These security patches are reminders that existing software contains many undetected security holes, so we need to continuously patch and continue to monitor for signs of attacks on holes we don’t know about.
If you subscribe to a managed patching service, you’ll generally be able to relax and let your vendor perform the updates. However, some software packages, such as SAP, may be managed separately and thus they require special attention.
Besides, it never hurts to be aware of the latest flaws and exploits to ensure your team is prepared.
Microsoft’s 83 Security Patches
This month’s 83 security patches show a 59% increase over the January 2020 security patch releases.
It seems like a steady trend for researchers to find a consistently increasing number of vulnerabilities.
Of the security patches released by Microsoft this month, 10 rate as critical because they can seize remote control of endpoints with low levels of privilege, low levels of sophistication, or those with little-to-no interaction from windows users. These patches should be applied ASAP because the exploits will leave your organization quite exposed.
The other 73 vulnerabilities rate as important, however, you still need to ensure that these lower-criticality updates are patched quickly as well. Although not as readily exploited, some of these flaws already have exploits marketed on the dark web.
Windows Defender Flaw
Microsoft reduced the details of how vulnerabilities are exploited, but some researchers have been filling in the blanks.
Here are a few highlights of the other vulnerabilities:
Google’s ProjectZero found a server operating as a watering hole attack, and learned of several zero-day flaws being exploited by the sophisticated attackers.
Vulnerability CVE-2021-1648, an important elevation of privilege vulnerability within a print driver host, includes a patch in this month’s updates. It corrects a flaw introduced in an earlier patch. This should serve as a reminder that even patches may contain vulnerabilities, so you should always maintain layers of security and monitoring.
The patch for vulnerability CVE-2020-0689 counters a publicly available exploit code that can bypass secure boot, and load a rootkit malware. If you’re performing manual updates, this patch requires a separate installation and a specific order for the updates, so be sure to check for the details.
Other Vendors and Reminders
Other major vendors who released updates for end points and mobile devices in January include:
- Adobe (Photoshop, Illustrator, Animate, and more)
- Google’s Android
- Apple iOS 12.5.1
- Cisco [Adaptive Security Appliance (ASA) Software, Firepower Threat Defense (FTD)]
- SAP
Microsoft’s Windows 10 should upgrade automatically for many users, but you must also take precautions and make sure your user data and systems have been backed-up prior to patching. After all, some patches may introduce problems.
In addition to the printer driver host vulnerability mentioned above, Microsoft also fixed one of last month’s patches that broke Windows 10’s “Reset this PC” feature. If you manually patch, a workaround is available for this flaw.
Security Patching Support
Patching remains simultaneously a constant annoyance and a critical function necessary for security.
Fortunately, we’re here to help! We’ll lighten the load for your internal IT team, so it can focus on more strategic goals and objectives. Or, we’ll become your IT team!
Should your organization want to offload this headache, create additional layers of security, or begin monitoring for attacks, we are ready to provide assistance.
Call us today at 412-349-6680 or fill out the form below to let us know how we can help.