Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2021.0011 Microsoft Patch Tuesday update for Microsoft System Center for January 2021 13 January 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft System Center Microsoft Security Essentials Windows Defender Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-1647 Member content until: Friday, February 12 2021 Comment: This zero-day RCE vulnerability has been reportedly exploited in the wild OVERVIEW Microsoft has released its monthly security patch update for the month of January 2021. This update resolves 1 vulnerabilities across the following products: [1] Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Windows Defender IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2021-1647 Remote Code Execution Critical MITIGATION Microsoft recommends updating the software to the latest available version available on the Microsoft Update Catalog. [1]. REFERENCES [1] [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBX/5iuONLKJtyKPYoAQjKNRAAiXUYmk4U6fLPrMPI8jxBmL6H8xjyx6WH jDbKzuoJRs/9woW64o8DnckxOslE4rHnZfodFZz5qNOjCc8XmfUU14C7Jiip3yXH 35eE87FhNWjNEYpveV1D/yj0PvQ6FYzD6Al1ZI/by1Ogisx9aMcyMHV8xsQ7Eu4o kpT79rpcVr8G2bCayBhdPbQKus96MvFmFZaGnqSE1N5j9h5OdmePmTrCdWseIs3F k9QnGq9gKQPNfH4a/No3JqP0+Pvvwb3rvwZN+h6Hs+/uxAkLtUhW4zp89041BVSW r9W1Dwuqopob5WUZ54g5qRuSEDJUGZJBqj9g4VXAcZE+5TO1IULQfcJcCnk66Oq7 KJt2Yo/i+BPzKHwgHGiabHjfJEkxcXv9F1Ouf/IEgm0TZ4IFHytHTLPI30W75whR 3PUB3JMYsfbg7wczAZHm1O+ZWvNO7p0n010NZjfefw0aXhMv9c2W4KSQIuQ7q6A8 IIYHjnxzCdwjvLWBtPhPSmHWM+8yFv3jFAT5gU6xrZIXalM+Ss7SIPQ4sVB4ZZ+Y xJkFFfA9mdQ7pmhMsuH9Dh4euNjji2ikTXYs3brokaaeRDOujIqPQRpKkWh9sP51 l9fhhmZwUlDhn5PjbyhApxUVKzHEydib5Z/iMfdrtY7mtErwjnrRVMtUBjMMaCud 3NALvWXdE6g= =+hAv -----END PGP SIGNATURE-----