Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. January 2021 Monthly Patch Release
Monthly Patch

January 2021 Monthly Patch Release

13 January 2021


UPDATE: Microsoft has detected CVE-2021-1647 to be actively exploited in the wild. Users and administrators are advised to immediately patch their Microsoft Malware Protection Engine to the latest version 1.1.17700.4 or later.

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2021-Jan

Critical vulnerabilities

CVE Number

CVE Name

Base Score

Reference

CVE-2021-1673

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1673

CVE-2021-1667

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1667

CVE-2021-1666

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1666

CVE-2021-1660

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1660

CVE-2021-1658

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1658

CVE-2021-1647

Microsoft Defender Remote Code Execution Vulnerability

7.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1647

CVE-2021-1668

Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability

7.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1668

CVE-2021-1643

HEVC Video Extensions Remote Code Execution Vulnerability

7.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1643

CVE-2021-1665

GDI+ Remote Code Execution Vulnerability

7.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1665

CVE-2021-1705

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

4.2

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1705

Back to top