Hello, welcome to the Wednesday, January 13th, 2021 edition of the Sands and at Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Of course, top of the news today is, as usual on Patch Tuesday, the Microsoft Patch Tuesday Crop and the Got Patches for 83 vulnerabilities,

10 of which are rated as critical.

The one that sort of caught the most attention is CVE 2021-1647.

This is a remote code execution vulnerability in Microsoft Defender, so essentially in Microsoft's

security tools.

CVSS rating for this is 7.8.

Now, what makes it even more exciting is that this vulnerability is apparently already being exploited in the while.

A little bit unusual is also that we do have nine vulnerabilities that were patched in the remote procedure call runtime, and well, these vulnerabilities can lead to remote code execution.

Five of these vulnerabilities are rated as critical, with a base CVSS score of 8.8.

These vulnerabilities are exposed over the network, but an attacker would need some

credential, some access to the target system in order

to exploit these vulnerabilities. But then we also had a flaw that didn't get patched this

month that sort of was expected to be addressed this month, and that's a remote code execution vulnerability in exchange server.

Initially, this flaw, I believe, was patched in September or so last year.

The researcher that found the original vulnerability then did post about two possible bypasses for this patch.

One was addressed in December.

One is now still outstanding.

But this remote code execution also does require some credentials,

which makes exploitation, of course, less likely.

Now, not included in the patch count this month are patches for Microsoft Edge as it's now part

...