Like every month, Microsoft’s monthly bulletin informs us about what happens on Windows systems. And in February, up to 65 vulnerabilities are detailed, of which 11 are of critical severity, which according to INCIBE, the National Cybersecurity Institute, can “be used to achieve remote control with little or no user intervention” .
65 vulnerabilities in Windows systems in February
The published vulnerabilities correspond to the following types:
Denial of service
Elevation of privileges
Remote code execution
Bypass security features
One of these critical flaws achieves an elevation of privilege in Microsoft Win32k, that is, a local attacker can get administrator permissions. Microsoft indicates that this vulnerability “could be actively being exploited affecting Windows 10 and Windows Server 2019 systems.”
Windows 7 computers
This update also fixes 3 vulnerabilities in the implementation of the TCP / IP protocol in Windows, two of them critical, which would allow remote code to be executed, and one of high severity that would allow denial of service attacks. These bugs affect computers with Windows 7 and later versions. Microsoft believes that potential attackers could exploit the DoS vulnerability much faster than remote code execution, so it encourages you to install the released updates as soon as possible.
Another critical failure corresponds to the DNS server in Windows Server from versions 2008 to 2019 that could be exploited to install software remotely through a phishing email or with images that in both cases link to a new domain, allowing the cybercriminal to steal data by altering the destination of the company web traffic.
With this update, Microsoft continues the update initiated for the vulnerability known as ZeroLogon of the NetLogon protocol, also beginning to reject access attempts from devices with other operating systems.
How to correct them
By default Windows 10 automatically downloads and installs updates. However, it is best to verify that these updates are not paused, as well as make sure you have backup copies of your files and your operating system.
In most cases, the affected software will update automatically by default. However, in the event that such update is not carried out automatically, Microsoft makes available to users a web portal with all the related information, as well as the patches of the affected products for download and that can be consulted in this link.