Advisory 13

TLP Rating: White

Critical vulnerabilities in Microsoft Windows TCP/IP stack

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.

The CERTVU office would like to advise it’s constituents on critical vulnerabilities in Microsoft Windows TCP/IP stack. Microsoft in its February 2021 monthly security update addressed several vulnerabilities in the TCP/IP stack. There are two critical vulnerabilities in particular that could allow an attacker to gain Remote Code Execution (RCE) access on vulnerable Windows devices. The vulnerabilities affects IPv4 and IPv6 respectively.

What it means

Microsoft Security Response Centre (MSRC) has stated the two RCE vulnerabilities are complex to exploit. It is likely that attackers will be able to execute Denial-of-Service (DoS) exploits more quickly so it is critical that users, organizations and institutions apply the latest Windows Security updates as soon as possible.

Which Microsoft systems are affected?

The below windows version are affected by these vulnerabilities:

  • Windows 7
  • Windows 8.1
  • Windows 10

The following Windows Servers are also affected:

  • Windows Server 2008
  • Windows Server 2012
  • Windows Server 2016
  • Windows Server 2019 Ver1909, Ver2004 and Ver20H2

 

Prevention

Apply the February 2021 Security updates as soon as possible

Mitigation Process

Microsoft has released a detailed workaround but applying the updates instead is more crucial.

References

1. https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/
2. https://www.cert.govt.nz/it-specialists/advisories/critical-vulnerabilities-in-microsoft-windows-tcpip-stack/