[German]On February 9, 2021, Microsoft released a whole load of security updates for Windows, Office and so on on February Patchday. In this article, I would like to take a look at some of the bugs that were fixed and also (surprisingly few) problems that I encountered. For admins whose Windows Server 2016 gets stuck at 24% during update installation, Microsoft has withdrawn KB4601392 and released a new SSU KB5001078.
Security fix for the Windows TCP/IP stack
Three vulnerabilities, some critical, VE-2021-24074, CVE-2021-24094 and CVE-2021-24086 exist in the TCP/IP implementation of Windows 7 SP1 through Windows 10 20H2, as well as in its Windows Server counterparts, and have been closed by security updates as of Feb. 9, 2021. Microsoft recommends installing the updates promptly (see New vulnerabilities discovered in TCP/IP stacks, patches for Windows TCP/IP vulnerabilities).
BSOD bug fixed in Windows 10
There is a bug in Windows 10 that can trigger a Blue Screen of Dead (BSOD) after by certain path entries (e.g. in the browser). I had addressed the whole thing in the blog post Windows 10: Bug allows BSOD by entering a path in a browser. The colleagues from Bleeping Computer point out in the post Microsoft fixes Windows 10 bug letting attackers trigger BSOD crashes that the bug is fixed by February 2021 patches.
chkdsk /f bug fixed
In Windows 10 2004/20H2, there has been a bug for some time that caused the chkdsk /f command to corrupt the file system and subsequently prevent the operating system from booting. I had already pointed out in December in the postWindows 10 2004/20H2: Microsoft fixes chkdsk issue in update KB4592438 that there was an update to fix the issue. In February 2021, Microsoft followed up again and wrote that they had addressed a bug that corrupted the file system and prevented booting when using the chkdsk /f command (see Patchday: Windows 10-Updates (February 9, 2021)).
Enforcement mode enabled for Zerologon on DCs
I had mentioned it in the blog post Reminder: Enforcement Mode starting Feb. 9, 2021 for Windows Server Domain Controllers – Microsoft has made the so-called Enforcement Mode mandatory for connections to Domain Controllers with the February 2021 security updates. This is to prevent exploitation of the Zerologon vulnerability. Some confusion arose because the enforcement mode for a second vulnerability only becomes mandatory in March 2021.
Privilege escalation bug in Defender fixed
There was a serious bug (CVE-2021-24092) in Microsoft Defender that allowed privilege escalation under Windows, and this without user intervention. The bug was probably present for 12 years and was fixed by an update on February 9, 2021 (see Microsoft closes 12-year-old vulnerability CVE-2021-24092 in Defender (Feb. 9, 2021)).
RCE vulnerability in Excel and Sharepoint closed
Microsoft has released security updates for Excel and Sharepoint for the February 2021 patchday. Surprisingly, the 2010 product versions still receive security updates, as you can read in Patchday Microsoft Office Updates (February 9, 2021). The colleagues from Bleeping Computer point out in the post Microsoft Office February security updates patch Sharepoint, Excel RCE bugs that some RCE vulnerabilities in Excel/Sharepoint have been fixed.
DoS vulnerability in .NET Core and Visual Studio
Microsoft also released security updates for a Denial of Service vulnerability in .NET Core and Visual Studio on Feb. 9, 2021 (Patchday) (see also .NET Core and Visual Studio: Vulnerability CVE-2021-1721 revised).
February 2021 Patchday issues
From my observation, there was little trouble with updates in the Windows environment in February. Here are some brief info of what came under my eyes.
Windows 10 V1909: Out-of-band Update KB5001028 for Wi-Fi crashes
Microsoft released on February 11, 2021, shortly after Patchday, Out-of-band Update KB5001028 for Windows 10 version 1909. This fixes crashes during Wi-Fi operation that occurred in certain scenarios (see Windows 10 V1909 Out-of-Band Update KB5001028).
Windows Server 2016: SSU replaced by KB5001078
The Servicing Stack Update (SSU) KB4601392 was withdrawn by Microsoft because Windows 10 Enterprise LTSC 2016; Windows 10 version 1607; Windows 10 Enterprise 2015 LTSB and Windows Server 2016 got stuck at 24% during installation (see this status report, as well as this comment here on the blog). Microsoft has released new SSU KB5001078 (Servicing stack update for Windows 10, version 1607: February 12, 2021) as of February 12, 2021, which should correct the problem (see also Fix for Windows 10/Server 1607 update hang at 24% due to SSU KB4601392).
Susan Bradley had already pointed out problems patching Windows Server 2016 on askwoody.com, but suspected KB4601318 as well as KB4535680 as the cause. The server got stuck at 24% during the update. Later, Susan pointed to support articleKB4601318 (Update for Windows 10 V1607 and Server). There is a note that a new SSU KB5001078 was released, which has to be installed before the update installation.
Windows 10: Crashes due to .NET framework updates KB4598301, KB4598299 and KB4601887
The updates for the .NET framework KB4598301 (Jan. 2021) and KB4598299 (Feb. 2021) proved to be a problem for some users, as they lead to crashes (STATUS_FATAL_USER_CALLBACK_EXCEPTION) in WPF applications created with Visual Studio. I had addressed this in the blog post Windows 10: .NET-Framework Updates KB4598301 and KB4598299 are causing crashes. As of February 9, 2021, there was the cumulative update KB4601887 (Cumulative Update of February 9, 2021 for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809, and Windows Server, version 2019), in the description of which the problem including workaround is officially confirmed.
Microsoft Office Patchday (February 2, 2021)
Microsoft Security Update Summary (February 9, 2021)
Patchday: Windows 10-Updates (February 9, 2021)
Patchday: Updates for Windows 7/Server 2008 R2 (February 9, 2021)
Patchday: Windows 8.1/Server 2012 Updates (February 9, 2021)
Patchday Microsoft Office Updates (February 9, 2021)
Cookies helps to fund this blog: Cookie settings
Microsoft has also released an updated SSU for v1507 LTSB 2015 – KB5001079:
KB5001079 for LTSB 2015 should provide a fix similar to KB5001078 for v1607 LTSB 2016. KB5001079 SSU also replaces the KB4565911 SSU