91 vulnerabilities discovered in January during Patch Tuesday
3 min. read
Updated on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- A grand total of 91 CVEs were detected during 2021's first round of Patch Tuesday updates.
- The CVEs vary in severity, with the ones labeled as Critical being the most important
- These vulnerabilities affect both Adobe and Microsoft products, so try updating immediately.
- If you find that a service you are using is listed below, update your PC at once!
2020 has been a rocky year for Windows 10 and Adobe users, with a record-breaking number of CVE’s discovered each month.
For comparison, 2020 had more discovered CVEs than the entire of 2019 by the end of August, with numbers finally showing a decrease in December.
Speaking of which, here is a brief summary of how many CVE’s were detected each month:
- January: 58 CVEs
- February: 99 CVEs
- March: 115 CVEs
- April: 118 CVEs
- May: 147 CVEs
- June: 139 CVEs
- July: 136 CVEs
- August: 146 CVEs
- September: 147 CVEs
- October: 88 CVEs
- November: 126 CVEs
- December: 62 CVEs
2021 starts off with a total of 91 CVEs discovered in January
Vulnerabilities found in Adobe products
This month only 9 CVEs were found, and they affected the following Adobe products:
Adobe Campaign Classic, Photoshop, Illustrator, Animate, InCopy, Captivate, and Bridge.
Fortunately, the only Critical CVE found this month was the one affecting Adobe Illustrator.
Vulnerabilities found in Microsoft products
On the other hand, the bulk of the discovered CVEs are comprised of those that affect Microsoft products, being found in the following:
Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Office and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Malware Protection Engine, .NET Core, ASP .NET, and Azure
The CVEs were classified based on their severity, as follows:
- 10 were classified and Critical
- 73 were listed as Important in severity
Which were some of the most severe CVEs?
As always, there are CVEs that are to be taken a lot more seriously than the others, and in the case of this month’s updates, they are the following:
- CVE-2021-1647
- Microsoft Defender Remote Code Execution Vulnerability
- CVE-2021-1648
- Microsoft splwow64 Elevation of Privilege Vulnerability
- CVE-2021-1677
- Azure Active Directory Pod Identity Spoofing Vulnerability
- CVE-2021-1674
- Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
2020 finished off with 1250 total detected CVEs, and it looks like 2021 will follow the trend, with almost 100 from the very first month.
Remember that if you use any of the affected products mentioned above, even if the vulnerability is not rated as being Critical or Important, it is highly advised that you get the latest patches immediately.
Speaking of which, if you have no idea how Patch Tuesday works, check out this detailed guide where we will explain everything to you.
Additionally, you can even download the updates directly from this detailed guide, and even read up on all the changes that have come.
What do you think about this month’s number of detected CVEs? Tell us all about it in the comments section below.
[wl_navigator]
User forum
0 messages