January 2021 - Microsoft Releases Security Patches

  Advisory Date: JAN 12, 2021

  DESCRIPTION

In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are the CVEs that Trend Micro Deep Security covers in the January 2021 release:

  • CVE-2021-1713 - Microsoft Excel Remote Code Execution Vulnerability
    CVSS:3.0 7.8/6.8

  • CVE-2021-1707 - Microsoft SharePoint Server Remote Code Execution Vulnerability
    CVSS:3.0 8.8/7.7

  • CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability
    CVSS:3.0 7.8/7.0

  • CVE-2021-1715 - Microsoft Word Remote Code Execution Vulnerability
    CVSS:3.0 7.8/6.8

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility
CVE-2020-1713 1010719 Microsoft Excel Remote Code Execution Vulnerability (CVE-2021-1713) 12-Jan-21 YES
CVE-2020-1707 1010702 Microsoft SharePoint Authenticated Remote Code Execution Vulnerability (CVE-2021-1707) 12-Jan-21 YES
CVE-2020-1647 1010700 Microsoft Windows Defender Remote Code Execution Vulnerability (CVE-2021-1647) 12-Jan-21 YES
CVE-2020-1647 1010701 Microsoft Windows Defender Remote Code Execution Vulnerability Over SMB (CVE-2021-1647) 12-Jan-21 YES
CVE-2020-1715 1010720 Microsoft Word Remote Code Execution Vulnerability (CVE-2021-1715) 12-Jan-21 YES