Critical vulnerabilities in Microsoft Windows TCP/IP stack
Microsoft’s February 2021 monthly security update addresses several vulnerabilities in the TCP/IP stack. Two critical vulnerabilities in particular could allow an attacker to gain Remote Code Execution (RCE) access on vulnerable Windows devices. One of the vulnerabilities affects IPv4, and the other affects IPv6.
Mitigations are available, however applying Windows' February 2021 security update is the simplest way to remediate this vulnerability.
The following Windows versions are known to be affected by these vulnerabilities:
As well as Windows Server:
- version 1909
- version 2004
- version 20H2
What this means
In a blog post, the Microsoft Security Response Centre has stated the two RCE vulnerabilities are complex to exploit, so it is unlikely that they will be actively exploited in the short term. However, it is likely attackers will be able to develop Denial-of-Service exploits more quickly, so it is imperative that users apply the Windows security updates as soon as possible.
What to look for
How to tell if you're at risk
Windows devices that have not had the February 2021 security updates applied are at risk.
What to do
Apply the February 2021 security updates as soon as possible.
Microsoft has detailed workarounds (see the “More Information” section for further details) for these vulnerabilities, though the workarounds could impact the functionality of your Windows devices – so applying the updates instead is recommended.
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at firstname.lastname@example.org or call the MBIE media team on 027 442 2141.