On February 10, 2021, Microsoft released a set of patches for multiple critical vulnerabilities, including the TCP/IP remote code execution vulnerability CVE-2021-24074 and Windows DNS Server remote code execution vulnerability CVE-2021-24078. Microsoft has patched these vulnerabilities in their monthly batch of security updates.
- Vulnerability ID: CVE-2021-24074 and CVE-2021-24078
- Vulnerability severity: critical
- Affected versions:
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2008 R2
- Windows Server, version 2004 (Server Core installation)
- Windows Server, version 1909 (Server Core installation)
Microsoft released security updates for multiple critical vulnerabilities on February 10, 2021. The TCP/IP remote code execution vulnerability CVE-2021-24074 can be exploited by attackers to control the target host by creating and sending malicious IPv4 or IPv6 packets. The Windows DNS Server remote code execution vulnerability CVE-2021-24078 can be exploited by attackers to execute arbitrary code on a DNS server by creating and sending malicious DNS requests. Microsoft has also released patches for multiple other critical vulnerabilities in February. We recommend that you apply Windows security updates as soon as possible to block attacks.
Apply security updates for the vulnerabilities in a timely manner.
You can use one of the following solutions to fix the vulnerabilities:
- Go to the Microsoft official website to download the corresponding patches. For more information, visit CVE-2021-24074 and CVE-2021-24078.
- Detect and fix the vulnerabilities in the Windows system vulnerabilities module of Alibaba Cloud Security Center. For more information, log on to the Security Center console.
dropto mitigate risks caused by the TCP/IP remote code execution vulnerability CVE-2021-24074.
netsh int ipv4 set global sourceroutingbehavior=drop
If you have questions or feedback, submit a ticket to contact Alibaba Cloud.
Alibaba Cloud Computing Co., Ltd.