CVE-2021-1647: Microsoft Defender Remote Code Execution Vulnerability
First published: Tue Jan 12 2021(Updated: )
Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1803 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2016 | =20h2 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2016 | =2004 | |
| Microsoft Windows Server 2019 | ||
| Microsoft Security Essentials | ||
| Microsoft System Center Endpoint Protection | ||
| Microsoft System Center Endpoint Protection | =2012 | |
| Microsoft System Center Endpoint Protection | =2012-r2 | |
| All of | ||
| Microsoft Windows Defender | ||
| Any of | ||
| Microsoft Windows 10 1507 | ||
| Microsoft Windows 10 1607 | ||
| Microsoft Windows 10 1803 | ||
| Microsoft Windows 10 1809 | ||
| Microsoft Windows 10 1909 | ||
| Microsoft Windows 10 2004 | ||
| Microsoft Windows 10 20h2 | ||
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 1909 | ||
| Microsoft Windows Server 2004 | ||
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Windows Server 2019 | ||
| Microsoft Windows Server 20h2 | ||
| Microsoft Defender | ||
| Microsoft Windows Defender | ||
| Microsoft System Center Endpoint Protection | ||
| Microsoft Security Essentials | ||
| Microsoft System Center 2012 R2 Endpoint Protection | ||
| Microsoft System Center 2012 Endpoint Protection |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1647?
CVE-2021-1647 is a vulnerability in Microsoft Defender that allows for remote code execution.
How severe is CVE-2021-1647?
CVE-2021-1647 has a severity rating of 7.8 (high).
Which software is affected by CVE-2021-1647?
The affected software includes Microsoft Defender, Microsoft Windows Defender, Microsoft Windows 10, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows RT 8.1, Microsoft Windows Server 2008, Microsoft Windows Server 2012, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Security Essentials, and Microsoft System Center Endpoint Protection.
How do I fix CVE-2021-1647?
To fix CVE-2021-1647, apply the security updates provided by Microsoft.
Where can I find more information about CVE-2021-1647?
You can find more information about CVE-2021-1647 on the Microsoft Security Guidance Advisory page: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1647
- agent/type
- agent/title
- agent/remedy
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- collector/nvd-cve
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- collector/msrc-cve
- source/Microsoft
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/microsoft
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/20h2
- version/microsoft windows 10/1607
- version/microsoft windows 10/1803
- version/microsoft windows 10/1809
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/20h2
- version/microsoft windows server 2016/1909
- version/microsoft windows server 2016/2004
- canonical/microsoft windows server 2019
- canonical/microsoft security essentials
- canonical/microsoft system center endpoint protection
- version/microsoft system center endpoint protection/2012
- version/microsoft system center endpoint protection/2012-r2
- canonical/microsoft windows 10 1507
- canonical/microsoft windows 10 1607
- canonical/microsoft windows 10 1803
- canonical/microsoft windows 10 1809
- canonical/microsoft windows 10 1909
- canonical/microsoft windows 10 2004
- canonical/microsoft windows 10 20h2
- canonical/microsoft windows server 1909
- canonical/microsoft windows server 2004
- canonical/microsoft windows server 20h2
- canonical/microsoft defender
- canonical/microsoft system center 2012 r2 endpoint protection
- canonical/microsoft system center 2012 endpoint protection