Again, this round of patches illustrates the importance of keeping systems up to date with the latest patches installed. It can be an arduous task to keep systems current when dealing with a large network, but the cost may be far greater if an attacker gains access. AD group policy settings is a solution that can be instituted with minimal effort to mitigate risks associated with out-of-date systems. As the announcement from Microsoft reveals, attackers sometimes exploit vulnerabilities that do not have patches available. Even up-to-date systems require continuous monitoring for unusual and dangerous behaviors that could signal an attacker has control over the system. A best practice is to monitor events on endpoints and other critical systems from a Security Operations Center that operates 24/7, or partner with a managed security provider such as Binary Defense’s Security Operations Task Force to keep watch over systems at any time of day or night.
Link to Microsoft Security Information: https://msrc.microsoft.com/update-guide
ZDNet coverage: https://www.zdnet.com/article/microsoft-february-2021-patch-tuesday-fixes-56-bugs-including-windows-zero-day/
Krebs on Security: https://krebsonsecurity.com/2021/02/microsoft-patch-tuesday-february-2021-edition/
Security Affairs: https://securityaffairs.co/wordpress/114409/security/microsoft-february-2021-patch-tuesday.html