Windows Fax Compose Form Remote Code Execution Vulnerability CVE-2021-1657 Security Vulnerability Released: Jan 12, 2021 Assigning CNA: Microsoft Impact: Remote Code Execution Max Severity: Important CVSS Source: Microsoft CVSS:3.1 7.8 / 6.8 Metric --- Base score metrics (8) | Temporal score metrics (3) Description: This vulnerability affects the Windows Fax Compose Form feature. An attacker could potentially exploit this vulnerability to execute arbitrary code on a system running Microsoft Windows 10, version 20H2, and Windows Server 2019, version 1909. The vulnerability is due to a flaw in the way the Fax Compose Form feature handles certain fax messages. Solution: Microsoft has released a security update to address this vulnerability. Users are advised to apply the update as soon as possible to mitigate the risk of exploitation. References: Microsoft Knowledge Base Article Microsoft Security Advisory Additional Information: CVSS Score: 7.8 (Critical), 6.8 (Important) Impact: Remote Code Execution Severity: Important Patch Availability: Available Patch Release Date: Jan 12, 2021 Further Actions: Apply the security update as soon as possible. Keep systems and applications up to date with the latest security patches. Monitor systems for any signs of exploitation.