June Patch Tuesday 2021 Includes 50 Fixes and 6 Weaponized Vulnerabilities
Microsoft Releases 50 Fixes Including 6 Weaponized Vulnerabilities
There are 5 Critical and 45 Important fixes this month for Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge (Chromium-based and EdgeHTML), SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML Platform, and Windows Remote Desktop.
Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.
- Windows 7 – 2 Critical and 12 Important vulnerabilities fixed
- Windows 2008 R2 – 1 Critical and 11 Important vulnerabilities fixed
Both Windows 7 and 2008 are vulnerable to CVE-2021-33742, Windows MSHTML Platform Remote Code Execution Vulnerability which is currently Weaponized. It carries a CVSS score of 7.5 and can be exploited over any network without privileges.
Robert Brown, Head of Customer Success for Syxsense said, “We are very concerned about CVE-2021-31948, CVE-2021-31950, CVE-2021-31964 which are all related to Microsoft SharePoint Server. These spoofing vulnerabilities carry a CVSS score of 7.6 but if exploited can be used to jump into another technology running on the system. These should be urgently resolved.”
Top June 2021 Patches and Vulnerabilities
Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.
1. CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability
The vulnerability exists due to improper privilege management within the Microsoft DWM Core Library. A remote attacker can trick the victim to run a specially crafted executable or script and execute arbitrary code on the system.
Syxscore
- Vendor Severity: Important
- CVSS: 8.4
- Weaponized: Yes
- Public Aware: Yes
- Countermeasure: No
Syxscore Risk Alert
- Attack Vector: Local
- Attack Complexity: Low
- Privileges: None
- User Interaction: None
- Scope (Jump Point): No
2. CVE-2021-33742 MSHTML Platform Remote Code Execution Vulnerability
The vulnerability exists due to a boundary error when processing HTML content within Windows MSHTML Platform. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Syxscore
- Vendor Severity: Critical
- CVSS: 7.5
- Weaponized: Yes
- Public Aware: Yes
- Countermeasure: No
Syxscore Risk Alert
- Attack Vector: Network
- Attack Complexity: High
- Privileges: None
- User Interaction: Required
- Scope (Jump Point): No
3. CVE-2021-31977 Windows Hyper-V Denial of Service Vulnerability
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack. By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked.
Syxscore
- Vendor Severity: Important
- CVSS: 8.6
- Weaponized: No
- Public Aware: No
- Countermeasure: No
Syxscore Risk Alert
- Attack Vector: Network
- Attack Complexity: Low
- Privileges: None
- User Interaction: None
- Scope (Jump Point): Yes
Syxsense Recommendations
Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.
| Reference | Description | Vendor Severity | CVSS Score | Weaponised | Publicly Aware | Countermeasure | Syxsense Recommended |
| CVE-2021-33739 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important | 8.4 | Yes | Yes | No | Yes |
| CVE-2021-31956 | Windows NTFS Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | No | Yes |
| CVE-2021-33742 | Windows MSHTML Platform Remote Code Execution Vulnerability | Critical | 7.5 | Yes | Yes | No | Yes |
| CVE-2021-31955 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | Yes | No | No | Yes |
| CVE-2021-31199 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important | 5.2 | Yes | No | No | Yes |
| CVE-2021-31201 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important | 5.2 | Yes | No | No | Yes |
| CVE-2021-31968 | Windows Remote Desktop Services Denial of Service Vulnerability | Important | 7.5 | No | Yes | No | Yes |
| CVE-2021-31962 | Kerberos App Container Security Feature Bypass Vulnerability | Important | 9.4 | No | No | No | Yes |
| CVE-2021-31977 | Windows Hyper-V Denial of Service Vulnerability | Important | 8.6 | No | No | No | Yes |
| CVE-2021-33741 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important | 8.2 | No | No | No | Yes |
| CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability | Important | 8.1 | No | No | No | Yes |
| CVE-2021-31954 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | Yes |
| CVE-2021-31948 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 7.6 | No | No | No | Yes |
| CVE-2021-31950 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 7.6 | No | No | No | Yes |
| CVE-2021-31964 | Microsoft SharePoint Server Spoofing Vulnerability | Important | 7.6 | No | No | No | Yes |
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | |
| CVE-2021-31967 | VP9 Video Extensions Remote Code Execution Vulnerability | Critical | 7.8 | No | No | No | |
| CVE-2021-31942 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31943 | 3D Viewer Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31940 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31941 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31945 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31946 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31983 | Paint 3D Remote Code Execution Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31969 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31953 | Windows Filter Manager Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31973 | Windows GPSVC Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31951 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31952 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-1675 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.8 | No | No | No | |
| CVE-2021-31974 | Server for NFS Denial of Service Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2021-31975 | Server for NFS Information Disclosure Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2021-31976 | Server for NFS Information Disclosure Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2021-31958 | Windows NTLM Elevation of Privilege Vulnerability | Important | 7.5 | No | No | No | |
| CVE-2021-31938 | Microsoft Vs Code Kubernetes Tools Extension Elevation of Privilege Vulnerability | Important | 7.3 | No | No | No | |
| CVE-2021-31966 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | 7.2 | No | No | No | |
| CVE-2021-31963 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | 7.1 | No | No | No | |
| CVE-2021-26420 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | 7.1 | No | No | No | |
| CVE-2021-31971 | Windows HTML Platform Security Feature Bypass Vulnerability | Important | 6.8 | No | No | No | |
| CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability | Important | 6.7 | No | No | No | |
| CVE-2021-31959 | Scripting Engine Memory Corruption Vulnerability | Critical | 6.4 | No | No | No | |
| CVE-2021-31957 | .NET Core and Visual Studio Denial of Service Vulnerability | Important | 5.9 | No | No | No | |
| CVE-2021-31965 | Microsoft SharePoint Server Information Disclosure Vulnerability | Important | 5.7 | No | No | No | |
| CVE-2021-31972 | Event Tracing for Windows Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2021-31960 | Windows Bind Filter Driver Information Disclosure Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2021-31970 | Windows TCP/IP Driver Security Feature Bypass Vulnerability | Important | 5.5 | No | No | No | |
| CVE-2021-31944 | 3D Viewer Information Disclosure Vulnerability | Important | 5 | No | No | No | |
| CVE-2021-26414 | Windows DCOM Server Security Feature Bypass | Important | 4.8 | No | No | No |
Experience the Power of Syxsense
Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.
