October Patch Tuesday 2021 Fixes 71 Flaws and Weaponized Threat

October Patch Tuesday 2021 Fixes 71 Flaws and Weaponized Threat

Microsoft Releases October 2021 Patch Tuesday Fixes

There are 3 Critical, 67 Important and a single Low fix in this October Patch Tuesday. Fixes include Microsoft Windows and Windows components, Microsoft Edge, Azure, Office and Office Components, SharePoint Server, Microsoft Windows DNS, and the Windows 11 has its first every security patch.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 19 Important vulnerabilities fixed
  2. Windows 2008 R2 – 20 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “This may be the first time ever that Microsoft released updates for four end user based operating systems (Windows 7, 8.1, 10 & now 11. Over the next couple of months, we could see an increase in the number of vulnerabilities fixed breaching 100 once again. Should that be the case, careful selection of the most important vulnerabilities to resolve will be extremely important.”

Top October 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-40449: Win32k Elevation of Privilege Vulnerability

A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with elevated privileges. They can achieve this due to a boundary error within the Win32k driver in Microsoft Windows kernel.

This vulnerability was discovered by Kaspersky, therefore one may assume this may be used in the next ransomware attack if not resolved quickly.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-41335: Windows Kernel Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system because Windows does not properly impose security restrictions in Windows Kernel.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

3. CVE-2021-36970: Windows Print Spooler Spoofing Vulnerability

A remote attacker can spoof page content because the Windows Print Spooler incorrectly processes user supplied data. This vulnerability is more likely to be targeted by hackers because of the recent report of printing issues which are ongoing.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE Reference Description Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponised Syxsense Recommended
CVE-2021-40449 Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-41335 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-40469 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No Yes No Yes
CVE-2021-41338 Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability Important 5.5 No Yes No Yes
CVE-2021-38672 Windows Hyper-V Remote Code Execution Vulnerability Critical 8 No No No Yes
CVE-2021-40461 Windows Hyper-V Remote Code Execution Vulnerability Critical 8 No No No Yes
CVE-2021-40486 Microsoft Word Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-26427 Microsoft Exchange Server Remote Code Execution Vulnerability Important 9 No No No Yes
CVE-2021-36970 Windows Print Spooler Spoofing Vulnerability Important 8.8 No No No Yes
CVE-2021-41344 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-40487 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-41348 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-40464 Windows Nearby Sharing Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-40470 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40471 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40473 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40474 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40479 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40485 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40480 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-41330 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40478 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40488 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40489 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-26441 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41345 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40450 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41357 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41347 Windows AppX Deployment Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40443 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40466 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40467 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40477 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41340 Windows Graphics Component Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-41331 Windows Media Audio Decoder Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40462 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40465 Windows Text Shaping Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40463 Windows NAT Denial of Service Vulnerability Important 7.7 No No No
CVE-2021-40484 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-34453 Microsoft Exchange Server Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-41352 SCOM Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-40476 Windows AppContainer Elevation Of Privilege Vulnerability Important 7.5 No No No
CVE-2021-36953 Windows TCP/IP Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-40457 Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability Important 7.4 No No No
CVE-2021-40481 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.1 No No No
CVE-2021-41334 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-26442 Windows HTTP.sys Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-41342 Windows MSHTML Platform Remote Code Execution Vulnerability Important 6.8 No No No
CVE-2021-41350 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-41332 Windows Print Spooler Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-40460 Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability Important 6.5 No No No
CVE-2021-41355 .NET Core and Visual Studio Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-40472 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40454 Rich Text Edit Control Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40468 Windows Bind Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40475 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38663 Windows exFAT File System Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38662 Windows Fast FAT File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-41343 Windows Fast FAT File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40455 Windows Installer Spoofing Vulnerability Important 5.5 No No No
CVE-2021-41336 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-41361 Active Directory Federation Server Spoofing Vulnerability Important 5.4 No No No
CVE-2021-41353 Microsoft Dynamics 365 Sales Spoofing Vulnerability Important 5.4 No No No
CVE-2021-41346 Console Window Host Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2021-40482 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-40456 Windows AD FS Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2021-41337 Active Directory Security Feature Bypass Vulnerability Important 4.9 No No No
CVE-2021-41339 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2021-41363 Intune Management Extension Security Feature Bypass Vulnerability Important 4.2 No No No
CVE-2021-41354 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 4.1 No No No
CVE-2021-40483 Microsoft SharePoint Server Spoofing Vulnerability Low 7.6 No No No

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Related Posts

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
Automating Patch and Vulnerability Management for Compliance Success

Automating Patch and Vulnerability Management for Compliance Success

March 21, 2024
March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 2024 Patch Tuesday: Microsoft releases 59 fixes this month including 2 Critical Threats and 2 with CVSS Score of 9.0 or Above

March 12, 2024
Third-Party Patching: Don’t Be a Sitting Duck

Third-Party Patching: Don’t Be a Sitting Duck

February 14, 2024