Skip to main content
Tag

Patch Tuesday

|||

November Patch Tuesday 2021 Addresses 55 Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

November Patch Tuesday 2021 Fixes 55 Flaws

November Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

[vc_empty_space]
[vc_single_image image=”230489″ img_size=”full”]

Microsoft Releases November 2021 Patch Tuesday Fixes

There are 6 Critical (double than last month) and 49 Important fixes in this release. Updated were included Microsoft Windows and Windows components, 3D Viewer, Azure, Azure RTOS and Sphere, Microsoft Dynamics, Microsoft Office, and Visual Studio and Visual Studio Code and Windows 11 has its second security patch. 

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month.  We are really close to the need to review for a third and final year of ESU if you are still using Windows 7 or 2008.

  1. Windows 7 – 1 Critical and 10 Important fixes
  2. Windows 2008 R2 – 1 Critical and 14 Important fixes

Robert Brown, Head of Customer Success for Syxsense said, “Overall, this year we have seen a massive drop in the number of fixes addressed by the Patch Tuesday security updates. This is most likely down to the extended support of the Windows 10 Feature Updates throughout 2021, however as Microsoft have launched another business operating system that number is likely to rise again.”

Our suggestion would be to choose which Operating System (10 vs. 11) your business will use for 2022 and stick with it. If your company policy is to stick with Windows 10, we recommend implementing such procedures to stop users from accidentally upgrading their device to Windows 11.

Top November 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-3711: OpenSSL: SM2 Decryption Buffer Overflow

A malicious attacker who is able to present SM2 content for decryption to an application could cause the attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behavior or causing the application to crash.

This vulnerability was released before November but has been reviewed and rescored by NVD.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

 

[dt_divider style=”thin” /]

 

2. CVE-2021-26443: Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on the VMBus channel from the guest VM to the Host. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.0
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Adjacent
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

 

[dt_divider style=”thin” /]

 

3. CVE-2021-38666: Remote Desktop Client Remote Code Execution Vulnerability

An attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system and has been suggested by Microsoft this vulnerability is “More Likely” to be used in an attack.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Reference Description Vendor Severity CVSS Score Weaponised Publicly Aware Countermeasure Highest Priority
CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability Important 8.8 Yes No No Yes
CVE-2021-42292 Microsoft Excel Security Feature Bypass Vulnerability Important 7.8 Yes No No Yes
CVE-2021-43208 3D Viewer Remote Code Execution Vulnerability Important 7.8 No Yes No Yes
CVE-2021-43209 3D Viewer Remote Code Execution Vulnerability Important 7.8 No Yes No Yes
CVE-2021-38631 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 4.4 No Yes No Yes
CVE-2021-41371 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 4.4 No Yes No Yes
CVE-2021-3711 OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow Critical 9.8 No No No Yes
CVE-2021-26443 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Critical 9 No No No Yes
CVE-2021-38666 Remote Desktop Client Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-42316 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Critical 8.7 No No No Yes
CVE-2021-42298 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-42279 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.2 No No No Yes
CVE-2021-42275 Microsoft COM for Windows Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-42283 NTFS Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2021-41366 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-40442 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-42276 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-42296 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-41367 NTFS Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41370 NTFS Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42322 Visual Studio Code Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42286 Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36957 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41377 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-42285 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-41378 Windows NTFS Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-41372 Power BI Report Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-42278 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42282 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42287 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-42291 Active Directory Domain Services Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-41356 Windows Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-38665 Remote Desktop Protocol Client Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-42284 Windows Hyper-V Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-42274 Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-41374 Azure Sphere Information Disclosure Vulnerability Important 6.7 No No No
CVE-2021-42302 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-42303 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-42304 Azure RTOS Elevation of Privilege Vulnerability Important 6.6 No No No
CVE-2021-41349 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-42305 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-41368 Microsoft Access Remote Code Execution Vulnerability Important 6.1 No No No
CVE-2021-42300 Azure Sphere Tampering Vulnerability Important 6 No No No
CVE-2021-42288 Windows Hello Security Feature Bypass Vulnerability Important 5.7 No No No
CVE-2021-42277 Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-41373 FS Logix Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-42280 Windows Feedback Hub Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability Important 5.5 No No No
CVE-2021-42319 Visual Studio Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2021-41375 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No No
CVE-2021-41351 Microsoft Edge (Chrome based) Spoofing on IE Mode Important 4.3 No No No
CVE-2021-26444 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-42301 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-42323 Azure RTOS Information Disclosure Vulnerability Important 3.3 No No No
CVE-2021-41376 Azure Sphere Information Disclosure Vulnerability Important 2.3 No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Watch the Webcast: October Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: October Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”139018″ img_size=”full” css_animation=”fadeIn”]

Watch the October Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: October Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/631997928″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

October Patch Tuesday 2021 Fixes 71 Flaws and Weaponized Threat

By Patch Management, Patch TuesdayNo Comments

October Patch Tuesday 2021 Fixes 71 Flaws and Weaponized Threat

October Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

[vc_empty_space]
[vc_single_image image=”160212″ img_size=”full”]

Microsoft Releases October 2021 Patch Tuesday Fixes

There are 3 Critical, 67 Important and a single Low fix in this October Patch Tuesday. Fixes include Microsoft Windows and Windows components, Microsoft Edge, Azure, Office and Office Components, SharePoint Server, Microsoft Windows DNS, and the Windows 11 has its first every security patch.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 19 Important vulnerabilities fixed
  2. Windows 2008 R2 – 20 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “This may be the first time ever that Microsoft released updates for four end user based operating systems (Windows 7, 8.1, 10 & now 11. Over the next couple of months, we could see an increase in the number of vulnerabilities fixed breaching 100 once again. Should that be the case, careful selection of the most important vulnerabilities to resolve will be extremely important.”

Top October 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-40449: Win32k Elevation of Privilege Vulnerability

A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with elevated privileges. They can achieve this due to a boundary error within the Win32k driver in Microsoft Windows kernel.

This vulnerability was discovered by Kaspersky, therefore one may assume this may be used in the next ransomware attack if not resolved quickly.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

 

[dt_divider style=”thin” /]

 

2. CVE-2021-41335: Windows Kernel Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system because Windows does not properly impose security restrictions in Windows Kernel.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

 

[dt_divider style=”thin” /]

 

3. CVE-2021-36970: Windows Print Spooler Spoofing Vulnerability

A remote attacker can spoof page content because the Windows Print Spooler incorrectly processes user supplied data. This vulnerability is more likely to be targeted by hackers because of the recent report of printing issues which are ongoing.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE Reference Description Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponised Syxsense Recommended
CVE-2021-40449 Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-41335 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-40469 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No Yes No Yes
CVE-2021-41338 Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability Important 5.5 No Yes No Yes
CVE-2021-38672 Windows Hyper-V Remote Code Execution Vulnerability Critical 8 No No No Yes
CVE-2021-40461 Windows Hyper-V Remote Code Execution Vulnerability Critical 8 No No No Yes
CVE-2021-40486 Microsoft Word Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-26427 Microsoft Exchange Server Remote Code Execution Vulnerability Important 9 No No No Yes
CVE-2021-36970 Windows Print Spooler Spoofing Vulnerability Important 8.8 No No No Yes
CVE-2021-41344 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-40487 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-41348 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-40464 Windows Nearby Sharing Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-40470 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40471 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40473 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40474 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40479 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40485 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40480 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-41330 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40478 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40488 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40489 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-26441 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41345 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40450 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41357 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41347 Windows AppX Deployment Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40443 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40466 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40467 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-40477 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-41340 Windows Graphics Component Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-41331 Windows Media Audio Decoder Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40462 Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40465 Windows Text Shaping Remote Code Execution Vulnerability Important 7.8 No No No Yes
CVE-2021-40463 Windows NAT Denial of Service Vulnerability Important 7.7 No No No
CVE-2021-40484 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-34453 Microsoft Exchange Server Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-41352 SCOM Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-40476 Windows AppContainer Elevation Of Privilege Vulnerability Important 7.5 No No No
CVE-2021-36953 Windows TCP/IP Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-40457 Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability Important 7.4 No No No
CVE-2021-40481 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.1 No No No
CVE-2021-41334 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-26442 Windows HTTP.sys Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-41342 Windows MSHTML Platform Remote Code Execution Vulnerability Important 6.8 No No No
CVE-2021-41350 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-41332 Windows Print Spooler Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-40460 Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability Important 6.5 No No No
CVE-2021-41355 .NET Core and Visual Studio Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-40472 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40454 Rich Text Edit Control Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40468 Windows Bind Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40475 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38663 Windows exFAT File System Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38662 Windows Fast FAT File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-41343 Windows Fast FAT File System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40455 Windows Installer Spoofing Vulnerability Important 5.5 No No No
CVE-2021-41336 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-41361 Active Directory Federation Server Spoofing Vulnerability Important 5.4 No No No
CVE-2021-41353 Microsoft Dynamics 365 Sales Spoofing Vulnerability Important 5.4 No No No
CVE-2021-41346 Console Window Host Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2021-40482 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-40456 Windows AD FS Security Feature Bypass Vulnerability Important 5.3 No No No
CVE-2021-41337 Active Directory Security Feature Bypass Vulnerability Important 4.9 No No No
CVE-2021-41339 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important 4.7 No No No
CVE-2021-41363 Intune Management Extension Security Feature Bypass Vulnerability Important 4.2 No No No
CVE-2021-41354 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 4.1 No No No
CVE-2021-40483 Microsoft SharePoint Server Spoofing Vulnerability Low 7.6 No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
|

Watch the Webcast: September Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: September Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”77259″ img_size=”full” css_animation=”fadeIn”]

Watch the September Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: September Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/605800422″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

September Patch Tuesday 2021 Fixes 66 Flaws and Weaponized Threat

By Patch Management, Patch TuesdayNo Comments

September Patch Tuesday 2021 Fixes 66 Flaws and Weaponized Threat

September Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

[vc_empty_space]
[vc_single_image image=”77236″ img_size=”full”]

Microsoft Releases September 2021 Patch Tuesday Fixes

There are 3 Critical, 62 Important and a single Moderate fix in this September Patch Tuesday. Fixes include Microsoft Windows and Windows components, Microsoft Edge, Azure, Office and Office Components, SharePoint Server, Microsoft Windows DNS, and the Windows Subsystem for Linux.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 2 Critical and 20 Important vulnerabilities fixed
  2. Windows 2008 R2 – 2 Critical and 20 Important vulnerabilities fixed

Top September 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-40444: Microsoft MSHTML Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation within the MSHTML component. A remote attacker can create a specially crafted Office document with a malicious ActiveX control inside, trick the victim into opening the document and execute arbitrary code on the system.

The best course of action is to ensure your staff know what to do when unsolicited emails arrive, and how to escalate to your security teams when such emails are received.

There are several workarounds you can implement here.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.8
  • Weaponized: Yes
  • Public Aware: Yes
  • Countermeasure: Yes

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No

 

[dt_divider style=”thin” /]

 

2. CVE-2021-38647: Open Management Infrastructure Remote Code Execution Vulnerability

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system.

An attacker could send a specially crafted message via HTTPS to port 5986 on a vulnerable system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

 

[dt_divider style=”thin” /]

 

3. CVE-2021-36954: Windows Bind Filter Driver Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system. After the privilege escalation, an attacker can then perform other acts of attacks or even affects resources outside of the original attack vector – Solar Winds spring to mind?

Syxscore

  • Vendor Severity: Important
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE Reference Description Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponized Syxsense Recommended
CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability Important 8.8 Yes Yes Yes Yes
CVE-2021-38647 Open Management Infrastructure Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-36954 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2021-36965 Windows WLAN AutoConfig Service Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-26435 Windows Scripting Engine Memory Corruption Vulnerability Critical 8.1 No No No Yes
CVE-2021-36967 Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-36968 Windows DNS Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-36975 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-38639 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-36963 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-36955 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-38633 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-38671 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-38661 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38655 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38644 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38646 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38658 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38660 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38659 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38653 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38654 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38656 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38645 Open Management Infrastructure Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38648 Open Management Infrastructure Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26434 Visual Studio Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36952 Visual Studio Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-38628 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36964 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38630 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38625 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38626 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38667 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-40447 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36973 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36974 Windows SMB Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36966 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-38650 Microsoft Office Spoofing Vulnerability Important 7.6 No No No
CVE-2021-38651 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-38652 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-36960 Windows SMB Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-38634 Microsoft Windows Update Client Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2021-38649 Open Management Infrastructure Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-38629 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-38624 Windows Key Storage Provider Security Feature Bypass Vulnerability Important 6.5 No No No
CVE-2021-38669 Microsoft Edge (Chromium-based) Tampering Vulnerability Important 6.4 No No No
CVE-2021-40448 Microsoft Accessibility Insights for Android Information Disclosure Vulnerability Important 6.3 No No No
CVE-2021-26436 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 6.1 No No No
CVE-2021-38641 Microsoft Edge for Android Spoofing Vulnerability Important 6.1 No No No
CVE-2021-38642 Microsoft Edge for iOS Spoofing Vulnerability Important 6.1 No No No
CVE-2021-38657 Microsoft Office Graphics Component Information Disclosure Vulnerability Important 6.1 No No No
CVE-2021-38632 BitLocker Security Feature Bypass Vulnerability Important 5.7 No No No
CVE-2021-26437 Visual Studio Code Spoofing Vulnerability Important 5.5 No No No
CVE-2021-36959 Windows Authenticode Spoofing Vulnerability Important 5.5 No No No
CVE-2021-36961 Windows Installer Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-36962 Windows Installer Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-36969 Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38635 Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38636 Windows Redirected Drive Buffering Sub System Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-36972 Windows SMB Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-38637 Windows Storage Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-40440 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2021-36930 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 5.3 No No No
CVE-2021-26439 Microsoft Edge for Android Information Disclosure Vulnerability Moderate 4.6 No No No
CVE-2021-36956 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
|

Watch the Webcast: August Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: August Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”39473″ img_size=”full” css_animation=”fadeIn”]

Watch the August Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: August Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/585919213″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

August Patch Tuesday 2021 Fixes 44 Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

August Patch Tuesday 2021 Fixes 44 Vulnerabilities Including Weaponized Threat

August Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

[vc_empty_space]
[vc_single_image image=”39653″ img_size=”full”]

Microsoft Releases August 2021 Patch Tuesday Fixes

There are 7 Critical and 37 Important fixes in this August Patch Tuesday for Microsoft Windows and Windows components, Office, .NET Core and Visual Studio, Windows Defender, Windows Update and Update Assistant, Azure, and Microsoft Dynamics.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 4 Critical and 8 Important vulnerabilities fixed
  2. Windows 2008 R2 – 4 Critical and 9 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “There are a number of extremely serious threats to deal with this month, and although there are less than half the number we have been facing just a couple months ago, it has never been more important to deploy these update to protect your environment.”

Top August 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability

The vulnerability allows a local user to escalate privileges on the system, due to a boundary error within the Windows Update Medic Service. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

We are also extremely concerned as this was discovered by Microsoft Security Response Center (MSRC) / Microsoft Threat Intelligence Center which could indicate this would be turned into a ransomware attack.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-34535: Remote Desktop Client Remote Code Execution Vulnerability

In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.

In the case of Hyper-V, a malicious program running in a guest VM could trigger guest-to-host RCE by exploiting this vulnerability in the Hyper-V Viewer when a victim running on the host connects to the attacking Hyper-V guest.

Microsoft advise this exploit is more likely.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No

3. CVE-2021-36936: Windows Print Spooler Remote Code Execution Vulnerability

The vulnerability allows a remote attacker to execute arbitrary code on the target system and successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Microsoft advise this exploit is more likely.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponised: No
  • Public Aware: Yes
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Reference Description Vendor Severity CVSS Score Weaponized Public Aware Countermeasure Syxsense Recommended
CVE-2021-36948 Windows Update Medic Service Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 No Yes No Yes
CVE-2021-36942 Windows LSA Spoofing Vulnerability Important 7.5 No Yes No Yes
CVE-2021-34535 Remote Desktop Client Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-34480 Scripting Engine Memory Corruption Vulnerability Critical 6.8 No No No Yes
CVE-2021-34530 Windows Graphics Component Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34534 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 6.8 No No No Yes
CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-26424 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-34524 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-34537 Windows Bluetooth Service Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-36947 Windows Print Spooler Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-26423 .NET Core and Visual Studio Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-34485 .NET Core and Visual Studio Information Disclosure Vulnerability Important 5 No No No
CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-33762 Azure Cycle Cloud Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-36943 Azure Cycle Cloud Elevation of Privilege Vulnerability Important 4 No No No
CVE-2021-26430 Azure Sphere Denial of Service Vulnerability Important 6 No No No
CVE-2021-26429 Azure Sphere Elevation of Privilege Vulnerability Important 7.7 No No No
CVE-2021-26428 Azure Sphere Information Disclosure Vulnerability Important 4.4 No No No
CVE-2021-36949 Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability Important 7.1 No No No
CVE-2021-36950 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2021-36946 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2021-34478 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-36940 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No
CVE-2021-34471 Microsoft Windows Defender Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2021-36941 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34536 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-36945 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important 7.3 No No No
CVE-2021-36938 Windows Cryptographic Primitives Library Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26425 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34486 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34487 Windows Event Tracing Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34533 Windows Graphics Component Font Parsing Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-36937 Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34483 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26431 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26433 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36926 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36932 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-36933 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-26426 Windows User Account Profile Picture Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34484 Windows User Profile Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-30590 Chromium: CVE-2021-30590 Heap buffer overflow in Bookmarks High N/A No No No
CVE-2021-30591 Chromium: CVE-2021-30591 Use after free in File System API High N/A No No No
CVE-2021-30592 Chromium: CVE-2021-30592 Out of bounds write in Tab Groups High N/A No No No
CVE-2021-30593 Chromium: CVE-2021-30593 Out of bounds read in Tab Strip High N/A No No No
CVE-2021-30594 Chromium: CVE-2021-30594 Use after free in Page Info UI High N/A No No No
CVE-2021-30596 Chromium: CVE-2021-30596 Incorrect security UI in Navigation Medium N/A No No No
CVE-2021-30597 Chromium: CVE-2021-30597 Use after free in Browser UI Medium N/A No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
|

Watch the Webcast: July Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: July Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”39211″ img_size=”full” css_animation=”fadeIn”]

Watch the July Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: July Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/575011693″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

July Patch Tuesday 2021 Fixes Massive 117 Vulnerabilities

By Patch ManagementNo Comments

July Patch Tuesday 2021 Fixes Massive 117 Vulnerabilities

July Patch Tuesday 2021 is officially here. See the latest Microsoft updates, vulnerabilities, and critical patches of the month.

[vc_empty_space]
[vc_single_image image=”39253″ img_size=”full”]

Microsoft Releases Huge July Patch Tuesday Update

There are  13 Critical, 103 Important and 1 Moderate fixes this month for Microsoft Windows, Dynamics, Exchange Server, Microsoft Office, Windows Storage Spaces Controller, Bing, SharePoint Server, Internet Explorer (IE), Visual Studio, and Open Enclave.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 3 Critical and 27 Important vulnerabilities fixed
  2. Windows 2008 R2 – 3 Critical and 27 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “The vulnerability known as PrintNightmare is causing a lot of confusion and anxiety as patch deployment is needed urgently, but also some registry keys need to be verified also. If those keys exist then you are not safe.

There are also Weaponized vulnerabilities for Windows Kernel which need addressing urgently.”

Top July 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-34527: Windows Print Spooler Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation within the RpcAddPrinterDriverEx() function. A remote user can send a specially crafted request to the Windows Print Spooler and execute arbitrary code with SYSTEM privileges.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.5 / 8.8
  • Weaponiz
  • ed: Yes
  • Public Aware: Yes
  • Countermeasure: Yes 

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

2. CVE-2021-31979 & CVE-2021-33771: Windows Kernel Elevation of Privilege Vulnerability

A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system with elevated privileges.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8 / 8.4
  • Weaponized: Yes
  • Public Aware: Yes
  • Countermeasure: Yes 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

3. CVE-2021-34458: Windows Kernel Remote Code Execution Vulnerability

This bug impacts systems hosting virtual machines with single root input/output virtualization (SR-IOV) devices. If you have virtual machines in your environment, test and patch quickly.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8 / 8.4
  • Weaponized: Yes
  • Public Aware: Yes
  • Countermeasure: Yes 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

Reference Description Vendor Severity CVSS Score Countermeasure Public Weaponised Syxsense Recommended
CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 Yes Yes Yes Yes
CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-33771 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-34448 Scripting Engine Memory Corruption Vulnerability Critical 6.8 No No Yes Yes
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.1 No Yes No Yes
CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 9 No Yes No Yes
CVE-2021-33781 Active Directory Security Feature Bypass Vulnerability Important 8.1 No Yes No Yes
CVE-2021-33779 Windows ADFS Security Feature Bypass Vulnerability Important 8.1 No Yes No Yes
CVE-2021-34492 Windows Certificate Spoofing Vulnerability Important 8.1 No Yes No Yes
CVE-2021-34458 Windows Kernel Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-34494 Windows DNS Server Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-34525 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-33749 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-33750 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-33752 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-33756 Windows DNS Snap-in Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-34450 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.5 No No No Yes
CVE-2021-34469 Microsoft Office Security Feature Bypass Vulnerability Important 8.2 No No No Yes
CVE-2021-33767 Open Enclave SDK Elevation of Privilege Vulnerability Important 8.2 No No No Yes
CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability Important 8.1 No No No Yes
CVE-2021-34474 Dynamics Business Central Remote Code Execution Vulnerability Critical 8 No No No Yes
CVE-2021-33768 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-34470 Microsoft Exchange Server Elevation of Privilege Vulnerability Important 8 No No No Yes
CVE-2021-33746 Windows DNS Server Remote Code Execution Vulnerability Important 8 No No No Yes
CVE-2021-33754 Windows DNS Server Remote Code Execution Vulnerability Important 8 No No No Yes
CVE-2021-34446 Windows HTML Platform Security Feature Bypass Vulnerability Important 8 No No No Yes
CVE-2021-34464 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34522 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34503 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-33740 Windows Media Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-34497 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 6.8 No No No Yes
CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31947 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-33775 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-33776 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-33777 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-33778 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34501 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34518 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34479 Microsoft Visual Studio Spoofing Vulnerability Important 7.8 No No No
CVE-2021-34441 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34452 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34521 Raw Image Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34460 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34510 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34512 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34513 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34477 Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34528 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34529 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34504 Windows Address Book Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34459 Windows App Container Elevation Of Privilege Vulnerability Important 7.8 No No No
CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34488 Windows Console Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34461 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-33759 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34455 Windows File History Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34438 Windows Font Driver Host Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-34498 Windows GDI Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34511 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34514 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34508 Windows Kernel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-33743 Windows Projected File System Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-33761 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-33773 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34445 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-34456 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-33758 Windows Hyper-V Denial of Service Vulnerability Important 7.7 No No No
CVE-2021-31206 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.6 No No No
CVE-2021-31984 Power BI Remote Code Execution Vulnerability Important 7.6 No No No
CVE-2021-34476 Bowser.sys Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-34442 Windows DNS Server Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-33788 Windows LSA Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-31183 Windows TCP/IP Driver Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-33772 Windows TCP/IP Driver Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-34490 Windows TCP/IP Driver Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-33766 Microsoft Exchange Information Disclosure Vulnerability Important 7.3 No No No
CVE-2021-31196 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.2 No No No
CVE-2021-34467 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.1 No No No
CVE-2021-34468 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.1 No No No
CVE-2021-33751 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34449 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34462 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-33774 Windows Event Tracing Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-34447 Windows MSHTML Platform Remote Code Execution Vulnerability Important 6.8 No No No
CVE-2021-34493 Windows Partition Management Driver Elevation of Privilege Vulnerability Important 6.7 No No No
CVE-2021-33745 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-34444 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-34499 Windows DNS Server Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-34507 Windows Remote Assistance Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-33755 Windows Hyper-V Denial of Service Vulnerability Important 6.3 No No No
CVE-2021-34500 Windows Kernel Memory Information Disclosure Vulnerability Important 6.3 No No No
CVE-2021-33765 Windows Installer Spoofing Vulnerability Important 6.2 No No No
CVE-2021-31961 Windows Install Service Elevation of Privilege Vulnerability Important 6.1 No No No
CVE-2021-33764 Windows Key Distribution Center Information Disclosure Vulnerability Important 5.9 No No No
CVE-2021-34466 Windows Hello Security Feature Bypass Vulnerability

Watch the Webcast: June Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: June Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”365332″ img_size=”full” css_animation=”fadeIn”]

Watch the June Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: June Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/560959523″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]