Skip to main content
Tag

Patch Tuesday

||

June Patch Tuesday 2021 Includes 50 Fixes and 6 Weaponized Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

June Patch Tuesday 2021 Includes 50 Fixes and 6 Weaponized Vulnerabilities

June Patch Tuesday 2021 has arrived with 50 vulnerabilities and 6 zero-days exploited. Tackle the latest Microsoft updates, critical patches, and vulnerabilities of the month.

[vc_empty_space]
[vc_single_image image=”38813″ img_size=”full”]

Microsoft Releases 50 Fixes Including 6 Weaponized Vulnerabilities

There are 5 Critical and 45 Important fixes this month for Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge (Chromium-based and EdgeHTML), SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML Platform, and Windows Remote Desktop.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, with one currently Weaponized.

  1. Windows 7 – 2 Critical and 12 Important vulnerabilities fixed
  2. Windows 2008 R2 – 1 Critical and 11 Important vulnerabilities fixed

Both Windows 7 and 2008 are vulnerable to CVE-2021-33742, Windows MSHTML Platform Remote Code Execution Vulnerability which is currently Weaponized. It carries a CVSS score of 7.5 and can be exploited over any network without privileges.

Robert Brown, Head of Customer Success for Syxsense said, “We are very concerned about CVE-2021-31948, CVE-2021-31950, CVE-2021-31964 which are all related to Microsoft SharePoint Server. These spoofing vulnerabilities carry a CVSS score of 7.6 but if exploited can be used to jump into another technology running on the system. These should be urgently resolved.”

Top June 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible. 

1. CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability

The vulnerability exists due to improper privilege management within the Microsoft DWM Core Library. A remote attacker can trick the victim to run a specially crafted executable or script and execute arbitrary code on the system.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.4
  • Weaponized: Yes
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-33742 MSHTML Platform Remote Code Execution Vulnerability

The vulnerability exists due to a boundary error when processing HTML content within Windows MSHTML Platform. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 7.5
  • Weaponized: Yes
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): No

3. CVE-2021-31977 Windows Hyper-V Denial of Service Vulnerability

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.  By sending a specially crafted message to the Hyper-V host virtualization stack, a guest VM could cause a reference count in the host virtualization stack to be leaked.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.6
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): Yes
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

Reference Description Vendor Severity CVSS Score Weaponised Publicly Aware Countermeasure Syxsense Recommended
CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important 8.4 Yes Yes No Yes
CVE-2021-31956 Windows NTFS Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-33742 Windows MSHTML Platform Remote Code Execution Vulnerability Critical 7.5 Yes Yes No Yes
CVE-2021-31955 Windows Kernel Information Disclosure Vulnerability Important 5.5 Yes No No Yes
CVE-2021-31199 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Important 5.2 Yes No No Yes
CVE-2021-31201 Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Important 5.2 Yes No No Yes
CVE-2021-31968 Windows Remote Desktop Services Denial of Service Vulnerability Important 7.5 No Yes No Yes
CVE-2021-31962 Kerberos App Container Security Feature Bypass Vulnerability Important 9.4 No No No Yes
CVE-2021-31977 Windows Hyper-V Denial of Service Vulnerability Important 8.6 No No No Yes
CVE-2021-33741 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.2 No No No Yes
CVE-2021-31980 Microsoft Intune Management Extension Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-31954 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2021-31948 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No Yes
CVE-2021-31950 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No Yes
CVE-2021-31964 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No No Yes
CVE-2021-31985 Microsoft Defender Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-31967 VP9 Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-31942 3D Viewer Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31943 3D Viewer Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31939 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31940 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31941 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31945 Paint 3D Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31946 Paint 3D Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31983 Paint 3D Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31969 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31953 Windows Filter Manager Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31973 Windows GPSVC Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31951 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31952 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-1675 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31974 Server for NFS Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-31975 Server for NFS Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-31976 Server for NFS Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-31958 Windows NTLM Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2021-31938 Microsoft Vs Code Kubernetes Tools Extension Elevation of Privilege Vulnerability Important 7.3 No No No
CVE-2021-31966 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.2 No No No
CVE-2021-31963 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical 7.1 No No No
CVE-2021-26420 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.1 No No No
CVE-2021-31971 Windows HTML Platform Security Feature Bypass Vulnerability Important 6.8 No No No
CVE-2021-31949 Microsoft Outlook Remote Code Execution Vulnerability Important 6.7 No No No
CVE-2021-31959 Scripting Engine Memory Corruption Vulnerability Critical 6.4 No No No
CVE-2021-31957 .NET Core and Visual Studio Denial of Service Vulnerability Important 5.9 No No No
CVE-2021-31965 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-31972 Event Tracing for Windows Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31978 Microsoft Defender Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-31960 Windows Bind Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31970 Windows TCP/IP Driver Security Feature Bypass Vulnerability Important 5.5 No No No
CVE-2021-31944 3D Viewer Information Disclosure Vulnerability Important 5 No No No
CVE-2021-26414 Windows DCOM Server Security Feature Bypass Important 4.8 No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Watch the Webcast: May Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: May Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”365011″ img_size=”full” css_animation=”fadeIn”]

Watch the May Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: May Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/548531725″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

May Patch Tuesday 2021 Fixes 55 Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

May Patch Tuesday 2021 Fixes 55 Vulnerabilities

May Patch Tuesday 2021 has arrived. Tackle the latest Microsoft updates, critical patches, and vulnerabilities of the month.

[vc_empty_space]
[vc_single_image image=”365130″ img_size=”full”]

Patch Tuesday Addresses 55 New Flaws, Including Public Aware Threats

There are 2 Critical, 50 Important and 1 Moderate fixes this month for Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype for Business and Microsoft Lync, and Exchange Server.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month, a shadow of what was released last month.

  1. Windows 7 – 1 Critical and 10 Important vulnerabilities fixed
  2. Windows 2008 R2 – 1 Critical and 9 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “May sees almost half the updates fixed over April. This is great news as deployment payload could be as low as 1GB per device (or less). Adobe released just 10 fixes less than Microsoft this month, so this is the month to ensure you are prioritizing both Microsoft and Adobe to protect your devices. This month also sees the last supported patches for Feature Update 1809.”

Top May 2021 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.

1. CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in HTTP Protocol Stack. A remote attacker can execute arbitrary code on the target system. Microsoft recommends prioritizing this patch because it could become wormable.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-28476: Hyper-V Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in the Hyper-V on most Microsoft operating systems. A remote authenticated attacker can execute arbitrary code on the target system. This is particularly dangerous as an exploit may compromise the entire system, and with a Scope (Jump Point) of yes, it is possible to jump from Hyper-V to another technology on the system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.9
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

3. CVE-2021-31204: .NET Core and Visual Studio Elevation of Privilege Vulnerability

With many staff around the world still working from home, it is likely they have a Visual Studio system on their home system. The vulnerability exists due to application does not properly impose security restrictions in .NET and Visual Studio, which leads to security restrictions bypass and privilege escalation.

Although this vulnerability requires local access and user interaction, a user can become a victim if they access a specially designed website which tricks the end user into clicking the link.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.3
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: Required
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

Reference Description Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2021-31204 .NET Core and Visual Studio Elevation of Privilege Vulnerability Important 7.3 Yes No No Yes
CVE-2021-31200 Common Utilities Remote Code Execution Vulnerability Important 7.2 Yes No No Yes
CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability Moderate 6.6 Yes No No Yes
CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability Critical 9.9 No No No Yes
CVE-2021-31166 HTTP Protocol Stack Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-31194 OLE Automation Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-26419 Scripting Engine Memory Corruption Vulnerability Critical 6.4 No No No Yes
CVE-2021-28455 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-31181 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28474 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-27068 Visual Studio Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-31198 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31180 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31175 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31176 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31177 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31179 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31214 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31211 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31213 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28465 Web Media Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31190 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31165 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31167 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31168 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31169 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31208 Windows Container Manager Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31170 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31188 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31192 Windows Media Foundation Core Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-31193 Windows SSDP Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-31187 Windows WalletService Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28478 Microsoft SharePoint Spoofing Vulnerability Important 7.6 No No No
CVE-2021-31936 Microsoft Accessibility Insights for Web Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-31186 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Important 7.4 No No No
CVE-2021-26422 Skype for Business and Lync Remote Code Execution Vulnerability Important 7.2 No No No
CVE-2021-31182 Microsoft Bluetooth Driver Spoofing Vulnerability Important 7.1 No No No
CVE-2021-31172 Microsoft SharePoint Spoofing Vulnerability Important 7.1 No No No
CVE-2021-31195 Microsoft Exchange Server Remote Code Execution Vulnerability Important 6.5 No No No
CVE-2021-31209 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-26421 Skype for Business and Lync Spoofing Vulnerability Important 6.5 No No No
CVE-2020-24587 Windows Wireless Networking Information Disclosure Vulnerability Important 6.5 No No No
CVE-2020-24588 Windows Wireless Networking Spoofing Vulnerability Important 6.5 No No No
CVE-2020-26144 Windows Wireless Networking Spoofing Vulnerability Important 6.5 No No No
CVE-2021-28461 Dynamics Finance and Operations Cross-site Scripting Vulnerability Important 6.1 No No No
CVE-2021-31174 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31178 Microsoft Office Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31184 Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-28479 Windows CSC Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31185 Windows Desktop Bridge Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-31191 Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-31173 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-26418 Microsoft SharePoint Spoofing Vulnerability Important 4.6 No No No
CVE-2021-31205 Windows SMB Client Security Feature Bypass Vulnerability Important 4.3 No No No
CVE-2021-31171 Microsoft SharePoint Information Disclosure Vulnerability Important 4.1 No No No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Watch the Webcast: April Patch Tuesday 2021

By Patch Tuesday, VideoNo Comments

Watch the Webcast: April Patch Tuesday 2021

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”364902″ img_size=”full” css_animation=”fadeIn”]

Watch the April Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: April Patch Tuesday 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/536919591″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

April Patch Tuesday 2021 Addresses Over 100 Security Fixes

By Patch Management, Patch TuesdayNo Comments

April Patch Tuesday 2021 Addresses Over 100 Security Fixes

April Patch Tuesday 2021 has arrived. Tackle the latest Microsoft updates, critical patches, and vulnerabilities of the month.

[vc_empty_space]
[vc_single_image image=”364913″ img_size=”full”]

Microsoft Fixes New Bugs this Month, Including Public Aware & Weaponized Threats

There are 19 Critical, 88 Important and 1 Moderate — fixes this month are for Microsoft Windows, Edge, Azure and Azure DevOps Server, Microsoft Office, SharePoint Server, Hyper-V, Team Foundation Server, Visual Studio, and Exchange Server.

Year 2 Extended Support: Windows 7 and Windows Server 2008 (including R2) have received substantial updates this month surpassing all records since Windows 7 and 2008 ending their mainstream support.

  1. Windows 7 – 14 Critical and 36 Important vulnerabilities fixed
  2. Windows 2008 R2 – 14 Critical and 33 Important vulnerabilities fixed

Robert Brown, Head of Customer Success for Syxsense said, “We have the largest Patch Tuesday release of the year and there are many very serious issues being addressed. We understand a lot of our customers will be concerned because of the reported Blue Screen / Stop Screens caused by the March Patch Tuesday, but we implore our customers to plan the remediation of these latest threats. Your patching strategy should include testing to provide the confidence of side wide remediation.”

Top April Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.

1. CVE-2021-28310 Win32k Elevation of Privilege Vulnerability

The vulnerability exists due to a boundary error within win32k.sys driver in Microsoft Windows. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with elevated privileges.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-28480 Microsoft Exchange Server Remote Code Execution

The vulnerability exists due to improper input validation in the Microsoft Exchange Server. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

3. CVE-2021-27091 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

The vulnerability exists due to application does not properly impose security restrictions in the RPC Endpoint Mapper Service, which leads to security restrictions bypass and privilege escalation.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No 

Syxscore Risk Alert

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

CVE Title Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2021-28310 Win32k Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-28458 Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-27091 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-28437 Windows Installer Information Disclosure Vulnerability Important 5.5 Yes No No Yes
CVE-2021-28312 Windows NTFS Denial of Service Vulnerability Moderate 3.3 Yes No No Yes
CVE-2021-28480 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-28481 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-28483 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9 No No No Yes
CVE-2021-28482 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28329 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28330 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28331 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28332 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28333 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28334 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28335 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28336 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28337 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28338 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28339 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28343 Remote Procedure Call Runtime Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-28327 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28340 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28341 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28342 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28344 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28345 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28346 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28352 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28353 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28354 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28355 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28356 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28357 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28358 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28434 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-28460 Azure Sphere Unsigned Code Execution Vulnerability Critical 8.1 No No No Yes
CVE-2021-28445 Windows Network File System Remote Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2021-27095 Windows Media Video Decoder Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-28315 Windows Media Video Decoder Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-28313 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28321 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28322 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28451 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28454 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27089 Microsoft Internet Messaging API Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28449 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28453 Microsoft Word Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27096 NTFS Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28466 Raw Image Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28468 Raw Image Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28471 Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28470 Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28448 Visual Studio Code Kubernetes Tools Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28472 Visual Studio Code Maven for Java Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28457 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28469 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28473 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28475 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27064 Visual Studio Installer Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28464 VP9 Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27088 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28348 Windows GDI+ Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28349 Windows GDI+ Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28350 Windows GDI+ Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-28314 Windows Hyper-V Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26415 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28320 Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-27090 Windows Secure Kernel Mode Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-27086 Windows Services and Controller App Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28347 Windows Speech Runtime Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28351 Windows Speech Runtime Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-28436 Windows Speech Runtime Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26416 Windows Hyper-V Denial of Service Vulnerability Important 7.7 No No No
CVE-2021-28324 Windows SMB Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-28319 Windows TCP/IP Driver Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-28439 Windows TCP/IP Driver Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-28452 Microsoft Outlook Memory Corruption Vulnerability Important 7.1 No No No
CVE-2021-28446 Windows Port mapping Information Disclosure Vulnerability Important 7.1 No No No
CVE-2021-28477 Visual Studio Code Remote Code Execution Vulnerability Important 7 No No No
CVE-2021-27072 Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-28440 Windows Installer Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-27067 Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-28311 Windows Application Compatibility Cache Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-28323 Windows DNS Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-28328 Windows DNS Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-28441 Windows Hyper-V Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-28325 Windows SMB Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-28442 Windows TCP/IP Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-26413 Windows Installer Spoofing Vulnerability Important 6.2 No No No
CVE-2021-28459 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Important 6.1 No No No
CVE-2021-28444 Windows Hyper-V Security Feature Bypass Vulnerability Important 5.7 No No No
CVE-2021-27079 Windows Media Photo Codec Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-28456 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-28317 Microsoft Windows Codecs Library Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-28326 Windows AppX Deployment Server Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-28438 Windows Console Driver Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-28443 Windows Console Driver Denial of Service Vulnerability Important 5.5 No No No
|

Watch the Webcast: March Patch Tuesday

By Patch Tuesday, VideoNo Comments

Watch the Webcast: March Patch Tuesday

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”364735″ img_size=”full”]

Watch the March Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: March Patch Tuesday

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/522021894″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364785|url^https://www.syxsense.com/wp-content/uploads/2021/03/Patch-Tuesday-Webcast-Thumbnail.jpg|caption^null|alt^null|title^Patch Tuesday Webcast Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

March Patch Tuesday 2021 Addresses 89 Security Fixes

By Patch Management, Patch TuesdayNo Comments

March Patch Tuesday 2021 Addresses 89 Security Fixes

March Patch Tuesday 2021 has officially arrived — tackle the latest Microsoft updates and vulnerabilities for this month.

[vc_empty_space]
[vc_single_image image=”364761″ img_size=”full”]

Microsoft Fixes 89 Bugs this Month, Including Critical IE Fix

There are 14 critical and 75 important fixes this month. This includes updates for Windows, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, Visual Studio, and Windows Hyper-V.

Year 2 Extended Support – Windows 7 and Windows Server 2008 (including R2) also received updates:

  • Windows 7 – 5 Important vulnerabilities fixed, with the most important one fixing an issue with pending print jobs which remain in an error state.
  • Windows 2008 R2 – 1 Critical and 8 Important vulnerabilities fixed, with the worst impacting DNS as per our recommendation below.

“Today is the last scheduled release of patches for legacy Windows Edge, and going forward this will become an obsolete browser,” said Robert Brown, Head of Customer Success for Syxsense. “ You must upgrade to the newest Microsoft Edge browser which uses the new Chromium engine, similar to Mozilla and Google Chrome.”

For next month, the only updates for Microsoft Edge will be for the Chromium version. We have also seen a very serious weaponized issue fixed with Internet Explorer which has not been patched for almost four months.

Top March Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend entering the CVE numbers below into your patch management solution and deploying as soon as possible.

1. CVE-2021-26411: Internet Explorer Memory Corruption Vulnerability

An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and convince a user to view the website. Additionally, the attacker could also take advantage of compromised websites, or ones that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability.

However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.8
  • Weaponised: Yes
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): Yes

2. CVE-2021-26867: Hyper-V Remote Code Execution Vulnerability

Microsoft Windows Hyper-V could allow a remote authenticated attacker to execute arbitrary code on the system. By executing a specially-crafted program on a Hyper-V guest, an attacker could exploit this vulnerability to execute arbitrary code on the host operating system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.9
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: Hyper-V client which is configured to use the Plan 9 file system, under Linux.

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

3. CVE-2021-26897: Windows DNS Server Remote Code Execution Vulnerability

The vulnerability exists due to improper input validation in the Windows DNS Server. A remote attacker can send a specially-crafted request and execute arbitrary code on the target system which if success may result in complete compromise of vulnerable system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: Some – DNS server would need to have dynamic updates enabled.

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the vendor severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are publicly aware or weaponized.

 

CVE Title Vendor Severity CVSS Score Publicly Aware Weaponised Countermeasure Syxsense Recommended
CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.1 No Yes No Yes
CVE-2021-26411 Internet Explorer Memory Corruption Vulnerability Critical 8.8 Yes Yes No Yes
CVE-2021-26857 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 7.8 No Yes No Yes
CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 7.8 No Yes No Yes
CVE-2021-26858 Microsoft Exchange Server Remote Code Execution Vulnerability Important 7.8 No Yes No Yes
CVE-2021-26867 Windows Hyper-V Remote Code Execution Vulnerability Critical 9.9 No No Yes Yes
CVE-2021-26897 Windows DNS Server Remote Code Execution Vulnerability Critical 9.8 No No Yes Yes
CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability Important 9.8 No No No Yes
CVE-2021-26893 Windows DNS Server Remote Code Execution Vulnerability Important 9.8 No No No Yes
CVE-2021-26894 Windows DNS Server Remote Code Execution Vulnerability Important 9.8 No No No Yes
CVE-2021-26895 Windows DNS Server Remote Code Execution Vulnerability Important 9.8 No No No Yes
CVE-2021-27080 Azure Sphere Unsigned Code Execution Vulnerability Critical 9.3 No No No Yes
CVE-2021-26412 Microsoft Exchange Server Remote Code Execution Vulnerability Critical 9.1 No No No Yes
CVE-2021-27078 Microsoft Exchange Server Remote Code Execution Vulnerability Important 9.1 No No No Yes
CVE-2021-21300 Git for Visual Studio Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-26876 OpenType Font Parsing Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-27085 Internet Explorer Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-27076 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2021-26865 Windows Container Execution Agent Elevation of Privilege Vulnerability Important 8.8 No No No Yes
CVE-2021-26864 Windows Virtual Registry Provider Elevation of Privilege Vulnerability Important 8.4 No No No Yes
CVE-2021-27077 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 Yes No No Yes
CVE-2021-24089 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-26902 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-27061 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2021-27074 Azure Sphere Unsigned Code Execution Vulnerability Critical 6.2 No No No Yes
CVE-2021-26890 Application Virtualization Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24110 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27047 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27048 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27049 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27050 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27051 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27062 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27053 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27054 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27058 Microsoft Office ClickToRun Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24108 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27057 Microsoft Office Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27056 Microsoft PowerPoint Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26887 Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-27082 Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26882 Remote Access API Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-27083 Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26880 Storage Spaces Controller Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-27081 Visual Studio Code ESLint Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-27060 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26860 Windows App-V Overlay Filter Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26891 Windows Container Execution Agent Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24090 Windows Error Reporting Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26872 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26898 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26901 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26868 Windows Graphics Component Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26861 Windows Graphics Component Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26874 Windows Overlay Filter Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-1640 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26878 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26870 Windows Projected File System Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26899 Windows UPnP Device Host Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26871 Windows Wallet Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26885 Windows Wallet Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26875 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26900 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-26859 Microsoft Power BI Information Disclosure Vulnerability Important 7.7 No No No
CVE-2021-27059 Microsoft Office Remote Code Execution Vulnerability Important 7.6 No No No
CVE-2021-26881 Microsoft Windows Media Foundation Remote Code Execution Vulnerability Important 7.5 No No No
CVE-2021-26896 Windows DNS Server Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-27063 Windows DNS Server Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-26879 Windows NAT Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-27070 Windows 10 Update Assistant Elevation of Privilege Vulnerability Important 7.3 No No No
CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2021-26889 Windows Update Stack Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2021-1729 Windows Update Stack Setup Elevation of Privilege Vulnerability Important 7.1 No No No
CVE-2021-24095 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-27055 Microsoft Visio Security Feature Bypass Vulnerability Important 7 No No No
CVE-2021-26873 Windows User Profile Service Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-26863 Windows Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-27075 Azure Virtual Machine Information Disclosure Vulnerability Important 6.8 No No No
CVE-2021-26854 Microsoft Exchange Server Remote Code Execution Vulnerability Important 6.6 No No No
CVE-2021-26862 Windows Installer Elevation of Privilege Vulnerability Important 6.3 No No No
CVE-2021-26892 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability Important 6.2 No No No
CVE-2021-26886 User Profile Service Denial of Service Vulnerability Important 5.5 No No No
CVE-2021-26869 Windows ActiveX Installer Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-24107 Windows Event Tracing Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-26884 Windows Media Photo Codec Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-27052 Microsoft SharePoint Server Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-24104 Microsoft SharePoint Spoofing Vulnerability Important 4.6 No No No
CVE-2021-27066 Windows Admin Center Security Feature Bypass Vulnerability Important 4.3 No No No
CVE-2021-27084 Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability Important NA No No No

 

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Watch the Webcast: February Patch Tuesday

By News, Patch TuesdayNo Comments

Watch the Webcast: February Patch Tuesday

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's February Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”364572″ img_size=”full”]

Watch the February Patch Tuesday 2021 Webcast

Watch our webcast to hear industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: February Patch Tuesday

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/510806175″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^364619|url^https://www.syxsense.com/wp-content/uploads/2021/02/Feb-Patch-Tuesday-Video-Thumbnail-Full.jpg|caption^null|alt^null|title^Feb Patch Tuesday Video Thumbnail Full|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
February Patch Tuesday 2021

February Patch Tuesday 2021 Fixes 56 Vulnerabilities

By Patch Management, Patch TuesdayNo Comments

February Patch Tuesday 2021 Fixes 56 Flaws and Windows Zero-Day

The second Patch Tuesday of 2021 has arrived — tackle the latest Microsoft updates and vulnerabilities for the month of February.

[vc_empty_space]
[vc_single_image image=”364589″ img_size=”full”]

Microsoft February 2021 Patch Tuesday Resolves 56 Vulnerabilities

Microsoft fixed 56 bugs this month — the first time this number has dropped under 60 in over a year.

There are 11 Critical, 43 Important, and 2 Moderate patches. Fixes this month are for:

  • .NET Framework
  • Azure IoT
  • Azure Kubernetes Service
  • Microsoft Edge for Android
  • Exchange Server
  • Office and Office Services and Web Apps
  • Skype for Business and Lync
  • Windows Defender

Second Year of Extended Support Starts

Windows 7 and Windows Server 2008 (including R2) have 2 Critical and 3 Important vulnerabilities fixed.

Robert Brown, Head of Customer Success for Syxsense said, “With a release of 59 fixes, a total of 10 of these are either Weaponized, Public Aware, or have an extremely high CVSS score rating, which some experts, including our own, would rank as Zero Day status. Never have we seen Microsoft release almost 20% of their fixes to tackle such high-severity vulnerabilities. If you expected an easy Patch Tuesday, think again — these must be deployed urgently.”

Top February Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend our customers enter the CVE numbers below into your patch management solution and deploy as soon as possible.

1. CVE-2021-1732: Windows Win32k Elevation of Privilege Vulnerability

The bug was exploited after attackers gained access to a Windows system in order to obtain SYSTEM-level access. This vulnerability has already been Weaponized and is being recommended as a high priority deployment by CISA Cybersecurity & Infrastructure Security Agency.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponized: Yes
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

2. CVE-2021-26701: Multiple Vulnerabilities in Microsoft .NET Core and Visual Studio

The vulnerability exists due to insufficient validation of user-supplied input in .NET Core. A remote attacker can pass specially-crafted input to the application and execute arbitrary code on the target system.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 8.1
  • Weaponized: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No

3. CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability

This patch fixes a bug in the Windows DNS Server that could allow remote code execution on affected systems. This is also potentially wormable, although only between DNS servers. The vulnerability exists due to insufficient validation of user-supplied input in Windows DNS Server.

Syxscore

  • Vendor Severity: Critical
  • CVSS: 9.8
  • Weaponized: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk Alert

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: None
  • User Interaction: None
  • Scope (Jump Point): No
[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense/”]

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

CVE Reference Description Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponized Syxsense Recommended
CVE-2021-1732 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes Yes
CVE-2021-26701 .NET Core and Visual Studio Remote Code Execution Vulnerability Critical 8.1 No Yes No Yes
CVE-2021-1733 Sysinternals PsExec Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-1727 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No Yes No Yes
CVE-2021-1721 .NET Core and Visual Studio Denial of Service Vulnerability Important 6.5 No Yes No Yes
CVE-2021-24098 Windows Console Driver Denial of Service Vulnerability Important 5.5 No Yes No Yes
CVE-2021-24106 Windows DirectX Information Disclosure Vulnerability Important 5.5 No Yes No Yes
CVE-2021-24078 Windows DNS Server Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-24077 Windows Fax Service Remote Code Execution Vulnerability Critical 9.8 Yes No No Yes
CVE-2021-24074 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 Yes No No Yes
CVE-2021-24094 Windows TCP/IP Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2021-24093 Windows Graphics Component Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-24088 Windows Local Spooler Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2021-24066 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 No No No
CVE-2021-24072 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No No
CVE-2021-1728 System Center Operations Manager Elevation of Privilege Vulnerability Important 8.8 No No No
CVE-2021-24105 Package Managers Configurations Remote Code Execution Vulnerability Important 8.4 No No No
CVE-2021-24112 .NET Core for Linux Remote Code Execution Vulnerability Critical 8.1 No No No
CVE-2021-1722 Windows Fax Service Remote Code Execution Vulnerability Critical 8.1 Yes No No
CVE-2021-1726 Microsoft SharePoint Spoofing Vulnerability Important 8 No No No
CVE-2021-24081 Microsoft Windows Codecs Library Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-24091 Windows Camera Codec Pack Remote Code Execution Vulnerability Critical 7.8 No No No
CVE-2021-24092 Microsoft Defender Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24067 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24068 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24069 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24070 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24083 Windows Address Book Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2021-24102 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24103 Windows Event Tracing Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24096 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-25195 Windows PKU2U Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-1698 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2021-24111 .NET Framework Denial of Service Vulnerability Important 7.5 No No No
CVE-2021-1734 Windows Remote Procedure Call Information Disclosure Vulnerability Important 7.5 No No No
CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability Important 7.5 Yes No No
CVE-2021-24087 Azure IoT CLI extension Elevation of Privilege Vulnerability Important 7 No No No
CVE-2021-1639 Visual Studio Code Remote Code Execution Vulnerability Important 7 No No No
CVE-2021-24075 Windows Network File System Denial of Service Vulnerability Important 6.8 No No No
CVE-2021-24109 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Moderate 6.8 No No No
CVE-2021-24101 Microsoft Dataverse Information Disclosure Vulnerability Important 6.5 No No No
CVE-2021-24085 Microsoft Exchange Server Spoofing Vulnerability Important 6.5 No No No
CVE-2021-24099 Skype for Business and Lync Denial of Service Vulnerability Important 6.5 No No No
CVE-2021-24073 Skype for Business and Lync Spoofing Vulnerability Important 6.5 No No No
CVE-2021-24080 Windows Trust Verification API Denial of Service Vulnerability Moderate 6.5 No No No
CVE-2021-1724 Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Important 6.1 No No No
CVE-2021-24114 Microsoft Teams iOS Information Disclosure Vulnerability Important 5.7 No No No
CVE-2021-24076 Microsoft Windows VMSwitch Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability Important 5.5 No No No
CVE-2021-24079 Windows Backup Engine Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-24084 Windows Mobile Device Management Information Disclosure Vulnerability Important 5.5 No No No
CVE-2021-1730 Microsoft Exchange Server Spoofing Vulnerability Important 5.4 No No No
CVE-2021-24071 Microsoft SharePoint Information Disclosure Vulnerability Important 5.3 No No No
CVE-2021-24100 Microsoft Edge for Android Information Disclosure Vulnerability Important 5 No No No
CVE-2021-24082 Microsoft PowerShell Utility Module WDAC Security Feature Bypass Vulnerability
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
|||

Watch the Webcast: January Patch Tuesday

By News, Patch Tuesday, VideoNo Comments

Watch the Webcast: January Patch Tuesday

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's January Patch Tuesday updates.

[vc_empty_space]
[vc_single_image image=”335780″ img_size=”full”]

Watch the January Patch Tuesday 2021 Webcast

New year, new Patch Tuesday — start 2021 ahead of the latest threats and vulnerabilities.

Industry experts discuss each of this month’s bulletins and show you strategies for tackling the most important updates.

Our team of IT management experts has deployed over 100 million patches. Sign up for our free webinar to receive the top patch strategies of the month.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: January Patch Tuesday

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/500164429″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^335781|url^https://www.syxsense.com/wp-content/uploads/2021/01/January-Patch-Tuesday-Webcast-Video-Thumbnail.jpg|caption^null|alt^null|title^January Patch Tuesday Webcast Video Thumbnail|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]