Microsoft October 2021 Patch Tuesday
This month we got patches for 81 vulnerabilities. Of these, 3 are critical, 3 were previously disclosed and 1 is being exploited according to Microsoft.
The exploited vulnerability (CVE-2021-40449) is an elevation of privilege affecting Win32k on virtually all supported Windows versions. According to the advisory, a local attacker may elevate privileges with no user interactions.
Among critical vulnerabilities, there are two Windows Hyper-V Remote Code Execution Vulnerability (CVE-2021-40461 and CVE-2021-38672) affecting multiple versions of Windows 10, 11 and Server. An attacker within the same physical or logical network with low privileges and no user interaction could exploit this vulnerability to execute code on the targeted system. The CVSS V3 for both vulnerabilities is 8.0. The third critical vulnerabilty is the Microsoft Word Remote Code Execution Vulnerability (CVE-2021-40486) with the CVSS V3 of 7.8.
Another vulnerability worth mentioning due to recent vulnerabilities involving the print spooler, albeit without much detail, is the Windows Print Spooler Spoofing Vulnerability (CVE-2021-36970). The CVSS V3 for this vulnerability is 8.8 and the exploitability assessment is 'Exploitation more likely'.
The highest CVSS v3 this month (9.0) was associated to the Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-26427). According to the advisory, the attack vector for this vulnerablity is 'adjacent', which means the attack can not be done accross the internet. The vulnerabilty affects Windows Exchange Server on versions 2013, 2016 and 2019.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
October 2021 Security Updates
| Description | |||||||
|---|---|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
| .NET Core and Visual Studio Information Disclosure Vulnerability | |||||||
| CVE-2021-41355 | No | No | Less Likely | Less Likely | Important | 5.7 | 5.0 |
| Active Directory Federation Server Spoofing Vulnerability | |||||||
| CVE-2021-41361 | No | No | Less Likely | Less Likely | Important | 5.4 | 4.7 |
| Active Directory Security Feature Bypass Vulnerability | |||||||
| CVE-2021-41337 | No | No | Less Likely | Less Likely | Important | 4.9 | 4.3 |
| Chromium: CVE-2021-37974 Use after free in Safe Browsing | |||||||
| CVE-2021-37974 | No | No | - | - | - | ||
| Chromium: CVE-2021-37975 Use after free in V8 | |||||||
| CVE-2021-37975 | No | No | - | - | - | ||
| Chromium: CVE-2021-37976 Information leak in core | |||||||
| CVE-2021-37976 | No | No | - | - | - | ||
| Chromium: CVE-2021-37977 Use after free in Garbage Collection | |||||||
| CVE-2021-37977 | No | No | - | - | - | ||
| Chromium: CVE-2021-37978 Heap buffer overflow in Blink | |||||||
| CVE-2021-37978 | No | No | - | - | - | ||
| Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC | |||||||
| CVE-2021-37979 | No | No | - | - | - | ||
| Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox | |||||||
| CVE-2021-37980 | No | No | - | - | - | ||
| Console Window Host Security Feature Bypass Vulnerability | |||||||
| CVE-2021-41346 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40470 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| Intune Management Extension Security Feature Bypass Vulnerability | |||||||
| CVE-2021-41363 | No | No | Less Likely | Less Likely | Important | 4.2 | 3.8 |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | |||||||
| CVE-2021-41339 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||||||
| CVE-2021-41354 | No | No | - | - | Important | 4.1 | 3.6 |
| Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||||||
| CVE-2021-41353 | No | No | - | - | Important | 5.4 | 4.7 |
| Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | |||||||
| CVE-2021-40457 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.9 |
| Microsoft Excel Information Disclosure Vulnerability | |||||||
| CVE-2021-40472 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Microsoft Excel Remote Code Execution Vulnerability | |||||||
| CVE-2021-40471 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40473 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40474 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40479 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40485 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Exchange Server Denial of Service Vulnerability | |||||||
| CVE-2021-34453 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
| CVE-2021-41348 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||||
| CVE-2021-26427 | No | No | Less Likely | Less Likely | Important | 9.0 | 7.8 |
| Microsoft Exchange Server Spoofing Vulnerability | |||||||
| CVE-2021-41350 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Microsoft Office Visio Remote Code Execution Vulnerability | |||||||
| CVE-2021-40480 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40481 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||||
| CVE-2021-40482 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
| CVE-2021-41344 | No | No | More Likely | More Likely | Important | 8.1 | 7.1 |
| CVE-2021-40487 | No | No | More Likely | More Likely | Important | 8.1 | 7.1 |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||||
| CVE-2021-40483 | No | No | Less Likely | Less Likely | Low | 7.6 | 6.6 |
| CVE-2021-40484 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability | |||||||
| CVE-2021-41330 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Microsoft Word Remote Code Execution Vulnerability | |||||||
| CVE-2021-40486 | No | No | Less Likely | Less Likely | Critical | 7.8 | 6.8 |
| OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference | |||||||
| CVE-2020-1971 | No | No | Less Likely | Less Likely | Important | ||
| OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing | |||||||
| CVE-2021-3449 | No | No | Less Likely | Less Likely | Important | ||
| OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT | |||||||
| CVE-2021-3450 | No | No | Unlikely | Unlikely | Important | ||
| Rich Text Edit Control Information Disclosure Vulnerability | |||||||
| CVE-2021-40454 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.1 |
| SCOM Information Disclosure Vulnerability | |||||||
| CVE-2021-41352 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Storage Spaces Controller Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40478 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40488 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-40489 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-26441 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| CVE-2021-41345 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Win32k Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40449 | No | Yes | Detected | Detected | Important | 7.8 | 7.2 |
| CVE-2021-40450 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| CVE-2021-41357 | No | No | More Likely | More Likely | Important | 7.8 | 7.2 |
| Windows AD FS Security Feature Bypass Vulnerability | |||||||
| CVE-2021-40456 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
| Windows AppContainer Elevation Of Privilege Vulnerability | |||||||
| CVE-2021-40476 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
| Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | |||||||
| CVE-2021-41338 | Yes | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
| Windows AppX Deployment Service Elevation of Privilege Vulnerability | |||||||
| CVE-2021-41347 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Bind Filter Driver Information Disclosure Vulnerability | |||||||
| CVE-2021-40468 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | |||||||
| CVE-2021-40475 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40443 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| CVE-2021-40466 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| CVE-2021-40467 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
| Windows DNS Server Remote Code Execution Vulnerability | |||||||
| CVE-2021-40469 | Yes | No | Less Likely | Less Likely | Important | 7.2 | 6.5 |
| Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||||
| CVE-2021-41334 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| Windows Event Tracing Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40477 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Fast FAT File System Driver Information Disclosure Vulnerability | |||||||
| CVE-2021-38662 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| CVE-2021-41343 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Graphics Component Remote Code Execution Vulnerability | |||||||
| CVE-2021-41340 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows HTTP.sys Elevation of Privilege Vulnerability | |||||||
| CVE-2021-26442 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||||
| CVE-2021-38672 | No | No | Less Likely | Less Likely | Critical | 8.0 | 7.0 |
| CVE-2021-40461 | No | No | Less Likely | Less Likely | Critical | 8.0 | 7.0 |
| Windows Installer Spoofing Vulnerability | |||||||
| CVE-2021-40455 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows Kernel Elevation of Privilege Vulnerability | |||||||
| CVE-2021-41335 | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
| Windows Kernel Information Disclosure Vulnerability | |||||||
| CVE-2021-41336 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||||
| CVE-2021-41342 | No | No | Less Likely | Less Likely | Important | 6.8 | 6.1 |
| Windows Media Audio Decoder Remote Code Execution Vulnerability | |||||||
| CVE-2021-41331 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | |||||||
| CVE-2021-40462 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows NAT Denial of Service Vulnerability | |||||||
| CVE-2021-40463 | No | No | Less Likely | Less Likely | Important | 7.7 | 6.7 |
| Windows Nearby Sharing Elevation of Privilege Vulnerability | |||||||
| CVE-2021-40464 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
| Windows Print Spooler Information Disclosure Vulnerability | |||||||
| CVE-2021-41332 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Windows Print Spooler Spoofing Vulnerability | |||||||
| CVE-2021-36970 | No | No | More Likely | More Likely | Important | 8.8 | 8.2 |
| Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | |||||||
| CVE-2021-40460 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
| Windows TCP/IP Denial of Service Vulnerability | |||||||
| CVE-2021-36953 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
| Windows Text Shaping Remote Code Execution Vulnerability | |||||||
| CVE-2021-40465 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
| Windows exFAT File System Information Disclosure Vulnerability | |||||||
| CVE-2021-38663 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Keywords:
1 comment(s)ISC Stormcast For Tuesday, October 12th, 2021 https://isc.sans.edu/podcastdetail.html?id=7710
×
![modal content]()
Diary Archives
Comments
www
Nov 17th 2022
4 months ago
EEW
Nov 17th 2022
4 months ago
qwq
Nov 17th 2022
4 months ago
mashood
Nov 17th 2022
4 months ago
isc.sans.edu
Nov 23rd 2022
3 months ago
isc.sans.edu
Nov 23rd 2022
3 months ago
isc.sans.edu
Dec 3rd 2022
3 months ago
isc.sans.edu
Dec 3rd 2022
3 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
2 months ago
isc.sans.edu
Dec 26th 2022
2 months ago