Microsoft December 2021 Patch Tuesday
Amidst the unfolding of the Log4Shell vulnerability, more updates have just arrived with Decembers' Microsoft Patch Tuesday. This month we got patches for 83 vulnerabilities. Of these, 7 are critical, 6 were previously disclosed and 1 is being exploited according to Microsoft.
The 0-day is a spoofing vulnerability on the Windows AppX installer (CVE-2021-43890). According to the advisory, Microsoft is aware of attempts to exploit this vulnerability by using specially crafted packages to implant malware families like Emotet, Trickbot, and Bazaloader. An attacker could use malicious attachments in phishing campaigns to exploit the vulnerability and convince the user to open it. Users of the tool are advised to upgrade to the fixed version using the links on the security advisory. The CVSS for the vulnerability is 7.1.
Amongst critical vulnerabilities, the iSNS Server memory corruption vulnerability can lead to remote code execution (CVE-2021-43215). According to the advisory, an attacker could send a specially crafted request to the Internet Storage Name Service (iSNS) server, which could result in remote code execution. The Internet Storage Name Service (iSNS) protocol is not installed by default and is used for interaction between iSNS servers and iSNS clients. The CVSS for this vulnerability is 9.8.
There is also a critical vulnerability affecting Microsoft Office app that can lead to RCE (CVE-2021-43905). According to the advisory, the attack vector is network, the attack complexity is low, and user interaction is required. The CVSS v3 for this vulnerability is 9.6.
In addition to the iSNS, another vulnerability has been associated with this month's highest CVSS - 9.8. It is an RCE on Visual Studio Code WSL Extension (CVE-2021-43907). According to the advisory, the attack vector is network, the attack complexity is low and no user interaction is required to exploit the vulnerability.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.
December 2021 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2021-43877 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Bot Framework SDK Remote Code Execution Vulnerability | |||||||
CVE-2021-43225 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.7 |
Chromium: CVE-2021-4052 Use after free in web apps | |||||||
CVE-2021-4052 | No | No | - | - | - | ||
Chromium: CVE-2021-4053 Use after free in UI | |||||||
CVE-2021-4053 | No | No | - | - | - | ||
Chromium: CVE-2021-4054 Incorrect security UI in autofill | |||||||
CVE-2021-4054 | No | No | - | - | - | ||
Chromium: CVE-2021-4055 Heap buffer overflow in extensions | |||||||
CVE-2021-4055 | No | No | - | - | - | ||
Chromium: CVE-2021-4056: Type Confusion in loader | |||||||
CVE-2021-4056 | No | No | - | - | - | ||
Chromium: CVE-2021-4057 Use after free in file API | |||||||
CVE-2021-4057 | No | No | - | - | - | ||
Chromium: CVE-2021-4058 Heap buffer overflow in ANGLE | |||||||
CVE-2021-4058 | No | No | - | - | - | ||
Chromium: CVE-2021-4059 Insufficient data validation in loader | |||||||
CVE-2021-4059 | No | No | - | - | - | ||
Chromium: CVE-2021-4061 Type Confusion in V8 | |||||||
CVE-2021-4061 | No | No | - | - | - | ||
Chromium: CVE-2021-4062 Heap buffer overflow in BFCache | |||||||
CVE-2021-4062 | No | No | - | - | - | ||
Chromium: CVE-2021-4063 Use after free in developer tools | |||||||
CVE-2021-4063 | No | No | - | - | - | ||
Chromium: CVE-2021-4064 Use after free in screen capture | |||||||
CVE-2021-4064 | No | No | - | - | - | ||
Chromium: CVE-2021-4065 Use after free in autofill | |||||||
CVE-2021-4065 | No | No | - | - | - | ||
Chromium: CVE-2021-4066 Integer underflow in ANGLE | |||||||
CVE-2021-4066 | No | No | - | - | - | ||
Chromium: CVE-2021-4067 Use after free in window manager | |||||||
CVE-2021-4067 | No | No | - | - | - | ||
Chromium: CVE-2021-4068 Insufficient validation of untrusted input in new tab page | |||||||
CVE-2021-4068 | No | No | - | - | - | ||
DirectX Graphics Kernel File Denial of Service Vulnerability | |||||||
CVE-2021-43219 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
HEVC Video Extensions Remote Code Execution Vulnerability | |||||||
CVE-2021-40452 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-40453 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-41360 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability | |||||||
CVE-2021-43899 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
Microsoft BizTalk ESB Toolkit Spoofing Vulnerability | |||||||
CVE-2021-43892 | No | No | - | - | Important | 7.4 | 6.7 |
Microsoft Defender for IOT Elevation of Privilege Vulnerability | |||||||
CVE-2021-42312 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Defender for IoT Information Disclosure Vulnerability | |||||||
CVE-2021-43888 | No | No | Less Likely | Less Likely | Important | 7.5 | 7.0 |
Microsoft Defender for IoT Remote Code Execution Vulnerability | |||||||
CVE-2021-42310 | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
CVE-2021-42311 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2021-42313 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2021-42314 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2021-42315 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2021-43882 | No | No | Less Likely | Less Likely | Important | 9.0 | 7.8 |
CVE-2021-43889 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.7 |
CVE-2021-41365 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2021-43256 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability | |||||||
CVE-2021-42293 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability | |||||||
CVE-2021-43216 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Microsoft Message Queuing Information Disclosure Vulnerability | |||||||
CVE-2021-43222 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2021-43236 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Microsoft Office Graphics Remote Code Execution Vulnerability | |||||||
CVE-2021-43875 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Office Trust Center Spoofing Vulnerability | |||||||
CVE-2021-43255 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Office app Remote Code Execution Vulnerability | |||||||
CVE-2021-43905 | No | No | More Likely | More Likely | Critical | 9.6 | 8.6 |
Microsoft PowerShell Spoofing Vulnerability | |||||||
CVE-2021-43896 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2021-42294 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2021-42309 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2021-42320 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
CVE-2021-43242 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
NTFS Set Short Name Elevation of Privilege Vulnerability | |||||||
CVE-2021-43240 | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Remote Desktop Client Remote Code Execution Vulnerability | |||||||
CVE-2021-43233 | No | No | More Likely | More Likely | Critical | 7.5 | 6.5 |
Storage Spaces Controller Information Disclosure Vulnerability | |||||||
CVE-2021-43227 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2021-43235 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
SymCrypt Denial of Service Vulnerability | |||||||
CVE-2021-43228 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
VP9 Video Extensions Information Disclosure Vulnerability | |||||||
CVE-2021-43243 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Visual Basic for Applications Information Disclosure Vulnerability | |||||||
CVE-2021-42295 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Visual Studio Code Remote Code Execution Vulnerability | |||||||
CVE-2021-43891 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Visual Studio Code Spoofing Vulnerability | |||||||
CVE-2021-43908 | No | No | Less Likely | Less Likely | Important | ||
Visual Studio Code WSL Extension Remote Code Execution Vulnerability | |||||||
CVE-2021-43907 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
Web Media Extensions Remote Code Execution Vulnerability | |||||||
CVE-2021-43214 | No | No | Less Likely | Unlikely | Important | 7.8 | 6.8 |
Windows AppX Installer Spoofing Vulnerability | |||||||
CVE-2021-43890 | Yes | Yes | Detected | Detected | Important | 7.1 | 6.2 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2021-43226 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
CVE-2021-43207 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Common Log File System Driver Information Disclosure Vulnerability | |||||||
CVE-2021-43224 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Digital Media Receiver Elevation of Privilege Vulnerability | |||||||
CVE-2021-43248 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Digital TV Tuner Elevation of Privilege Vulnerability | |||||||
CVE-2021-43245 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | |||||||
CVE-2021-43893 | Yes | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | |||||||
CVE-2021-43217 | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
Windows Event Tracing Remote Code Execution Vulnerability | |||||||
CVE-2021-43232 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Fax Service Remote Code Execution Vulnerability | |||||||
CVE-2021-43234 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2021-43246 | No | No | Less Likely | Less Likely | Important | 5.6 | 4.9 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2021-43883 | Yes | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2021-43244 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Media Center Elevation of Privilege Vulnerability | |||||||
CVE-2021-40441 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Mobile Device Management Elevation of Privilege Vulnerability | |||||||
CVE-2021-43880 | Yes | No | More Likely | More Likely | Important | 5.5 | 4.8 |
Windows NTFS Elevation of Privilege Vulnerability | |||||||
CVE-2021-43229 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-43230 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-43231 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
CVE-2021-41333 | Yes | No | More Likely | More Likely | Important | 7.8 | 7.2 |
Windows Recovery Environment Agent Elevation of Privilege Vulnerability | |||||||
CVE-2021-43239 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||||||
CVE-2021-43223 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Remote Access Elevation of Privilege Vulnerability | |||||||
CVE-2021-43238 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Setup Elevation of Privilege Vulnerability | |||||||
CVE-2021-43237 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows TCP/IP Driver Elevation of Privilege Vulnerability | |||||||
CVE-2021-43247 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | |||||||
CVE-2021-43215 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments