Microsoft Patch Tuesday: 9th November 2021
It’s that time again, Patch Tuesday is in full force! This latest release of Microsoft’s Patch Tuesday’s security updates comprises of 55 overall vulnerabilities categorised as; 6 critical and 49 important, with 4 publicly disclosed and 2 seen being exploited in the wild.
This month release covers security updates for 35 components including:
- Microsoft Edge (Chromium-based)
- Microsoft Exchange Server
- Microsoft Office
- Microsoft Office Excel
- Microsoft Windows
- Visual Studio
- Visual Studio Code
- Windows Active Directory
- Windows Cred SSProvider Protocol
- Windows Defender
- Windows RDP
- Windows Virtual Machine Bus
Microsoft exchange has been under attack numerous times this year. The vulnerability labelled as CVE-2021-42321 is a remote code execution vulnerability caused by improper validation cmdlet arguments. This would allow an attacker to run their own code and potentially take over or damage the server. To exploit this vulnerability an attacker would still have to be an authenticated user of the exchange server before it can be exploited.
Another remote code execution vulnerability has been patched. CVE-2021-38666 is an RCE vulnerability found in the remote desktop client which can be exploited when a victim machine connects to an attacker-controlled remote desktop server. This would allow the attacker to execute arbitrary code on the victim’s machine. The limitation of this vulnerability is that the victim needs to actively connect to the attacker-controlled remote desktop server so attackers might impersonate an IT employee via email, phone call or another method to persuade you to connect.
CVE-2021-26443 is a code execution vulnerability to do with Microsoft’s Virtual Machine Bus. The vulnerability could allow command execution on a guest VM on a host VM allowing for privilege escalation. This vulnerability is severe with a CVSS score is 9.0 out of 10 and labelled as critical by Microsoft.
Excel is yet again a vulnerable application on Microsoft’s Patch Tuesday dossier. The new CVE-2021-42292 vulnerability is described as a security feature bypass zero-day and has been exploited in the wild. Microsoft refused to give any further information about this vulnerability but specified that the exploitation can only occur by opening the document. This also affects Apple Mac devices, but patches are still ongoing.
Software patches are essential to keeping any device secure from potential threats. We highly recommend that you update these as soon as possible given the high-risk excel and VM vulnerabilities posing serious security concerns.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2021-Nov
Security update guide: https://msrc.microsoft.com/update-guide/
11th November 2021
Why not follow us on social media: