Microsoft September 2021 Patch Tuesday
This month we got patches for 86 vulnerabilities. Of these, 3 are critical, 1 vulnerability (MSHTML Vulnerability) was previously disclosed and is being according to Microsoft.
As expected, Microsoft released the patch for the zero-day (CVE-2021-40444) affecting MSHTML that could allow an attacker to execute remote code on an affected system. According to the advisory, an attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. The CVSS for this vulnerability is 8.80 (out of 10).
Also of note is a critical vulnerability in Microsoft Open Management Infrastructure (CVE-2021-38647). This open-source project lead by Microsoft implements web-based enterprise management standards and the vulnerability may be used for remote code execution. The CVSS for this vulnerability is 9.80.
Finally, a remote code execution affecting Windows WLAN AutoConfig Service was fixed (CVE-2021-36965). According to the advisory, this vulnerability affects virtually all supported Windows versions, may be exploited by an attacker on an adjacent network, requires no privilege and no user interaction. The CVSS for this vulnerability is 8.80.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
September 2021 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Azure Sphere Information Disclosure Vulnerability | |||||||
CVE-2021-36956 | No | No | Less Likely | Less Likely | Important | 4.4 | 4.0 |
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2021-38632 | No | No | Less Likely | Less Likely | Important | 5.7 | 5.0 |
Chromium: CVE-2021-30606 Use after free in Blink | |||||||
CVE-2021-30606 | No | No | - | - | - | ||
Chromium: CVE-2021-30607 Use after free in Permissions | |||||||
CVE-2021-30607 | No | No | - | - | - | ||
Chromium: CVE-2021-30608 Use after free in Web Share | |||||||
CVE-2021-30608 | No | No | - | - | - | ||
Chromium: CVE-2021-30609 Use after free in Sign-In | |||||||
CVE-2021-30609 | No | No | - | - | - | ||
Chromium: CVE-2021-30610 Use after free in Extensions API | |||||||
CVE-2021-30610 | No | No | - | - | - | ||
Chromium: CVE-2021-30611 Use after free in WebRTC | |||||||
CVE-2021-30611 | No | No | - | - | - | ||
Chromium: CVE-2021-30612 Use after free in WebRTC | |||||||
CVE-2021-30612 | No | No | - | - | - | ||
Chromium: CVE-2021-30613 Use after free in Base internals | |||||||
CVE-2021-30613 | No | No | - | - | - | ||
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip | |||||||
CVE-2021-30614 | No | No | - | - | - | ||
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | |||||||
CVE-2021-30615 | No | No | - | - | - | ||
Chromium: CVE-2021-30616 Use after free in Media | |||||||
CVE-2021-30616 | No | No | - | - | - | ||
Chromium: CVE-2021-30617 Policy bypass in Blink | |||||||
CVE-2021-30617 | No | No | - | - | - | ||
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | |||||||
CVE-2021-30618 | No | No | - | - | - | ||
Chromium: CVE-2021-30619 UI Spoofing in Autofill | |||||||
CVE-2021-30619 | No | No | - | - | - | ||
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink | |||||||
CVE-2021-30620 | No | No | - | - | - | ||
Chromium: CVE-2021-30621 UI Spoofing in Autofill | |||||||
CVE-2021-30621 | No | No | - | - | - | ||
Chromium: CVE-2021-30622 Use after free in WebApp Installs | |||||||
CVE-2021-30622 | No | No | - | - | - | ||
Chromium: CVE-2021-30623 Use after free in Bookmarks | |||||||
CVE-2021-30623 | No | No | - | - | - | ||
Chromium: CVE-2021-30624 Use after free in Autofill | |||||||
CVE-2021-30624 | No | No | - | - | - | ||
Chromium: CVE-2021-30632 Out of bounds write in V8 | |||||||
CVE-2021-30632 | No | No | - | - | - | ||
HEVC Video Extensions Remote Code Execution Vulnerability | |||||||
CVE-2021-38661 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Accessibility Insights for Android Information Disclosure Vulnerability | |||||||
CVE-2021-40448 | No | No | Less Likely | Less Likely | Important | 6.3 | 5.5 |
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | |||||||
CVE-2021-40440 | No | No | Less Likely | Less Likely | Important | 5.4 | 4.9 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||||
CVE-2021-26436 | No | No | Less Likely | Less Likely | Important | 6.1 | 5.3 |
CVE-2021-36930 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
Microsoft Edge (Chromium-based) Tampering Vulnerability | |||||||
CVE-2021-38669 | No | No | Less Likely | Less Likely | Important | 6.4 | 5.6 |
Microsoft Edge for Android Information Disclosure Vulnerability | |||||||
CVE-2021-26439 | No | No | - | - | Moderate | 4.6 | 4.0 |
Microsoft Edge for Android Spoofing Vulnerability | |||||||
CVE-2021-38641 | No | No | Less Likely | Less Likely | Important | 6.1 | 5.3 |
Microsoft Edge for iOS Spoofing Vulnerability | |||||||
CVE-2021-38642 | No | No | Less Likely | Less Likely | Important | 6.1 | 5.3 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2021-38655 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability | |||||||
CVE-2021-38644 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft MSHTML Remote Code Execution Vulnerability | |||||||
CVE-2021-40444 | Yes | Yes | Detected | Detected | Important | 8.8 | 7.9 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||||
CVE-2021-38646 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Office Graphics Component Information Disclosure Vulnerability | |||||||
CVE-2021-38657 | No | No | Less Likely | Less Likely | Important | 6.1 | 5.3 |
Microsoft Office Graphics Remote Code Execution Vulnerability | |||||||
CVE-2021-38658 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38660 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2021-38659 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Office Spoofing Vulnerability | |||||||
CVE-2021-38650 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
Microsoft Office Visio Remote Code Execution Vulnerability | |||||||
CVE-2021-38653 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38654 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2021-38651 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
CVE-2021-38652 | No | No | Less Likely | Less Likely | Important | 7.6 | 6.6 |
Microsoft Windows Update Client Elevation of Privilege Vulnerability | |||||||
CVE-2021-38634 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
Microsoft Word Remote Code Execution Vulnerability | |||||||
CVE-2021-38656 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Open Management Infrastructure Elevation of Privilege Vulnerability | |||||||
CVE-2021-38645 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38648 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38649 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Open Management Infrastructure Remote Code Execution Vulnerability | |||||||
CVE-2021-38647 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.5 |
Visual Studio Code Spoofing Vulnerability | |||||||
CVE-2021-26437 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2021-26434 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Visual Studio Remote Code Execution Vulnerability | |||||||
CVE-2021-36952 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2021-36975 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
CVE-2021-38639 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||||
CVE-2021-38628 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38638 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | |||||||
CVE-2021-38629 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Authenticode Spoofing Vulnerability | |||||||
CVE-2021-36959 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Bind Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2021-36954 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2021-36955 | No | No | More Likely | More Likely | Important | 7.8 | 7.2 |
CVE-2021-36963 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
CVE-2021-38633 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows DNS Elevation of Privilege Vulnerability | |||||||
CVE-2021-36968 | Yes | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Event Tracing Elevation of Privilege Vulnerability | |||||||
CVE-2021-36964 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38630 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Installer Denial of Service Vulnerability | |||||||
CVE-2021-36961 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Installer Information Disclosure Vulnerability | |||||||
CVE-2021-36962 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2021-38625 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2021-38626 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Key Storage Provider Security Feature Bypass Vulnerability | |||||||
CVE-2021-38624 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
CVE-2021-38667 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.2 |
CVE-2021-38671 | No | No | More Likely | More Likely | Important | 7.8 | 7.2 |
CVE-2021-40447 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.2 |
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability | |||||||
CVE-2021-36969 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2021-38635 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2021-38636 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | |||||||
CVE-2021-36973 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows SMB Elevation of Privilege Vulnerability | |||||||
CVE-2021-36974 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows SMB Information Disclosure Vulnerability | |||||||
CVE-2021-36960 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2021-36972 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2021-26435 | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
Windows Storage Information Disclosure Vulnerability | |||||||
CVE-2021-38637 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Subsystem for Linux Elevation of Privilege Vulnerability | |||||||
CVE-2021-36966 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | |||||||
CVE-2021-36967 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
Windows WLAN AutoConfig Service Remote Code Execution Vulnerability | |||||||
CVE-2021-36965 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments