It is another low volume Patch Tuesday this month as Microsoft releases fixes for 50 vulnerabilities. This should not diminish the importance of speedily applying the updates. 6 of the vulnerabilities being patched this month are 0-days under active exploitation (CVE-2021-31955, CVE-2021-31956, CVE-2021-33739, CVE-2021-33742, CVE-2021-31199, and CVE-2021-31201). These patches should be given immediate priority. Luckily they can all be addressed by normal operating system patches and should not require additional manual intervention. Additionally, Enterprises should take action on CVE-2021-31962 if they use Kerberos in their environment as it may allow an attacker to bypass Kerberos authentication altogether.
This is the only 0-day vulnerability this month which results in a remote code execution. The vulnerability lies within the MSHTML platform which is used by Internet Explorer 11 and Edge Legacy. While these two products are no longer fully supported (Edge Legacy is end of life and IE 11 is no longer supported on certain platforms) the underlying HTML libraries continue to be updated as other applications can make use of it. Further details for this vulnerability will be published by Google's Threat Analysis Group within the next 30 days.
Kerberos AppContainer Security Feature Bypass Vulnerability (CVE-2021-31962)
While this vulnerability has not been exploited in the wild yet, it would be a rather juicy target for exploit developers. Were this to be exploited it may allow a complete bypass of Kerberos authentication, allowing a connection without a password. Kerberos is generally used in Enterprise environments and as such sysadmins should patch this if they are leveraging the strong cryptography authentication mechanism.
Multiple Elevation of Privilege 0-days
The rest of the 0-days this month can result in elevation of privilege. These vulnerabilities are often chained with other vulnerabilities in order to achieve code execution as an Administrator. Luckily for defenders, these vulnerabilities are simply patched using the traditional update methods.
Summary Tables
Here are this month's patched vulnerabilities split by the product family.
Apps Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31945 | Paint 3D Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31946 | Paint 3D Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31983 | Paint 3D Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability | No | No | 8.1 | Yes |
| CVE-2021-31942 | 3D Viewer Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31943 | 3D Viewer Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31944 | 3D Viewer Information Disclosure Vulnerability | No | No | 5 | Yes |
Browser Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-33741 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | No | No | 8.2 | Yes |
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31938 | Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability | No | No | 7.3 | Yes |
| CVE-2021-31957 | .NET Core and Visual Studio Denial of Service Vulnerability | No | No | 5.9 | No |
ESU Windows Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31968 | Windows Remote Desktop Services Denial of Service Vulnerability | No | Yes | 7.5 | No |
| CVE-2021-1675 | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31958 | Windows NTLM Elevation of Privilege Vulnerability | No | No | 7.5 | Yes |
| CVE-2021-31956 | Windows NTFS Elevation of Privilege Vulnerability | Yes | No | 7.8 | Yes |
| CVE-2021-33742 | Windows MSHTML Platform Remote Code Execution Vulnerability | Yes | No | 7.5 | Yes |
| CVE-2021-31971 | Windows HTML Platform Security Feature Bypass Vulnerability | No | No | 6.8 | Yes |
| CVE-2021-31973 | Windows GPSVC Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31953 | Windows Filter Manager Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-26414 | Windows DCOM Server Security Feature Bypass | No | No | 4.8 | Yes |
| CVE-2021-31954 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31959 | Scripting Engine Memory Corruption Vulnerability | No | No | 6.4 | Yes |
| CVE-2021-31199 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Yes | No | 5.2 | Yes |
| CVE-2021-31201 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Yes | No | 5.2 | Yes |
| CVE-2021-31962 | Kerberos AppContainer Security Feature Bypass Vulnerability | No | No | 9.4 | Yes |
Microsoft Office Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31964 | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No |
| CVE-2021-31948 | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No |
| CVE-2021-31950 | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No |
| CVE-2021-31966 | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 7.2 | No |
| CVE-2021-31963 | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 7.1 | No |
| CVE-2021-26420 | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 7.1 | No |
| CVE-2021-31965 | Microsoft SharePoint Server Information Disclosure Vulnerability | No | No | 5.7 | Yes |
| CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability | No | No | 6.7 | Yes |
| CVE-2021-31940 | Microsoft Office Graphics Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31941 | Microsoft Office Graphics Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
System Center Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | No | No | 5.5 | Yes |
Windows Vulnerabilities
| CVE | Title | Exploited | Disclosed | CVSS3 | FAQ |
|---|
| CVE-2021-31970 | Windows TCP/IP Driver Security Feature Bypass Vulnerability | No | No | 5.5 | No |
| CVE-2021-31952 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31955 | Windows Kernel Information Disclosure Vulnerability | Yes | No | 5.5 | Yes |
| CVE-2021-31951 | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31977 | Windows Hyper-V Denial of Service Vulnerability | No | No | 8.6 | Yes |
| CVE-2021-31969 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No |
| CVE-2021-31960 | Windows Bind Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes |
| CVE-2021-31967 | VP9 Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes |
| CVE-2021-31975 | Server for NFS Information Disclosure Vulnerability | No | No | 7.5 | Yes |
| CVE-2021-31976 | Server for NFS Information Disclosure Vulnerability | No | No | 7.5 | Yes |
| CVE-2021-31974 | Server for NFS Denial of Service Vulnerability | No | No | 7.5 | No |
| CVE-2021-33739 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Yes | Yes | 8.4 | Yes |
| CVE-2021-31972 | Event Tracing for Windows Information Disclosure Vulnerability | No | No | 5.5 | Yes |
Summary Graphs
