• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Patch These Windows Vulnerabilities Now

Microsoft has released patches for 71 new vulnerabilities in Windows systems this past Tuesday, including one under active attack.

October 13, 2021 Zachary Comeau Leave a Comment

Microsoft Entra Verified ID
Dvoevnore /stock.adobe,com

Microsoft has released patches for 71 new vulnerabilities in Windows systems and applications this past Tuesday, which follows 11 previously patched software flaws in Microsoft Edge and OpenSSL.

That makes 82 patches this month, which is just slightly down from the 86 patches issued by Microsoft in September. This month’s patches address issues in Edge, Exchange Server, .NET Core and Visual Studio, Microsoft Office services and web apps, SharePoint, Microsoft Dynamics, InTune and Systems Center Operation Manager, according to Zero Day Initiative.

In addition, Adobe issued six patches that cover 10 security vulnerabilities in Adobe Reader, Acrobat Reader for Android, Adobe Campaign Standard, Commerce, Ops-LCI and Adobe Connect, ZDI said in a blog.

Of the 71 Microsoft vulnerabilities patched Tuesday, just two are rated critical, 68 are rated important and is rated low.

Notably, one Zero Day (CVE-2021-40449) is being actively exploited – a Win32k elevation of privilege vulnerability that is likely being used in conjunction with other code execution flaws to take over a system or as part of a targeted malware attack.

According to Microsoft, this flaw was reported by cybersecurity firm Kaspersky, which posted a blog calling it a use-after-free vulnerability in the NtGdiResetDC function of the Win32k driver that can lead to leakage of kernel module addresses in the computer’s memory which is then used to elevate the privileges of another malicious process.

Kaspersky says attackers then download and launch a Remote Access Trojan called MysterSnail to gain access to the victim’s system. From there, attackers can issue various commands, including create, read or delete certain files; create or delete a process get a directory list; or open a proxy channel and send data through it.

Attackers can also view the list of connected drives, monitor the connection of external drives in the background and launch the cmd.exe interactive shell.

Systems affected include a wide range of Microsoft and Windows operating systems, including Vista, 7, 8, 8.1, Server 2008, Server 2008 R2, Server 2012, Server 2012 R2, Windows 10 (build 14393), Server 2016 (build 14393), 10 (build 17763), and Server 2019 (build 17763).

Kaspersky notes that the exploit exists to specifically escalate privileges on server version of the operating system. Targets include IT companies, diplomatic organizations and the defense industry.

There were three other Zero Days patched in this release, including an Exchange Server remote code execution vulnerability (CVE-2021-26427) that ZDI links to the “more severe Exchange issues back in April.”

According to Microsoft, the attack is limited at the protocol level to a logically adjacent topology, meaning the attack needs something specific tied to the target like sharing a physical or logical network, or from within a secure or otherwise limited admin domain. However, Microsoft patched other Exchange bugs earlier this month, so Exchange admins have their work cut out for them.

Microsoft also patched a remote code execution vulnerability in Word (CVE-2021-40486) that allows code execution when a specially crafted Word document is viewed on an affected system. According to ZDI, this bug can be used to take over a target system when used in conjunction with a privilege escalation like the one detailed by Kaspersky. .

Another vulnerability (CVE-2021-40454), is a rich text edit control information disclosure bug that ZDI says could allow an attacker to recover cleartext passwords from memory, even on Windows 11.

Adobe also released six patches that cover 10 vulnerabilities, but none were publicly known or under attack. However, two are rated critical and two are rated moderate, so users should still apply patches.

Tagged With: Cybersecurity, Microsoft, Patch management, Patch Tuesday

Related Content:

  • This Week in IT, IT News, Microsoft, Google, Dell This Week in IT: Windows 11 Update, Tech…
  • Cloud THreats, Proofpoint Third Parties and Partners are Leading to Increased…
  • Google Curated Detections Chronicle Google Releases Curated Detections in Chronicle
  • Vendors interacting in an office. CompTIA: Technology Vendor Partner Programs Growing

Free downloadable guide you may like:

  • Shadow ITBlueprint Series: How to Reduce Shadow IT

    The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Research finds that this distributed work environment is leading to IT management blind spots and shadow IT.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Shadow IT
Blueprint Series: How to Reduce Shadow IT

The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Resea...

Hybrid Work webinar
Featured Webcast: Collaboration 2.0 — Where Are We Now?

In this webinar, subject matter experts discuss the transformation of the workplace, the rise of hybrid workers, the importance of open connectivit...

guide to end user training cover
Pro Tips for Conducting End User Training

Effective trainings are the glue that can make the difference following a new technology implementation that your team has spent so much time, effo...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.