{"mskb": [{"lastseen": "2022-06-15T16:12:10", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes improvements and fixes that were a part of update [KB5005633](<https://support.microsoft.com/help/5005633>) (released September 14, 2021) and addresses the following issues:\n\n * Addresses an issue in which an Internet print server cannot package the driver to send to the client.\n * Implements a Group Policy setting for the following registry value:\n * Registry location: **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint**\n * Value name: **RestrictDriverInstallationToAdministrators**\n * Value data: **1**\nFor more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses an issue in which Security Account Manager (SAM) events are not displayed properly in the Event Viewer.\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \"Failure to configure Windows updates. Reverting Changes. Do not turn off your computer\", and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/obtaining-extended-security-updates-for-eligible-windows-devices/ba-p/1167091>) post. For information on the prerequisites, see the **How to get this update** section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007236](<https://support.microsoft.com/help/5007236>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008244](<https://support.microsoft.com/help/5008244>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ended on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ended on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the latest SSU ([KB5006749](<https://support.microsoft.com/help/5006749>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006743>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006743](<https://download.microsoft.com/download/2/a/e/2ae5b268-0eef-42c9-9395-4ff779b72981/5006743.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006743 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "KB5006743", "href": "https://support.microsoft.com/en-us/help/5006743", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-18T17:45:42", "description": "None\n## **Summary**\n\nLearn more about this security update, including improvements and fixes, any known issues, and how to get the update.\n\n**Important: **Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release). \n \nVerify that** **you have installed the required updates listed in the **How to get this update** section before installing this update. \n \nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 and Windows Server 2008 R2 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## **Improvements and fixes**\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## **Known issues in this update**\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed **in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\n * If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/obtaining-extended-security-updates-for-eligible-windows-devices/ba-p/1167091>) post. For information on the prerequisites, see the **How to get this update** section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\". This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of this update are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5007233](<https://support.microsoft.com/help/5007233>). \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in [KB5008282](<https://support.microsoft.com/help/5008282>). \n \n## **How to get this update**\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/cloud-platform/extended-security-updates>) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **restart your device** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the latest SSU ([KB5006749](<https://support.microsoft.com/help/5006749>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB5006671](<https://support.microsoft.com/help/5006671>)).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006728>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n \n## **File information**\n\nFor a list of the files that are provided in this update, download the [file information for update 5006728](<https://download.microsoft.com/download/8/b/c/8bc38850-b0cf-432c-904f-c57c562e20a8/5006728.csv>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006728 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "KB5006728", "href": "https://support.microsoft.com/en-us/help/5006728", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "mscve": [{"lastseen": "2021-12-06T18:18:33", "description": "Windows TCP/IP Denial of Service Vulnerability \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Windows TCP/IP Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36953"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-36953", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36953", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006715: Windows Server 2008 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006715.NASL", "href": "https://www.tenable.com/plugins/nessus/154043", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154043);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006715\");\n script_xref(name:\"MSKB\", value:\"5006736\");\n script_xref(name:\"MSFT\", value:\"MS21-5006715\");\n script_xref(name:\"MSFT\", value:\"MS21-5006736\");\n\n script_name(english:\"KB5006715: Windows Server 2008 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006715 or apply Cumulative Update 5006736\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-40489\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006715',\n '5006736'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006736, 5006715])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006728.NASL", "href": "https://www.tenable.com/plugins/nessus/154035", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154035);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006728\");\n script_xref(name:\"MSKB\", value:\"5006743\");\n script_xref(name:\"MSFT\", value:\"MS21-5006728\");\n script_xref(name:\"MSFT\", value:\"MS21-5006743\");\n\n script_name(english:\"KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006728 or apply Cumulative Update 5006743\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41335\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006728',\n '5006743'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006728, 5006743])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:47:10", "description": "The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006729: Windows Server 2012 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006729.NASL", "href": "https://www.tenable.com/plugins/nessus/154040", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154040);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006714\");\n script_xref(name:\"MSKB\", value:\"5006729\");\n script_xref(name:\"MSFT\", value:\"MS21-5006714\");\n script_xref(name:\"MSFT\", value:\"MS21-5006729\");\n\n script_name(english:\"KB5006729: Windows Server 2012 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006729 or apply Cumulative Update 5006714\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006714',\n '5006729'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006714, 5006729])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:16", "description": "The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006732: Windows Server 2012 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006732.NASL", "href": "https://www.tenable.com/plugins/nessus/154036", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154036);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006732\");\n script_xref(name:\"MSKB\", value:\"5006739\");\n script_xref(name:\"MSFT\", value:\"MS21-5006732\");\n script_xref(name:\"MSFT\", value:\"MS21-5006739\");\n\n script_name(english:\"KB5006732: Windows Server 2012 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006732 or apply Cumulative Update 5006739\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006739',\n '5006732'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006739, 5006732])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:35", "description": "The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006675.NASL", "href": "https://www.tenable.com/plugins/nessus/154041", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154041);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006675\");\n script_xref(name:\"MSFT\", value:\"MS21-5006675\");\n\n script_name(english:\"KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006675\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006675'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006675])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:48", "description": "The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40465, CVE-2021-40469, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006669.NASL", "href": "https://www.tenable.com/plugins/nessus/154034", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154034);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006669\");\n script_xref(name:\"MSFT\", value:\"MS21-5006669\");\n\n script_name(english:\"KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40466, CVE-2021-40467,\n CVE-2021-40470, CVE-2021-40476, CVE-2021-40477,\n CVE-2021-40478, CVE-2021-40488, CVE-2021-40489,\n CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40465,\n CVE-2021-40469, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006669\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006669'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006669])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:24:52", "description": "The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006667: Windows 10 version 1909 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006667.NASL", "href": "https://www.tenable.com/plugins/nessus/154037", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154037);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006667\");\n script_xref(name:\"MSFT\", value:\"MS21-5006667\");\n\n script_name(english:\"KB5006667: Windows 10 version 1909 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006667\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006667'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:18363,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006667])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006674: Windows 11 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006674.NASL", "href": "https://www.tenable.com/plugins/nessus/154042", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154042);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006674\");\n script_xref(name:\"MSFT\", value:\"MS21-5006674\");\n\n script_name(english:\"KB5006674: Windows 11 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006674\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006674'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006674])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-40469, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006672.NASL", "href": "https://www.tenable.com/plugins/nessus/154026", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154026);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006672\");\n script_xref(name:\"MSFT\", value:\"MS21-5006672\");\n\n script_name(english:\"KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337,\n CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-40469,\n CVE-2021-41330, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\");\n # https://support.microsoft.com/en-us/topic/october-12-2021-kb5006672-os-build-17763-2237-f5f567fd-950d-4db0-9d17-09435322578a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e54ed946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006672\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006672'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006672])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40468, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41334, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006670.NASL", "href": "https://www.tenable.com/plugins/nessus/154033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154033);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41346\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006670\");\n script_xref(name:\"MSFT\", value:\"MS21-5006670\");\n\n script_name(english:\"KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40468, CVE-2021-40475,\n CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41334,\n CVE-2021-41335, CVE-2021-41339, CVE-2021-41345,\n CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5006670\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update KB5006670.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-10\";\nkbs = make_list('5006670');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19041',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n )\n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19042',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19043',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006699: Windows Server 2022 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006699.NASL", "href": "https://www.tenable.com/plugins/nessus/154029", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154029);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006699\");\n script_xref(name:\"MSFT\", value:\"MS21-5006699\");\n\n script_name(english:\"KB5006699: Windows Server 2022 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006699\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006699'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006699])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2022-01-19T17:39:29", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning\n\n### *KB list*:\n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006736](<http://support.microsoft.com/kb/5006736>) \n[5006743](<http://support.microsoft.com/kb/5006743>) \n[5006728](<http://support.microsoft.com/kb/5006728>) \n[5006715](<http://support.microsoft.com/kb/5006715>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "kaspersky", "title": "KLA12309 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343"], "modified": "2022-01-18T00:00:00", "id": "KLA12309", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12309/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-19T17:39:26", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-40464](<https://nvd.nist.gov/vuln/detail/CVE-2021-40464>) \n[CVE-2021-40477](<https://nvd.nist.gov/vuln/detail/CVE-2021-40477>) \n[CVE-2021-41337](<https://nvd.nist.gov/vuln/detail/CVE-2021-41337>) \n[CVE-2021-40470](<https://nvd.nist.gov/vuln/detail/CVE-2021-40470>) \n[CVE-2021-41336](<https://nvd.nist.gov/vuln/detail/CVE-2021-41336>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-41345](<https://nvd.nist.gov/vuln/detail/CVE-2021-41345>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40468](<https://nvd.nist.gov/vuln/detail/CVE-2021-40468>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-40488](<https://nvd.nist.gov/vuln/detail/CVE-2021-40488>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-40476](<https://nvd.nist.gov/vuln/detail/CVE-2021-40476>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-40461](<https://nvd.nist.gov/vuln/detail/CVE-2021-40461>) \n[CVE-2021-41339](<https://nvd.nist.gov/vuln/detail/CVE-2021-41339>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-41330](<https://nvd.nist.gov/vuln/detail/CVE-2021-41330>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40463](<https://nvd.nist.gov/vuln/detail/CVE-2021-40463>) \n[CVE-2021-40475](<https://nvd.nist.gov/vuln/detail/CVE-2021-40475>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n[CVE-2021-41346](<https://nvd.nist.gov/vuln/detail/CVE-2021-41346>) \n[CVE-2021-40478](<https://nvd.nist.gov/vuln/detail/CVE-2021-40478>) \n[CVE-2021-40456](<https://nvd.nist.gov/vuln/detail/CVE-2021-40456>) \n[CVE-2021-40462](<https://nvd.nist.gov/vuln/detail/CVE-2021-40462>) \n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41357](<https://nvd.nist.gov/vuln/detail/CVE-2021-41357>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-38672](<https://nvd.nist.gov/vuln/detail/CVE-2021-38672>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41338](<https://nvd.nist.gov/vuln/detail/CVE-2021-41338>) \n[CVE-2021-40450](<https://nvd.nist.gov/vuln/detail/CVE-2021-40450>) \n[CVE-2021-41347](<https://nvd.nist.gov/vuln/detail/CVE-2021-41347>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-26441](<https://nvd.nist.gov/vuln/detail/CVE-2021-26441>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-40454](<https://nvd.nist.gov/vuln/detail/CVE-2021-40454>) \n[CVE-2021-41361](<https://nvd.nist.gov/vuln/detail/CVE-2021-41361>) \n[CVE-2021-41334](<https://nvd.nist.gov/vuln/detail/CVE-2021-41334>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning \n[CVE-2021-40464](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40464>)5.2High \n[CVE-2021-40477](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40477>)4.6Warning \n[CVE-2021-41337](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41337>)4.0Warning \n[CVE-2021-40470](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40470>)4.6Warning \n[CVE-2021-41336](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41336>)2.1Warning \n[CVE-2021-41345](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41345>)7.2High \n[CVE-2021-40468](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40468>)2.1Warning \n[CVE-2021-40488](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40488>)7.2High \n[CVE-2021-40476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40476>)6.8High \n[CVE-2021-40461](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40461>)5.2High \n[CVE-2021-41339](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41339>)4.6Warning \n[CVE-2021-41330](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41330>)6.8High \n[CVE-2021-40463](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40463>)4.0Warning \n[CVE-2021-40475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40475>)2.1Warning \n[CVE-2021-41346](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41346>)4.6Warning \n[CVE-2021-40478](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40478>)7.2High \n[CVE-2021-40456](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40456>)5.0Critical \n[CVE-2021-40462](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40462>)6.8High \n[CVE-2021-41357](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41357>)4.6Warning \n[CVE-2021-38672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38672>)5.2High \n[CVE-2021-41338](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41338>)2.1Warning \n[CVE-2021-40450](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40450>)4.6Warning \n[CVE-2021-41347](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41347>)4.6Warning \n[CVE-2021-26441](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26441>)4.6Warning \n[CVE-2021-40454](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40454>)2.1Warning \n[CVE-2021-41361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41361>)3.5Warning \n[CVE-2021-41334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41334>)4.6Warning\n\n### *KB list*:\n[5006699](<http://support.microsoft.com/kb/5006699>) \n[5006672](<http://support.microsoft.com/kb/5006672>) \n[5006674](<http://support.microsoft.com/kb/5006674>) \n[5006670](<http://support.microsoft.com/kb/5006670>) \n[5006667](<http://support.microsoft.com/kb/5006667>) \n[5006669](<http://support.microsoft.com/kb/5006669>) \n[5006729](<http://support.microsoft.com/kb/5006729>) \n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006732](<http://support.microsoft.com/kb/5006732>) \n[5006675](<http://support.microsoft.com/kb/5006675>) \n[5006714](<http://support.microsoft.com/kb/5006714>) \n[5006739](<http://support.microsoft.com/kb/5006739>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-10-12T00:00:00", "type": "kaspersky", "title": "KLA12310 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-01-18T00:00:00", "id": "KLA12310", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12310/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-10-20T09:06:39", "description": "\n\nToday\u2019s Patch Tuesday sees Microsoft [issuing fixes](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>) for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike.\n\nOne vulnerability has already been seen exploited in the wild: [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449>) is an elevation of privilege vulnerability in all supported versions of Windows, including the newly released Windows 11. Rated as Important, this is likely being used alongside Remote Code Execution (RCE) and/or social engineering attacks to gain more complete control of targeted systems.\n\nThree CVEs were publicly disclosed before today, though haven\u2019t yet been observed in active exploitation. [CVE-2021-40469](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40469>) is an RCE vulnerability affecting Microsoft DNS servers, [CVE-2021-41335](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41335>) is another privilege escalation vulnerability in the Windows Kernel, and [CVE-2021-41338](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41338>) is a flaw in Windows AppContainer allowing attackers to bypass firewall rules.\n\nAttackers will likely be paying attention to the latest Windows Print Spooler vulnerability \u2013 [CVE-2021-36970](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36970>) is a Spoofing vulnerability with a CVSSv3 score of 8.8 that we don\u2019t yet have much more information about. Also worth noting is [CVE-2021-40486](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40486>), an RCE affecting Microsoft Word, OWA, as well as SharePoint Server, which can be exploited via the Preview Pane. [CVE-2021-40487](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40487>) is another RCE affecting SharePoint Server that Microsoft expects to be exploited before too long.\n\nAnother notable vulnerability is [CVE-2021-26427](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26427>), the latest in Exchange Server RCEs. The severity is mitigated by the fact that attacks are limited to a \u201clogically adjacent topology,\u201d meaning that it cannot be exploited directly over the public Internet. Three other vulnerabilities related to Exchange Server were also patched: [CVE-2021-41350](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41350>), a Spoofing vulnerability; [CVE-2021-41348](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41348>), allowing elevation of privilege; and [CVE-2021-34453](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34453>), which is a Denial of Service vulnerability.\n\nFinally, virtualization administrators should be aware of two RCEs affecting Windows Hyper-V: [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40461>) and [CVE-2021-38672](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38672>). Both affect relatively new versions of Windows and are considered Critical, allowing a VM to escape from guest to host by triggering a memory allocation error, allowing it to read kernel memory in the host.\n\n## Summary Charts\n\n\n\n## Summary Tables\n\n### Apps Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41363](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41363>) | Intune Management Extension Security Feature Bypass Vulnerability | No | No | 4.2 | Yes \n \n### Browser Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-37980](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37980>) | Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox | No | No | N/A | Yes \n[CVE-2021-37979](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37979>) | Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC | No | No | N/A | Yes \n[CVE-2021-37978](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37978>) | Chromium: CVE-2021-37978 Heap buffer overflow in Blink | No | No | N/A | Yes \n[CVE-2021-37977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37977>) | Chromium: CVE-2021-37977 Use after free in Garbage Collection | No | No | N/A | Yes \n[CVE-2021-37976](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37976>) | Chromium: CVE-2021-37976 Information leak in core | No | No | N/A | Yes \n[CVE-2021-37975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37975>) | Chromium: CVE-2021-37975 Use after free in V8 | No | No | N/A | Yes \n[CVE-2021-37974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37974>) | Chromium: CVE-2021-37974 Use after free in Safe Browsing | No | No | N/A | Yes \n \n### Developer Tools Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-3450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3450>) | OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT | No | No | N/A | Yes \n[CVE-2021-3449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3449>) | OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing | No | No | N/A | Yes \n[CVE-2020-1971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1971>) | OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference | No | No | N/A | Yes \n[CVE-2021-41355](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355>) | .NET Core and Visual Studio Information Disclosure Vulnerability | No | No | 5.7 | Yes \n \n### ESU Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-38663](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38663>) | Windows exFAT File System Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40465>) | Windows Text Shaping Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-36953](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36953>) | Windows TCP/IP Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-40460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40460>) | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-36970](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36970>) | Windows Print Spooler Spoofing Vulnerability | No | No | 8.8 | No \n[CVE-2021-41332](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41332>) | Windows Print Spooler Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-41331](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41331>) | Windows Media Audio Decoder Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41342](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342>) | Windows MSHTML Platform Remote Code Execution Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-41335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41335>) | Windows Kernel Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-40455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40455>) | Windows Installer Spoofing Vulnerability | No | No | 5.5 | No \n[CVE-2021-26442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26442>) | Windows HTTP.sys Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-41340](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41340>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38662](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38662>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41343](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41343>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40469>) | Windows DNS Server Remote Code Execution Vulnerability | No | Yes | 7.2 | Yes \n[CVE-2021-40443](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40443>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40466>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40467>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449>) | Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-40489](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40489>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Exchange Server Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | No \n[CVE-2021-26427](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9 | Yes \n[CVE-2021-41348](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-34453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453>) | Microsoft Exchange Server Denial of Service Vulnerability | No | No | 7.5 | No \n \n### Microsoft Dynamics Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40457](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40457>) | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | No | No | 7.4 | Yes \n[CVE-2021-41353](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41353>) | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | No | No | 5.4 | No \n[CVE-2021-41354](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41354>) | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 4.1 | No \n \n### Microsoft Office Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40486](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40486>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40484>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-40483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40483>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-41344](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | No \n[CVE-2021-40487](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-40482](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40482>) | Microsoft SharePoint Server Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40480>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40481](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40481>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-40471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40471>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40473>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40474>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40479](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40479>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40485>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40472>) | Microsoft Excel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### Microsoft Office Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454>) | Rich Text Edit Control Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### System Center Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41352](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41352>) | SCOM Information Disclosure Vulnerability | No | No | 7.5 | Yes \n \n### Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40464>) | Windows Nearby Sharing Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-40463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40463>) | Windows NAT Denial of Service Vulnerability | No | No | 7.7 | No \n[CVE-2021-40462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40462>) | Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41336](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41336>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38672](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38672>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | Yes \n[CVE-2021-40461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40461>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | No \n[CVE-2021-40477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41334>) | Windows Desktop Bridge Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-40475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40475>) | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40468>) | Windows Bind Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41347](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41347>) | Windows AppX Deployment Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41338](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41338>) | Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | No | Yes | 5.5 | No \n[CVE-2021-40476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40476>) | Windows AppContainer Elevation Of Privilege Vulnerability | No | No | 7.5 | No \n[CVE-2021-40456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40456>) | Windows AD FS Security Feature Bypass Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41357>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40488](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40488>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26441](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-41345](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41330](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41330>) | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41339>) | Microsoft DWM Core Library Elevation of Privilege Vulnerability | No | No | 4.7 | No \n[CVE-2021-40470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40470>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41346](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41346>) | Console Window Host Security Feature Bypass Vulnerability | No | No | 5.3 | No \n[CVE-2021-41337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41337>) | Active Directory Security Feature Bypass Vulnerability | No | No | 4.9 | Yes \n[CVE-2021-41361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41361>) | Active Directory Federation Server Spoofing Vulnerability | No | No | 5.4 | Yes", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-10-12T19:47:16", "type": "rapid7blog", "title": "Patch Tuesday - October 2021", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1971", "CVE-2021-26427", "CVE-2021-26441", "CVE-2021-26442", "CVE-2021-34453", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40457", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40471", "CVE-2021-40472", "CVE-2021-40473", "CVE-2021-40474", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40479", "CVE-2021-40480", "CVE-2021-40481", "CVE-2021-40482", "CVE-2021-40483", "CVE-2021-40484", "CVE-2021-40485", "CVE-2021-40486", "CVE-2021-40487", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41344", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41348", "CVE-2021-41350", "CVE-2021-41352", "CVE-2021-41353", "CVE-2021-41354", "CVE-2021-41355", "CVE-2021-41357", "CVE-2021-41361", "CVE-2021-41363"], "modified": "2021-10-12T19:47:16", "id": "RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25", "href": "https://blog.rapid7.com/2021/10/12/patch-tuesday-october-2021/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
CVE-2021-36953
