DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-41345", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-41345", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489.", "published": "2021-10-13T01:15:00", "modified": "2021-10-19T17:28:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41345", "reporter": "secure@microsoft.com", "references": ["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345", "https://www.zerodayinitiative.com/advisories/ZDI-21-1154/"], "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "immutableFields": [], "lastseen": "2022-03-23T19:16:55", "viewCount": 52, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489"]}, {"type": "kaspersky", "idList": ["KLA12309", "KLA12310"]}, {"type": "mscve", "idList": ["MS:CVE-2021-26441", "MS:CVE-2021-40478", "MS:CVE-2021-40488", "MS:CVE-2021-40489", "MS:CVE-2021-41345"]}, {"type": "mskb", "idList": ["KB5006674", "KB5006675"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_OCT_5006667.NASL", "SMB_NT_MS21_OCT_5006669.NASL", "SMB_NT_MS21_OCT_5006670.NASL", "SMB_NT_MS21_OCT_5006672.NASL", "SMB_NT_MS21_OCT_5006674.NASL", "SMB_NT_MS21_OCT_5006675.NASL", "SMB_NT_MS21_OCT_5006699.NASL", "SMB_NT_MS21_OCT_5006715.NASL", "SMB_NT_MS21_OCT_5006728.NASL", "SMB_NT_MS21_OCT_5006729.NASL", "SMB_NT_MS21_OCT_5006732.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "zdi", "idList": ["ZDI-21-1153", "ZDI-21-1154", "ZDI-21-1155", "ZDI-21-1156", "ZDI-21-1157"]}]}, "score": {"value": 6.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489"]}, {"type": "kaspersky", "idList": ["KLA12310"]}, {"type": "mscve", "idList": ["MS:CVE-2021-41345"]}, {"type": "mskb", "idList": ["KB5006674"]}, {"type": "nessus", "idList": ["SMB_NT_MS21_OCT_5006667.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "zdi", "idList": ["ZDI-21-1154"]}]}, "exploitation": null, "vulnersScore": 6.9}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"], "cwe": ["CWE-269"], "affectedSoftware": [{"cpeName": "microsoft:windows_10", "version": "-", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "20h2", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "21h1", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "1607", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "1809", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "1909", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_10", "version": "2004", "operator": "eq", "name": "microsoft windows 10"}, {"cpeName": "microsoft:windows_11", "version": "-", "operator": "eq", "name": "microsoft windows 11"}, {"cpeName": "microsoft:windows_11", "version": "-", "operator": "eq", "name": "microsoft windows 11"}, {"cpeName": "microsoft:windows_8.1", "version": "-", "operator": "eq", "name": "microsoft windows 8.1"}, {"cpeName": "microsoft:windows_rt_8.1", "version": "-", "operator": "eq", "name": "microsoft windows rt 8.1"}, {"cpeName": "microsoft:windows_server_2012", "version": "-", "operator": "eq", "name": "microsoft windows server 2012"}, {"cpeName": "microsoft:windows_server_2012", "version": "r2", "operator": "eq", "name": "microsoft windows server 2012"}, {"cpeName": "microsoft:windows_server_2016", "version": "-", "operator": "eq", "name": "microsoft windows server 2016"}, {"cpeName": "microsoft:windows_server_2016", "version": "20h2", "operator": "eq", "name": "microsoft windows server 2016"}, {"cpeName": "microsoft:windows_server_2016", "version": "2004", "operator": "eq", "name": "microsoft windows server 2016"}, {"cpeName": "microsoft:windows_server_2019", "version": "-", "operator": "eq", "name": "microsoft windows server 2019"}, {"cpeName": "microsoft:windows_server_2022", "version": "-", "operator": "eq", "name": "microsoft windows server 2022"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345", "refsource": "MISC", "tags": ["Patch", "Vendor Advisory"]}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1154/", "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1154/", "refsource": "MISC", "tags": ["Third Party Advisory", "VDB Entry"]}]}

{"mscve": [{"lastseen": "2022-03-17T17:45:54", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40488", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40488", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:46:12", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40478", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40478", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:45:52", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-26441", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26441", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-17T17:45:54", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-40489", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40489", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-17T17:45:47", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mscve", "title": "Storage Spaces Controller Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "MS:CVE-2021-41345", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41345", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T19:09:34", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40488", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:52:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-40488", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40488", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}, {"lastseen": "2022-05-23T19:14:30", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-26441", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2022-05-23T17:42:00", "cpe": ["cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server:20h2", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2022:*", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2"], "id": "CVE-2021-26441", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26441", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*"]}, {"lastseen": "2022-03-23T19:09:34", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40489", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:56:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2021-40489", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40489", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T19:09:20", "description": "Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-13T01:15:00", "type": "cve", "title": "CVE-2021-40478", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41345"], "modified": "2021-10-19T15:21:00", "cpe": ["cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2021-40478", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40478", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*"]}], "mskb": [{"lastseen": "2022-06-15T16:12:04", "description": "None\n**12/8/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-quality-updates-primer/ba-p/2569385>). For an overview of Windows 10, version 1507, see its update history page.\n\n## Highlights\n\n * Updates security for your Windows operating system. \n * Updates an issue that causes your device to stop working when you try to restart it in some scenarios.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue with Enterprise Mode Site List redirection from Internet Explorer 11 to Microsoft Edge. In certain circumstances, the redirection opens a site in multiple tabs in Microsoft Edge.\n * Addresses an issue that prevents an internet print server from packaging a driver to send to the client.\n * Addresses an issue that causes the system to stop working during restart in certain scenarios.\n * Implements a Group Policy setting for the following registry value:Registry location: **HKLM\\Software\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint**Value name: RestrictDriverInstallationToAdministratorsValue data: 1For more information, see KB5005652.\n * Adds the ability to configure period or dot (.) delimited IP addresses interchangeably with fully qualified host names in the following Group Policy settings:\n * [Package Point and Print - Approved Servers](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2208>)\n * [Point and Print Restrictions](<https://gpsearch.azurewebsites.net/Default_legacy.aspx?PolicyID=2212>)\n * Addresses a known issue that might prevent devices from downloading and installing printer drivers when the devices attempt to connect to a network printer for the first time. We have observed this issue on devices that access printers using a print server that uses HTTP connections.\n * Addresses a known issue that might ask for administrative credentials every time you attempt to print. This occurs in environments in which the print server and print client are in different times zones.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5008230. \nAfter installing this update on a print server, printing properties defined on that server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Clients who have previously received the settings package prior to the installation of KB5005569 are unaffected. Servers which use default print settings and have no custom settings to provide to clients are unaffected.Note The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5007207. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/topic/servicing-stack-updates-ssu-frequently-asked-questions-06b62771-1cb0-368c-09cf-87c4efc4f2fe>). If you are using Windows Update, the latest SSU (KB5001399) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006675>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5006675](<https://download.microsoft.com/download/f/2/6/f261c0a5-89ee-47d2-a27e-f17dff655cc4/5006675.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006675 (OS Build 10240.19086)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "KB5006675", "href": "https://support.microsoft.com/en-us/help/5006675", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-13T15:20:40", "description": "None\nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-quality-updates-primer/ba-p/2569385>). For an overview of Windows 11 (original release), see its update history page.**Note **Follow [@WindowsUpdate](<https://twitter.com/windowsupdate>) to find out when new content is published to the release information dashboard.\n\n\n\n## Highlights \n\n * Updates security for your Windows operating system. \n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include: \n\n * Addresses known compatibility issues between some Intel \u201cKiller\u201d and \u201cSmartByte\u201d networking software and Windows 11 (original release). Devices with the affected software might drop User Datagram Protocol (UDP) packets under certain conditions. This creates performance and other issues for protocols based on UDP. For example, some websites might load slower than others on the affected devices, which might cause videos to stream slower in certain resolutions. VPN solutions based on UDP might also be slower. \nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website and the [October 2021 Security Updates](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>).\n\n### Windows 11 servicing stack update - 22000.190\n\n * This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.\n\n## Known issues in this update\n\n## \n\n__\n\nClick or tap to view the known issues\n\n**Applies to**| **Symptom**| **Workaround** \n---|---|--- \nIT admins| Devices that attempt to connect to a network printer for the first time might fail to download and install the necessary printer drivers.This issue has been observed in devices that access printers using a print server, using HTTP connections. When a client connects to the server to install the printer, a directory mismatch occurs, which causes the installer files to generate incorrectly. As a result, the drivers may not download.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5006746. \nIT admins| Installation of printers using Internet Printing Protocol (IPP) might not complete successfully.**Note **IPP is not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5006746. \nIT admins| Printing properties defined on a server might not be correctly provided to clients. Note this issue is specific to print servers and does not impact standard network printing. This issue will not cause printing operations to fail, however, custom settings defined on the server \u2013 for example, duplex print settings \u2013 will not be applied automatically, and clients will print with default settings only.This issue results from an improper building of the data file which contains the printer properties. Clients which receive this data file will not be able to use the file content and will instead proceed with default printing settings. Servers which use default print settings and have no custom settings to provide to clients are unaffected.**Note** The printer connection methods described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5006746. \nIT admins| You might receive a prompt for administrative credentials every time you attempt to print in environments in which the print server and print client are in different times zones.**Note** The affected environments described in this issue are not commonly used by devices designed for home use. The printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5006746. \nIT admins| After installing this update, Windows print clients might encounter the following errors when connecting to a remote printer shared on a Windows print server:\n\n * 0x000006e4 (RPC_S_CANNOT_SUPPORT)\n * 0x0000007c (ERROR_INVALID_LEVEL)\n * 0x00000709 (ERROR_INVALID_PRINTER_NAME)\n**Note** The printer connection issues described in this issue are specific to print servers and are not commonly observed in devices designed for home use. Printing environments affected by this issue are more commonly found in enterprises and organizations.| This issue is resolved in KB5007262. \nAll users| After installing Windows 11, some image editing programs might not render colors correctly on certain high dynamic range (HDR) displays. This is frequently observed with white colors, which could display in bright yellow or other colors.This issue occurs when certain color-rendering Win32 APIs return unexpected information or errors under specific conditions. Not all color profile management programs are affected, and color profile options available in the Windows 11 Settings page, including Microsoft Color Control Panel, are expected to function correctly.| This issue is resolved in KB5008353. \nAll users| Recent emails might not appear in the search results of the Microsoft Outlook desktop app. This issue is related to emails that have been stored locally in a PST or OST files. It might affect POP and IMAP accounts, as well as accounts hosted on Microsoft Exchange and Microsoft 365. If the default search in the Microsoft Outlook app is set to server search, the issue will only affect the advanced search.| This issue is resolved in KB5010386. \nAll users| When attempting to reset a Windows device with apps that have folders with [reparse data](<https://docs.microsoft.com/windows/win32/fileio/reparse-points>), such as OneDrive or OneDrive for Business, files which have been downloaded or synced locally from OneDrive might not be deleted when selecting the \u201cRemove everything\u201d option. This issue might be encountered when attempting a [manual reset initiated within Windows](<https://support.microsoft.com/windows/recovery-options-in-windows-31ce2444-7de3-818c-d626-e3b5a3024da5#bkmk_win11_reset_pc>) or a remote reset. Remote resets might be initiated from Mobile Device Management (MDM) or other management applications, such as [Microsoft Intune](<https://docs.microsoft.com/mem/intune/remote-actions/device-fresh-start>) or third-party tools. OneDrive files that are \u201ccloud only\u201d or have not been downloaded or opened on the device are not affected and will not persist, as the files are not downloaded or synced locally.**Note** Some device manufacturers and some documentation might call the feature to reset your device, \"Push Button Reset\", \"PBR\", \"Reset This PC\", \"Reset PC\", or \"Fresh Start\".| This issue was addressed in KB5011493. Some devices might take up to seven (7) days after the installation of KB5011493 to fully address the issue and prevent files from persisting after a reset. For immediate effect, you can manually trigger Windows Update Troubleshooter using the instructions in [Windows Update Troubleshooter](<https://support.microsoft.com/windows/windows-update-troubleshooter-19bc41ca-ad72-ae67-af3c-89ce169755dd>). If you are part of an organization that manages devices or prepared OS images for deployment, you can also address this issue by applying a compatibility update for installing and recovering Windows. Doing that makes improvements to the \"safe operating system\" (SafeOS) that is used to update the Windows recovery environment (WinRE). You can deploy these updates using the instructions in [Add an update package to Windows RE](<https://docs.microsoft.com/windows-hardware/manufacture/desktop/add-update-to-winre?view=windows-11>) using [KB5012414](<https://support.microsoft.com/help/5012414>) for Windows 11 (original release).**Important **If devices have already been reset and OneDrive files have persisted, you must use a workaround above or perform another reset after applying one of the workarounds above. \n \n## How to get this update\n\n**Before installing this update**Microsoft combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/topic/servicing-stack-updates-ssu-frequently-asked-questions-06b62771-1cb0-368c-09cf-87c4efc4f2fe>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nWindows Update for Business| Yes| None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5006674>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 11**Classification**: Security Updates \n \n**If you want to remove the LCU**To remove the LCU after installing the combined SSU and LCU package, use the [DISM/Remove-Package](<https://docs.microsoft.com/windows-hardware/manufacture/desktop/dism-operating-system-package-servicing-command-line-options>) command line option with the LCU package name as the argument. You can find the package name by using this command: **DISM /online /get-packages**.Running [Windows Update Standalone Installer](<https://support.microsoft.com/topic/description-of-the-windows-update-standalone-installer-in-windows-799ba3df-ec7e-b05e-ee13-1cdae8f23b19>) (**wusa.exe**) with the **/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.\n\n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 5006674](<https://download.microsoft.com/download/8/a/e/8ae7faee-ef96-49a3-8bf0-b435d6ee161c/5006674.csv>). For a list of the files that are provided in the servicing stack update, download the [file information for the SSU - version 22000.190](<https://download.microsoft.com/download/3/b/8/3b8392a7-e470-40b3-b19c-2b34eaca1c8c/SSU_version_22000_190.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T07:00:00", "type": "mskb", "title": "October 12, 2021\u2014KB5006674 (OS Build 22000.258)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41345"], "modified": "2021-10-12T07:00:00", "id": "KB5006674", "href": "https://support.microsoft.com/en-us/help/5006674", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "zdi": [{"lastseen": "2022-01-31T22:17:06", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41345"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1154", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1154/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-31T22:17:07", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40478"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1155", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1155/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-31T22:17:15", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1157", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1157/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T22:17:08", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40488"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1153", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1153/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-31T22:17:07", "description": "This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys driver. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-14T00:00:00", "type": "zdi", "title": "Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40489"], "modified": "2021-10-14T00:00:00", "id": "ZDI-21-1156", "href": "https://www.zerodayinitiative.com/advisories/ZDI-21-1156/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-06-15T16:47:10", "description": "The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006729: Windows Server 2012 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006729.NASL", "href": "https://www.tenable.com/plugins/nessus/154040", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154040);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006714\");\n script_xref(name:\"MSKB\", value:\"5006729\");\n script_xref(name:\"MSFT\", value:\"MS21-5006714\");\n script_xref(name:\"MSFT\", value:\"MS21-5006729\");\n\n script_name(english:\"KB5006729: Windows Server 2012 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006729. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006729 or apply Cumulative Update 5006714\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006714',\n '5006729'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006714, 5006729])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:16", "description": "The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006732: Windows Server 2012 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343", "CVE-2021-41345"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006732.NASL", "href": "https://www.tenable.com/plugins/nessus/154036", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154036);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006732\");\n script_xref(name:\"MSKB\", value:\"5006739\");\n script_xref(name:\"MSFT\", value:\"MS21-5006732\");\n script_xref(name:\"MSFT\", value:\"MS21-5006739\");\n\n script_name(english:\"KB5006732: Windows Server 2012 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006732. It is, therefore, affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006732 or apply Cumulative Update 5006739\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006739',\n '5006732'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006739, 5006732])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:35", "description": "The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006675.NASL", "href": "https://www.tenable.com/plugins/nessus/154041", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154041);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006675\");\n script_xref(name:\"MSFT\", value:\"MS21-5006675\");\n\n script_name(english:\"KB5006675: WWindows 10 version 1507 LTS Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006675. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006675\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006675'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006675])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:48", "description": "The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40465, CVE-2021-40469, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40463", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006669.NASL", "href": "https://www.tenable.com/plugins/nessus/154034", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154034);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40463\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006669\");\n script_xref(name:\"MSFT\", value:\"MS21-5006669\");\n\n script_name(english:\"KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006669.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40466, CVE-2021-40467,\n CVE-2021-40470, CVE-2021-40476, CVE-2021-40477,\n CVE-2021-40478, CVE-2021-40488, CVE-2021-40489,\n CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40465,\n CVE-2021-40469, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-41332, CVE-2021-41343)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006669\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41342\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006669'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006669])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:24:52", "description": "The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006667: Windows 10 version 1909 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006667.NASL", "href": "https://www.tenable.com/plugins/nessus/154037", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154037);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006667\");\n script_xref(name:\"MSFT\", value:\"MS21-5006667\");\n\n script_name(english:\"KB5006667: Windows 10 version 1909 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006667.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41339, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006667\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006667'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:18363,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006667])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006674: Windows 11 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006674.NASL", "href": "https://www.tenable.com/plugins/nessus/154042", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154042);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006674\");\n script_xref(name:\"MSFT\", value:\"MS21-5006674\");\n\n script_name(english:\"KB5006674: Windows 11 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006674\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006674'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006674])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337, CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455, CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-40469, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41335, CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006672.NASL", "href": "https://www.tenable.com/plugins/nessus/154026", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154026);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006672\");\n script_xref(name:\"MSFT\", value:\"MS21-5006672\");\n\n script_name(english:\"KB5006672: Windows 10 Version 1809 and Windows Server 2019 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006672.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40456, CVE-2021-40460, CVE-2021-41337,\n CVE-2021-41338)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455,\n CVE-2021-41361)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-40469,\n CVE-2021-41330, CVE-2021-41331, CVE-2021-41340,\n CVE-2021-41342)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41335,\n CVE-2021-41345, CVE-2021-41347)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40475, CVE-2021-41332,\n CVE-2021-41343)\");\n # https://support.microsoft.com/en-us/topic/october-12-2021-kb5006672-os-build-17763-2237-f5f567fd-950d-4db0-9d17-09435322578a\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e54ed946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006672\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006672'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006672])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:19", "description": "The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38662, CVE-2021-38663, CVE-2021-40454, CVE-2021-40468, CVE-2021-40475, CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443, CVE-2021-40449, CVE-2021-40450, CVE-2021-40464, CVE-2021-40466, CVE-2021-40467, CVE-2021-40470, CVE-2021-40476, CVE-2021-40477, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41334, CVE-2021-41335, CVE-2021-41339, CVE-2021-41345, CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-40461, CVE-2021-40462, CVE-2021-40465, CVE-2021-41330, CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006670.NASL", "href": "https://www.tenable.com/plugins/nessus/154033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154033);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41330\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41335\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41346\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006670\");\n script_xref(name:\"MSFT\", value:\"MS21-5006670\");\n\n script_name(english:\"KB5006670: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 October 2021 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006670.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2021-40460, CVE-2021-41338, CVE-2021-41346)\n\n - A denial of service (DoS) vulnerability. An attacker can\n exploit this issue to cause the affected component to\n deny system or application services. (CVE-2021-36953,\n CVE-2021-40463)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2021-38662, CVE-2021-38663,\n CVE-2021-40454, CVE-2021-40468, CVE-2021-40475,\n CVE-2021-41332, CVE-2021-41343)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2021-26441, CVE-2021-26442, CVE-2021-40443,\n CVE-2021-40449, CVE-2021-40450, CVE-2021-40464,\n CVE-2021-40466, CVE-2021-40467, CVE-2021-40470,\n CVE-2021-40476, CVE-2021-40477, CVE-2021-40478,\n CVE-2021-40488, CVE-2021-40489, CVE-2021-41334,\n CVE-2021-41335, CVE-2021-41339, CVE-2021-41345,\n CVE-2021-41347, CVE-2021-41357)\n\n - A session spoofing vulnerability exists. An attacker can\n exploit this to perform actions with the privileges of\n another user. (CVE-2021-36970, CVE-2021-40455)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2021-40461,\n CVE-2021-40462, CVE-2021-40465, CVE-2021-41330,\n CVE-2021-41331, CVE-2021-41340, CVE-2021-41342)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5006670\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update KB5006670.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_func.inc');\ninclude('misc_func.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS21-10\";\nkbs = make_list('5006670');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19041',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n )\n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19042',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n|| smb_check_rollup(os:\"10\",\n sp:0,\n os_build:'19043',\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006670]\n ) \n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 9, "vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006699: Windows Server 2022 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006699.NASL", "href": "https://www.tenable.com/plugins/nessus/154029", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154029);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26441\",\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-38672\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40450\",\n \"CVE-2021-40454\",\n \"CVE-2021-40455\",\n \"CVE-2021-40456\",\n \"CVE-2021-40460\",\n \"CVE-2021-40461\",\n \"CVE-2021-40462\",\n \"CVE-2021-40463\",\n \"CVE-2021-40464\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40468\",\n \"CVE-2021-40469\",\n \"CVE-2021-40470\",\n \"CVE-2021-40475\",\n \"CVE-2021-40476\",\n \"CVE-2021-40477\",\n \"CVE-2021-40478\",\n \"CVE-2021-40488\",\n \"CVE-2021-40489\",\n \"CVE-2021-41332\",\n \"CVE-2021-41334\",\n \"CVE-2021-41336\",\n \"CVE-2021-41337\",\n \"CVE-2021-41338\",\n \"CVE-2021-41339\",\n \"CVE-2021-41340\",\n \"CVE-2021-41342\",\n \"CVE-2021-41343\",\n \"CVE-2021-41345\",\n \"CVE-2021-41347\",\n \"CVE-2021-41357\",\n \"CVE-2021-41361\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n script_xref(name:\"MSKB\", value:\"5006699\");\n script_xref(name:\"MSFT\", value:\"MS21-5006699\");\n\n script_name(english:\"KB5006699: Windows Server 2022 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006699\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41345\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-40461\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006699'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006699])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:34", "description": "The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006715: Windows Server 2008 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006715.NASL", "href": "https://www.tenable.com/plugins/nessus/154043", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154043);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006715\");\n script_xref(name:\"MSKB\", value:\"5006736\");\n script_xref(name:\"MSFT\", value:\"MS21-5006715\");\n script_xref(name:\"MSFT\", value:\"MS21-5006736\");\n\n script_name(english:\"KB5006715: Windows Server 2008 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006715 or apply Cumulative Update 5006736\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-40489\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006715',\n '5006736'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006736, 5006715])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:09:47", "description": "The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41343"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS21_OCT_5006728.NASL", "href": "https://www.tenable.com/plugins/nessus/154035", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154035);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-26442\",\n \"CVE-2021-36953\",\n \"CVE-2021-36970\",\n \"CVE-2021-38662\",\n \"CVE-2021-38663\",\n \"CVE-2021-40443\",\n \"CVE-2021-40449\",\n \"CVE-2021-40455\",\n \"CVE-2021-40460\",\n \"CVE-2021-40465\",\n \"CVE-2021-40466\",\n \"CVE-2021-40467\",\n \"CVE-2021-40469\",\n \"CVE-2021-40489\",\n \"CVE-2021-41331\",\n \"CVE-2021-41332\",\n \"CVE-2021-41335\",\n \"CVE-2021-41340\",\n \"CVE-2021-41343\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0472-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0475-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/01\");\n script_xref(name:\"MSKB\", value:\"5006728\");\n script_xref(name:\"MSKB\", value:\"5006743\");\n script_xref(name:\"MSFT\", value:\"MS21-5006728\");\n script_xref(name:\"MSFT\", value:\"MS21-5006743\");\n\n script_name(english:\"KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5006728 or apply Cumulative Update 5006743\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41335\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41340\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Win32k NtGdiResetDC Use After Free Local Privilege Elevation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS21-10';\nkbs = make_list(\n '5006728',\n '5006743'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'10_2021',\n bulletin:bulletin,\n rollup_kb_list:[5006728, 5006743])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2022-01-19T17:39:26", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-40464](<https://nvd.nist.gov/vuln/detail/CVE-2021-40464>) \n[CVE-2021-40477](<https://nvd.nist.gov/vuln/detail/CVE-2021-40477>) \n[CVE-2021-41337](<https://nvd.nist.gov/vuln/detail/CVE-2021-41337>) \n[CVE-2021-40470](<https://nvd.nist.gov/vuln/detail/CVE-2021-40470>) \n[CVE-2021-41336](<https://nvd.nist.gov/vuln/detail/CVE-2021-41336>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-41345](<https://nvd.nist.gov/vuln/detail/CVE-2021-41345>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40468](<https://nvd.nist.gov/vuln/detail/CVE-2021-40468>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-40488](<https://nvd.nist.gov/vuln/detail/CVE-2021-40488>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-40476](<https://nvd.nist.gov/vuln/detail/CVE-2021-40476>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-40461](<https://nvd.nist.gov/vuln/detail/CVE-2021-40461>) \n[CVE-2021-41339](<https://nvd.nist.gov/vuln/detail/CVE-2021-41339>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-41330](<https://nvd.nist.gov/vuln/detail/CVE-2021-41330>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40463](<https://nvd.nist.gov/vuln/detail/CVE-2021-40463>) \n[CVE-2021-40475](<https://nvd.nist.gov/vuln/detail/CVE-2021-40475>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n[CVE-2021-41346](<https://nvd.nist.gov/vuln/detail/CVE-2021-41346>) \n[CVE-2021-40478](<https://nvd.nist.gov/vuln/detail/CVE-2021-40478>) \n[CVE-2021-40456](<https://nvd.nist.gov/vuln/detail/CVE-2021-40456>) \n[CVE-2021-40462](<https://nvd.nist.gov/vuln/detail/CVE-2021-40462>) \n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41357](<https://nvd.nist.gov/vuln/detail/CVE-2021-41357>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-38672](<https://nvd.nist.gov/vuln/detail/CVE-2021-38672>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41338](<https://nvd.nist.gov/vuln/detail/CVE-2021-41338>) \n[CVE-2021-40450](<https://nvd.nist.gov/vuln/detail/CVE-2021-40450>) \n[CVE-2021-41347](<https://nvd.nist.gov/vuln/detail/CVE-2021-41347>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-26441](<https://nvd.nist.gov/vuln/detail/CVE-2021-26441>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-40454](<https://nvd.nist.gov/vuln/detail/CVE-2021-40454>) \n[CVE-2021-41361](<https://nvd.nist.gov/vuln/detail/CVE-2021-41361>) \n[CVE-2021-41334](<https://nvd.nist.gov/vuln/detail/CVE-2021-41334>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning \n[CVE-2021-40464](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40464>)5.2High \n[CVE-2021-40477](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40477>)4.6Warning \n[CVE-2021-41337](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41337>)4.0Warning \n[CVE-2021-40470](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40470>)4.6Warning \n[CVE-2021-41336](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41336>)2.1Warning \n[CVE-2021-41345](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41345>)7.2High \n[CVE-2021-40468](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40468>)2.1Warning \n[CVE-2021-40488](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40488>)7.2High \n[CVE-2021-40476](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40476>)6.8High \n[CVE-2021-40461](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40461>)5.2High \n[CVE-2021-41339](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41339>)4.6Warning \n[CVE-2021-41330](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41330>)6.8High \n[CVE-2021-40463](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40463>)4.0Warning \n[CVE-2021-40475](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40475>)2.1Warning \n[CVE-2021-41346](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41346>)4.6Warning \n[CVE-2021-40478](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40478>)7.2High \n[CVE-2021-40456](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40456>)5.0Critical \n[CVE-2021-40462](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40462>)6.8High \n[CVE-2021-41357](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41357>)4.6Warning \n[CVE-2021-38672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38672>)5.2High \n[CVE-2021-41338](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41338>)2.1Warning \n[CVE-2021-40450](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40450>)4.6Warning \n[CVE-2021-41347](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41347>)4.6Warning \n[CVE-2021-26441](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26441>)4.6Warning \n[CVE-2021-40454](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40454>)2.1Warning \n[CVE-2021-41361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41361>)3.5Warning \n[CVE-2021-41334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41334>)4.6Warning\n\n### *KB list*:\n[5006699](<http://support.microsoft.com/kb/5006699>) \n[5006672](<http://support.microsoft.com/kb/5006672>) \n[5006674](<http://support.microsoft.com/kb/5006674>) \n[5006670](<http://support.microsoft.com/kb/5006670>) \n[5006667](<http://support.microsoft.com/kb/5006667>) \n[5006669](<http://support.microsoft.com/kb/5006669>) \n[5006729](<http://support.microsoft.com/kb/5006729>) \n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006732](<http://support.microsoft.com/kb/5006732>) \n[5006675](<http://support.microsoft.com/kb/5006675>) \n[5006714](<http://support.microsoft.com/kb/5006714>) \n[5006739](<http://support.microsoft.com/kb/5006739>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-10-12T00:00:00", "type": "kaspersky", "title": "KLA12310 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26441", "CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41357", "CVE-2021-41361"], "modified": "2022-01-18T00:00:00", "id": "KLA12310", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12310/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-19T17:39:29", "description": "### *Detect date*:\n10/12/2021\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 for 32-bit Systems \nWindows Server, version 2004 (Server Core installation) \nWindows RT 8.1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server, version 20H2 (Server Core Installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows Server 2016 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 11 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2012 R2 \nWindows 10 Version 2004 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 11 for ARM64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2016 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows Server 2012 \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2019 \nWindows Server 2022 \nWindows Server 2012 R2 (Server Core installation) \nWindows 8.1 for x64-based systems \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 8.1 for 32-bit systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2021-36970](<https://nvd.nist.gov/vuln/detail/CVE-2021-36970>) \n[CVE-2021-40455](<https://nvd.nist.gov/vuln/detail/CVE-2021-40455>) \n[CVE-2021-38662](<https://nvd.nist.gov/vuln/detail/CVE-2021-38662>) \n[CVE-2021-41335](<https://nvd.nist.gov/vuln/detail/CVE-2021-41335>) \n[CVE-2021-40449](<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>) \n[CVE-2021-38663](<https://nvd.nist.gov/vuln/detail/CVE-2021-38663>) \n[CVE-2021-41342](<https://nvd.nist.gov/vuln/detail/CVE-2021-41342>) \n[CVE-2021-26442](<https://nvd.nist.gov/vuln/detail/CVE-2021-26442>) \n[CVE-2021-41332](<https://nvd.nist.gov/vuln/detail/CVE-2021-41332>) \n[CVE-2021-40466](<https://nvd.nist.gov/vuln/detail/CVE-2021-40466>) \n[CVE-2021-41331](<https://nvd.nist.gov/vuln/detail/CVE-2021-41331>) \n[CVE-2021-40469](<https://nvd.nist.gov/vuln/detail/CVE-2021-40469>) \n[CVE-2021-41340](<https://nvd.nist.gov/vuln/detail/CVE-2021-41340>) \n[CVE-2021-40467](<https://nvd.nist.gov/vuln/detail/CVE-2021-40467>) \n[CVE-2021-36953](<https://nvd.nist.gov/vuln/detail/CVE-2021-36953>) \n[CVE-2021-40489](<https://nvd.nist.gov/vuln/detail/CVE-2021-40489>) \n[CVE-2021-40443](<https://nvd.nist.gov/vuln/detail/CVE-2021-40443>) \n[CVE-2021-40460](<https://nvd.nist.gov/vuln/detail/CVE-2021-40460>) \n[CVE-2021-40465](<https://nvd.nist.gov/vuln/detail/CVE-2021-40465>) \n[CVE-2021-41343](<https://nvd.nist.gov/vuln/detail/CVE-2021-41343>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2021-36970](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36970>)4.3Warning \n[CVE-2021-40455](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40455>)2.1Warning \n[CVE-2021-38662](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38662>)4.9Warning \n[CVE-2021-41335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41335>)7.2High \n[CVE-2021-40449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40449>)4.6Warning \n[CVE-2021-38663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38663>)2.1Warning \n[CVE-2021-41342](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41342>)6.8High \n[CVE-2021-26442](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26442>)4.6Warning \n[CVE-2021-41332](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41332>)4.0Warning \n[CVE-2021-40466](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40466>)4.6Warning \n[CVE-2021-41331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41331>)6.8High \n[CVE-2021-40469](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40469>)6.5High \n[CVE-2021-41340](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41340>)6.8High \n[CVE-2021-40467](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40467>)4.6Warning \n[CVE-2021-36953](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36953>)5.0Critical \n[CVE-2021-40489](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40489>)7.2High \n[CVE-2021-40443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40443>)4.6Warning \n[CVE-2021-40460](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40460>)4.0Warning \n[CVE-2021-40465](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40465>)6.8High \n[CVE-2021-41343](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41343>)2.1Warning\n\n### *KB list*:\n[5006671](<http://support.microsoft.com/kb/5006671>) \n[5006736](<http://support.microsoft.com/kb/5006736>) \n[5006743](<http://support.microsoft.com/kb/5006743>) \n[5006728](<http://support.microsoft.com/kb/5006728>) \n[5006715](<http://support.microsoft.com/kb/5006715>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-12T00:00:00", "type": "kaspersky", "title": "KLA12309 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-26442", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40455", "CVE-2021-40460", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40469", "CVE-2021-40489", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41335", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343"], "modified": "2022-01-18T00:00:00", "id": "KLA12309", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12309/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "rapid7blog": [{"lastseen": "2021-10-20T09:06:39", "description": "\n\nToday\u2019s Patch Tuesday sees Microsoft [issuing fixes](<https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct>) for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike.\n\nOne vulnerability has already been seen exploited in the wild: [CVE-2021-40449](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449>) is an elevation of privilege vulnerability in all supported versions of Windows, including the newly released Windows 11. Rated as Important, this is likely being used alongside Remote Code Execution (RCE) and/or social engineering attacks to gain more complete control of targeted systems.\n\nThree CVEs were publicly disclosed before today, though haven\u2019t yet been observed in active exploitation. [CVE-2021-40469](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40469>) is an RCE vulnerability affecting Microsoft DNS servers, [CVE-2021-41335](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41335>) is another privilege escalation vulnerability in the Windows Kernel, and [CVE-2021-41338](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41338>) is a flaw in Windows AppContainer allowing attackers to bypass firewall rules.\n\nAttackers will likely be paying attention to the latest Windows Print Spooler vulnerability \u2013 [CVE-2021-36970](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36970>) is a Spoofing vulnerability with a CVSSv3 score of 8.8 that we don\u2019t yet have much more information about. Also worth noting is [CVE-2021-40486](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40486>), an RCE affecting Microsoft Word, OWA, as well as SharePoint Server, which can be exploited via the Preview Pane. [CVE-2021-40487](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40487>) is another RCE affecting SharePoint Server that Microsoft expects to be exploited before too long.\n\nAnother notable vulnerability is [CVE-2021-26427](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26427>), the latest in Exchange Server RCEs. The severity is mitigated by the fact that attacks are limited to a \u201clogically adjacent topology,\u201d meaning that it cannot be exploited directly over the public Internet. Three other vulnerabilities related to Exchange Server were also patched: [CVE-2021-41350](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41350>), a Spoofing vulnerability; [CVE-2021-41348](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-41348>), allowing elevation of privilege; and [CVE-2021-34453](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34453>), which is a Denial of Service vulnerability.\n\nFinally, virtualization administrators should be aware of two RCEs affecting Windows Hyper-V: [CVE-2021-40461](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40461>) and [CVE-2021-38672](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38672>). Both affect relatively new versions of Windows and are considered Critical, allowing a VM to escape from guest to host by triggering a memory allocation error, allowing it to read kernel memory in the host.\n\n## Summary Charts\n\n\n\n## Summary Tables\n\n### Apps Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41363](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41363>) | Intune Management Extension Security Feature Bypass Vulnerability | No | No | 4.2 | Yes \n \n### Browser Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-37980](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37980>) | Chromium: CVE-2021-37980 Inappropriate implementation in Sandbox | No | No | N/A | Yes \n[CVE-2021-37979](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37979>) | Chromium: CVE-2021-37979 Heap buffer overflow in WebRTC | No | No | N/A | Yes \n[CVE-2021-37978](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37978>) | Chromium: CVE-2021-37978 Heap buffer overflow in Blink | No | No | N/A | Yes \n[CVE-2021-37977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37977>) | Chromium: CVE-2021-37977 Use after free in Garbage Collection | No | No | N/A | Yes \n[CVE-2021-37976](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37976>) | Chromium: CVE-2021-37976 Information leak in core | No | No | N/A | Yes \n[CVE-2021-37975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37975>) | Chromium: CVE-2021-37975 Use after free in V8 | No | No | N/A | Yes \n[CVE-2021-37974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-37974>) | Chromium: CVE-2021-37974 Use after free in Safe Browsing | No | No | N/A | Yes \n \n### Developer Tools Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-3450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3450>) | OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT | No | No | N/A | Yes \n[CVE-2021-3449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-3449>) | OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing | No | No | N/A | Yes \n[CVE-2020-1971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1971>) | OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference | No | No | N/A | Yes \n[CVE-2021-41355](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355>) | .NET Core and Visual Studio Information Disclosure Vulnerability | No | No | 5.7 | Yes \n \n### ESU Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-38663](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38663>) | Windows exFAT File System Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40465>) | Windows Text Shaping Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-36953](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36953>) | Windows TCP/IP Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2021-40460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40460>) | Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-36970](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36970>) | Windows Print Spooler Spoofing Vulnerability | No | No | 8.8 | No \n[CVE-2021-41332](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41332>) | Windows Print Spooler Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2021-41331](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41331>) | Windows Media Audio Decoder Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41342](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342>) | Windows MSHTML Platform Remote Code Execution Vulnerability | No | No | 6.8 | Yes \n[CVE-2021-41335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41335>) | Windows Kernel Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2021-40455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40455>) | Windows Installer Spoofing Vulnerability | No | No | 5.5 | No \n[CVE-2021-26442](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26442>) | Windows HTTP.sys Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-41340](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41340>) | Windows Graphics Component Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-38662](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38662>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41343](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41343>) | Windows Fast FAT File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40469>) | Windows DNS Server Remote Code Execution Vulnerability | No | Yes | 7.2 | Yes \n[CVE-2021-40443](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40443>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40466](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40466>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40467>) | Windows Common Log File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40449](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449>) | Win32k Elevation of Privilege Vulnerability | Yes | No | 7.8 | No \n[CVE-2021-40489](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40489>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n \n### Exchange Server Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41350](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | No \n[CVE-2021-26427](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 9 | Yes \n[CVE-2021-41348](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348>) | Microsoft Exchange Server Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-34453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453>) | Microsoft Exchange Server Denial of Service Vulnerability | No | No | 7.5 | No \n \n### Microsoft Dynamics Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40457](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40457>) | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | No | No | 7.4 | Yes \n[CVE-2021-41353](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41353>) | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | No | No | 5.4 | No \n[CVE-2021-41354](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41354>) | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | No | No | 4.1 | No \n \n### Microsoft Office Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40486](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40486>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40484](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40484>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-40483](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40483>) | Microsoft SharePoint Server Spoofing Vulnerability | No | No | 7.6 | No \n[CVE-2021-41344](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41344>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | No \n[CVE-2021-40487](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40487>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2021-40482](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40482>) | Microsoft SharePoint Server Information Disclosure Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40480](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40480>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40481](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40481>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.1 | Yes \n[CVE-2021-40471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40471>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40473](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40473>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40474](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40474>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40479](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40479>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40485](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40485>) | Microsoft Excel Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-40472](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40472>) | Microsoft Excel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### Microsoft Office Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454>) | Rich Text Edit Control Information Disclosure Vulnerability | No | No | 5.5 | Yes \n \n### System Center Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-41352](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41352>) | SCOM Information Disclosure Vulnerability | No | No | 7.5 | Yes \n \n### Windows Vulnerabilities\n\nCVE | Title | Exploited | Publicly Disclosed? | CVSSv3 Base Score | has FAQ? \n---|---|---|---|---|--- \n[CVE-2021-40464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40464>) | Windows Nearby Sharing Elevation of Privilege Vulnerability | No | No | 8 | No \n[CVE-2021-40463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40463>) | Windows NAT Denial of Service Vulnerability | No | No | 7.7 | No \n[CVE-2021-40462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40462>) | Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41336](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41336>) | Windows Kernel Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-38672](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38672>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | Yes \n[CVE-2021-40461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40461>) | Windows Hyper-V Remote Code Execution Vulnerability | No | No | 8 | No \n[CVE-2021-40477](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477>) | Windows Event Tracing Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41334>) | Windows Desktop Bridge Elevation of Privilege Vulnerability | No | No | 7 | No \n[CVE-2021-40475](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40475>) | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-40468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40468>) | Windows Bind Filter Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2021-41347](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41347>) | Windows AppX Deployment Service Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41338](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41338>) | Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability | No | Yes | 5.5 | No \n[CVE-2021-40476](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40476>) | Windows AppContainer Elevation Of Privilege Vulnerability | No | No | 7.5 | No \n[CVE-2021-40456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40456>) | Windows AD FS Security Feature Bypass Vulnerability | No | No | 5.3 | Yes \n[CVE-2021-40450](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40450>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41357>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40478](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-40488](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40488>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-26441](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2021-41345](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345>) | Storage Spaces Controller Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41330](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41330>) | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | No | No | 7.8 | No \n[CVE-2021-41339](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41339>) | Microsoft DWM Core Library Elevation of Privilege Vulnerability | No | No | 4.7 | No \n[CVE-2021-40470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40470>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2021-41346](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41346>) | Console Window Host Security Feature Bypass Vulnerability | No | No | 5.3 | No \n[CVE-2021-41337](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41337>) | Active Directory Security Feature Bypass Vulnerability | No | No | 4.9 | Yes \n[CVE-2021-41361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41361>) | Active Directory Federation Server Spoofing Vulnerability | No | No | 5.4 | Yes", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-10-12T19:47:16", "type": "rapid7blog", "title": "Patch Tuesday - October 2021", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1971", "CVE-2021-26427", "CVE-2021-26441", "CVE-2021-26442", "CVE-2021-34453", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-36953", "CVE-2021-36970", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-38662", "CVE-2021-38663", "CVE-2021-38672", "CVE-2021-40443", "CVE-2021-40449", "CVE-2021-40450", "CVE-2021-40454", "CVE-2021-40455", "CVE-2021-40456", "CVE-2021-40457", "CVE-2021-40460", "CVE-2021-40461", "CVE-2021-40462", "CVE-2021-40463", "CVE-2021-40464", "CVE-2021-40465", "CVE-2021-40466", "CVE-2021-40467", "CVE-2021-40468", "CVE-2021-40469", "CVE-2021-40470", "CVE-2021-40471", "CVE-2021-40472", "CVE-2021-40473", "CVE-2021-40474", "CVE-2021-40475", "CVE-2021-40476", "CVE-2021-40477", "CVE-2021-40478", "CVE-2021-40479", "CVE-2021-40480", "CVE-2021-40481", "CVE-2021-40482", "CVE-2021-40483", "CVE-2021-40484", "CVE-2021-40485", "CVE-2021-40486", "CVE-2021-40487", "CVE-2021-40488", "CVE-2021-40489", "CVE-2021-41330", "CVE-2021-41331", "CVE-2021-41332", "CVE-2021-41334", "CVE-2021-41335", "CVE-2021-41336", "CVE-2021-41337", "CVE-2021-41338", "CVE-2021-41339", "CVE-2021-41340", "CVE-2021-41342", "CVE-2021-41343", "CVE-2021-41344", "CVE-2021-41345", "CVE-2021-41346", "CVE-2021-41347", "CVE-2021-41348", "CVE-2021-41350", "CVE-2021-41352", "CVE-2021-41353", "CVE-2021-41354", "CVE-2021-41355", "CVE-2021-41357", "CVE-2021-41361", "CVE-2021-41363"], "modified": "2021-10-12T19:47:16", "id": "RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25", "href": "https://blog.rapid7.com/2021/10/12/patch-tuesday-october-2021/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}