Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rapid7blogGreg WisemanRAPID7BLOG:B6DE24165AA9AA83EDA117170EDDAD44
HistoryDec 14, 2021 - 10:12 p.m.

Patch Tuesday - December 2021

2021-12-1422:12:53
Greg Wiseman
blog.rapid7.com
87

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Patch Tuesday - December 2021

This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228. In today’s security release, Microsoft issued fixes for 83 vulnerabilities across an array of products — including a fix for Windows Defender for IoT, which is vulnerable to CVE-2021-44228 amongst seven other remote code execution (RCE) vulnerabilities (the cloud service is not affected). Six CVEs in the bulletin have been publicly disclosed; the only vulnerability noted as being exploited in the wild in this month’s release is CVE-2021-43890, a Windows AppX Installer spoofing bug that may aid in social engineering attacks and has evidently been used in Emotet malware campaigns.

Interestingly, this round of fixes also includes CVE-2021-43883, a Windows Installer privilege escalation bug whose advisory is sparse despite the fact that it appears to affect all supported versions of Windows. While there’s no indication in the advisory that the two vulnerabilities are related, CVE-2021-43883 looks an awful lot like the fix for a zero-day vulnerability that made a splash in the security community last month after proof-of-concept exploit code was released and in-the-wild attacks began. The zero-day vulnerability, which researchers hypothesized was a patch bypass for CVE-2021-41379, allowed low-privileged attackers to overwrite protected files and escalate to SYSTEM. Rapid7’s vulnerability research team did a full root cause analysis of the bug as attacks ramped up in November.

As usual, RCE flaws figure prominently in the “Critical”-rated CVEs this month. In addition to Windows Defender for IoT, critical RCE bugs were fixed this month in Microsoft Office, Microsoft Devices, Internet Storage Name Service (iSNS), and the WSL extension for Visual Studio Code. Given the outsized risk presented by most vulnerable implementations of Log4Shell, administrators should prioritize patches for any products affected by CVE-2021-44228. Past that, put critical server-side and OS RCE patches at the top of your list, and we’d advise sneaking in the fix for CVE-2021-43883 despite its lower severity rating.

Summary charts

Patch Tuesday - December 2021Patch Tuesday - December 2021Patch Tuesday - December 2021Patch Tuesday - December 2021

Summary tables

Apps Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43890 Windows AppX Installer Spoofing Vulnerability Yes Yes 7.1 Yes
CVE-2021-43905 Microsoft Office app Remote Code Execution Vulnerability No No 9.6 Yes

Browser Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-4068 Chromium: CVE-2021-4068 Insufficient validation of untrusted input in new tab page No No N/A Yes
CVE-2021-4067 Chromium: CVE-2021-4067 Use after free in window manager No No N/A Yes
CVE-2021-4066 Chromium: CVE-2021-4066 Integer underflow in ANGLE No No N/A Yes
CVE-2021-4065 Chromium: CVE-2021-4065 Use after free in autofill No No N/A Yes
CVE-2021-4064 Chromium: CVE-2021-4064 Use after free in screen capture No No N/A Yes
CVE-2021-4063 Chromium: CVE-2021-4063 Use after free in developer tools No No N/A Yes
CVE-2021-4062 Chromium: CVE-2021-4062 Heap buffer overflow in BFCache No No N/A Yes
CVE-2021-4061 Chromium: CVE-2021-4061 Type Confusion in V8 No No N/A Yes
CVE-2021-4059 Chromium: CVE-2021-4059 Insufficient data validation in loader No No N/A Yes
CVE-2021-4058 Chromium: CVE-2021-4058 Heap buffer overflow in ANGLE No No N/A Yes
CVE-2021-4057 Chromium: CVE-2021-4057 Use after free in file API No No N/A Yes
CVE-2021-4056 Chromium: CVE-2021-4056: Type Confusion in loader No No N/A Yes
CVE-2021-4055 Chromium: CVE-2021-4055 Heap buffer overflow in extensions No No N/A Yes
CVE-2021-4054 Chromium: CVE-2021-4054 Incorrect security UI in autofill No No N/A Yes
CVE-2021-4053 Chromium: CVE-2021-4053 Use after free in UI No No N/A Yes
CVE-2021-4052 Chromium: CVE-2021-4052 Use after free in web apps No No N/A Yes

Developer Tools Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43907 Visual Studio Code WSL Extension Remote Code Execution Vulnerability No No 9.8 No
CVE-2021-43908 Visual Studio Code Spoofing Vulnerability No No nan No
CVE-2021-43891 Visual Studio Code Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability No No 5.5 No
CVE-2021-43892 Microsoft BizTalk ESB Toolkit Spoofing Vulnerability No No 7.4 No
CVE-2021-43225 Bot Framework SDK Remote Code Execution Vulnerability No No 7.5 No
CVE-2021-43877 ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability No No 7.8 No

Device Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43899 Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability No No 9.8 Yes

Microsoft Office Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-42295 Visual Basic for Applications Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-42320 Microsoft SharePoint Server Spoofing Vulnerability No No 8 Yes
CVE-2021-43242 Microsoft SharePoint Server Spoofing Vulnerability No No 7.6 No
CVE-2021-42309 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-42294 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 7.2 Yes
CVE-2021-43255 Microsoft Office Trust Center Spoofing Vulnerability No No 5.5 Yes
CVE-2021-43875 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-42293 Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability No No 6.5 Yes
CVE-2021-43256 Microsoft Excel Remote Code Execution Vulnerability No No 7.8 Yes

System Center Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43882 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 9 Yes
CVE-2021-42311 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-42313 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-42314 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-42315 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-41365 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.8 Yes
CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 8.1 Yes
CVE-2021-43889 Microsoft Defender for IoT Remote Code Execution Vulnerability No No 7.2 Yes
CVE-2021-43888 Microsoft Defender for IoT Information Disclosure Vulnerability No No 7.5 Yes
CVE-2021-42312 Microsoft Defender for IOT Elevation of Privilege Vulnerability No No 7.8 Yes

Windows Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43247 Windows TCP/IP Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43237 Windows Setup Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43239 Windows Recovery Environment Agent Elevation of Privilege Vulnerability No No 7.1 No
CVE-2021-43231 Windows NTFS Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43880 Windows Mobile Device Management Elevation of Privilege Vulnerability No Yes 5.5 Yes
CVE-2021-43244 Windows Kernel Information Disclosure Vulnerability No No 6.5 Yes
CVE-2021-43246 Windows Hyper-V Denial of Service Vulnerability No No 5.6 No
CVE-2021-43232 Windows Event Tracing Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-43248 Windows Digital Media Receiver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43214 Web Media Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-43243 VP9 Video Extensions Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-43228 SymCrypt Denial of Service Vulnerability No No 7.5 No
CVE-2021-43227 Storage Spaces Controller Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-43235 Storage Spaces Controller Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-43240 NTFS Set Short Name Elevation of Privilege Vulnerability No Yes 7.8 No
CVE-2021-40452 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-40453 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-41360 HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
CVE-2021-43219 DirectX Graphics Kernel File Denial of Service Vulnerability No No 7.4 No

Windows ESU Vulnerabilities

CVE Vulnerability Title Exploited Publicly Disclosed? CVSSv3 Has FAQ?
CVE-2021-43215 iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution No No 9.8 Yes
CVE-2021-43238 Windows Remote Access Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43223 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-41333 Windows Print Spooler Elevation of Privilege Vulnerability No Yes 7.8 No
CVE-2021-43229 Windows NTFS Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43230 Windows NTFS Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-40441 Windows Media Center Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43883 Windows Installer Elevation of Privilege Vulnerability No Yes 7.8 No
CVE-2021-43234 Windows Fax Service Remote Code Execution Vulnerability No No 7.8 No
CVE-2021-43217 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability No No 8.1 Yes
CVE-2021-43893 Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability No Yes 7.5 No
CVE-2021-43245 Windows Digital TV Tuner Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43224 Windows Common Log File System Driver Information Disclosure Vulnerability No No 5.5 Yes
CVE-2021-43226 Windows Common Log File System Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43207 Windows Common Log File System Driver Elevation of Privilege Vulnerability No No 7.8 No
CVE-2021-43233 Remote Desktop Client Remote Code Execution Vulnerability No No 7.5 No
CVE-2021-43222 Microsoft Message Queuing Information Disclosure Vulnerability No No 7.5 Yes
CVE-2021-43236 Microsoft Message Queuing Information Disclosure Vulnerability No No 7.5 Yes
CVE-2021-43216 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability No No 6.5 Yes

Related

nessus 32
kaspersky 10
mskb 26
thn 2
malwarebytes 1
archlinux 2
threatpost 1
qualysblog 1
avleonov 1
freebsd 1
mageia 1
chrome 1
krebs 1
rapid7blog 3
attackerkb 4
suse 2
prion 37
cnvd 14
cve 26
mscve 22
zdi 4
fedora 2
cbl_mariner 1
hivepro 1
redhatcve 1
osv 2
nessus
nessus
KB5008215: Windows 11 Security Update (December 2021)
2021-12-14 00:00:00
KB5008212: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 / Windows 10 Version 21H2 Security Update (December 2021)
2021-12-14 00:00:00
KB5008218: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2021)
2021-12-14 00:00:00
kaspersky
kaspersky
KLA12387 Multiple vulnerabilities in Microsoft Windows
2021-12-14 00:00:00
KLA12388 Multiple vulnerabilities in Microsoft Products (ESU)
2021-12-14 00:00:00
KLA12385 Multiple vulnerabilities in Microsoft Developer Tools
2021-12-14 00:00:00
mskb
mskb
December 14, 2021—KB5008230 (OS Build 10240.19145) - EXPIRED
2021-12-14 08:00:00
December 14, 2021—KB5008218 (OS Build 17763.2366)
2021-12-14 08:00:00
December 14, 2021—KB5008207 (OS Build 14393.4825) - EXPIRED
2021-12-14 08:00:00
thn
thn
Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware
2021-12-15 07:14:00
Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse
2022-02-08 03:37:00
malwarebytes
malwarebytes
After Log4j, December’s Patch Tuesday has snuck up on us
2021-12-16 10:47:28
archlinux
archlinux
[ASA-202112-7] vivaldi: multiple issues
2021-12-11 00:00:00
[ASA-202112-6] chromium: multiple issues
2021-12-11 00:00:00
threatpost
threatpost
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
2021-12-14 22:21:35
qualysblog
qualysblog
Microsoft & Adobe Patch Tuesday (December 2021) – Microsoft 83 Vulnerabilities with 7 Critical, 1 Actively Exploited. Adobe 60 Vulnerabilities, 28 critical.
2021-12-14 22:08:33
avleonov
avleonov
Microsoft Patch Tuesday December 2021
2021-12-16 20:53:37
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-12-06 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2021-12-11 01:19:07
chrome
chrome
Stable Channel Update for Desktop
2021-12-06 00:00:00
krebs
krebs
Microsoft Patch Tuesday, December 2021 Edition
2021-12-14 22:23:44
rapid7blog
rapid7blog
Dropping Files on a Domain Controller Using CVE-2021-43893
2022-02-14 15:30:52
Analyzing the Attack Landscape: Rapid7’s 2021 Vulnerability Intelligence Report
2022-03-28 12:30:00
Cloud Pentesting, Pt. 1: Breaking Down the Basics
2022-03-21 14:32:42
attackerkb
attackerkb
CVE-2021-43207
2021-12-15 00:00:00
CVE-2021-43226
2021-12-15 00:00:00
CVE-2021-41379
2021-11-10 00:00:00
suse
suse
Security update for chromium (important)
2021-12-14 00:00:00
Security update for chromium (important)
2021-12-28 00:00:00
prion
prion
Remote code execution
2021-12-15 15:15:00
Spoofing
2021-12-15 15:15:00
Remote code execution
2021-12-15 15:15:00
cnvd
cnvd
Microsoft Defender for IoT Remote Code Execution Vulnerability (CNVD-2022-04003)
2021-12-19 00:00:00
Microsoft Defender for IoT Information Disclosure Vulnerability
2021-12-19 00:00:00
Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2022-59687)
2021-12-19 00:00:00
cve
cve
CVE-2021-41365
2021-12-15 15:15:00
CVE-2021-40453
2021-12-15 15:15:00
CVE-2021-43256
2021-12-15 15:15:00
mscve
mscve
Microsoft PowerShell Spoofing Vulnerability
2021-12-14 08:00:00
Web Media Extensions Remote Code Execution Vulnerability
2021-12-14 08:00:00
Microsoft Defender for IoT Information Disclosure Vulnerability
2021-12-14 08:00:00
zdi
zdi
Microsoft Azure Defender for IoT Improper Certificate Validation Authentication Bypass Vulnerability
2021-12-21 00:00:00
Microsoft Azure Defender for IoT maintenanceWindow Endpoint SQL Injection Privilege Escalation Vulnerability
2021-12-23 00:00:00
Microsoft Word glTF-SDK Integer Overflow Remote Code Execution Vulnerability
2022-06-02 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: chromium-96.0.4664.110-3.fc35
2022-01-29 06:39:34
[SECURITY] Fedora 34 Update: chromium-96.0.4664.110-3.fc34
2022-01-07 01:12:20
cbl_mariner
cbl_mariner
CVE-2021-43896 affecting package powershell 7.0.2-1
2022-01-10 03:59:21
hivepro
hivepro
Microsoft released patch for actively exploited spoofing vulnerability
2021-12-16 11:12:29
redhatcve
redhatcve
CVE-2021-43877
2021-12-14 19:08:25
osv
osv
CVE-2021-43877
2021-12-15 15:15:10
CVE-2021-43891
2021-12-15 15:15:11

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for RAPID7BLOG:B6DE24165AA9AA83EDA117170EDDAD44
nessus32kaspersky10mskb26thn2malwarebytes1archlinux2threatpost1qualysblog1avleonov1freebsd1mageia1chrome1krebs1rapid7blog3attackerkb4suse2prion37cnvd14cve26mscve22zdi4fedora2cbl_mariner1hivepro1redhatcve1osv2