Lucene search

Adam BunnRAPID7BLOG:CC071AA6971D64B0F7A596B2BBD5F046

HistorySep 15, 2021 - 3:44 a.m.

Patch Tuesday - September 2021

2021-09-1503:44:31

Adam Bunn

blog.rapid7.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Patch Tuesday - September 2021

Microsoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Fortunately there are only a few issues rated critical this month with the vast majority of the remainder being rated important. Here’s three big things you can go patch right now.

MSHTML Remote Code Execution 0-day (CVE-2021-40444)

The hot topic this month is the most recent remote code execution 0-day vulnerability in MSHTML. When it was first discovered it was only being used in a limited number of attacks, however this quickly changed once instructions for exploiting the vulnerability were published online. This vulnerability was severe enough to warrant publishing patches for older operating systems including Windows 7, Windows Server 2008 R2, and Windows Server 2008. Now that updates have been published for this vulnerability they should be applied as soon as possible.

Windows DNS Local Elevation of Privilege (CVE-2021-36968)

This is the second publicly disclosed vulnerability updated this month. While the details surrounding this CVE are sparse, we do know that Microsoft has not detected exploitation in the wild.

Updates to PrintNightmare (CVE-2021-1678)

Microsoft has made additional patches available for older operating systems. If you were previously unable to patch against this vulnerability you may want to review this new information.

Summary Graphs

Patch Tuesday - September 2021

Summary Tables

Azure Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-38647	Open Management Infrastructure Remote Code Execution Vulnerability	No	No	9.8	Yes
CVE-2021-38645	Open Management Infrastructure Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2021-38648	Open Management Infrastructure Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2021-38649	Open Management Infrastructure Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2021-40448	Microsoft Accessibility Insights for Android Information Disclosure Vulnerability	No	No	6.3	Yes
CVE-2021-36956	Azure Sphere Information Disclosure Vulnerability	No	No	4.4	Yes

Browser Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-38642	Microsoft Edge for iOS Spoofing Vulnerability	No	No	6.1	No
CVE-2021-38641	Microsoft Edge for Android Spoofing Vulnerability	No	No	6.1	No
CVE-2021-26439	Microsoft Edge for Android Information Disclosure Vulnerability	No	No	4.6	No
CVE-2021-38669	Microsoft Edge (Chromium-based) Tampering Vulnerability	No	No	6.4	Yes
CVE-2021-26436	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	6.1	No
CVE-2021-36930	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	No	No	5.3	No
CVE-2021-30632	Chromium: CVE-2021-30632 Out of bounds write in V8	No	No		Yes
CVE-2021-30624	Chromium: CVE-2021-30624 Use after free in Autofill	No	No		Yes
CVE-2021-30623	Chromium: CVE-2021-30623 Use after free in Bookmarks	No	No		Yes
CVE-2021-30622	Chromium: CVE-2021-30622 Use after free in WebApp Installs	No	No		Yes
CVE-2021-30621	Chromium: CVE-2021-30621 UI Spoofing in Autofill	No	No		Yes
CVE-2021-30620	Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink	No	No		Yes
CVE-2021-30619	Chromium: CVE-2021-30619 UI Spoofing in Autofill	No	No		Yes
CVE-2021-30618	Chromium: CVE-2021-30618 Inappropriate implementation in DevTools	No	No		Yes
CVE-2021-30617	Chromium: CVE-2021-30617 Policy bypass in Blink	No	No		Yes
CVE-2021-30616	Chromium: CVE-2021-30616 Use after free in Media	No	No		Yes
CVE-2021-30615	Chromium: CVE-2021-30615 Cross-origin data leak in Navigation	No	No		Yes
CVE-2021-30614	Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip	No	No		Yes
CVE-2021-30613	Chromium: CVE-2021-30613 Use after free in Base internals	No	No		Yes
CVE-2021-30612	Chromium: CVE-2021-30612 Use after free in WebRTC	No	No		Yes
CVE-2021-30611	Chromium: CVE-2021-30611 Use after free in WebRTC	No	No		Yes
CVE-2021-30610	Chromium: CVE-2021-30610 Use after free in Extensions API	No	No		Yes
CVE-2021-30609	Chromium: CVE-2021-30609 Use after free in Sign-In	No	No		Yes
CVE-2021-30608	Chromium: CVE-2021-30608 Use after free in Web Share	No	No		Yes
CVE-2021-30607	Chromium: CVE-2021-30607 Use after free in Permissions	No	No		Yes
CVE-2021-30606	Chromium: CVE-2021-30606 Use after free in Blink	No	No		Yes

Developer Tools Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-36952	Visual Studio Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-26434	Visual Studio Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-26437	Visual Studio Code Spoofing Vulnerability	No	No	5.5	No

ESU Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-38625	Windows Kernel Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38626	Windows Kernel Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36968	Windows DNS Elevation of Privilege Vulnerability	No	Yes	7.8	No

Microsoft Dynamics Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-40440	Microsoft Dynamics Business Central Cross-site Scripting Vulnerability	No	No	5.4	No

Microsoft Office Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-38656	Microsoft Word Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38651	Microsoft SharePoint Server Spoofing Vulnerability	No	No	7.6	No
CVE-2021-38652	Microsoft SharePoint Server Spoofing Vulnerability	No	No	7.6	No
CVE-2021-38653	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	No
CVE-2021-38654	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38650	Microsoft Office Spoofing Vulnerability	No	No	7.6	Yes
CVE-2021-38659	Microsoft Office Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38658	Microsoft Office Graphics Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38660	Microsoft Office Graphics Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38657	Microsoft Office Graphics Component Information Disclosure Vulnerability	No	No	6.1	Yes
CVE-2021-38646	Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38655	Microsoft Excel Remote Code Execution Vulnerability	No	No	7.8	Yes

Windows Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-36967	Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability	No	No	8	No
CVE-2021-36966	Windows Subsystem for Linux Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38637	Windows Storage Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-36972	Windows SMB Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-36974	Windows SMB Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36973	Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38624	Windows Key Storage Provider Security Feature Bypass Vulnerability	No	No	6.5	Yes
CVE-2021-36954	Windows Bind Filter Driver Elevation of Privilege Vulnerability	No	No	8.8	No
CVE-2021-36975	Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38634	Microsoft Windows Update Client Elevation of Privilege Vulnerability	No	No	7.1	No
CVE-2021-38644	Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38661	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2021-38632	BitLocker Security Feature Bypass Vulnerability	No	No	5.7	Yes

Windows ESU Vulnerabilities

CVE	Title	Exploited	Disclosed	CVSS3	FAQ
CVE-2021-36965	Windows WLAN AutoConfig Service Remote Code Execution Vulnerability	No	No	8.8	No
CVE-2021-26435	Windows Scripting Engine Memory Corruption Vulnerability	No	No	8.1	Yes
CVE-2021-36960	Windows SMB Information Disclosure Vulnerability	No	No	7.5	Yes
CVE-2021-36969	Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-38635	Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-38636	Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-38667	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2021-38671	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40447	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36962	Windows Installer Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2021-36961	Windows Installer Denial of Service Vulnerability	No	No	5.5	No
CVE-2021-36964	Windows Event Tracing Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38630	Windows Event Tracing Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36955	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36963	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38633	Windows Common Log File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-36959	Windows Authenticode Spoofing Vulnerability	No	No	5.5	No
CVE-2021-38629	Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability	No	No	6.5	Yes
CVE-2021-38628	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38638	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-38639	Win32k Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2021-40444	Microsoft MSHTML Remote Code Execution Vulnerability	Yes	Yes	8.8	Yes