Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
In all, the Microsoft security updates address vulnerabilities in the following products:
- .NET Core & Visual Studio
- 3D Viewer
- Microsoft DWM Core Library
- Microsoft Intune
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office Outlook
- Microsoft Office SharePoint
- Microsoft Scripting Engine
- Microsoft Windows Codecs Library
- Paint 3D
- Role: Hyper-V
- Visual Studio Code – Kubernetes Tools
- Windows Bind Filter Driver
- Windows Common Log File System Driver
- Windows Cryptographic Services
- Windows DCOM Server
- Windows Defender
- Windows Drivers
- Windows Event Logging Service
- Windows Filter Manager
- Windows HTML Platform
- Windows Installer
- Windows Kerberos
- Windows Kernel
- Windows Kernel-Mode Drivers
- Windows Network File System
- Windows NTFS
- Windows NTLM
- Windows Print Spooler Components
- Windows Remote Desktop
- Windows TCP/IP.
The following zero-day vulnerabilities that have known public exploits were fixed in this month’s patches (along with severity and CVSS score):
- CVE-2021-31199: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability (Medium, CVSS 5.2)
- CVE-2021-31201: Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability (Medium, CVSS 5.2)
- CVE-2021-31955: Windows Kernel Information Disclosure Vulnerability (Medium, CVSS 5.5)
- CVE-2021-31956: Windows NTFS Elevation of Privilege Vulnerability (High, CVSS 7.8)
- CVE-2021-33739: Microsoft DWM Core Library Elevation of Privilege Vulnerability (High, CVSS 8.4)
- CVE-2021-33742: Windows MSHTML Platform Remote Code Execution Vulnerability (High, CVSS 7.5).
Microsoft confirmed “exploitation was detected” for each of these vulnerabilities.
Critical RCE vulnerabilities
In addition, Microsoft addressed 5 Critical remote code execution (RCE) vulnerabilities on Microsoft Malware Protection Engine, VP9 Video Extensions, Sharepoint, Windows Server and Windows 10 products. The last 3 affect multiple product versions.
The 5 patched Critical RCE vulnerabilities include:
- CVE-2021-31959: Scripting Engine Memory Corruption Vulnerability
- CVE-2021-31963: Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2021-31967: VP9 Video Extensions Remote Code Execution Vulnerability
- CVE-2021-31985: Microsoft Defender Remote Code Execution Vulnerability
- CVE-2021-33742: Windows MSHTML Platform Remote Code Execution Vulnerability.
It is important to note that the Windows MSHTML Platform CVE-2021-33742 is also one of the vulnerabilities previously mentioned as being exploited in the wild.
Other security updates
In addition to the Critical RCEs and zero-days, Microsoft also patched 40 other Important rated vulnerabilities across multiple products. The tech giant addressed various typed of vulnerabilities, to include: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass and Spoofing.
Readers can review the June 2021 Security Updates Release Notes and also download more vulnerability and patch details via Microsoft’s Security Update Guide. On related note, also check out the latest Adobe security updates for multiple Adobe products.
- Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’
- Microsoft May 2021 Security Updates include fixes for 4 Critical and 3 zero-day vulnerabilities
- FBI removes malicious web shells from hundreds of compromised Microsoft Exchange servers
- Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks
- Microsoft open sources CodeQL queries to scan for Solarwinds-like Solorigate activity