The zero-day vulnerability that allowed the Emotet malware to spread so aggressively has been fixed. This will allow Microsoft and other anti-virus software providers to track down infected computers, while also preventing a new wave of infections in the future.
The “cve-2021-40444 exploit” is a zero-day vulnerability that was used to spread the Emotet malware. The vulnerability has been fixed by Microsoft in the latest update of Windows 10.
Madalina has been a Windows user since she initially installed Windows XP on her computer. She is fascinated by all things technological, particularly new technologies such as artificial intelligence and DNA computing.
14th of December, 2021
Originally published in December 2018
Yes, it’s that time of the month again, and there’s a lot to consider in terms of software release now that the December 2021 Patch Tuesday updates are out.
Microsoft has issued a total of 67 software security solutions, including seven serious problems and a zero-day bug that is being actively exploited by unscrupulous third parties.
Microsoft has addressed several critical issues in this month’s patch, which is normally released on the second Tuesday of each month.
Remote code execution (RCE) problems, privilege escalation security flaws, spoofing bugs, and denial-of-service faults are among them.
Another noteworthy feature of this month’s distribution is that Windows 10 version 2004 has hit end-of-life status and will no longer get security updates.
Microsoft also had a lot of work to do in December.
Office, PowerShell, the Chromium-based Edge browser, the Windows Kernel, Print Spooler, and Remote Desktop Client are among the programs targeted by Microsoft’s December security update.
There are a total of six zero-day vulnerabilities fixed in this release, albeit only one is known to be actively exploited in the wild, as follows:
|CVE-2021-43890||Vulnerability in the Windows AppX Installer||Important||7.1||Yes||Yes||Spoofing|
|CVE-2021-43240||Elevation of Privilege Vulnerability in NTFS Set Short Name||Important||7.8||Yes||No||EoP|
|CVE-2021-43893||Elevation of Privilege Vulnerability in Windows Encrypting File System (EFS)||Important||7.5||Yes||No||EoP|
|CVE-2021-43883||Elevation of Privilege Vulnerability in Windows Installer||Important||7.1||Yes||No||EoP|
|CVE-2021-43880||Vulnerability in Windows Mobile Device Management Privilege Escalation||Important||5.5||Yes||No||EoP|
|CVE-2021-41333||Elevation of Privilege Vulnerability in Windows Print Spooler||Important||7.8||Yes||No||EoP|
|CVE-2021-43215||Remote Code Execution Vulnerability in the iSNS Server||Critical||9.8||No||No||RCE|
|CVE-2021-43899||Remote Code Execution Vulnerability in Microsoft’s 4K Wireless Display Adapter||Critical||9.8||No||No||RCE|
|CVE-2021-42310||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Critical||8.1||No||No||RCE|
|CVE-2021-43905||Remote Code Execution Vulnerability in Microsoft Office||Critical||9.6||No||No||RCE|
|CVE-2021-43233||Remote Code Execution Vulnerability in the Remote Desktop Client||Critical||7||No||No||RCE|
|CVE-2021-43907||Remote Code Execution Vulnerability in the Visual Studio Code WSL Extension||Critical||9.8||No||No||RCE|
|CVE-2021-43217||Remote Code Execution Vulnerability in Windows Encrypting File System (EFS)||Critical||8.1||No||No||RCE|
|CVE-2021-43877||Elevation of Privilege Vulnerability in ASP.NET Core and Visual Studio||Important||7.8||No||No||EoP|
|CVE-2021-43225||Vulnerability in the Bot Framework SDK for Remote Code Execution||Important||7.5||No||No||RCE|
|CVE-2021-43219||Vulnerability in the DirectX Graphics Kernel File Denial of Service||Important||7.4||No||No||DoS|
|CVE-2021-40452||Video Extensions for HEVC Vulnerability to Remote Code Execution||Important||7.8||No||No||RCE|
|CVE-2021-40453||Video Extensions for HEVC Vulnerability to Remote Code Execution||Important||7.8||No||No||RCE|
|CVE-2021-41360||Video Extensions for HEVC Vulnerability to Remote Code Execution||Important||7.8||No||No||RCE|
|CVE-2021-43892||Spoofing Vulnerability in Microsoft BizTalk ESB Toolkit||Important||7.1||No||No||Spoofing|
|CVE-2021-42312||Microsoft Defender for IoT Vulnerability in Privilege Escalation||Important||7.8||No||No||EoP|
|CVE-2021-43888||Information Disclosure Vulnerability in IoT Microsoft Defender||Important||7.5||No||No||Info|
|CVE-2021-41365||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||8.8||No||No||RCE|
|CVE-2021-42311||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||8.8||No||No||RCE|
|CVE-2021-42313||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||8.8||No||No||RCE|
|CVE-2021-42314||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||8.8||No||No||RCE|
|CVE-2021-42315||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||8.8||No||No||RCE|
|CVE-2021-43882||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||9||No||No||RCE|
|CVE-2021-43889||Remote Code Execution Vulnerability in Microsoft Defender for IoT||Important||7.2||No||No||RCE|
|CVE-2021-43256||Vulnerability in Microsoft Excel for Remote Code Execution||Important||7.8||No||No||RCE|
|CVE-2021-42293||Elevation of Privilege Vulnerability in Microsoft Jet Red Database Engine and Access Connectivity Engine||Important||6.5||No||No||EoP|
|CVE-2021-43216||Information Disclosure Vulnerability in Microsoft’s Local Security Authority Server (lsasrv)||Important||6.5||No||No||Info|
|CVE-2021-43222||Vulnerability in Microsoft Message Queuing Information Disclosure||Important||7.5||No||No||Info|
|CVE-2021-43236||Vulnerability in Microsoft Message Queuing Information Disclosure||Important||7.5||No||No||Info|
|CVE-2021-43875||Remote Code Execution Vulnerability in Microsoft Office Graphics||Important||7.8||No||No||RCE|
|CVE-2021-43255||Spoofing Vulnerability in Microsoft Office Trust Center||Important||5.5||No||No||Spoofing|
|CVE-2021-43896||Vulnerability in Microsoft PowerShell||Important||5.5||No||No||Spoofing|
|CVE-2021-42294||Remote Code Execution Vulnerability in Microsoft SharePoint Server||Important||7.2||No||No||RCE|
|CVE-2021-42309||Remote Code Execution Vulnerability in Microsoft SharePoint Server||Important||8.8||No||No||RCE|
|CVE-2021-42320||Spoofing Vulnerability in Microsoft SharePoint Server||Important||8||No||No||Spoofing|
|CVE-2021-43242||Spoofing Vulnerability in Microsoft SharePoint Server||Important||7.6||No||No||Spoofing|
|CVE-2021-43227||Vulnerability in the Storage Spaces Controller Information Disclosure||Important||5.5||No||No||Info|
|CVE-2021-43235||Vulnerability in the Storage Spaces Controller Information Disclosure||Important||5.5||No||No||Info|
|CVE-2021-43228||Denial of Service Vulnerability in SymCrypt||Important||7.5||No||No||DoS|
|CVE-2021-42295||Applications written in Visual Basic Vulnerability to Information Disclosure||Important||5.5||No||No||Info|
|CVE-2021-43891||Remote Code Execution Vulnerability in Visual Studio Code||Important||7.8||No||No||RCE|
|CVE-2021-43908||Vulnerability in Visual Studio Code Spoofing||Important||N/A||No||No||Spoofing|
|CVE-2021-43243||Video Extensions for VP9 Vulnerability to Information Disclosure||Important||5.5||No||No||Info|
|CVE-2021-43214||Remote Code Execution Vulnerability in Web Media Extensions||Important||7.8||No||No||RCE|
|CVE-2021-43207||Elevation of Privilege Vulnerability in the Windows Common Log File System Driver||Important||7.8||No||No||EoP|
|CVE-2021-43226||Elevation of Privilege Vulnerability in the Windows Common Log File System Driver||Important||7.8||No||No||EoP|
|CVE-2021-43224||Vulnerability in the Windows Common Log File System Driver Information Disclosure||Important||5.5||No||No||Info|
|CVE-2021-43248||Elevation of Privilege Vulnerability in Windows Digital Media Receiver||Important||7.8||No||No||EoP|
|CVE-2021-43245||Elevation of Privilege Vulnerability in Windows Digital TV Tuner||Important||7.8||No||No||EoP|
|CVE-2021-43232||Remote Code Execution Vulnerability in Windows Event Tracing||Important||7.8||No||No||RCE|
|CVE-2021-43234||Vulnerability in the Windows Fax Service that allows remote code execution||Important||7.8||No||No||RCE|
|CVE-2021-43246||Denial of Service Vulnerability in Windows Hyper-V||Important||5.6||No||No||DoS|
|CVE-2021-43244||Vulnerability in the Windows Kernel Information Disclosure||Important||6.5||No||No||Info|
|CVE-2021-40441||Elevation of Privilege Vulnerability in Windows Media Center||Important||7.8||No||No||EoP|
|CVE-2021-43229||Elevation of Privilege Vulnerability in Windows NTFS||Important||7.8||No||No||EoP|
|CVE-2021-43230||Elevation of Privilege Vulnerability in Windows NTFS||Important||7.8||No||No||EoP|
|CVE-2021-43231||Elevation of Privilege Vulnerability in Windows NTFS||Important||7.8||No||No||EoP|
|CVE-2021-43239||Vulnerability in the Windows Recovery Environment Agent’s Privilege Escalation||Important||7.1||No||No||EoP|
|CVE-2021-43223||Elevation of Privilege Vulnerability in Windows Remote Access Connection Manager||Important||7.8||No||No||EoP|
|CVE-2021-43238||Vulnerability in Windows Remote Access Privilege Escalation||Important||7.8||No||No||EoP|
|CVE-2021-43237||Elevation of Privilege Vulnerability in Windows Setup||Important||7.8||No||No||EoP|
|CVE-2021-43247||Elevation of Privilege Vulnerability in the Windows TCP/IP Driver||Important||7.8||No||No||EoP|
|* CVE-2021-4052 CVE-2021-4052 CVE-2021-4052 CVE||CVE-2021-4052 CVE-2021-4052 CVE-2021-4052 CVE-2021-4052 CVE-20 In web applications, use after for free.||High||N/A||No||No||RCE|
|* CVE-2021-4053 CVE-2021-4053 CVE-2021-4053 CVE||CVE-2021-4053 is a chromium vulnerability. In the UI, use after free.||High||N/A||No||No||RCE|
|* CVE-2021-4054 CVE-2021-4054 CVE-2021-4054 CVE||CVE-2021-4054 is a chromium vulnerability. In autofill, the security UI is incorrect.||High||N/A||No||No||RCE|
|* CVE-2021-4055 CVE-2021-4055 CVE-2021-4055 CVE||CVE-2021-4055 is a chromium vulnerability. Extensions with a heap buffer overflow||High||N/A||No||No||RCE|
|* CVE-2021-4056 CVE-2021-4056 CVE-2021-4056 CVE||CVE-2021-4056: Type Confusion in the Loader in Chromium||High||N/A||No||No||RCE|
|* CVE-2021-4057 CVE-2021-4057 CVE-2021-4057 CVE||CVE-2021-4057 is a chromium vulnerability. In the file API, use after free.||High||N/A||No||No||RCE|
|* CVE-2021-4058 CVE-2021-4058 CVE-2021-4058 CVE||CVE-2021-4058 Heap buffer overflow in ANGLE in Chromium||High||N/A||No||No||RCE|
|* CVE-2021-4059 CVE-2021-4059 CVE-2021-4059 CVE||CVE-2021-4059 CVE-2021-4059 CVE-2021-4059 CVE-2021-4059 CVE-20 Inadequate data validation in the loader||High||N/A||No||No||RCE|
|CVE-2021-4061 CVE-2021-4061 CVE-2021-4061 CVE-20||CVE-2021-4061 Type Confusion in V8 Chromium||High||N/A||No||No||RCE|
|* CVE-2021-4062 CVE-2021-4062 CVE-2021-4062 CVE||CVE-2021-4062 CVE-2021-4062 CVE-2021-4062 CVE-2021-4062 CVE-20 In BFCache, there is a heap buffer overflow.||High||N/A||No||No||RCE|
|* CVE-2021-4063 CVE-2021-4063 CVE-2021-4063 CVE||CVE-2021-4063 is a chromium vulnerability. After that, you may use the development tools for free.||High||N/A||No||No||RCE|
|* CVE-2021-4064 CVE-2021-4064 CVE-2021-4064 CVE||CVE-2021-4064 is a vulnerability in chromium. In screen capture, use after free.||High||N/A||No||No||RCE|
|* CVE-2021-4065 CVE-2021-4065 CVE-2021-4065 CVE||CVE-2021-4065 CVE-2021-4065 CVE-2021-4065 CVE-2021-4065 CVE-20 In autofill, use after free.||High||N/A||No||No||RCE|
|* CVE-2021-4066 CVE-2021-4066 CVE-2021-4066 CVE||CVE-2021-4066 Integer underflow in ANGLE in Chromium||High||N/A||No||No||RCE|
|CVE-2021-4067 CVE-2021-4067 CVE-2021-4067 CVE-20||CVE-2021-4067 chromium In the window manager, use after free.||High||N/A||No||No||RCE|
|* CVE-2021-4068 CVE-2021-4068 CVE-2021-4068 CVE||CVE-2021-4068 chromium In the new tab page, there is insufficient validation of untrusted input.||Low||N/A||No||No||Spoofing|
Microsoft has corrected a total of 887 CVE-assigned vulnerabilities this year, which, although high, is a 29 percent drop from 2020. (not including Chromium-based Edge).
One of the most significant achievements is that this patch corrects a Windows-related problem in the AppX installation.
The weakness has been spotted in malware from the Emotet/Trickbot/Bazaloader family, according to Redmond authorities, and an attacker would need to create a malicious file to employ in phishing attacks.
Because code execution seems to occur at the level of the logged-on user, attackers are likely to combine this with another flaw to gain control of a machine.
Another flaw in the Internet Storage Name Service (iSNS) server has been fixed, which might enable remote code execution if an attacker submits a specially crafted request to an affected server.
To refresh your memory, iSNS is an automated discovery and administration protocol for iSCSI devices on a TCP/IP storage network.
So, if your company has a SAN, you either have an iSNS server or you setup each of the logical interfaces separately.
This is one of three CVSS 9.8 problems that have been resolved in the last month. Prioritize testing and deployment of this patch if you have a SAN.
Remember that Microsoft isn’t the only firm that publishes updates and repair patches around this time of the month, so look into:
What are your views on the new release this month? Please let us know what you think in the comments area below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Watch This Video-
The “microsoft patch tuesday october 2021” is a zero-day vulnerability used to spread the Emotet malware. Microsoft has released patches for Windows and MacOS, which will fix the issue.
- microsoft zero-day exploit
- microsoft zero-day vulnerability 2021
- patch tuesday september 2021 issues
- mshtml zero-day
- zero-day patch september 2021