[ad_1]
Today’s GREEN Alert addresses Microsoft’s October 2021 security updates. GREEN is actively working to cover these vulnerabilities and plans to ship ASPL-968 on Wednesday, October 13.
CVE in nature and disclosed
CVE-2021-40449
This month we have an elevation of privilege in Win32k which has been exploited in the wild via MysterySnail. This vulnerability appears to impact all systems from Windows 7 to the new version of Windows 11.
Microsoft has classified this as Exploitation detected on the latest software version on the exploitability index.
CVE-2021-40469
This remote code execution vulnerability in Microsoft DNS server affects all operating systems from Server 2008 to Server 2022. Only servers with the configured DNS server role are affected by the vulnerability.
Microsoft ranked it in the Less Likely Exploitation category on the latest software version on the Exploitability Index.
CVE-2021-41335
A publicly disclosed vulnerability in the Windows kernel could result in elevation of privilege. Unlike CVE-2021-40449, this vulnerability does not include Windows 11 and Windows Server 2022.
Microsoft ranked it in the Less Likely Exploitation category on the latest software version on the Exploitability Index.
CVE-2021-41338
This vulnerability was initially closed by Microsoft Security as a “Won’t Fix” issue. They have since reconsidered and released an update. The vulnerability was discovered by James Forshaw of Google Project Zero and is detailed here with the specific Project Zero issue tracked here.
Microsoft ranked it in the Less Likely Exploitation category on the latest software version on the Exploitability Index.
Breakdown of CVEs by tag
While historical groupings of Microsoft Security Bulletins have disappeared, Microsoft vulnerabilities are tagged with an ID. This list provides a breakdown of VECs by tag. Vulnerabilities are also color coded to help identify key issues.
- Traditional software
- Mobile software
- Cloud or Adjacent Cloud
- Vulnerabilities exploited or disclosed will be fat
| Label | Number of CVE | CVE |
| .NET Core and Visual Studio | 1 | CVE-2021-41355 |
| Windows Fastfat Driver | 2 | CVE-2021-38662, CVE-2021-41343 |
| Console window host | 1 | CVE-2021-41346 |
| Microsoft Office Word | 1 | CVE-2021-40486 |
| HTTP.sys | 1 | CVE-2021-26442 |
| Windows Installer | 1 | CVE-2021-40455 |
| Visual studio | 3 | CVE-2021-3450, CVE-2021-3449, CVE-2020-1971 |
| Microsoft Dynamics | 3 | CVE-2021-40457, CVE-2021-41353, CVE-2021-41354 |
| Windows Storage Controller | 5 | CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-26441, CVE-2021-41345 |
| Windows DirectX | 1 | CVE-2021-40470 |
| Windows AppX Deployment Service | 1 | CVE-2021-41347 |
| Microsoft Office SharePoint | 5 | CVE-2021-41344, CVE-2021-40482, CVE-2021-40483, CVE-2021-40484, CVE-2021-40487 |
| Microsoft Windows Codec Library | 3 | CVE-2021-40462, CVE-2021-41330, CVE-2021-41331 |
| Windows Cloud Files Mini-Filter Driver | 1 | CVE-2021-40475 |
| Microsoft Office Excel | 6 | CVE-2021-40471, CVE-2021-40472, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479, CVE-2021-40485 |
| Microsoft Graphics Component | 1 | CVE-2021-41340 |
| Windows Event Tracking | 1 | CVE-2021-40477 |
| Windows kernel | 2 | CVE-2021-41335, CVE-2021-41336 |
| Microsoft Exchange Server | 4 | CVE-2021-34453, CVE-2021-41348, CVE-2021-41350, CVE-2021-26427 |
| Windows Share near me | 1 | CVE-2021-40464 |
| Rich text editing control | 1 | CVE-2021-40454 |
| Windows remote procedure call execution | 1 | CVE-2021-40460 |
| Active Directory Federation Services | 1 | CVE-2021-41361 |
| Windows AppContainer | 2 | CVE-2021-40476, CVE-2021-41338 |
| Windows Link Filter Driver | 1 | CVE-2021-40468 |
| Windows Desktop Bridge | 1 | CVE-2021-41334 |
| Windows Network Address Translation (NAT) | 1 | CVE-2021-40463 |
| Windows platform MSHTML | 1 | CVE-2021-41342 |
| Role: DNS Server | 1 | CVE-2021-40469 |
| Windows Win32K | 3 | CVE-2021-40449, CVE-2021-40450, CVE-2021-41357 |
| Windows TCP / IP | 1 | CVE-2021-36953 |
| Microsoft DWM Core Library | 1 | CVE-2021-41339 |
| Windows Print Spooler Components | 2 | CVE-2021-36970, CVE-2021-41332 |
| Role: Windows Hyper-V | 2 | CVE-2021-38672, CVE-2021-40461 |
| Windows exFAT file system | 1 | CVE-2021-38663 |
| Microsoft Edge (Chrome based) | 7 | CVE-2021-37974, CVE-2021-37975, CVE-2021-37976, CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980 |
| Role: Windows AD FS Server | 1 | CVE-2021-40456 |
| Microsoft Office Visio | 2 | CVE-2021-40480, CVE-2021-40481 |
| Windows text formatting | 1 | CVE-2021-40465 |
| Microsoft Intune | 1 | CVE-2021-41363 |
| Windows Common Log File System Driver | 3 | CVE-2021-40443, CVE-2021-40466, CVE-2021-40467 |
| Role: Windows Active Directory Server | 1 | CVE-2021-41337 |
| System Center | 1 | CVE-2021-41352 |
other information
There were no new notices included in the October Safety Guide, but there was an update.
ADV200011 – Microsoft Tips for Resolving Security Feature Bypass in GRUB
Microsoft has updated its GRUB notice regarding a number of vulnerabilities released in July 2020 and March 2021. The update says new versions of Windows, including Windows 11, are affected and that an update will be released. published to resolve this issue in the spring of 2022.
[ad_2]
