Microsoft has released a batch of November updates for its products and patches a total of 55 vulnerabilities this month, six of which are zero-day vulnerabilities.There have already been two bugs under attack (in Microsoft Exchange and Excel), while the fresh 0-day in Exchange was previously used as part of the Tianfu Cup hacker competition held annually in China.
The “main” vulnerabilities of the month were identified as the bugs under attack:
- CVE-2021-42292 – Microsoft Excel Bypass Security Vulnerability.
- CVE-2021-42321 – Remote Code Execution Vulnerability in Microsoft Exchange Server.
Interestingly, last month, as part of the Tianfu Cup hacker contest, an exploit was used for the CVE-2021-42321 issue, which allows an authenticated attacker to execute arbitrary code.
The company’s specialists urge administrators to urgently install patches, since the problem is very serious, although authentication is needed to exploit it. CVE-2021-42321 poses a threat to Exchange Server 2016 and Exchange Server 2019 due to incorrect validation of cmdlet arguments. The bug affects only on-premises Exchange servers, including those used by clients in Exchange hybrid mode (emphasizes that Exchange Online clients are protected from exploitation attempts).
In turn, the problem CVE-2021-42292 was discovered inside the company by Microsoft Threat Intelligence specialists, and was also actively used in hacker attacks. It is worth noting that the vulnerability in Excel also affects Microsoft Office for macOS, but there are no fixes for the Apple platform yet.
Also this month, Microsoft patched four other 0-day vulnerabilities that have not yet been exploited in attacks:
- CVE-2021-38631 – Information Disclosure Related to Windows Remote Desktop Protocol (RDP);
- CVE-2021-41371 – Information Disclosure Related to Windows Remote Desktop Protocol (RDP);
- CVE-2021-43208 – RCE vulnerability in 3D Viewer;
- CVE-2021-43209 – RCE vulnerability in 3D Viewer.
Let me remind you that we also talked about Microsoft fixes MSHTML vulnerability and residual PrintNightmare issues.
User Review( votes)