Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft June 2021 Patch Tuesday

Published: 2021-06-08
Last Updated: 2021-06-08 17:57:19 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 50 vulnerabilities. Of these, 5 are critical, 2 were previously disclosed and 6 is already being exploited according to Microsoft.

The highlight this time, of course, goes to the 6 zero-days: an elevation of privileges vulnerability on Microsoft DWM Core Library (CVE-2021-33739) - the only previously disclosed, an elevation of privilege vulnerability on Windows NTFS (CVE-2021-31956), an information disclosure vulnerability on Windows Kernel (CVE-2021-31955), an elevation of privilege vulnerability on Microsoft Enhanced Cryptographic Provider (CVE-2021-31201 and CVE-2021-31199) and, more importaltly, a remote code execution vulnerability affecting Windows MSHTML Platform (CVE-2021-33742).

Apart from the zero-days, there is an important security feature bypass Vulnerability Kerberos AppContainer (CVE-2021-31962). According to the advisory, in an enterprise environment this vulnerability might allow an attacker to bypass Kerberos authentication, to authenticate to an arbitrary service principal name. This vulnerability was associated to the highest CVSS this month: 9.4.

There is also a remote code execution affecing Windows Defender (CVE-2021-31985). According to the advisory, this vulnerability is more likely to be exploited, requires no authentication and the attack complexity is low.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-31957 No No Less Likely Less Likely Important 5.9 5.2
3D Viewer Information Disclosure Vulnerability
CVE-2021-31944 No No Less Likely Less Likely Important 5.0 4.4
3D Viewer Remote Code Execution Vulnerability
CVE-2021-31942 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31943 No No Less Likely Less Likely Important 7.8 6.8
Event Tracing for Windows Information Disclosure Vulnerability
CVE-2021-31972 No No Less Likely Less Likely Important 5.5 4.8
Kerberos AppContainer Security Feature Bypass Vulnerability
CVE-2021-31962 No No Less Likely Less Likely Important 9.4 8.2
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2021-33739 Yes Yes Detected Detected Important 8.4 7.8
Microsoft Defender Denial of Service Vulnerability
CVE-2021-31978 No No Less Likely Less Likely Important 5.5 4.8
Microsoft Defender Remote Code Execution Vulnerability
CVE-2021-31985 No No More Likely More Likely Critical 7.8 6.8
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-33741 No No Less Likely Less Likely Important 8.2 7.1
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
CVE-2021-31199 No Yes Detected Detected Important 5.2 4.8
CVE-2021-31201 No Yes Detected Detected Important 5.2 4.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-31939 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Intune Management Extension Remote Code Execution Vulnerability
CVE-2021-31980 No No Less Likely Less Likely Important 8.1 7.1
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-31940 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31941 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2021-31949 No No Less Likely Less Likely Important 6.7 5.8
Microsoft SharePoint Server Information Disclosure Vulnerability
CVE-2021-31965 No No Less Likely Less Likely Important 5.7 5.0
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-26420 No No Less Likely Less Likely Important 7.1 6.2
CVE-2021-31963 No No Less Likely Less Likely Critical 7.1 6.2
CVE-2021-31966 No No Less Likely Less Likely Important 7.2 6.3
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-31964 No No Less Likely Less Likely Important 7.6 6.6
CVE-2021-31948 No No Less Likely Less Likely Important 7.6 6.6
CVE-2021-31950 No No Less Likely Less Likely Important 7.6 6.6
Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability
CVE-2021-31938 No No Less Likely Less Likely Important 7.3 6.4
Paint 3D Remote Code Execution Vulnerability
CVE-2021-31945 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31946 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-31983 No No Less Likely Less Likely Important 7.8 6.8
Scripting Engine Memory Corruption Vulnerability
CVE-2021-31959 No No More Likely More Likely Critical 6.4 5.6
Server for NFS Denial of Service Vulnerability
CVE-2021-31974 No No Less Likely Less Likely Important 7.5 6.5
Server for NFS Information Disclosure Vulnerability
CVE-2021-31975 No No Less Likely Less Likely Important 7.5 6.5
CVE-2021-31976 No No Less Likely Less Likely Important 7.5 6.5
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2021-31967 No No Less Likely Less Likely Critical 7.8 6.8
Windows Bind Filter Driver Information Disclosure Vulnerability
CVE-2021-31960 No No Less Likely Less Likely Important 5.5 4.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2021-31969 No No Less Likely Less Likely Important 7.8 6.8
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-31954 No No More Likely More Likely Important 7.8 6.8
Windows DCOM Server Security Feature Bypass
CVE-2021-26414 No No Less Likely Less Likely Important 4.8 4.2
Windows Filter Manager Elevation of Privilege Vulnerability
CVE-2021-31953 No No Less Likely Less Likely Important 7.8 6.8
Windows GPSVC Elevation of Privilege Vulnerability
CVE-2021-31973 No No Less Likely Less Likely Important 7.8 6.8
Windows HTML Platform Security Feature Bypass Vulnerability
CVE-2021-31971 No No Less Likely Less Likely Important 6.8 5.9
Windows Hyper-V Denial of Service Vulnerability
CVE-2021-31977 No No Less Likely Less Likely Important 8.6 7.5
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-31951 No No More Likely More Likely Important 7.8 6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2021-31955 No Yes Detected Detected Important 5.5 5.1
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2021-31952 No No More Likely More Likely Important 7.8 6.8
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2021-33742 No Yes Detected Detected Critical 7.5 7.0
Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-31956 No Yes Detected Detected Important 7.8 7.2
Windows NTLM Elevation of Privilege Vulnerability
CVE-2021-31958 No No Less Likely Less Likely Important 7.5 6.5
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1675 No No Less Likely Less Likely Important 7.8 6.8
Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2021-31968 Yes No Less Likely Less Likely Important 7.5 6.5
Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2021-31970 No No Less Likely Less Likely Important 5.5 4.8

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
0 comment(s)
Diary Archives