Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Microsoft September 2021 Patch Tuesday SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft September 2021 Patch Tuesday

This month we got patches for 86 vulnerabilities. Of these, 3 are critical, 1 vulnerability (MSHTML Vulnerability) was previously disclosed and is being according to Microsoft.

As expected, Microsoft released the patch for the zero-day (CVE-2021-40444) affecting MSHTML that could allow an attacker to execute remote code on an affected system. According to the advisory, an attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. The CVSS for this vulnerability is 8.80 (out of 10).

Also of note is a critical vulnerability in Microsoft Open Management Infrastructure (CVE-2021-38647). This open-source project lead by Microsoft implements web-based enterprise management standards and the vulnerability may be used for remote code execution. The CVSS for this vulnerability is 9.80.

Finally, a remote code execution affecting Windows WLAN AutoConfig Service was fixed (CVE-2021-36965). According to the advisory, this vulnerability affects virtually all supported Windows versions, may be exploited by an attacker on an adjacent network, requires no privilege and no user interaction. The CVSS for this vulnerability is 8.80.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

September 2021 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure Sphere Information Disclosure Vulnerability
CVE-2021-36956 No No Less Likely Less Likely Important 4.4 4.0
BitLocker Security Feature Bypass Vulnerability
CVE-2021-38632 No No Less Likely Less Likely Important 5.7 5.0
Chromium: CVE-2021-30606 Use after free in Blink
CVE-2021-30606 No No - - -    
Chromium: CVE-2021-30607 Use after free in Permissions
CVE-2021-30607 No No - - -    
Chromium: CVE-2021-30608 Use after free in Web Share
CVE-2021-30608 No No - - -    
Chromium: CVE-2021-30609 Use after free in Sign-In
CVE-2021-30609 No No - - -    
Chromium: CVE-2021-30610 Use after free in Extensions API
CVE-2021-30610 No No - - -    
Chromium: CVE-2021-30611 Use after free in WebRTC
CVE-2021-30611 No No - - -    
Chromium: CVE-2021-30612 Use after free in WebRTC
CVE-2021-30612 No No - - -    
Chromium: CVE-2021-30613 Use after free in Base internals
CVE-2021-30613 No No - - -    
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip
CVE-2021-30614 No No - - -    
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
CVE-2021-30615 No No - - -    
Chromium: CVE-2021-30616 Use after free in Media
CVE-2021-30616 No No - - -    
Chromium: CVE-2021-30617 Policy bypass in Blink
CVE-2021-30617 No No - - -    
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
CVE-2021-30618 No No - - -    
Chromium: CVE-2021-30619 UI Spoofing in Autofill
CVE-2021-30619 No No - - -    
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVE-2021-30620 No No - - -    
Chromium: CVE-2021-30621 UI Spoofing in Autofill
CVE-2021-30621 No No - - -    
Chromium: CVE-2021-30622 Use after free in WebApp Installs
CVE-2021-30622 No No - - -    
Chromium: CVE-2021-30623 Use after free in Bookmarks
CVE-2021-30623 No No - - -    
Chromium: CVE-2021-30624 Use after free in Autofill
CVE-2021-30624 No No - - -    
Chromium: CVE-2021-30632 Out of bounds write in V8
CVE-2021-30632 No No - - -    
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2021-38661 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Accessibility Insights for Android Information Disclosure Vulnerability
CVE-2021-40448 No No Less Likely Less Likely Important 6.3 5.5
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-40440 No No Less Likely Less Likely Important 5.4 4.9
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2021-26436 No No Less Likely Less Likely Important 6.1 5.3
CVE-2021-36930 No No Less Likely Less Likely Important 5.3 4.6
Microsoft Edge (Chromium-based) Tampering Vulnerability
CVE-2021-38669 No No Less Likely Less Likely Important 6.4 5.6
Microsoft Edge for Android Information Disclosure Vulnerability
CVE-2021-26439 No No - - Moderate 4.6 4.0
Microsoft Edge for Android Spoofing Vulnerability
CVE-2021-38641 No No Less Likely Less Likely Important 6.1 5.3
Microsoft Edge for iOS Spoofing Vulnerability
CVE-2021-38642 No No Less Likely Less Likely Important 6.1 5.3
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-38655 No No Less Likely Less Likely Important 7.8 6.8
Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
CVE-2021-38644 No No Less Likely Less Likely Important 7.8 6.8
Microsoft MSHTML Remote Code Execution Vulnerability
CVE-2021-40444 Yes Yes Detected Detected Important 8.8 7.9
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2021-38646 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Office Graphics Component Information Disclosure Vulnerability
CVE-2021-38657 No No Less Likely Less Likely Important 6.1 5.3
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-38658 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38660 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Office Remote Code Execution Vulnerability
CVE-2021-38659 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Office Spoofing Vulnerability
CVE-2021-38650 No No Less Likely Less Likely Important 7.6 6.6
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2021-38653 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38654 No No Less Likely Less Likely Important 7.8 6.8
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-38651 No No Less Likely Less Likely Important 7.6 6.6
CVE-2021-38652 No No Less Likely Less Likely Important 7.6 6.6
Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2021-38634 No No Less Likely Less Likely Important 7.1 6.2
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-38656 No No Less Likely Less Likely Important 7.8 6.8
Open Management Infrastructure Elevation of Privilege Vulnerability
CVE-2021-38645 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38648 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38649 No No Less Likely Less Likely Important 7.0 6.1
Open Management Infrastructure Remote Code Execution Vulnerability
CVE-2021-38647 No No Less Likely Less Likely Critical 9.8 8.5
Visual Studio Code Spoofing Vulnerability
CVE-2021-26437 No No Less Likely Less Likely Important 5.5 4.8
Visual Studio Elevation of Privilege Vulnerability
CVE-2021-26434 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Remote Code Execution Vulnerability
CVE-2021-36952 No No Less Likely Less Likely Important 7.8 6.8
Win32k Elevation of Privilege Vulnerability
CVE-2021-36975 No No More Likely More Likely Important 7.8 6.8
CVE-2021-38639 No No More Likely More Likely Important 7.8 6.8
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2021-38628 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38638 No No Less Likely Less Likely Important 7.8 6.8
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
CVE-2021-38629 No No Less Likely Less Likely Important 6.5 5.7
Windows Authenticode Spoofing Vulnerability
CVE-2021-36959 No No Less Likely Less Likely Important 5.5 4.8
Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2021-36954 No No Less Likely Less Likely Important 8.8 7.7
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-36955 No No More Likely More Likely Important 7.8 7.2
CVE-2021-36963 No No More Likely More Likely Important 7.8 6.8
CVE-2021-38633 No No More Likely More Likely Important 7.8 6.8
Windows DNS Elevation of Privilege Vulnerability
CVE-2021-36968 Yes No Less Likely Less Likely Important 7.8 6.8
Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-36964 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38630 No No Less Likely Less Likely Important 7.8 6.8
Windows Installer Denial of Service Vulnerability
CVE-2021-36961 No No Less Likely Less Likely Important 5.5 4.8
Windows Installer Information Disclosure Vulnerability
CVE-2021-36962 No No Less Likely Less Likely Important 5.5 4.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-38625 No No Less Likely Less Likely Important 7.8 6.8
CVE-2021-38626 No No Less Likely Less Likely Important 7.8 6.8
Windows Key Storage Provider Security Feature Bypass Vulnerability
CVE-2021-38624 No No Less Likely Less Likely Important 6.5 5.7
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-38667 No No Less Likely Less Likely Important 7.8 7.2
CVE-2021-38671 No No More Likely More Likely Important 7.8 7.2
CVE-2021-40447 No No Less Likely Less Likely Important 7.8 7.2
Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability
CVE-2021-36969 No No Less Likely Less Likely Important 5.5 4.8
CVE-2021-38635 No No Less Likely Less Likely Important 5.5 4.8
CVE-2021-38636 No No Less Likely Less Likely Important 5.5 4.8
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
CVE-2021-36973 No No Less Likely Less Likely Important 7.8 6.8
Windows SMB Elevation of Privilege Vulnerability
CVE-2021-36974 No No Less Likely Less Likely Important 7.8 6.8
Windows SMB Information Disclosure Vulnerability
CVE-2021-36960 No No Less Likely Less Likely Important 7.5 6.5
CVE-2021-36972 No No Less Likely Less Likely Important 5.5 4.8
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2021-26435 No No Less Likely Less Likely Critical 8.1 7.1
Windows Storage Information Disclosure Vulnerability
CVE-2021-38637 No No Less Likely Less Likely Important 5.5 4.8
Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2021-36966 No No Less Likely Less Likely Important 7.8 6.8
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
CVE-2021-36967 No No Less Likely Less Likely Important 8.0 7.0
Windows WLAN AutoConfig Service Remote Code Execution Vulnerability
CVE-2021-36965 No No Less Likely Less Likely Critical 8.8 7.7

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Renato

69 Posts
ISC Handler
Sep 14th 2021
Potential issues with the September CU's
These appear to be randomly? preventing access to shared printers.

2012 - KB5005613
2016 - KB5005573
2019 - KB5005568
Anonymous

Sign Up for Free or Log In to start participating in the conversation!