Patch Tuesday, June 2021: Microsoft Releases 50 Security Fixes for Critical Issues Including Six Zero-Days That Are Actively Exploited in the Wild
Patch Tuesday, June 2021: Highlights.
Microsoft has released its monthly security updates, with 50 patched vulnerabilities. Out of these, 5 are rated “Critical” and 45 are rated “Important” in severity. According to the tech giant, 6 zero-days have been spotted being exploited in the wild, indicating they may be abused by threat actors to gain full, remote control of compromised devices without any user intervention. As usual, Heimdal™ advises you to apply the updates as soon as possible.
Patch Tuesday, June 2021: Highlights
Microsoft Office, .NET Core & Visual Studio, the Edge browser, Windows Cryptographic Services, SharePoint, Outlook, and Excel are all products impacted by June’s security update.
The zero-day vulnerabilities that Microsoft has tracked as being actively exploited, now patched in this update, are:
- CVE-2021-33742: a Remote Code Execution vulnerability in a Windows HTML component
- CVE-2021-33739: an Elevation of Privilege vulnerability in the Microsoft Desktop Window Manager
- CVE-2021-31199: an Elevation of Privilege vulnerability in the Microsoft Enhanced Cryptographic Provider
- CVE-2021-31201: an Elevation of Privilege vulnerability in the Microsoft Enhanced Cryptographic Provider
- CVE-2021-31955: an information disclosure vulnerability in the Windows Kernel
- CVE-2021-31956: an Elevation of Privilege vulnerability in Windows NTFS
Apart from these vulnerabilities, CVE-2021-31968 was also reported by Microsoft, although it’s not actively exploited in the wild. The zero-day has a 7.5 CVSS score and could be exploited to trigger denial-of-service.
The Zero Day Initiative reported eight of these vulnerabilities. Microsoft has also acknowledged reports from Google’s Threat Analysis Group, Google Project Zero, Nixu Cybersecurity, Check Point Research, FireEye, and others.
Below you will find the breakdown of patched vulnerabilities in the June 2021 Patch Tuesday security updates. Additionally, you can access the full report here.
CVE ID | Product | Impact | Severity |
---|---|---|---|
CVE-2021-31957 | .NET Core & Visual Studio | .NET Core and Visual Studio Denial of Service Vulnerability | Important |
CVE-2021-31942 | 3D Viewer | 3D Viewer Remote Code Execution Vulnerability | Important |
CVE-2021-31943 | 3D Viewer | 3D Viewer Remote Code Execution Vulnerability | Important |
CVE-2021-31944 | 3D Viewer | 3D Viewer Information Disclosure Vulnerability | Important |
CVE-2021-33739 | Microsoft DWM Core Library | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
CVE-2021-33741 | Microsoft Edge | Microsoft Edge Elevation of Privilege Vulnerability | Important |
CVE-2021-31980 | Microsoft Intune | Microsoft Intune Management Extension Remote Code Execution Vulnerability | Important |
CVE-2021-31940 | Microsoft Office | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
CVE-2021-31941 | Microsoft Office | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
CVE-2021-31939 | Microsoft Office Excel | Microsoft Excel Remote Code Execution Vulnerability | Important |
CVE-2021-31949 | Microsoft Office Outlook | Microsoft Outlook Remote Code Execution Vulnerability | Important |
CVE-2021-31964 | Microsoft Office SharePoint | Microsoft SharePoint Server Spoofing Vulnerability | Critical |
CVE-2021-31963 | Microsoft Office SharePoint | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
CVE-2021-31950 | Microsoft Office SharePoint | Microsoft SharePoint Server Spoofing Vulnerability | Important |
CVE-2021-31948 | Microsoft Office SharePoint | Microsoft SharePoint Server Spoofing Vulnerability | Important |
CVE-2021-31966 | Microsoft Office SharePoint | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
CVE-2021-31965 | Microsoft Office SharePoint | Microsoft SharePoint Server Information Disclosure Vulnerability | Important |
CVE-2021-26420 | Microsoft Office SharePoint | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
CVE-2021-31959 | Microsoft Scripting Engine | Scripting Engine Memory Corruption Vulnerability | Critical |
CVE-2021-31967 | Microsoft Windows Codecs Library | VP9 Video Extensions Remote Code Execution Vulnerability | Critical |
CVE-2021-31946 | Paint 3D | Paint 3D Remote Code Execution Vulnerability | Important |
CVE-2021-31983 | Paint 3D | Paint 3D Remote Code Execution Vulnerability | Important |
CVE-2021-31945 | Paint 3D | Paint 3D Remote Code Execution Vulnerability | Important |
CVE-2021-31977 | Role: Hyper-V | Windows Hyper-V Denial of Service Vulnerability | Important |
CVE-2021-31938 | Visual Studio Code - Kubernetes Tools | Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability | Important |
CVE-2021-31960 | Windows Bind Filter Driver | Windows Bind Filter Driver Information Disclosure Vulnerability | Important |
CVE-2021-31954 | Windows Common Log File System Driver | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
CVE-2021-31201 | Windows Cryptographic Services | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important |
CVE-2021-31199 | Windows Cryptographic Services | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important |
CVE-2021-26414 | Windows DCOM Server | Windows DCOM Server Security Feature Bypass | Important |
CVE-2021-31978 | Windows Defender | Microsoft Defender Denial of Service Vulnerability | Important |
CVE-2021-31985 | Windows Defender | Microsoft Defender Remote Code Execution Vulnerability | Critical |
CVE-2021-31969 | Windows Drivers | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
CVE-2021-31972 | Windows Event Logging Service | Event Tracing for Windows Information Disclosure Vulnerability | Important |
CVE-2021-31953 | Windows Filter Manager | Windows Filter Manager Elevation of Privilege Vulnerability | Important |
CVE-2021-31971 | Windows HTML Platform | Windows HTML Platform Security Feature Bypass Vulnerability | Important |
CVE-2021-31973 | Windows Installer | Windows GPSVC Elevation of Privilege Vulnerability | Important |
CVE-2021-31962 | Windows Kerberos | Kerberos AppContainer Security Feature Bypass Vulnerability | Important |
CVE-2021-31951 | Windows Kernel | Windows Kernel Elevation of Privilege Vulnerability | Important |
CVE-2021-31955 | Windows Kernel | Windows Kernel Information Disclosure Vulnerability | Important |
CVE-2021-31952 | Windows Kernel-Mode Drivers | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
CVE-2021-33742 | Windows MSHTML Platform | Windows MSHTML Platform Remote Code Execution Vulnerability | Critical |
CVE-2021-31975 | Windows Network File System | Server for NFS Information Disclosure Vulnerability | Important |
CVE-2021-31974 | Windows Network File System | Server for NFS Denial of Service Vulnerability | Important |
CVE-2021-31976 | Windows Network File System | Server for NFS Information Disclosure Vulnerability | Important |
CVE-2021-31956 | Windows NTFS | Windows NTFS Elevation of Privilege Vulnerability | Important |
CVE-2021-31958 | Windows NTLM | Windows NTLM Elevation of Privilege Vulnerability | Important |
CVE-2021-1675 | Windows Print Spooler Components | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
CVE-2021-31968 | Windows Remote Desktop | Windows Remote Desktop Services Denial of Service Vulnerability | Important |
CVE-2021-31970 | Windows TCP/IP | Windows TCP/IP Driver Security Feature Bypass Vulnerability | Important |
Additional Cybersecurity Tips & References
Heimdal™ Patch & Asset Management offers a very simple solution to patch management, with fully customizable set-and-forget settings for Automatic deployment of software and updates. It also comes with full compliance and CVE/CVSS audit trail and updates are delivered fully repackaged, ad-free, and tested beforehand by our security experts. Our customers receive the patches using encrypted packages inside encrypted HTTPS transfer to their endpoints locally and the distribution is further optimized using a local P2P network between their own machines. What’s more, the built-in software center allows them to remove admin rights and permit their users to click and install only the software they approve.
As always, our Heimdal™ Threat Prevention and Heimdal™ Patch & Asset Management customers keep their organizations safe by applying the latest Microsoft patches in a timely manner.
Learn how automated patch management can add a powerful layer of defense to your organization and get in touch with us today for a free walkthrough.
Heimdal® DNS Security Solution
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
- Protection against data leakage, APTs, ransomware and exploits;