Microsoft Points Patches for Actively Exploited Excel, Trade Server 0-Day Bugs

Microsoft has launched safety updates as a part of its month-to-month Patch Tuesday launch cycle to deal with 55 vulnerabilities throughout Home windows, Azure, Visible Studio, Home windows Hyper-V, and Workplace, together with fixes for 2 actively exploited zero-day flaws in Excel and Trade Server that might be abused to take management of an affected system.

Of the 55 glitches, six are rated Important and 49 are rated as Necessary in severity, with 4 others listed as publicly recognized on the time of launch.

Probably the most crucial of the issues are CVE-2021-42321 (CVSS rating: 8.8) and CVE-2021-42292 (CVSS rating: 7.8), every regarding a post-authentication remote code execution flaw in Microsoft Trade Server and a safety bypass vulnerability impacting Microsoft Excel variations 2013-2021 respectively.

The Trade Server challenge can also be one of many bugs that was demonstrated on the Tianfu Cup held in China final month. Nonetheless, the Redmond-based tech big didn’t present any particulars on how the 2 aforementioned vulnerabilities have been utilized in real-world assaults.

Automatic GitHub Backups

“Earlier this yr, Microsoft alerted that APT Group HAFNIUM was exploiting four zero-day vulnerabilities within the Microsoft Trade server,” stated Bharat Jogi, director of vulnerability and risk analysis at Qualys.

“This developed into exploits of Trade server vulnerabilities by DearCry Ransomware — together with assaults on infectious illness researchers, legislation corporations, universities, protection contractors, coverage suppose tanks and NGOs. Situations reminiscent of these additional underscore that Microsoft Trade servers are high-value targets for hackers seeking to penetrate crucial networks,” Jogi added.

Additionally addressed are 4 publicly disclosed, however not exploited, vulnerabilities —

  • CVE-2021-43208 (CVSS rating: 7.8) – 3D Viewer Distant Code Execution Vulnerability
  • CVE-2021-43209 (CVSS rating: 7.8) – 3D Viewer Distant Code Execution Vulnerability
  • CVE-2021-38631 (CVSS rating: 4.4) – Home windows Distant Desktop Protocol (RDP) Data Disclosure Vulnerability
  • CVE-2021-41371 (CVSS rating: 4.4) – Home windows Distant Desktop Protocol (RDP) Data Disclosure Vulnerability

Microsoft’s November patch additionally comes with a decision for CVE-2021-3711, a crucial buffer overflow flaw in OpenSSL’s SM2 decryption function that got here to mild in late August 2021 and might be abused by adversaries to run arbitrary code and trigger a denial-of-service (DoS) situation.

Different necessary remediations embrace fixes for a number of distant code execution flaws in Chakra Scripting Engine (CVE-2021-42279), Microsoft Defender (CVE-2021-42298), Microsoft Digital Machine Bus (CVE-2021-26443), Distant Desktop Consumer (CVE-2021-38666), and on-premises variations of Microsoft Dynamics 365 (CVE-2021-42316).

Lastly, the replace is rounded by patches for a lot of privilege escalation vulnerabilities affecting NTFS (CVE-2021-41367, CVE-2021-41370, CVE-2021-42283), Home windows Kernel (CVE-2021-42285), Visible Studio Code (CVE-2021-42322), Home windows Desktop Bridge (CVE-2021-36957), and Home windows Quick FAT File System Driver (CVE-2021-41377)

Prevent Data Breaches

To install the most recent safety updates, Home windows customers can head to Begin > Settings > Replace & Safety > Home windows Replace or by choosing Verify for Home windows updates.

Software program Patches From Different Distributors

Along with Microsoft, safety updates have additionally been launched by a lot of different distributors to rectify a number of vulnerabilities, together with —

Source link