Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

2021 Year in Review: Using Notable Vulnerabilities from this Year to Improve your Future Vulnerability Discovery and Remediation Efforts

Webinar Library

Latest Blogs

Recent Security Features in Active Directory You Probably Aren't Using

Active Directory security features you probably aren’t using and more in my sessions at The Experts Conference 2019

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Top Resources

Security Log

Additional Resources

November, 2021: Patch Tuesday: A Fairly Light Month with a Couple Zero Days

Welcome to my November Patch Tuesday newsletter. This month is fairly light in comparison to others. There are two zero days this month being patched, CVE-2021-42321 and CVE-2021-42292. 42292 is a security feature bypass affecting Microsoft Excel. 42321 is a zero day affecting Exchange Server. Both of these are currently being exploited so you will want to make sure these patches are applied since malicious attackers are already taking advantage of the vulnerabilities. Four others (highlighted in red in the below chart) are publicly disclosed but no exploitation has been detected as of yet. Microsoft rates these four as "Exploitation Less Likely" but since they are public these should be patched soon. You will also want to give attention to CVE-2021-42298, CVE-2021-41356 and CVE-2021-38666 because Microsoft is rating these as "Exploitation More Likely". Happy updating!

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 7, 8.1, RT 8.1, 10, 11 Server 2008, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations Remote Desktop Client	Critical	CVE-2021-26443 CVE-2021-36957 CVE-2021-38631 CVE-2021-38665 CVE-2021-38666 CVE-2021-41356 CVE-2021-41366 CVE-2021-41367 CVE-2021-41370 CVE-2021-41371 CVE-2021-41377 CVE-2021-41378 CVE-2021-41379 CVE-2021-42274 CVE-2021-42275 CVE-2021-42276 CVE-2021-42277 CVE-2021-42278 CVE-2021-42279 CVE-2021-42280 CVE-2021-42282 CVE-2021-42283 CVE-2021-42284 CVE-2021-42285 CVE-2021-42286 CVE-2021-42287 CVE-2021-42288 CVE-2021-42291	Workaround: No Exploited: No Public: Yes	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass
Edge	Chromium-based	Important	CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-41351 CVE-2021-42307	Workaround: No Exploited: No Public: No	Spoofing Information Disclosure
Visual Studio	20152 Update 3 2017 15.9 and earlier 2019 16.11 and earlier VS Code	Critical	CVE-2021-3711 CVE-2021-42277 CVE-2021-42319 CVE-2021-42322	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Dynamics 365	On-Premises 9.0, 9.1	Critical	CVE-2021-42316	Workaround: No Exploited: No Public: No	Remote Code Execution
Office	365 Apps for Enterprise Excel 2013 RT SP1, 2013 SP1, 2016 Office 2013 RT SP1, 2013 SP1, 2016, 2019, 2019 for Mac, Online Server, Web Apps Server 2013 SP1 SharePoint Enterprise 2013 SP1 LTSC 2021, LTSC for Mac 2021	Important	CVE-2021-40442 CVE-2021-41368 CVE-2021-42292 CVE-2021-42296	Workaround: No Exploited: Yes Public: No	Remote Code Execution Security Feature Bypass
Exchange	Server 2013 CU 23 Server 2016 CU21, CU22 Server 2019 CU10, CU11	Important	CVE-2021-41349 CVE-2021-42305 CVE-2021-42321	Workaround: No Exploited: Yes Public: No	Remote Code Execution Spoofing
Azure	FSLogix Sphere RTOS	Important	CVE-2021-26444 CVE-2021-41373 CVE-2021-41374 CVE-2021-41375 CVE-2021-41376 CVE-2021-42300 CVE-2021-42301 CVE-2021-42302 CVE-2021-42303 CVE-2021-42304 CVE-2021-42323	Workaround: No Exploited: No Public: No	Information Disclosure Elevation of Privilege Tampering
Apps	3D Viewer	Important	CVE-2021-43208 CVE-2021-43209	Workaround: No Exploited: No Public: Yes	Remote Code Execution
System Center	Malware Protection Engine	Critical	CVE-2021-42298	Workaround: No Exploited: No Public: No	Remote Code Execution
SQL Server	Power BI Report Server	Important	CVE-2021-41372	Workaround: No Exploited: No Public: No	Spoofing
Device	Surface Pro 3	Important	CVE-2021-42299	Workaround: No Exploited: No Public: No	Security Feature Bypass

Send me this chart next Patch Tuesday.

Home

User name:
Password:
	/ Forgot?
	Register

November 2021 Patch Monday	"Patch Tuesday: A Fairly Light Month with a Couple Zero Days "

Follow @randyfsmith

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2021 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.