Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

The Role of Encrypted Communications in Attacks as You Approach Zero Trust
A Deep Dive into Social Engineering-Enabled Insider Threats Using Real-World Examples
Ransomware-as-a-Service Breakdown: Auditing Conti and Ryuk TTPs Using the MITRE ATT&CK Framework
It’s Complicated: The Special Risks of Password Spraying to AD and Azure AD and How to Prevent and Detect

Webinar Library

Latest Blogs

Recent Security Features in Active Directory You Probably Aren't Using

Active Directory security features you probably aren’t using and more in my sessions at The Experts Conference 2019

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Top Resources

Security Log

Additional Resources

October, 2021: Patch Tuesday: A fairly lite month but 4 zero days (3 public and 1 being exploited)

Welcome to my October Patch Tuesday newsletter. Microsoft is addressing 71 different vulnerabilities this month. This month we have one CVE (CVE-2021-40449) that is currently being exploited. It's not public but you should make sure this patch gets applied. There are three other vulnerabilities that are public but are not currently being exploited. It's only a matter of time before these exploits are used so you'll want to make sure these are patched as well. Another thing to pay attention to are the CVE's in bold in the chart below. They are not public or currently being exploited but they are rated as "Exploitation More Likely" by Microsoft. In the chart below you will see that Edge is missing "Severity" and "Vulnerability Info". This isn't by mistake. Microsoft says "The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable." So although Edge has a list of CVE's this month, Chrome's updating will address these CVE's. All in all it is a fairly lite month for Microsoft. Let's hope this pattern continues for the rest of the year. Happy updating!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 7, 8.1, RT 8.1, 10, 11 Server 2008, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations	Critical	CVE-2021-26441 CVE-2021-26442 CVE-2021-36953 CVE-2021-36970 CVE-2021-38662 CVE-2021-38663 CVE-2021-38672 CVE-2021-40443 CVE-2021-40449 CVE-2021-40450 CVE-2021-40454 CVE-2021-40455 CVE-2021-40456 CVE-2021-40460 CVE-2021-40461 CVE-2021-40462 CVE-2021-40463 CVE-2021-40464 CVE-2021-40465 CVE-2021-40466 CVE-2021-40467 CVE-2021-40468 CVE-2021-40469 CVE-2021-40470 CVE-2021-40475 CVE-2021-40476 CVE-2021-40477 CVE-2021-40478 CVE-2021-40488 CVE-2021-40489 CVE-2021-41330 CVE-2021-41331 CVE-2021-41332 CVE-2021-41334 CVE-2021-41335 CVE-2021-41336 CVE-2021-41337 CVE-2021-41338 CVE-2021-41339 CVE-2021-41340 CVE-2021-41342 CVE-2021-41343 CVE-2021-41345 CVE-2021-41346 CVE-2021-41347 CVE-2021-41357 CVE-2021-41361	Workaround: No Exploited: Yes Public: Yes	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based	Intentionally left blank	CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30629 CVE-2021-30630 CVE-2021-30631 CVE-2021-30633 CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963 CVE-2021-37964 CVE-2021-37965 CVE-2021-37966 CVE-2021-37967 CVE-2021-37968 CVE-2021-37969 CVE-2021-37970 CVE-2021-37971 CVE-2021-37972 CVE-2021-37973 CVE-2021-37974 CVE-2021-37975 CVE-2021-37976 CVE-2021-37977 CVE-2021-37978 CVE-2021-37979 CVE-2021-37980	Workaround: No Exploited: No Public: No	Intentionally left blank
Visual Studio	2017 15.9 and earlier 2019 16.11 and earlier	Important	CVE-2021-1971 CVE-2021-3449 CVE-2021-3450 CVE-2021-41355	Workaround: No Exploited: No Public: Yes	Denial of Service Information Disclosure
.NET	5.0	Important	CVE-2021-41355	Workaround: No Exploited: No Public: Yes	Information Disclosure
Dynamics 365	On-Premises 9.0, 9.1 Customer Engagement 9.0, 9.1	Important	CVE-2021-40457 CVE-2021-41353 CVE-2021-41354	Workaround: No Exploited: No Public: No	Spoofing
Office	365 Apps for Enterprise Excel/Word 2013 RT SP1, 2013 SP1, 2016 Office 2013 RT SP1, 2013 SP1, 2016, 2019, 2019 for Mac, Offline Server, Web Apps Server 2013 SP1 SharePoint Enterprise 2013 SP1, 2016 SharePoint Foundation 2013 SP1 SharePoint Server 2019 LTSC 2021, LTSC for Mac 2021	Critical	CVE-2021-40474 CVE-2021-40479 CVE-2021-40471 CVE-2021-40472 CVE-2021-40485 CVE-2021-40481 CVE-2021-40480 CVE-2021-40454 CVE-2021-40473 CVE-2021-40486 CVE-2021-41344 CVE-2021-40484 CVE-2021-40487 CVE-2021-40483 CVE-2021-40482	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution Spoofing
Exchange	Server 2013 CU 23 Server 2016 CU21, CU22 Server 2019 CU10, CU11	Important	CVE-2021-26427 CVE-2021-34453 CVE-2021-41350 CVE-2021-41348	Workaround: No Exploited: No Public: No	Denial of Service Elevation of Privilege Remote Code Execution Spoofing
Apps	Intune Management Extension	Important	CVE-2021-41363	Workaround: No Exploited: No Public: No	Security Feature Bypass
System Center	2012 R2, 2016, 2019 Operations Manager	Important	CVE-2021-41352	Workaround: No Exploited: No Public: No	Information Disclosure

Thanks as always for reading and best wishes on security,

Randy Franklin Smith

Send me this chart next Patch Tuesday.

Home

User name:
Password:
	/ Forgot?
	Register

October 2021 Patch Monday	"Patch Tuesday: A fairly lite month but 4 zero days (3 public and 1 being exploited) "

Follow @randyfsmith

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2021 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.