Welcome to this June Patch Tuesday Bulletin. This much there are 49 unique CVE’s listed, 6 technologies, 3 critical technologies, 2 publicly disclosed vulnerabilities, and 6 vulnerabilities that were exploited in the wild. CVE-2021-33739, CVE-2021-31201, CVE-2021-31199, CVE-2021-31956 are all exploited privilege escalation vulnerabilities with the highest CVSS score of 8.4/10 and CVE-2021-33739 was also publicly disclosed. CVE-2021-33742 is an exploited remote code execution vulnerability affecting the MSHTML platform with a CVSS score of 7.5/10. Finally, CVE-2021-31955 is an exploited information disclosure vulnerability with a CVSS score of 5.5. It goes without saying that remediating these vulnerabilities is the top priority this month. Windows is updating numerous vulnerabilities that are assessed and more likely to be exploited. It is important to make sure that updates for the following CVE’s are applied: CVE-2021-31959, CVE-2021-31954, CVE-2021-31952, CVE-2021-31951. These have a higher likelihood of being weaponized over the next month. While there may not be a large quantity of vulnerabilities there are quite a bit of important updates that need to be applied this month.

Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.

So, without further ado, here’s the chart of MS patches this month.