November, 2021: Patch Tuesday: A Fairly Light Month with a Couple Zero Days

Welcome to my November Patch Tuesday newsletter.   This month is fairly light in comparison to others.  There are two zero days this month being patched, CVE-2021-42321 and CVE-2021-42292.  42292 is a security feature bypass affecting Microsoft Excel.  42321 is a zero day affecting Exchange Server.  Both of these are currently being exploited so you will want to make sure these patches are applied since malicious attackers are already taking advantage of the vulnerabilities.  Four others (highlighted in red in the below chart) are publicly disclosed but no exploitation has been detected as of yet.  Microsoft rates these four as "Exploitation Less Likely" but since they are public these should be patched soon.  You will also want to give attention to CVE-2021-42298, CVE-2021-41356 and CVE-2021-38666 because Microsoft is rating these as "Exploitation More Likely".  Happy updating!

Patch data provided by:

 LOGbinder.com

Technology

Products Affected

Severity

Reference

Workaround/ Exploited / Publicly Disclosed

Vulnerability Info

Windows

Windows 7, 8.1, RT 8.1, 10, 11

Server 2008, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations

Remote Desktop Client

Critical

CVE-2021-26443
CVE-2021-36957
CVE-2021-38631
CVE-2021-38665
CVE-2021-38666
CVE-2021-41356
CVE-2021-41366
CVE-2021-41367
CVE-2021-41370
CVE-2021-41371
CVE-2021-41377
CVE-2021-41378
CVE-2021-41379
CVE-2021-42274
CVE-2021-42275
CVE-2021-42276
CVE-2021-42277
CVE-2021-42278
CVE-2021-42279
CVE-2021-42280
CVE-2021-42282
CVE-2021-42283
CVE-2021-42284
CVE-2021-42285
CVE-2021-42286
CVE-2021-42287
CVE-2021-42288
CVE-2021-42291

Workaround: No
Exploited: No
Public: Yes

Denial of Service

Elevation of Privilege

Information Disclosure

Remote Code Execution

Security Feature Bypass


Edge

Chromium-based

Important

CVE-2021-37981
CVE-2021-37982
CVE-2021-37983
CVE-2021-37984
CVE-2021-37985
CVE-2021-37986
CVE-2021-37987
CVE-2021-37988
CVE-2021-37989
CVE-2021-37990
CVE-2021-37991
CVE-2021-37992
CVE-2021-37993
CVE-2021-37994
CVE-2021-37995
CVE-2021-37996
CVE-2021-37997
CVE-2021-37998
CVE-2021-37999
CVE-2021-38000
CVE-2021-38001
CVE-2021-38002
CVE-2021-38003
CVE-2021-41351
CVE-2021-42307

Workaround: No
Exploited: No
Public: No

Spoofing

Information Disclosure

Visual Studio

20152 Update 3 

2017 15.9 and earlier

2019 16.11 and earlier

VS Code

Critical

CVE-2021-3711
CVE-2021-42277
CVE-2021-42319
CVE-2021-42322

Workaround: No
Exploited: No
Public: No

Elevation of Privilege

Remote Code Execution

Dynamics 365

On-Premises 9.0, 9.1

Critical

CVE-2021-42316

Workaround: No
Exploited: No
Public: No

Remote Code Execution

Office

365 Apps for Enterprise

Excel 2013 RT SP1, 2013 SP1, 2016

Office 2013 RT SP1, 2013 SP1, 2016, 2019, 2019 for Mac, Online Server, Web Apps Server 2013 SP1

SharePoint Enterprise 2013 SP1

LTSC 2021, LTSC for Mac 2021

Important

 

CVE-2021-40442
CVE-2021-41368
CVE-2021-42292
CVE-2021-42296

Workaround: No
Exploited: Yes
Public: No

 

Remote Code Execution

Security Feature Bypass

 

Exchange

Server 2013 CU 23

Server 2016 CU21, CU22

Server 2019 CU10, CU11

Important

 

CVE-2021-41349
CVE-2021-42305
CVE-2021-42321

Workaround: No
Exploited: Yes
Public: No

 

Remote Code Execution

Spoofing

 

Azure

FSLogix

Sphere

RTOS

Important

 

CVE-2021-26444
CVE-2021-41373
CVE-2021-41374
CVE-2021-41375
CVE-2021-41376
CVE-2021-42300
CVE-2021-42301
CVE-2021-42302
CVE-2021-42303
CVE-2021-42304
CVE-2021-42323

Workaround: No
Exploited: No
Public: No

 

Information Disclosure
Elevation of Privilege
Tampering

 

Apps

3D Viewer

Important

CVE-2021-43208
CVE-2021-43209

Workaround: No
Exploited: No
Public: Yes

 

Remote Code Execution

 

System Center

Malware Protection Engine

Critical

CVE-2021-42298

Workaround: No
Exploited: No
Public: No

Remote Code Execution

SQL Server

Power BI Report Server

Important

CVE-2021-41372

Workaround: No
Exploited: No
Public: No

Spoofing

Device

Surface Pro 3

Important

CVE-2021-42299

Workaround: No
Exploited: No
Public: No

Security Feature Bypass