You are currently viewing Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days

Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days

Microsoft has released June Patch Tuesday, security updates with a total of 50 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 5 were rated as Critical and 45 as Important. The products covered in June’s security update include Microsoft Office, Windows Cryptographic Services, .NET Core & Visual Studio, Outlook, Excel, etc.

Microsoft has also released patches for six zero-days that are being actively exploited in the wild. It also addressed another zero-day reported by Microsoft but not actively exploited in the wild.


Zero-day vulnerabilities

 CVE-2021-31956Windows NTFS Elevation of Privilege Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows local attackers to escalate their privileges and take control of a system. PuzzleMaker Group has wildly exploited it.

 CVE-2021-31201Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows attackers to escalate privileges and read or modify restricted information.

CVE-2021-31955Windows Kernel Information Disclosure Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows attackers to disclose sensitive information such as kernel addresses from the system. PuzzleMaker Group is wildly exploiting this.

CVE-2021-33742Windows MSHTML Platform Remote Code Execution Vulnerability. The vulnerability is discovered by Google’s Threat Analysis Group (TAG).  Here attackers can trick the victim into opening a crafted file or visiting a malicious website using an affected application to execute arbitrary code on the system. The flaw is due to an improper boundary check when processing HTML content within the Windows MSHTML Platform.

 CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability. The vulnerability was discovered by researchers at DBAPPSecurity Threat Intelligence Center . The flaw is due to  inefficient privilege management in the Microsoft Desktop Window Manager (DWM) core library, dwmcore.dll. It allows attackers to execute arbitrary code and compromise the affected system.

CVE-2021-31199Microsoft Enhanced Cryptographic Provider Security restrictions bypass Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows local attackers to escalate privileges and read or modify restricted information.

The other zero-day which is not being actively exploited is,

CVE-2021-31968Windows Remote Desktop Services Denial of Service Vulnerability. The vulnerability is due to an improper security feature implementation in Windows Remote Desktop Services. It allows attackers to cause a denial of service condition on the target system.


Critical vulnerabilities

The remaining critical vulnerabilities addressed other than zero-days are,

CVE-2021-31959Chakra JScript scripting engine Memory Corruption vulnerability. A critical memory corruption vulnerability existing in Scripting Engine can be triggered by the user opening a specially crafted file. It allows an attacker to execute arbitrary code on the target system and may also lead to a complete takeover of the system.

 CVE-2021-31985Microsoft’s Defender Code Injection vulnerability. A critical remote code execution vulnerability exists in Microsoft Defender due to improper input validation. Successful exploitation may even lead to complete compromise of a vulnerable system. The likelihood of exploitation of this CVE is also determined as high.

 CVE-2021-31963Microsoft SharePoint Server Remote Code Execution vulnerability. A critical remote code execution vulnerability exists in Microsoft SharePoint Server due to improper input validation. It can be triggered by sending a specially crafted request to the vulnerable system. Successful exploitation may result in a complete compromise of a vulnerable system.


Microsoft security bulletin summary for June 2021

  • Microsoft Office
  • Microsoft Browsers
  • Microsoft Windows
  • Microsoft Malware Protection Engine
  • Intune management extension
  • .NET Core
  • Visual Studio
  • Visual Studio Code
  • 3D Viewer

Product: Microsoft Windows
CVEs/Advisory: CVE-2021-1675, CVE-2021-26414, CVE-2021-31199, CVE-2021-31201, CVE-2021-31951, CVE-2021-31952, CVE-2021-31953, CVE-2021-31954, CVE-2021-31955, CVE-2021-31956, CVE-2021-31958, CVE-2021-31959, CVE-2021-31960, CVE-2021-31962, CVE-2021-31968, CVE-2021-31969, CVE-2021-31970, CVE-2021-31971, CVE-2021-31972, CVE-2021-31973, CVE-2021-31974, CVE-2021-31975, CVE-2021-31976, CVE-2021-31977, CVE-2021-33739, CVE-2021-33742
Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Security Feature Bypass, Spoofing, Information Disclosure
Severity: Critical, Important
KBs: 5003635, 5003636, 5003637, 5003638, 5003646, 5003671, 5003681, 5003687, 5003696, 5003697


Product: Microsoft Office
CVEs/Advisory: CVE-2021-26420, CVE-2021-31939, CVE-2021-31940, CVE-2021-31941, CVE-2021-31948, CVE-2021-31949, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966
Impact: Remote Code Execution
Severity: Important
KBs: 5001934, 5001939, 5001942, 5001947, 5001950, 5001951, 5001953, 5001955, 5001956, 5001962, 5001963


 

Product: Microsoft Office SharePoint
CVEs/Advisory: CVE-2021-26420, CVE-2021-31948, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966
Impact: Remote Code Execution, Denial of Service
Severity: Important
KBs:4011698, 5001922, 5001939, 5001944, 5001945, 5001946, 5001954, 5001962


Product: 3D Viewer
CVEs/Advisory: CVE-2021-31944, CVE-2021-31943, CVE-2021-31942
Impact: Remote Code Execution, Information Disclosure
Severity: Important


Product: Intune management extension
CVEs/Advisory: CVE-2021-31980
Impact: Remote Code Execution
Severity: Important


Product: Microsoft Visual Studio
CVEs/Advisory: CVE-2021-31957
Impact: Denial of Service
Severity: Important


Product: Microsoft .NET
CVEs/Advisory: CVE-2021-31957
Impact: Denial of Service
Severity: Important


Product: Microsoft Visual Studio Code
CVEs/Advisory: CVE-2021-31938
Impact: Remote Code Execution
Severity: Important


Product: Microsoft Malware Protection Engine
CVEs/Advisory: CVE-2021-31985, CVE-2021-31978
Impact: Remote Code Execution, Denial of Service
Severity: Critical, Important


SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments