You are currently viewing Microsoft September Patch Tuesday Addresses 60 CVEs Including 3 Critical

Microsoft September Patch Tuesday Addresses 60 CVEs Including 3 Critical

Microsoft has released September Patch Tuesday security updates with a total of 60 vulnerabilities, which include Three CVEs rated as critical and the rest rated as important. The products covered in September’s security update include Microsoft Office, Windows Common Log File System Driver, Windows Print Spooler Components, etc.

One of the already publicly disclosed CVEs resolves a critical zero-day vulnerability (CVE-2021-40444) in MSHTML, also known as Microsoft’s legacy Trident rendering engine.


Zero-day Vulnerability

CVE-2021-40444 Microsoft’s MSHTML (Trident) engine Remote Code Execution Vulnerability. Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then need to convince the user to open the malicious document. Users whose accounts are configured to possess fewer user rights on the system might be less impacted than users who operate with administrative user rights.


Critical Vulnerabilities

CVE-2021-26435Windows Scripting Engine Memory Corruption Vulnerability. Microsoft released patches addressing a critical remote code execution vulnerability in Windows Scripting Engine. Exploiting this vulnerability requires an attacker to convince users to click a link then open a specially crafted file.

CVE-2021-36965Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. Microsoft released patches addressing a remote code execution flaw in “WLAN AutoConfig,” the component in Windows 10 and many Server versions that handle auto-connections to Wi-Fi networks. One mitigating factor here is that the attacker and target would need to get on the same network. However, many systems are configured to auto-connect to Wi-Fi network names with which they have previously connected.

CVE-2021-38647Open Management Infrastructure Remote Code Execution Vulnerability. This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system.


Microsoft security bulletin summary for August 2021

  • Microsoft Azure Open Management Infrastructure
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Windows
  • Visual Studio
  • Windows Installer
  • Windows Kernel
  • Windows MSHTML Platform
  • Windows SMB
  • Windows Storage

Product: Microsoft Windows
CVEs/Advisory: CVE-2021-26435, CVE-2021-40447, CVE-2021-38671, CVE-2021-38667, CVE-2021-38639, CVE-2021-38638, CVE-2021-38636, CVE-2021-38635, CVE-2021-38634, CVE-2021-38633, CVE-2021-38630, CVE-2021-38629, CVE-2021-38628, CVE-2021-38624, CVE-2021-36974, CVE-2021-36973, CVE-2021-36972, CVE-2021-36969, CVE-2021-36967, CVE-2021-36965, CVE-2021-36964, CVE-2021-36963, CVE-2021-36962, CVE-2021-36961, CVE-2021-36960, CVE-2021-36959, CVE-2021-36955, CVE-2021-38632, CVE-2021-38637, CVE-2021-36975, CVE-2021-36966, CVE-2021-36954, CVE-2021-36968, CVE-2021-38626, CVE-2021-38625, CVE-2021-40444
Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure, Security Feature Bypass, Denial of Service, Spoofing
Severity: Critical, Important
KBs: 5005569, 5005573, 5005568, 5005566, 5005565, 5005633, 5005615, 5005613, 5005627, 5005606, 5005618, 5005623, 5005607, 5005563, 5005575


Product: Microsoft Azure
CVEs/Advisory: CVE-2021-38649, CVE-2021-38648, CVE-2021-38645, CVE-2021-36956, CVE-2021-38647
Impact: Elevation of Privilege, Information Disclosure, Remote Code Execution
Severity: Critical, Important


Product: Microsoft Edge
CVEs/Advisory: CVE-2021-30604, CVE-2021-30603, CVE-2021-30602, CVE-2021-30601, CVE-2021-30599, CVE-2021-30598, CVE-2021-30632, CVE-2021-38642, CVE-2021-38641, CVE-2021-36930, CVE-2021-30624, CVE-2021-30623, CVE-2021-30622, CVE-2021-30621, CVE-2021-30620, CVE-2021-30619, CVE-2021-30618, CVE-2021-30617, CVE-2021-30616, CVE-2021-30615, CVE-2021-30614, CVE-2021-30613, CVE-2021-30612, CVE-2021-30611, CVE-2021-30610, CVE-2021-30609, CVE-2021-30608, CVE-2021-30607, CVE-2021-30606, CVE-2021-26436, CVE-2021-38669
Impact: Spoofing, Elevation of Privilege, Tampering
Severity: Important


Product: Microsoft Office
CVEs/Advisory: CVE-2021-38658, CVE-2021-38650, CVE-2021-38646, CVE-2021-38655, CVE-2021-38654, CVE-2021-38653
Impact: Remote Code Execution, Spoofing
Severity: Important
KBs: 4484103, 4484108, 5001958, 5001997, 5001999, 5002005, 5002007, 5002009


Product: Microsoft Visual Studio
CVEs/Advisory: CVE-2021-36952, CVE-2021-26434, CVE-2021-26437
Impact: Remote Code Execution, Elevation of Privilege, Spoofing
Severity: Important


SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
1 1 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments