Microsoft has released Patch Tuesday November 2021 security updates with a total of 55 Vulnerabilities, including six Zero-days rated as critical, while 49 vulnerabilities are rated important. The products covered in November’s security update include Microsoft Exchange, Excel, 3D Viewer, Azure, Microsoft Windows, Microsoft Office, Visual Studio, Windows kernel, etc.
The vulnerabilities for Microsoft Exchange (CVE-2021-42321 ) and Excel (CVE-2021-42292) have been actively exploited.
CVE-2021-42321 – Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability exists due to improper validation of the cmdlet argument that can lead to RCE. This flaw requires the attacker to be authenticated for exploitation.
CVE-2021-42292 – Microsoft Excel Security Feature Bypass Vulnerability. This vulnerability was found in Microsoft Excel and has been exploited in the wild. No patch is currently available for Microsoft Office 2019 for Mac or Microsoft Office LTSC for Mac 2021.
CVE-2021-43208, CVE-2021-43209 – 3D Viewer Remote Code Execution Vulnerability. This flaw exists due to improper input validation of the 3D Viewer. A remote attacker can execute arbitrary code on the target system by sending a specially crafted request.
CVE-2021-41371, CVE-2021-38631 – Microsoft Windows Remote Desktop Protocol vulnerability. This vulnerability allows a local user to gain access to potentially sensitive information. This flaw exists due to excessive data output by the application in Windows Remote Desktop Protocol (RDP).
CVE-2021-38666 – Remote Desktop Client Remote Code Execution Vulnerability. This vulnerability allows a remote attacker to execute arbitrary code on the victim’s machine when a victim machine connects to an attacker-controller Remote Desktop server. No public exploit appears to exist at this time.
CVE-2021-42298 – Microsoft Defender Remote Code Execution Vulnerability. On successful exploitation of this vulnerability, a remote attacker can execute arbitrary code on the affected system.
CVE-2021-42279 – Chakra Scripting Engine Memory Corruption Vulnerability. This is a memory corruption issue in the Chakra scripting engine used in Microsoft Edge browsers. The vulnerability exists due to a boundary error. A remote attacker can execute arbitrary code on the target system.
Microsoft security bulletin summary for November 2021
- 3D Viewer
- Microsoft Dynamics
- Microsoft Edge (Chromium-based) in IE Mode
- Microsoft Exchange Server
- Microsoft Office
- Microsoft Office Access
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Windows
- Microsoft Windows Codecs Library
- Visual Studio
- Visual Studio Code
- Windows Active Directory
- Windows Defender
- Windows Installer
- Windows Kernel
- Windows NTFS
- Windows RDP
- Windows Scripting
Product: Microsoft Windows
CVEs/Advisory: CVE-2021-26443, CVE-2021-36957, CVE-2021-38631, CVE-2021-38665, CVE-2021-38666, CVE-2021-41356, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370, CVE-2021-41371, CVE-2021-41377, CVE-2021-41378, CVE-2021-41379, CVE-2021-42274, CVE-2021-42275, CVE-2021-42276, CVE-2021-42277, CVE-2021-42278, CVE-2021-42279, CVE-2021-42280, CVE-2021-42282, CVE-2021-42283, CVE-2021-42284, CVE-2021-42285, CVE-2021-42286, CVE-2021-42287, CVE-2021-42288, CVE-2021-42291
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KBs: 5007186, 5007189, 5007192, 5007205, 5007206, 5007207, 5007215, 5007245, 5007247, 5007255, 5007260
Product: Microsoft Azure
CVEs/Advisory: CVE-2021-26444, CVE-2021-41373, CVE-2021-41374, CVE-2021-41375, CVE-2021-41376, CVE-2021-42300, CVE-2021-42301, CVE-2021-42302, CVE-2021-42303, CVE-2021-42304, CVE-2021-42323
Impact: Elevation of Privilege, Information Disclosure. Tampering
Product: Visual Studio Code
Impact: Elevation of Privilege
Product: Microsoft Edge (Chromium-based) in IE Mode
KBs: 5007186, 5007189, 5007206, 5007215
SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.