Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days

Microsoft has released June Patch Tuesday, security updates with a total of 50 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 5 were rated as Critical and 45 as Important. The products covered in June’s security update include Microsoft Office, Windows Cryptographic Services, .NET Core & Visual Studio, Outlook, Excel, etc. However, a vulnerability assessment tool was used here.

Microsoft has also released patches for six zero-days that are being actively exploited in the wild. It also addressed another zero-day reported by Microsoft but not actively exploited in the wild. Also, a patch management tool can patch these critical vulnerabilities

CVE-2021-31956 – Windows NTFS Elevation of Privilege Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows local attackers to escalate their privileges and take control of a system. PuzzleMaker Group has wildly exploited it.

CVE-2021-31201 – Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows attackers to escalate privileges and read or modify restricted information.

CVE-2021-31955 – Windows Kernel Information Disclosure Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows attackers to disclose sensitive information such as kernel addresses from the system. PuzzleMaker Group is wildly exploiting this.

CVE-2021-33742 – Windows MSHTML Platform Remote Code Execution Vulnerability. However, The vulnerability is discovered by Google’s Threat Analysis Group (TAG). Also, Here attackers can trick the victim into opening a crafted file or visiting a malicious website using an affected application to execute arbitrary code on the system. The flaw is due to an improper boundary check when processing HTML content within the Windows MSHTML Platform.

CVE-2021-33739 – Microsoft DWM Core Library Elevation of Privilege Vulnerability. The vulnerability was discovered by researchers at DBAPPSecurity Threat Intelligence Center . The flaw is due to  inefficient privilege management in the Microsoft Desktop Window Manager (DWM) core library, dwmcore.dll. Moreover, It allows attackers to execute arbitrary code and compromise the affected system.

CVE-2021-31199 – Microsoft Enhanced Cryptographic Provider Security restrictions bypass Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows local attackers to escalate privileges and read or modify restricted information.

The other zero-day which is not being actively exploited is,

CVE-2021-31968 – Windows Remote Desktop Services Denial of Service Vulnerability. The vulnerability is due to an improper security feature implementation in Windows Remote Desktop Services. It allows attackers to cause a denial of service condition on the target system.

The remaining critical vulnerabilities addressed other than zero-days are,

CVE-2021-31959 – Chakra JScript scripting engine Memory Corruption vulnerability. A critical memory corruption vulnerability existing in Scripting Engine can be triggered by the user opening a specially crafted file. It allows an attacker to execute arbitrary code on the target system and may also lead to a complete takeover of the system.

CVE-2021-31985 – Microsoft’s Defender Code Injection vulnerability. A critical remote code execution vulnerability exists in Microsoft Defender due to improper input validation. Successful exploitation may even lead to complete compromise of a vulnerable system. The likelihood of exploitation of this CVE is also determined as high.

CVE-2021-31963 – Microsoft SharePoint Server Remote Code Execution vulnerability. A critical remote code execution vulnerability exists in Microsoft SharePoint Server due to improper input validation. Also, It can be triggered by sending a specially crafted request to the vulnerable system. However, Successful exploitation may result in a complete compromise of a vulnerable system.

• Microsoft Office
• Microsoft Browsers
• Microsoft Windows
• Microsoft Malware Protection Engine
• Intune management extension
• .NET Core
• Visual Studio
• Visual Studio Code
• 3D Viewer

1. Product: Microsoft WindowsCVEs/Advisory: CVE-2021-1675, CVE-2021-26414, CVE-2021-31199, CVE-2021-31201, CVE-2021-31951, CVE-2021-31952, CVE-2021-31953, CVE-2021-31954, CVE-2021-31955, CVE-2021-31956, CVE-2021-31958, CVE-2021-31959, CVE-2021-31960, CVE-2021-31962, CVE-2021-31968, CVE-2021-31969, CVE-2021-31970, CVE-2021-31971, CVE-2021-31972, CVE-2021-31973, CVE-2021-31974, CVE-2021-31975, CVE-2021-31976, CVE-2021-31977, CVE-2021-33739, CVE-2021-33742Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Security Feature Bypass, Spoofing, Information DisclosureSeverity: Critical, ImportantKBs: 5003635, 5003636, 5003637, 5003638, 5003646, 5003671, 5003681, 5003687, 5003696, 5003697

2. Product: Microsoft OfficeCVEs/Advisory: CVE-2021-26420, CVE-2021-31939, CVE-2021-31940, CVE-2021-31941, CVE-2021-31948, CVE-2021-31949, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966Impact: Remote Code ExecutionSeverity: ImportantKBs: 5001934, 5001939, 5001942, 5001947, 5001950, 5001951, 5001953, 5001955, 5001956, 5001962, 5001963

3. Product: Microsoft Office SharePointCVEs/Advisory: CVE-2021-26420, CVE-2021-31948, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966Impact: Remote Code Execution, Denial of ServiceSeverity: ImportantKBs:4011698, 5001922, 5001939, 5001944, 5001945, 5001946, 5001954, 5001962

4. Product: 3D ViewerCVEs/Advisory: CVE-2021-31944, CVE-2021-31943, CVE-2021-31942Impact: Remote Code Execution, Information DisclosureSeverity: Important

5. Product: Intune management extensionCVEs/Advisory: CVE-2021-31980Impact: Remote Code ExecutionSeverity: Important

6. Product: Microsoft Visual StudioCVEs/Advisory: CVE-2021-31957Impact: Denial of ServiceSeverity: Important

7. Product: Microsoft .NETCVEs/Advisory: CVE-2021-31957Impact: Denial of ServiceSeverity: Important

8. Product: Microsoft Visual Studio CodeCVEs/Advisory: CVE-2021-31938Impact: Remote Code ExecutionSeverity: Important

9. Product: Microsoft Malware Protection EngineCVEs/Advisory: CVE-2021-31985, CVE-2021-31978Impact: Remote Code Execution, Denial of ServiceSeverity: Critical, Important

SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.