Microsoft September Patch Tuesday Addresses 60 CVEs Including 3 Critical

Microsoft Patch Tuesday September 2021 security update fixes a total of 60 vulnerabilities, which include Three CVEs rated as critical and the rest rated as important. The products covered in September’s security update include Microsoft Office, Windows Common Log File System Driver, Windows Print Spooler Components, etc.

One of the already publicly disclosed CVEs resolves a critical zero-day vulnerability (CVE-2021-40444) in MSHTML, also known as Microsoft’s legacy Trident rendering engine.

CVE-2021-40444 – Microsoft’s MSHTML (Trident) engine Remote Code Execution Vulnerability. Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then need to convince the user to open the malicious document. Users whose accounts are configured to possess fewer user rights on the system might be less impacted than users who operate with administrative user rights.

CVE-2021-26435 – Windows Scripting Engine Memory Corruption Vulnerability. Microsoft released patches addressing a critical remote code execution vulnerability in Windows Scripting Engine. Exploiting this vulnerability requires an attacker to convince users to click a link then open a specially crafted file.

CVE-2021-36965 – Windows WLAN AutoConfig Service Remote Code Execution Vulnerability. Microsoft released patches addressing a remote code execution flaw in “WLAN AutoConfig,” the component in Windows 10 and many Server versions that handle auto-connections to Wi-Fi networks. One mitigating factor here is that the attacker and target would need to get on the same network. However, many systems are configured to auto-connect to Wi-Fi network names with which they have previously connected.

CVE-2021-38647 – Open Management Infrastructure Remote Code Execution Vulnerability. This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system.

• Microsoft Azure Open Management Infrastructure
• Microsoft Edge (Chromium-based)
• Microsoft Office
• Microsoft Windows
• Visual Studio
• Windows Installer
• Windows Kernel
• Windows MSHTML Platform
• Windows SMB
• Windows Storage

Product: Microsoft WindowsCVEs/Advisory: CVE-2021-26435, CVE-2021-40447, CVE-2021-38671, CVE-2021-38667, CVE-2021-38639, CVE-2021-38638, CVE-2021-38636, CVE-2021-38635, CVE-2021-38634, CVE-2021-38633, CVE-2021-38630, CVE-2021-38629, CVE-2021-38628, CVE-2021-38624, CVE-2021-36974, CVE-2021-36973, CVE-2021-36972, CVE-2021-36969, CVE-2021-36967, CVE-2021-36965, CVE-2021-36964, CVE-2021-36963, CVE-2021-36962, CVE-2021-36961, CVE-2021-36960, CVE-2021-36959, CVE-2021-36955, CVE-2021-38632, CVE-2021-38637, CVE-2021-36975, CVE-2021-36966, CVE-2021-36954, CVE-2021-36968, CVE-2021-38626, CVE-2021-38625, CVE-2021-40444Impact: Remote Code Execution, Elevation of Privilege, Information Disclosure, Security Feature Bypass, Denial of Service, SpoofingSeverity: Critical, ImportantKBs: 5005569, 5005573, 5005568, 5005566, 5005565, 5005633, 5005615, 5005613, 5005627, 5005606, 5005618, 5005623, 5005607, 5005563, 5005575

Product: Microsoft AzureCVEs/Advisory: CVE-2021-38649, CVE-2021-38648, CVE-2021-38645, CVE-2021-36956, CVE-2021-38647Impact: Elevation of Privilege, Information Disclosure, Remote Code ExecutionSeverity: Critical, Important

Product: Microsoft EdgeCVEs/Advisory: CVE-2021-30604, CVE-2021-30603, CVE-2021-30602, CVE-2021-30601, CVE-2021-30599, CVE-2021-30598, CVE-2021-30632, CVE-2021-38642, CVE-2021-38641, CVE-2021-36930, CVE-2021-30624, CVE-2021-30623, CVE-2021-30622, CVE-2021-30621, CVE-2021-30620, CVE-2021-30619, CVE-2021-30618, CVE-2021-30617, CVE-2021-30616, CVE-2021-30615, CVE-2021-30614, CVE-2021-30613, CVE-2021-30612, CVE-2021-30611, CVE-2021-30610, CVE-2021-30609, CVE-2021-30608, CVE-2021-30607, CVE-2021-30606, CVE-2021-26436, CVE-2021-38669Impact: Spoofing, Elevation of Privilege, TamperingSeverity: Important

Product: Microsoft OfficeCVEs/Advisory: CVE-2021-38658, CVE-2021-38650, CVE-2021-38646, CVE-2021-38655, CVE-2021-38654, CVE-2021-38653Impact: Remote Code Execution, SpoofingSeverity: ImportantKBs: 4484103, 4484108, 5001958, 5001997, 5001999, 5002005, 5002007, 5002009

Product: Microsoft Visual StudioCVEs/Advisory: CVE-2021-36952, CVE-2021-26434, CVE-2021-26437Impact: Remote Code Execution, Elevation of Privilege, SpoofingSeverity: Important

SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.