Microsoft has released a WHOPPING 50 security updates! This most recent "Patch Tuesday" focused on patching everything from remote code execution (RCE), denial-of-service, privilege escalation, and memory corruption problems.
The patches include a few for newly discovered zero-day vulnerabilities. They are:
- CVE-2021-33742 - Windows MSHTML Platform Remote Code Execution Vulnerability, CVSS 7.5
- CVE-2021-33739 - Microsoft DWM Core Library Elevation of Privilege Vulnerability, CVSS 8.4
- CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability, CVSS 5.2
- CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability, CVSS 5.2
- CVE-2021-31955 - Windows Kernel Information Disclosure Vulnerability, CVSS 5.5
- CVE-2021-31956 - Windows NTFS Elevation of Privilege Vulnerability, CVSS 7.8
If you're looking for more information regarding the other CVEs included in this "Patch Tuesday" update, please visit Microsoft's Security Response Center.
We recommend you check out the above-linked pages and see if your systems and end-points are patched/protected.
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.