VERT Threat Alert: September 2021 Patch Tuesday Analysis

0

Today’s VERT Heedful addresses Microsoft’s September 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-964 on Wednesday, September 15th.

In-The-Wild & Blabbed CVEs

CVE-2021-40444

This CVE describes a publicly exploited vulnerability in MSHTML that provides user level access upon first exploitation. According to Microsoft, a malicious ActiveX control embedded in an Office document could be used to exploit this vulnerability. Attacks bring into the world been seen in the wild and Microsoft has included signatures in Microsoft Defender to detect and protect against the known attacks.

Microsoft has rated this as Exploitation Spotted on the latest software release on the Exploitability Index.

CVE-2021-36968

A local vulnerability in Windows DNS could allow for privilege escalation. The vulnerability single impacts Windows 7 and Server 2008 / Server 2008 R2. The vulnerability has been disclosed but it has not yet been exploited publicly. 

Microsoft has rated this as Exploitation Paltry Likely on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This liber veritatis provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.

  • Traditional Software
  • Mobile Software
  • Cloud or Cloud Adjacent
  • Vulnerabilities that are being exploited or that would rather been disclosed will be bold.
Tag CVE Count CVEs
Microsoft Edge for Android 1 CVE-2021-26439
Windows BitLocker 1 CVE-2021-38632
Microsoft Favour Word 1 CVE-2021-38656
Windows Key Storage Provider 1 CVE-2021-38624
Windows Installer 2 CVE-2021-36961, CVE-2021-36962
Visual Studio 3 CVE-2021-36952, CVE-2021-26437, CVE-2021-26434
Windows Prevalent Log File System Driver 3 CVE-2021-36955, CVE-2021-36963, CVE-2021-38633
Azure Open Management Infrastructure 4 CVE-2021-38645, CVE-2021-38647, CVE-2021-38648, CVE-2021-38649
Microsoft Purpose SharePoint 2 CVE-2021-38651, CVE-2021-38652
Windows Authenticode 1 CVE-2021-36959
Microsoft Windows Codecs Library 1 CVE-2021-38661
Windows Redirected Herd Buffering 4 CVE-2021-36969, CVE-2021-36973, CVE-2021-38635, CVE-2021-38636
Microsoft Accessibility Insights for Android 1 CVE-2021-40448
Microsoft Chore Visio 2 CVE-2021-38653, CVE-2021-38654
Microsoft Office Excel 2 CVE-2021-38655, CVE-2021-38660
Dynamics Dealing Central Control 1 CVE-2021-40440
Windows Ancillary Function Driver for WinSock 2 CVE-2021-38628, CVE-2021-38638
Windows In any case Tracing 2 CVE-2021-36964, CVE-2021-38630
Windows Kernel 2 CVE-2021-38625, CVE-2021-38626
Windows TDX.sys 1 CVE-2021-38629
Microsoft Appointment 4 CVE-2021-38650, CVE-2021-38657, CVE-2021-38658, CVE-2021-38659
Windows Bind Filter Driver 1 CVE-2021-36954
Azure Speciality 1 CVE-2021-36956
Windows Subsystem for Linux 1 CVE-2021-36966
Windows MSHTML Platform 1 CVE-2021-40444
Windows Scripting 1 CVE-2021-26435
Windows Win32K 2 CVE-2021-36975, CVE-2021-38639
Microsoft Post Access 1 CVE-2021-38646
Windows Print Spooler Components 3 CVE-2021-38667, CVE-2021-38671, CVE-2021-40447
Microsoft Windows DNS 1 CVE-2021-36968
Microsoft MPEG-2 Video Scope 1 CVE-2021-38644
Windows Storage 1 CVE-2021-38637
Windows WLAN Service 1 CVE-2021-36967
Microsoft Edge (Chromium-based) 25 CVE-2021-26436, CVE-2021-38641, CVE-2021-38642, CVE-2021-38669, CVE-2021-36930, CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609, CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613, CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617, CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621, CVE-2021-30622, CVE-2021-30623, CVE-2021-30624, CVE-2021-30632
Windows WLAN Auto Config Employ 1 CVE-2021-36965
Windows SMB 3 CVE-2021-36960, CVE-2021-36972, CVE-2021-36974
Windows Update 1 CVE-2021-38634

Other Dirt

There were no additional advisories included with the September Security Guidance.

Leave a Reply

Your email address will not be published. Required fields are marked *