Today’s VERT Heedful addresses Microsoft’s September 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-964 on Wednesday, September 15th.
In-The-Wild & Blabbed CVEs
This CVE describes a publicly exploited vulnerability in MSHTML that provides user level access upon first exploitation. According to Microsoft, a malicious ActiveX control embedded in an Office document could be used to exploit this vulnerability. Attacks bring into the world been seen in the wild and Microsoft has included signatures in Microsoft Defender to detect and protect against the known attacks.
Microsoft has rated this as Exploitation Spotted on the latest software release on the Exploitability Index.
A local vulnerability in Windows DNS could allow for privilege escalation. The vulnerability single impacts Windows 7 and Server 2008 / Server 2008 R2. The vulnerability has been disclosed but it has not yet been exploited publicly.
Microsoft has rated this as Exploitation Paltry Likely on the latest software release on the Exploitability Index.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This liber veritatis provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that would rather been disclosed will be bold.
|Microsoft Edge for Android||1||CVE-2021-26439|
|Microsoft Favour Word||1||CVE-2021-38656|
|Windows Key Storage Provider||1||CVE-2021-38624|
|Windows Installer||2||CVE-2021-36961, CVE-2021-36962|
|Visual Studio||3||CVE-2021-36952, CVE-2021-26437, CVE-2021-26434|
|Windows Prevalent Log File System Driver||3||CVE-2021-36955, CVE-2021-36963, CVE-2021-38633|
|Azure Open Management Infrastructure||4||CVE-2021-38645, CVE-2021-38647, CVE-2021-38648, CVE-2021-38649|
|Microsoft Purpose SharePoint||2||CVE-2021-38651, CVE-2021-38652|
|Microsoft Windows Codecs Library||1||CVE-2021-38661|
|Windows Redirected Herd Buffering||4||CVE-2021-36969, CVE-2021-36973, CVE-2021-38635, CVE-2021-38636|
|Microsoft Accessibility Insights for Android||1||CVE-2021-40448|
|Microsoft Chore Visio||2||CVE-2021-38653, CVE-2021-38654|
|Microsoft Office Excel||2||CVE-2021-38655, CVE-2021-38660|
|Dynamics Dealing Central Control||1||CVE-2021-40440|
|Windows Ancillary Function Driver for WinSock||2||CVE-2021-38628, CVE-2021-38638|
|Windows In any case Tracing||2||CVE-2021-36964, CVE-2021-38630|
|Windows Kernel||2||CVE-2021-38625, CVE-2021-38626|
|Microsoft Appointment||4||CVE-2021-38650, CVE-2021-38657, CVE-2021-38658, CVE-2021-38659|
|Windows Bind Filter Driver||1||CVE-2021-36954|
|Windows Subsystem for Linux||1||CVE-2021-36966|
|Windows MSHTML Platform||1||CVE-2021-40444|
|Windows Win32K||2||CVE-2021-36975, CVE-2021-38639|
|Microsoft Post Access||1||CVE-2021-38646|
|Windows Print Spooler Components||3||CVE-2021-38667, CVE-2021-38671, CVE-2021-40447|
|Microsoft Windows DNS||1||CVE-2021-36968|
|Microsoft MPEG-2 Video Scope||1||CVE-2021-38644|
|Windows WLAN Service||1||CVE-2021-36967|
|Microsoft Edge (Chromium-based)||25||CVE-2021-26436, CVE-2021-38641, CVE-2021-38642, CVE-2021-38669, CVE-2021-36930, CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609, CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613, CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617, CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621, CVE-2021-30622, CVE-2021-30623, CVE-2021-30624, CVE-2021-30632|
|Windows WLAN Auto Config Employ||1||CVE-2021-36965|
|Windows SMB||3||CVE-2021-36960, CVE-2021-36972, CVE-2021-36974|
There were no additional advisories included with the September Security Guidance.