This week Microsoft released its security updates for June 2021, which has fixes for 50 vulnerabilities in Microsoft products. Every month we will post our vulnerability risk and tips around each patch released, to provide advice for IT professionals and businesses. This month Dan Robinson has provided our FIT score and tips.
Out of the 50 patches; 5 are classed as critical and 45 as important. There were also 7 Zero-Day vulnerabilities publicly disclosed, six of them known to be exploited in the past.
Zero-day vulnerabilities discovered this month:
-
CVE-2021-31955 - Windows Kernel Information Disclosure Vulnerability
-
CVE-2021-31956 - Windows NTFS Elevation of Privilege Vulnerability
-
CVE-2021-33739 - Microsoft DWM Core Library Elevation of Privilege Vulnerability
-
CVE-2021-33742 - Windows MSHTML Platform Remote Code Execution Vulnerability
-
CVE-2021-31199 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
-
CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31968 - Windows Remote Desktop Services Denial of Service Vulnerability
Other companies who have released security updates this week:
- Adobe released security updates for ten products.
- Android's June security updates were released yesterday.
- Cisco released security updates for numerous products this month.
- SAP released its June 2021 security updates.
All the patches can be found in the table below or alternatively downloaded here.
We have also curated a downloadable Patching Best Practice Guide.
|
Category |
CVE IDs |
CVE Title |
Severity |
FIT Score & Tip |
|
.NET Core & Visual Studio |
CVE-2021-31957 |
.NET Core and Visual Studio Denial of Service Vulnerability |
Important |
3/5 - Not publicly being exploited yet. The security updates are within their respective versions of .NET Core and Visual Studio. |
|
3D Viewer |
CVE-2021-31942 |
3D Viewer Remote Code Execution Vulnerability |
Important |
3/5 - Updates for 3D Viewer are available from the Microsoft Store App on your machine. |
|
Microsoft DWM Core Library |
CVE-2021-33739 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Important |
4/5 - This vulnerability is flagged as being exploited and publicly disclosed. The security update is within the June 2021 monthly update. |
|
Microsoft Edge (Chromium-based) |
CVE-2021-33741 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
Important |
3/5 - Once again, not publicly disclosed or being actively exploited, but if you are allowing users to utilise the Edge browser then be sure to focus some time on updating. |
|
Microsoft Intune |
CVE-2021-31980 |
Microsoft Intune Management Extension Remote Code Execution Vulnerability |
Important |
N/A - This is a relatively low risk, because the Intune service will update as soon as it talks back with Intune. No need to apply a fix. |
|
Microsoft Office |
CVE-2021-31940 |
Microsoft Office Graphics Remote Code Execution Vulnerability |
Important |
3/5 - Not publicly disclosed or being exploited. The fixes for this vulnerability are in the monthly (June) Office suite updates. |
|
Microsoft Office Excel |
CVE-2021-31939 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
3/5 - Not publicly disclosed or being exploited. The fixes for this vulnerability are in the monthly (June) Office Excel updates. |
|
Microsoft Office Outlook |
CVE-2021-31949 |
Microsoft Outlook Remote Code Execution Vulnerability |
Important |
3/5 - Not publicly disclosed or being exploited. The fixes for this vulnerability are in the monthly (June) Office Excel updates. |
|
Microsoft Office SharePoint |
CVE-2021-31963 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Critical |
4/5 - Due to being flagged as critical, this is for SharePoint on premise only. If you use SharePoint Online there is no need to apply anything. |
|
Microsoft Office SharePoint |
CVE-2021-31964 |
Microsoft SharePoint Server Spoofing Vulnerability Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft SharePoint Server Information Disclosure Vulnerability |
Important |
4/5 - Due to the nature of the vulnerability and that it prevents arbitrary code to run when a maliciously modified file is opened. I would flag this as a high priority. As above, this is for SharePoint on premise only. |
|
Microsoft Scripting Engine |
CVE-2021-31959 |
Scripting Engine Memory Corruption Vulnerability |
Critical |
4/5 - This fix is included in your monthly June 2021 updates and should be applied when tested. This vulnerability is not publicly disclosed. |
|
Microsoft Windows Codecs Library |
CVE-2021-31967 |
VP9 Video Extensions Remote Code Execution Vulnerability |
Critical |
4/5 - Although this app is set to automatically update from the Windows Store when available, it's worth inventorying and checking your machines that this has been completed. |
|
Paint 3D |
CVE-2021-31946 |
Paint 3D Remote Code Execution Vulnerability |
Important |
4/5 - Although this app is set to automatically update from the Windows Store when available, it's worth inventorying and checking your machines that this has been completed. |
|
Role: Hyper-V |
CVE-2021-31977 |
Windows Hyper-V Denial of Service Vulnerability |
Important |
3/5 - This update is included in your monthly patching cycle. |
|
Visual Studio Code - Kubernetes Tools |
CVE-2021-31938 |
Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability |
Important |
3/5 - This is a standalone update for these tools. It's worth reviewing the CVE for a link to access the download if used. |
|
Windows Bind Filter Driver |
CVE-2021-31960 |
Windows Bind Filter Driver Information Disclosure Vulnerability |
Important |
3/5 - This update is included in your monthly patching cycle. |
|
Windows Common Log File System Driver |
CVE-2021-31954 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Important |
3/5 - This update is included in your monthly patching cycle. |
|
Windows Cryptographic Services |
CVE-2021-31201 |
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability |
Important |
3/5 - This update is included in your monthly patching cycle. |
|
Windows DCOM Server |
CVE-2021-26414 |
Windows DCOM Server Security Feature Bypass |
Important |
3/5 - This update is available for all operating systems, and for some legacy systems you can obtain the update on its own that resolves this or the monthly rollup. |
|
Windows Defender |
CVE-2021-31985 |
Microsoft Defender Remote Code Execution Vulnerability |
Critical |
5/5 - This is a fix which requires some manual intervention, it's worth reviewing and ensuring this has been updated. The steps for this are listed in the CVE. |
|
Windows Defender |
CVE-2021-31978 |
Microsoft Defender Denial of Service Vulnerability |
Important |
4/5 - Much like the above, this is updated through the Windows Security program and therefore will need an inventory or check to ensure its been applied. |
|
Windows Drivers |
CVE-2021-31969 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Important |
3/5 - This update is included in your monthly patching cycle. |
|
Windows Event Logging Service |
CVE-2021-31972 |
Event Tracing for Windows Information Disclosure Vulnerability |
Important |
3/5 - This update is available for all operating systems, and for some legacy systems you can obtain the update on its own that resolves this or the monthly rollup. |
|
Windows Filter Manager |
CVE-2021-31953 |
Windows Filter Manager Elevation of Privilege Vulnerability |
Important |
3/5 - This update is available for all operating systems, and for some legacy systems you can obtain the update on its own that resolves this or the monthly rollup. |
|
Windows HTML Platform |
CVE-2021-31971 |
Windows HTML Platform Security Feature Bypass Vulnerability |
Important |
3/5 - This fix is bundled into the main monthly update, unless you are running a more legacy system - in which you get the choice of the monthly rollup or a stand-alone update for IE |
|
Windows Installer |
CVE-2021-31973 |
Windows GPSVC Elevation of Privilege Vulnerability |
Important |
3/5 - This update is available for all operating systems, and for some legacy systems you can obtain the update on its own that resolves this or the monthly rollup. |
|
Windows Kerberos |
CVE-2021-31962 |
Kerberos AppContainer Security Feature Bypass Vulnerability |
Important |
3/5 - This update is available for all operating systems, and for some legacy systems you can obtain the update on its own that resolves this or the monthly rollup. |
|
Windows Kernel |
CVE-2021-31951 |
Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Information Disclosure Vulnerability |
Important |
4/5 - Typically, I'll always rank the kernel updates higher due to what kernels do for the operating system. This update is included in your monthly patching cycle. |
|
Windows Kernel-Mode Drivers |
CVE-2021-31952 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
Important |
4/5 - Typically, I'll always rank the kernel updates higher due to what kernels do for the operating system. This update is included in your monthly patching cycle. |
|
Windows MSHTML Platform |
CVE-2021-33742 |
Windows MSHTML Platform Remote Code Execution Vulnerability |
Critical |
4/5 - This fix is bundled into the main monthly update, unless you are running a more legacy system - in which you get the choice of the monthly rollup or a stand-alone update for IE |
|
Windows Network File System |
CVE-2021-31975 |
Server for NFS Information Disclosure Vulnerability Server for NFS Denial of Service Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
|
Windows NTFS |
CVE-2021-31956 |
Windows NTFS Elevation of Privilege Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
|
Windows NTLM |
CVE-2021-31958 |
Windows NTLM Elevation of Privilege Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
|
Windows Print Spooler Components |
CVE-2021-1675 |
Windows Print Spooler Elevation of Privilege Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
|
Windows Remote Desktop |
CVE-2021-31968 |
Windows Remote Desktop Services Denial of Service Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
|
Windows TCP/IP |
CVE-2021-31970 |
Windows TCP/IP Driver Security Feature Bypass Vulnerability |
Important |
3/5 - This update is available for all currently supported operating systems, either in the form of a monthly rollup or standalone update. |
Hope this table with helpful!
About the Author: Lizzie Arcari
Lizzie joined Foundation IT in 2019 after graduating from University. She is excited to develop her career in the IT industry, learning from the best.
