Patch Tuesday It’s not just Log 4j You need to worry this week. This is the last Patch Tuesday of the year.
If you haven’t installed these fixes, or started testing them before deployment, now is a good time to develop and deploy exploits before the Christmas holiday. At least two of them-one in the Windows AppX installer and one in Chrome-are currently being widely used.
Let’s start with Microsoft, which released a summary of its security updates hereAll products are affected, from the Windows kernel to PowerShell, to Office, to the troubled Print Spooler.
According to Dustin Childs of the Zero Day Project, 67 CVE-listed errors, Of which seven are considered critical and hope to be squashed by Redmond in its latest patch batch. We were told that when you included the Chromium bugs fixed in Edge, the total reached 83.
Here are some of the more noteworthy errors, whether serious or otherwise:
Windows AppX installer: (CVE-2021-43890) It seems that this spoofing vulnerability can be used to trick someone into installing a malware package. In fact, according to Microsoft, this can be used for phishing campaigns to generate message attachments that are activated upon opening. This vulnerability has been abused in the wild to spread Emotet (aka Trickbot and Bazaloader) malware.
iSNS server: (CVE-2021-43215) A serious remote code execution vulnerability in Microsoft’s Internet Storage Name Service, which is not enabled by default, but is usually enabled to manage iSCSI devices on the storage network. Sending specially crafted requests to the server, even for unauthenticated users, may cause code execution and system damage.
Microsoft 4K wireless display adapter: (CVE-2021-43899) Unauthenticated criminals can use a serious bug in the firmware of this hardware gadget to hijack it over the network.
Microsoft Defender for IoT: (CVE-2021-42310) A serious remote code execution defect in this security product prior to version 10.5.2 can be exploited by unauthorized criminals through the network. Although some people think that special data can be entered into the software to destroy it, there are few details.
Microsoft Office applications: (CVE-2021-43905) Similarly, Microsoft is cautious about this critical remote code execution vulnerability prior to its application version 18.2110.13110.0, which is usually automatically updated anyway. The attacker is likely to ask the victim to open the booby-trap file for code execution; viewing it in the preview pane is not enough.
Remote Desktop Client: (CVE-2021-43233) This serious network-based remote code execution vulnerability requires the user to take some actions, and the possible exploitation also includes allowing the victim to connect to a malicious remote desktop server. This is something Tenable is spying on. famous, also.
Visual Studio Code WSL extension: (CVE-2021-43907) This critical remote code execution vulnerability can be exploited remotely without user interaction. Microsoft remains silent on the details. This may sound bad to developers, so please get updates as soon as possible.
Windows encrypted file system: (CVE-2021-43217) According to Microsoft, “Attackers may cause buffer overflow writes, leading to unauthenticated non-sandbox code execution.” Crucially, the encrypted file system does not even have to be running to be vulnerable to attacks and being compromised. use.This is also a Two-part patch, Starting this month and completing in March 2022, this shows that this critical remote code execution flaw that does not require authentication is not trivial.
Microsoft pointed out: “The initial deployment phase starts with the Windows Update released on December 14, 2021.” “When the client initiates a connection, the update will enable packet-level privacy for EFS, and the server will only allow packets with packet-level privacy. connect.
“The second phase, scheduled to be released in the first quarter of 2021, marks the transition to the implementation phase. Support for the AllowAllCliAuth registry key will be removed. Regardless of the registry key setting, the server requires packet-level privacy.”
In addition, there is a privilege escalation error (CVE-2021-43893) In EFS, it can be used in combination with the above to really cause some administrator-level damage to the victim’s system.
There are more programming errors. Remote code execution flaws in SharePoint Server (CVE-2021-42309) Requires identity verification to use. Although not necessarily abused in the wild, the following exploit code is available: NTFS set short name to elevate permissions (CVE-2021-43240); Windows Installer privilege escalation (CVE-2021-43883); Windows Mobile device management privilege escalation (CVE-2021-43880); and Windows Print Spooler privilege escalation (CVE-2021-41333).
It also provides a large number of other patches for Microsoft Defender for IoT, HEVC video extension, Excel, storage space controller, Visual Studio Code, Windows common log file system driver, Windows recovery environment agent, etc.
At the same time, Apple Released Monday macOS, iOS and iPadOS, tvOS and watchOS security fixes.
Tuesday, Adobe repair There are a large number of errors in its 11 products, including code execution vulnerabilities Photoshop, Professional Edition, and Sequelae On Windows and macOS, and on Light room On Windows. Like Apple’s flaws, none of them are said to have been actively attacked.
Monday, Google release Chrome 96.0.4664.110 for Windows, macOS, and Linux addresses five serious vulnerabilities, one of which-CVE-2021-4102, a use-after-free() flaw in the V8 JavaScript engine-is being widely exploited.
Finally, SAP release 10 safety notes.Many serious bugs have been fixed in the Chinese localization of SAP Commerce, which seem to be caused by defects Find A Java library in XStream that is used to serialize objects into XML and return it.
There are also the so-called “Code injection vulnerabilities in SAP ABAP server and ABAP platform”, SQL injection vulnerabilities in SAP Commerce, XSS vulnerabilities in SAP Knowledge Warehouse, command injection vulnerabilities in SAP NetWeaver AS ABAP and other corporate IT giant codes Security error. ®
