In this month’s Patch Tuesday, Microsoft has released bug fixes for 49 security holes – about half the usual number released recently.
Among these are the following:
- CVE-2021-31955, an elevation of privilege exploit that affects Windows Kernel.
- CVE-2021-31199, an elevation of privilege flaw in Microsoft Enhanced Cryptographic Provider.
- CVE-2021-31201, another elevation of privilege flaw in Microsoft Enhanced Cryptographic Provider.
- CVE-2021-33742, a remote code execution bug in a Windows HTML component.
- CVE-2021-33739, an elevation of privilege flaw in Microsoft Desktop Window Manager.
- CVE-2021-31956, an information of privilege flaw in Windows NTFS.
Krevin Breen, director of cyber threat research at Immersive Labs, emphasised the importance of privilege flaws, saying that they can be just as worrisome as remote code execution bugs.
This is because once a hacker gets in, they can move across the network in a lateral manner, discovering further ways to obtain unauthorised access on a system level.
This can be a powerful weapon in ransomware attacks – high privileges can often be enough to wreck backups and other security tools.
Microsoft released updates for five bugs that received a rating of ‘critical’, meaning that malicious third-party actors can capitalise on them to get control over the target system.
Especially worthy of attention is CVE-2021-31959, a bug that affects Windows 7 through to 10, in addition to Windows Server 2008, 2012, 2016 and 2019.
CVE-2021-31963 affects Sharepoint, while CVE-2021-31201 and CVE-2021-31199 are both related to a recently released Adobe patch.
Christopher Hass, director of information security and research at Automox, noted that hackers are exploiting these vulnerabilities by sending out specially crafted PDF files that often come with phishing emails.
Once opened, the attacker is able to gain arbitrary code execution, and there is no workaround except for installing the patches.
Also included are a slew of Adobe product patches.