Andrew Rosener on Future of Decentralized Web & Blockchain Domains
November 9, 2021
Melbet App Guide – How to download apk for Android and iOS
November 10, 2021
Microsoft has just released a batch of critical updates for Windows systems and is urging users to apply them to their computers as soon as possible. There are many different types of vulnerabilities that have been fixed in these updates, and we will examine the CVE-2021-42321 vulnerability for Exchange Server and Microsoft Workplace in this overview. While these updates are cumulative, they do include some patches from previous updates released after the October 2021 Patch Day.
CVE-2021-42321 vulnerability affects Microsoft Exchange Server
As the US Thanksgiving holiday weekend approaches, many organizations will be looking to patch their Microsoft Exchange servers to prevent this latest security flaw. The CVE-2021-42321 vulnerability affects Microsoft Exchange Server and is known to have multiple ways for attackers to exploit it. The first vulnerability to be disclosed was ProxyLogon, and later a second flaw called ProxyShell was discovered. Organizations that use this server should be sure to apply security updates immediately, and whenever proof-of-concept code becomes available.
The vulnerability has already been exploited by state-sponsored hackers who are targeting more than 250,000 Microsoft Exchange servers. Recently, the US announced that China was the culprit in the widespread Microsoft Exchange hacking attacks. Security researchers independently replicated the exploit in August. While there is no single exploit for ProxyShell, the exploit could lead to arbitrary code execution. This vulnerability affects Exchange Server, and should be patched immediately.
After identifying the flaw, administrators should check the Exchange server’s Event Log to determine if it has been compromised. If the log does not show anything, try running a PowerShell query to determine whether the vulnerability has affected the server. These steps will prevent malicious attackers from exploiting the CVE-2021-42321 vulnerability on your Exchange server. You should also update the vulnerable machines with the patch.
While Microsoft has not published details about the real-world exploitation of CVE-2021-42321, NVD analysts have published proof-of-concept exploits for the flaw. In addition to a vulnerability that affects Exchange Server, this flaw also affects Microsoft Virtual Machine Bus (VMB). This flaw can allow a guest-to-host escape, which allows a remote user to execute arbitrary code on a host.
CVE-2021-42292 vulnerability affects Microsoft Excel
Security researchers have recently discovered a new zero-day in Microsoft Excel, called CVE-2021-42292. This flaw in Microsoft Excel prevents it from performing input validation properly, allowing an attacker to bypass the security system and compromise the system. By tricking the user into opening a malicious Excel file, an attacker can gain read/write access to the victim’s system. The update is available for Windows and is expected to arrive on Mac OSX “as soon as possible.”
The exploited CVE-2021-42292 vulnerability affectn’t affect only Microsoft Office; it also affects other Microsoft products, including Exchange Server. Microsoft’s Exchange team has recommended users to install the patches provided by the company. The Exchange team has also shared a PowerShell query to scan for exploits. Microsoft has also released a fix for another zero-day vulnerability in Microsoft Office (CVE-2021-42292), which affects the Office 2010 and 2013 programs.
The CVE-2021-42292 vulnerability affect the RDP protocol. It affects Windows 7 through 11 and Windows Server 2008 and 2019 and has been rated as “important” by Microsoft. As mentioned above, this vulnerability is targeted by initial-access brokers, which are known to target RDP. In addition, Exchange vulnerabilities have been of concern this year, and the Chinese government has already exploited earlier vulnerabilities in Microsoft Exchange.
There are other vulnerabilities in Microsoft Excel, including a Remote Code Execution flaw that can allow an attacker to gain access to sensitive data. These exploits also allow hackers to manipulate user passwords and install malware on a victim’s system. This is the latest in a series of attacks targeting Microsoft Office. Once the exploited flaw is discovered, Microsoft will work to fix it.
This flaw is most severe, and can lead to arbitrary code execution. Microsoft has released multiple update packages for affected software. It is critical to apply all updates that are offered for affected software. The updates are not available immediately but will be released as soon as possible. If you’re unsure whether to apply the updates, check with your vendor’s website for more information. The updates will address this flaw and many more.
CVE-2021-43209 vulnerability affects 3D Viewer
Two vulnerabilities in the latest release of Microsoft’s 3D Viewer, the CVE-2021-43209 and CVE-2021-43208, are Remote Code Execution (RCE) vulnerabilities. Successful exploitation could allow attackers to execute arbitrary code on the system, and the vulnerabilities have already been publicly disclosed. The Windows Remote Desktop Protocol is another affected program, with the CVE-2021-38631 vulnerability. Successful exploits could allow an attacker to view and even read Windows RDP client passwords.
The November patch package includes several other critical security flaws that affect Excel and PowerPoint, as well as a vulnerability affecting Microsoft Office. The CVE-2021-42292 vulnerability is a well-known security flaw in Microsoft Excel, which has already been exploited in the wild. The 3D Viewer vulnerabilities CVE-2021-43209 and 2021-43208 affect 3D Viewer and have a CVSS score of 7.8. The patch package also includes fixes for CVE-2021-41371, which affects the 3D Viewer and can enable remote code execution.
The third security flaw is a code execution flaw. The attacker can trick the victim into downloading a specially crafted Excel file and executing malicious code on the system. To exploit this vulnerability, an attacker must have a copy of the affected version of Excel. Affected versions of Microsoft Office for Mac also contain CVE-2021-42292 vulnerability. Unlike the previous update, Microsoft has not yet fixed this flaw on the Mac platform.
The third CVE-2021-43209 vulnerability affect the 3D Viewer in Microsoft Windows Security Update for November 2021. The exploit code is rated as “active” in the CVE database and has been publicly disclosed. Microsoft has stated that it will issue a patch for these vulnerabilities shortly. The vulnerability affects the 3D Viewer and is responsible for numerous exploits.
The November 2021 Patch Tuesday also includes 56 other security flaws. Microsoft has previously released patches for multiple zero-day vulnerabilities affecting its Exchange products. CVE-2021-42292 affects Excel and PowerPoint products and has been exploited during the Tianfu Cup hacker competition in 2021. While the patches were released to address these flaws, the release of the November 2021 security updates is a great way to protect your computer from attack.
CVE-2021-43209 vulnerability affects Exchange Server
The latest Microsoft Security Bulletin addresses 55 vulnerabilities, including one that affects Exchange Server. The bulletin contains patches for two zero-day flaws, two that were already publicly disclosed, and one that is being actively exploited. One exploited vulnerability affects Microsoft Exchange Server and involves an input validation error. A remote user could exploit this vulnerability to execute arbitrary commands on a vulnerable system, including its databases.
Another vulnerability affects Microsoft Excel and Exchange Server. This flaw can lead to remote code execution (RCE) if the attacker can execute arbitrary code on the affected system. While it’s difficult to exploit, it does allow an attacker to bypass security controls on a vulnerable system and steal data. Despite the complexity of the attack, no patches are yet available.
The CVE-2021-42285 vulnerability affects Exchange Server. The vulnerability affects Windows operating systems, including Microsoft Azure and the Chromium-based Edge browser. It also affects Windows Kernel. Microsoft’s patch package addresses 27 vulnerabilities, including a critical one. The vulnerabilities are rated as Critical and require immediate remediation. However, there are many other CVEs that have a lower CVSS, which makes them less serious to attack.
The November 2021 update will address 55 CVEs and fix six zero-day bugs. The patches will be released to fix the vulnerabilities in Office, Windows Server, Exchange Server, Active Directory, and Hyper-V. In addition, Microsoft will release patches for the Azure Real Time Operating System, which uses ThreadX RTOS. You can view the entire list of fixes from Microsoft’s security update guide.
The CVE-2021-43209 vulnerability affecting Exchange Server is an active threat. Microsoft recommends that all organizations deploy the patch as soon as possible. Microsoft has also provided general guidance on deploying the patch on Exchange Server in November 2021. You should also review the Microsoft Windows Security Updates November 2021 for additional details. Once you install the patch, make sure to test the vulnerability before making any decisions.
Click here to download a spreadsheet that includes all released security updates by Microsoft on today’s Patch Day: Security Updates 2021-11-09-microsoft-windows
Windows Server products
Windows 7 SP1 and Windows Server 2008 R2
Updates and improvements:
Windows 8.1 and Windows Server 2012 R2
Updates and improvements:
Windows 10 version 1909
Updates and improvements:
Windows 10 version 2004, 20H2 and 21H1
Updates and improvements:
Windows 11
Updates and improvements:
Other security updates
2021-11 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5007245)
2021-11 Security Only Quality Update for Windows Server 2008 (KB5007246)
2021-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5007260)
2021-11 Security Monthly Quality Rollup for Windows Server 2008 (KB5007263)
2021-11 Dynamic Cumulative Update for Windows 10 Version 20H2, Windows Server, version 2004, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5007186)
2021-11 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5007192)
2021-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5007205)
2021-11 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5007206)
2021-11 Cumulative Update for Windows 10 (KB5007207)
Servicing Stack Updates
Windows 7 SP1 and Windows Server 2008 R2
Windows 8.1 and Windows Server 2012 R2
Windows 10 version 1909
Windows 10 versions 2004, 20H2 and 21H1
ADV 990001 — Latest Servicing Stack Updates
2021-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5007149)
2021-11 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5007150)
2021-11 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5007299)
2021-11 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5007300)
2021-11 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5007301)
2021-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5007302)
2021-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5007153)
2021-11 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5007154)
2021-11 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5007156)
2021-11 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5007157)
2021-11 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5007167)
2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for (KB5006363)
2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for x64 (KB5006364)
2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2, Windows 10 Version 20H2, Windows Server, version 2004, Windows 10 Version 2004, Windows 10 Version 1909, and Windows 10 Version 1903 (KB5006365)
2021-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5006366)
2021-11 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5006368)
2021-11 Update for Windows 10 Version 1909 (KB5007114)
2021-11 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5007152)
2021-11 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5007298)
Microsoft Office Updates
You find Office update information here.
Security updates are distributed automatically to most Home versions of Windows. Windows Update is set to download and install security updates automatically. Organizations may use update management systems, e.g. WSUS, to manage updating on company machines.
Updates are not delivered in real-time, and that means that you may get them early by searching for them manually. In any event, it is advised to create a system backup before updates are installed.
Here is how you may check for updates manually:
Below are resource pages with direct download links, if you prefer to download the updates to install them manually.
Windows 7 and Server 2008 R2
Windows 8.1 and Windows Server 2012 R2
Windows 10 (version 1909)
Windows 10 (version 2004)
Windows 10 (version 20H2)
Windows 10 (version 21H1)
