fb
Homepage 5 Blog 5 October 2021 Patch Tuesday Review: Microsoft Fixes 74 Security Flaws

October 2021 Patch Tuesday Review: Microsoft Fixes 74 Security Flaws

Manage remote endpoints, deploy software and patches with a robust cloud-based Action1 RMM solution. Start your 2-week trial or use free forever for up to 50 endpoints.



Today is the second Tuesday of October. Time to check out the latest security updates from Microsoft. In this month’s Patch Tuesday, Microsoft fixed a total of 74 vulnerabilities (81, counting Microsoft Edge for Chromium’s updates). Among the 74 bugs fixed today included four zero-day vulnerabilities, one of which was known to have been exploited in the wild. Three of the vulnerabilities were rated as Critical, one as Low, and the rest as Important.

The number of patches released this Tuesday is a bit higher than those from the last patch Tuesday. But for the eighth time in 2021, the monthly patch batch is well below the 100 mark.

Let’s look at the highlights from this month’s Windows security Patch Tuesday:

The Four Zero-day Bugs

All four zero-day bugs were publicly disclosed, but only one of them was actively exploited in the wild before today’s fixes.

CVE-2021-40449 is an EPV that affects the Win32K kernel driver. The CVE is based on a use-after-free error that occurs when a program utilizes dynamic memory during operation but fails to clear the pointer after freeing a memory location. Threat actors can exploit such a flaw to hack a program, which they did in the case of CVE-2021-40449.

This zero-day was discovered and reported to Microsoft by security researchers working at Kaspersky. The researchers observed that the zero-day exploit involved a malware payload known as MysterySnail, whose variants were found in extensive espionage attacks against multiple IT companies, diplomatic entities, and military and defense contractors. Kaspersky tracked this cluster of activities back to a threat actor known as IronHusky.

CVE-2021-40449 has a 7.8 severity score. And since the vulnerability has already been used to gain high-level Windows privileges, installing this patch should be a priority.

The other three zero-day vulnerabilities fixed in this round of patches were tracked as:

  • CVE-2021-41335 (CVSS 7.8): Windows Kernel EPV
  • CVE-2021-41338 (CVSS 5.5): A Firewall Security Feature Bypass vulnerability affecting Windows AppContainer
  • CVE-2021-40469 (CVSS 7.2): An RCE bug in Windows DNS Server

The Three Critical Updates and Other Notable Fixes

Microsoft classified three vulnerabilities as Critical and tracked them as CVE-2021-40486—an RCE vulnerability in Microsoft Word, and CVE-2021-40461 and CVE-2021-38672—both RCE bugs in Windows Hyper-V. But despite their high severity scores, all three vulnerabilities were marked “Exploitation Less Likely.”

  • CVE-2021-36970—Windows Print Spooler Spoofing bug: This is the fourth Patch Tuesday in a row that Microsoft is fixing a bug in Windows Print Spooler. Zhiniang Peng and XueFeng Li, who also discovered the notorious PrintNightmare just a few months back, brought CVE-2021-36970 to Microsoft’s attention. According to Microsoft’s Exploitability Index, an attack based on this flaw is quite possible.
  • CVE-2021-26427—Microsoft Exchange Server RCE flaw: This had the highest CVSSv3 score (9.0) in today’s Microsoft patch Tuesday list. But despite the high severity rating, Microsoft says that exploiting this flaw is less likely because the attacker would have to use an adjacent network to gain access to a vulnerable system.

In addition to Microsoft security updates, this Patch Tuesday also brought Windows 11 and Windows 10 cumulative updates. These include security and features updates for Windows 10 and Windows Server builds 1903 and later. So, if you’re running any of these Windows versions, be sure you update them as you install the new patches.

That concludes our review of October’s Microsoft Windows Patch Tuesday. But we obviously haven’t covered all the 74 vulnerabilities fixed today. Read Microsoft’s Patch Tuesday release notes to get the full list of today’s patches and even more information about the new updates.

Stay tuned for more Microsoft Patch Tuesday news. And note, Action1 patch management tool is here to help you tackle any Microsoft Update or Patch Tuesday issues by automating patch deployment across remote endpoints. Feel free to try it out if you are looking for a solution to resolve any Microsoft Patch Tuesday problems, whether it’s finding and installing the right patches or automating the Windows patching and updating processes for multiple endpoints.

October 13, 2021

Related Articles

MSP Pricing Models Guide: Achieving MSP Profitability in 2021

MSP Pricing Models Guide: Achieving MSP Profitability in 2021

Managed IT services is one of the fastest-growing and most lucrative sectors of the business tech industry. The global IT services market is on track to hit $1.1 trillion by 2026, registering an 8.02 CAGR between 2021 and 2026. Although the managed IT market is...

Sure Strategies and Ways to Prevent Cyber Attacks

Sure Strategies and Ways to Prevent Cyber Attacks

Cybercriminals have been leveraging the latest in technology to plan and execute sophisticated cyberattacks. They use artificial intelligence, the Internet of things (IoT), bots, etc., to execute malware installations, ransomware infections, man-in-the-middle (MITM)...

Windows Update Failed? Here Are 7 Ways to Fix It

Windows Update Failed? Here Are 7 Ways to Fix It

Windows update failed errors are frustrating for anyone who uses Windows. Whenever you experience Windows update failing repeatedly and see a blue screen with a message indicating problems updating Windows, this article will help guide you through fixing Windows...

About Action1 RMM

Action1 RMM is a cloud-based IT solution for remote monitoring and management, patching, and remote support.

Start your free two-week trial of Action1, or use RMM tools for free forever on 50 endpoints with no functionality limitations!



0 Comments

Submit a Comment

Your email address will not be published.

cloud patch management solutions action1

MSP Solution

Centralize endpoint management and boost efficiency of IT service delivery.

automated server patch management action compliance

Patch Management

Identify and deploy missing OS and third-party software updates.

cloud software deployment tools windows

Software Deployment

Distribute software and updates across managed endpoints.

software distribution tools software inventory action1

IT Asset Inventory

Keep a detailed inventory and manage hardware and software assets.

web client remote desktop

Remote Desktop

Support users via seamless remote desktop connection.

web based rdp client

Unattended Access

Provide administrative support and manage remote devices.

automated patch management action1

Endpoint Management

Run PowerShell, custom scripts, reboot computers and restart services.

API integrations action1

RESTful API

Integrate Action1 RMM to your IT ecosystem.

computer inventory tool for compliance

Reports and Alerts

Conduct endpoint security audits with comprehensive reporting.