The zero-day vulnerability used to spread Emotet malware has been fixed

by Madalina Dinita
Madalina Dinita
Madalina Dinita
Madalina has been a Windows fan ever since she got her hands on her first Windows XP computer. She is interested in all things technology, especially emerging technologies... read more
Affiliate Disclosure
windows 10 PT

XINSTALL BY CLICKING THE DOWNLOAD FILE
To fix various PC problems, we recommend DriverFix:
This software will keep your drivers up and running, thus keeping you safe from common computer errors and hardware failure. Check all your drivers now in 3 easy steps:

  1. Download DriverFix (verified download file).
  2. Click Start Scan to find all problematic drivers.
  3. Click Update Drivers to get new versions and avoid system malfunctionings.
  • DriverFix has been downloaded by 0 readers this month.

Yes, it’s that time of the month again, and we have a lot to look at in terms of software release, as the December 2021 Patch Tuesday updates are now live.

The Redmond tech giant has released a number of 67 security fixes for software including seven critical issues and a zero-day flaw being actively exploited by malicious third parties.

Through this latest patch release, which is usually due on the second Tuesday of each month, Microsoft has fixed some important problems.

Among them are Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, and denial-of-service issues.

Another notable event for this month’s rollout is the fact that Windows 10 version 2004 has reached end of support and will no longer receive any security updates.

Microsoft had a lot to work on for December as well

Some of the software targetted by Microsoft’s December security update include Office, PowerShell, the Chromium-based Edge browser, the Windows Kernel, Print Spooler, and Remote Desktop Client. 

Some of the most severe vulnerabilities resolved in this update are a total of six zero-days, although only one is known to be actively exploited in the wild, as follows:

CVE Title Severity CVSS Public Exploited Type
CVE-2021-43890 Windows AppX Installer Spoofing Vulnerability Important 7.1 Yes Yes Spoofing
CVE-2021-43240 NTFS Set Short Name Elevation of Privilege Vulnerability Important 7.8 Yes No EoP
CVE-2021-43893 Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability Important 7.5 Yes No EoP
CVE-2021-43883 Windows Installer Elevation of Privilege Vulnerability Important 7.1 Yes No EoP
CVE-2021-43880 Windows Mobile Device Management Elevation of Privilege Vulnerability Important 5.5 Yes No EoP
CVE-2021-41333 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 Yes No EoP
CVE-2021-43215 iSNS Server Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2021-43899 Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution Vulnerability Critical 8.1 No No RCE
CVE-2021-43905 Microsoft Office app Remote Code Execution Vulnerability Critical 9.6 No No RCE
CVE-2021-43233 Remote Desktop Client Remote Code Execution Vulnerability Critical 7 No No RCE
CVE-2021-43907 Visual Studio Code WSL Extension Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2021-43217 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Critical 8.1 No No RCE
CVE-2021-43877 ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43225 Bot Framework SDK Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2021-43219 DirectX Graphics Kernel File Denial of Service Vulnerability Important 7.4 No No DoS
CVE-2021-40452 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-40453 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-41360 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43892 Microsoft BizTalk ESB Toolkit Spoofing Vulnerability Important 7.1 No No Spoofing
CVE-2021-42312 Microsoft Defender for IOT Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43888 Microsoft Defender for IoT Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-41365 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-42311 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-42313 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-42314 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-42315 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-43882 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 9 No No RCE
CVE-2021-43889 Microsoft Defender for IoT Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2021-43256 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-42293 Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability Important 6.5 No No EoP
CVE-2021-43216 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2021-43222 Microsoft Message Queuing Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-43236 Microsoft Message Queuing Information Disclosure Vulnerability Important 7.5 No No Info
CVE-2021-43875 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43255 Microsoft Office Trust Center Spoofing Vulnerability Important 5.5 No No Spoofing
CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability Important 5.5 No No Spoofing
CVE-2021-42294 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2021-42309 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2021-42320 Microsoft SharePoint Server Spoofing Vulnerability Important 8 No No Spoofing
CVE-2021-43242 Microsoft SharePoint Server Spoofing Vulnerability Important 7.6 No No Spoofing
CVE-2021-43227 Storage Spaces Controller Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-43235 Storage Spaces Controller Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-43228 SymCrypt Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2021-42295 Visual Basic for Applications Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-43891 Visual Studio Code Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43908 Visual Studio Code Spoofing Vulnerability Important N/A No No Spoofing
CVE-2021-43243 VP9 Video Extensions Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-43214 Web Media Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43207 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43226 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43224 Windows Common Log File System Driver Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2021-43248 Windows Digital Media Receiver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43245 Windows Digital TV Tuner Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43232 Windows Event Tracing Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43234 Windows Fax Service Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2021-43246 Windows Hyper-V Denial of Service Vulnerability Important 5.6 No No DoS
CVE-2021-43244 Windows Kernel Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2021-40441 Windows Media Center Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43229 Windows NTFS Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43230 Windows NTFS Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43231 Windows NTFS Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43239 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important 7.1 No No EoP
CVE-2021-43223 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43238 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43237 Windows Setup Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2021-43247 Windows TCP/IP Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
* CVE-2021-4052 Chromium: CVE-2021-4052 Use after free in web apps High N/A No No RCE
* CVE-2021-4053 Chromium: CVE-2021-4053 Use after free in UI High N/A No No RCE
* CVE-2021-4054 Chromium: CVE-2021-4054 Incorrect security UI in autofill High N/A No No RCE
* CVE-2021-4055 Chromium: CVE-2021-4055 Heap buffer overflow in extensions High N/A No No RCE
* CVE-2021-4056 Chromium: CVE-2021-4056: Type Confusion in loader High N/A No No RCE
* CVE-2021-4057 Chromium: CVE-2021-4057 Use after free in file API High N/A No No RCE
* CVE-2021-4058 Chromium: CVE-2021-4058 Heap buffer overflow in ANGLE High N/A No No RCE
* CVE-2021-4059 Chromium: CVE-2021-4059 Insufficient data validation in loader High N/A No No RCE
* CVE-2021-4061 Chromium: CVE-2021-4061 Type Confusion in V8 High N/A No No RCE
* CVE-2021-4062 Chromium: CVE-2021-4062 Heap buffer overflow in BFCache High N/A No No RCE
* CVE-2021-4063 Chromium: CVE-2021-4063 Use after free in developer tools High N/A No No RCE
* CVE-2021-4064 Chromium: CVE-2021-4064 Use after free in screen capture High N/A No No RCE
* CVE-2021-4065 Chromium: CVE-2021-4065 Use after free in autofill High N/A No No RCE
* CVE-2021-4066 Chromium: CVE-2021-4066 Integer underflow in ANGLE High N/A No No RCE
* CVE-2021-4067 Chromium: CVE-2021-4067 Use after free in window manager High N/A No No RCE
* CVE-2021-4068 Chromium: CVE-2021-4068 Insufficient validation of untrusted input in new tab page Low N/A No No Spoofing

A total of 887 CVE-assigned vulnerabilities have been patched by Microsoft this year, and while this figure may seem high, the team notes this is a 29% decrease from 2020 (not including Chromium-based Edge). 

Expert Tip: Some PC issues are hard to tackle, especially when it comes to corrupted repositories or missing Windows files. If you are having troubles fixing an error, your system may be partially broken. We recommend installing Restoro, a tool that will scan your machine and identify what the fault is.
Click here to download and start repairing.

One of the most important victories here is that this patch fixes a bug in the AppX installer that affects Windows.

Redmond officials stated that they have seen the bug used in malware in the Emotet/Trickbot/Bazaloader family, and an attacker would need to craft a malicious attachment to be used in phishing campaigns.

It might actually seem that code execution would occur at the logged-on user level, so attackers would likely combine this with another bug to take control of a system.

Another bug, this time in the Internet Storage Name Service (iSNS) server, that could allow remote code execution if an attacker sends a specially crafted request to an affected server, has been squashed.

Just to refresh your memory, iSNS is a protocol that enables automated discovery and management of iSCSI devices on a TCP/IP storage network.

So, if you’re running a SAN in your enterprise, you either have an iSNS server or you configure each of the logical interfaces individually.

This bug is one of three CVSS 9.8 bugs fixed this month. If you have a SAN, prioritize testing and deploying this patch. 

Don’t forget that Microsoft isn’t the only company that releases updates and fix patches around this time of the month, so make sure to also check out:

What are your thoughts on this month’s release? Share your opinion with us in the comments section below.

idee restoro Still having issues? Fix them with this tool:
  1. Download this PC Repair Tool rated Great on TrustPilot.com (download starts on this page).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues with Patented Technologies (Exclusive Discount for our readers).

Restoro has been downloaded by 0 readers this month.