Four zero-days vulnerabilities and 71 flaws fixed via this month's Patch Tuesday

News » Security » Patch Tuesday

Reading time icon 7 min. read

Calendar icon Updated on

by Alexandru Poloboc 

updated on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • Redmond officials addressed a lot of problems with this month's rollout, more than expected.
  • The Microsoft Word Remote Code Execution Vulnerability was treated as a critical one.
  • Also considered critical was the Windows Hyper-V Remote Code Execution Vulnerability.
  • This article contains the complete list of security updates that were issued in October 2021.
pt oct 2021

Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws.

Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low.

4 zero-days vulnerabilities fixed, with one actively exploited

These 81 vulnerabilities that are being patched during this month’s rollout are split into categories, as follows:

  • 21 Elevation of Privilege Vulnerabilities
  • 6 Security Feature Bypass Vulnerabilities
  • 20 Remote Code Execution Vulnerabilities
  • 13 Information Disclosure Vulnerabilities
  • 5 Denial of Service Vulnerabilities
  • 9 Spoofing Vulnerabilities

October’s Patch Tuesday includes fixes for four zero-day vulnerabilities, with a Win32k Elevation of Privilege Vulnerability vulnerability known to have been actively exploited in attacks.

Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.

The actively exploited vulnerability was discovered by Kaspersky’s Boris Larin (oct0xor) and allows malware or a threat actor to gain elevated privileges on a Windows device.

Kaspersky disclosed that the vulnerability was used by threat actors in “widespread espionage campaigns against IT companies, military/defense contractors, and diplomatic entities.” 

As part of the attacks, the threat actors installed a remote access trojan (RAT) that was elevated with higher permissions using the zero-day Windows vulnerability. 

Thus, Kaspersky calls this cluster of malicious activity MysterSnail and is attributed to the IronHusky and Chinese-speaking APT activity.

Microsoft also fixed three other publicly disclosed vulnerabilities that are not known to be exploited in attacks.

  • CVE-2021-40469 – Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2021-41335 – Windows Kernel Elevation of Privilege Vulnerability
  • CVE-2021-41338 – Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability

Other companies also released important updates

  • Adobe’s October security updates were released for various applications.
  • Android’s October security updates were released last week.
  • Apache released HTTP Web Server 2.4.51 to fix an incompete patch for an actively exploited vulnerability.
  • Apple released security updates for iOS and iPadOS yesterday that an actively exploited zero-day vulnerability.
  • Cisco released security updates for numerous products this month.
  • SAP released its October 2021 security updates.
  • VMware released a security update for VMware vRealize Operations.

This month’s security updates

Below is the complete list of resolved vulnerabilities and released advisories in the October 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

TagCVE IDCVE TitleSeverity
.NET Core & Visual StudioCVE-2021-41355.NET Core and Visual Studio Information Disclosure VulnerabilityImportant
Active Directory Federation ServicesCVE-2021-41361Active Directory Federation Server Spoofing VulnerabilityImportant
Console Window HostCVE-2021-41346Console Window Host Security Feature Bypass VulnerabilityImportant
HTTP.sysCVE-2021-26442Windows HTTP.sys Elevation of Privilege VulnerabilityImportant
Microsoft DWM Core LibraryCVE-2021-41339Microsoft DWM Core Library Elevation of Privilege VulnerabilityImportant
Microsoft DynamicsCVE-2021-40457Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2021-41353Microsoft Dynamics 365 (on-premises) Spoofing VulnerabilityImportant
Microsoft DynamicsCVE-2021-41354Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2021-37978Chromium: CVE-2021-37978 Heap buffer overflow in BlinkUnknown
Microsoft Edge (Chromium-based)CVE-2021-37979Chromium: CVE-2021-37979 Heap buffer overflow in WebRTCUnknown
Microsoft Edge (Chromium-based)CVE-2021-37980Chromium: CVE-2021-37980 Inappropriate implementation in SandboxUnknown
Microsoft Edge (Chromium-based)CVE-2021-37977Chromium: CVE-2021-37977 Use after free in Garbage CollectionUnknown
Microsoft Edge (Chromium-based)CVE-2021-37974Chromium: CVE-2021-37974 Use after free in Safe BrowsingUnknown
Microsoft Edge (Chromium-based)CVE-2021-37975Chromium: CVE-2021-37975 Use after free in V8Unknown
Microsoft Edge (Chromium-based)CVE-2021-37976Chromium: CVE-2021-37976 Information leak in coreUnknown
Microsoft Exchange ServerCVE-2021-26427Microsoft Exchange Server Remote Code Execution VulnerabilityImportant
Microsoft Exchange ServerCVE-2021-34453Microsoft Exchange Server Denial of Service VulnerabilityImportant
Microsoft Exchange ServerCVE-2021-41348Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft Exchange ServerCVE-2021-41350Microsoft Exchange Server Spoofing VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-41340Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft IntuneCVE-2021-41363Intune Management Extension Security Feature Bypass VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40473Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40472Microsoft Excel Information Disclosure VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40471Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40474Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40485Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-40479Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2021-40487Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2021-40483Microsoft SharePoint Server Spoofing VulnerabilityLow
Microsoft Office SharePointCVE-2021-40484Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2021-40482Microsoft SharePoint Server Information Disclosure VulnerabilityImportant
Microsoft Office SharePointCVE-2021-41344Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2021-40480Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft Office VisioCVE-2021-40481Microsoft Office Visio Remote Code Execution VulnerabilityImportant
Microsoft Office WordCVE-2021-40486Microsoft Word Remote Code Execution VulnerabilityCritical
Microsoft Windows Codecs LibraryCVE-2021-40462Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-41330Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-41331Windows Media Audio Decoder Remote Code Execution VulnerabilityImportant
Rich Text Edit ControlCVE-2021-40454Rich Text Edit Control Information Disclosure VulnerabilityImportant
Role: DNS ServerCVE-2021-40469Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: Windows Active Directory ServerCVE-2021-41337Active Directory Security Feature Bypass VulnerabilityImportant
Role: Windows AD FS ServerCVE-2021-40456Windows AD FS Security Feature Bypass VulnerabilityImportant
Role: Windows Hyper-VCVE-2021-40461Windows Hyper-V Remote Code Execution VulnerabilityCritical
Role: Windows Hyper-VCVE-2021-38672Windows Hyper-V Remote Code Execution VulnerabilityCritical
System CenterCVE-2021-41352SCOM Information Disclosure VulnerabilityImportant
Visual StudioCVE-2020-1971OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-referenceImportant
Visual StudioCVE-2021-3450OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICTImportant
Visual StudioCVE-2021-3449OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processingImportant
Windows AppContainerCVE-2021-41338Windows AppContainer Firewall Rules Security Feature Bypass VulnerabilityImportant
Windows AppContainerCVE-2021-40476Windows AppContainer Elevation Of Privilege VulnerabilityImportant
Windows AppX Deployment ServiceCVE-2021-41347Windows AppX Deployment Service Elevation of Privilege VulnerabilityImportant
Windows Bind Filter DriverCVE-2021-40468Windows Bind Filter Driver Information Disclosure VulnerabilityImportant
Windows Cloud Files Mini Filter DriverCVE-2021-40475Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityImportant
Windows Common Log File System DriverCVE-2021-40443Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2021-40467Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Common Log File System DriverCVE-2021-40466Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows Desktop BridgeCVE-2021-41334Windows Desktop Bridge Elevation of Privilege VulnerabilityImportant
Windows DirectXCVE-2021-40470DirectX Graphics Kernel Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-40477Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows exFAT File SystemCVE-2021-38663Windows exFAT File System Information Disclosure VulnerabilityImportant
Windows Fastfat DriverCVE-2021-41343Windows Fast FAT File System Driver Information Disclosure VulnerabilityImportant
Windows Fastfat DriverCVE-2021-38662Windows Fast FAT File System Driver Information Disclosure VulnerabilityImportant
Windows InstallerCVE-2021-40455Windows Installer Spoofing VulnerabilityImportant
Windows KernelCVE-2021-41336Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2021-41335Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows MSHTML PlatformCVE-2021-41342Windows MSHTML Platform Remote Code Execution VulnerabilityImportant
Windows Nearby SharingCVE-2021-40464Windows Nearby Sharing Elevation of Privilege VulnerabilityImportant
Windows Network Address Translation (NAT)CVE-2021-40463Windows NAT Denial of Service VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-41332Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2021-36970Windows Print Spooler Spoofing VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-40460Windows Remote Procedure Call Runtime Security Feature Bypass VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-40489Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-41345Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-26441Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-40478Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2021-40488Storage Spaces Controller Elevation of Privilege VulnerabilityImportant
Windows TCP/IPCVE-2021-36953Windows TCP/IP Denial of Service VulnerabilityImportant
Windows Text ShapingCVE-2021-40465Windows Text Shaping Remote Code Execution VulnerabilityImportant
Windows Win32KCVE-2021-40449Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2021-41357Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2021-40450Win32k Elevation of Privilege VulnerabilityImportant

Have you been struggling with any of the errors and bugs listed in this article? Let us know in the comments section below.

More about the topics: patch tuesday

Alexandru Poloboc

Alexandru Poloboc Shield

Tech Journalist

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host. A certified gadget freak, he always feels the need to surround himself with next-generation electronics. When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.

User forum

0 messages