Microsoft fixed 67 vulnerabilities for Windows, Office and other tools during Patch Tuesday. Details of six of the vulnerabilities were already known. One of those zero days is being actively abused, according to Microsoft.
A total of 67 vulnerabilities have been fixed. One of the vulnerabilities is in Windows AppX Installer. It contains a bug that is tracked as CVE-2021-43890. An attacker could send malware via phishing and exploit the vulnerability. According to Microsoft, this is done by criminals who use it to spread the Emotet or Trickbot botnet. Both admins and users without admin rights are vulnerable, but according to Microsoft, the vulnerability is easier to exploit with admins.
Other zerodays fixed during the monthly patch cycle are CVE-2021-41333 and CVE-2021-43240. Both are privilege escalations in the Windows Print Spooler and NTFS Set Shot Name respectively. Also, CVE-2021-43773 is an unauthorized privilege escalation in the Windows Installer. The last two zero days are an ability to delete files on a system via Windows Mobile Device Management, and CVE-2021-43893, a privilege escalation in the Windows Encrypting File System. Details about the operation of all those vulnerabilities were already public, but according to Microsoft there are no indications that they have been abused in practice.
KB5008212 is available for OS versions 19041, 19042, 19043 and 19044 of Windows 10. For Windows 11, users can download KB5008215. Of the 67 vulnerabilities, 21 are an elevation of privilege, 26 are a remote code execution bug, and 10 are a hole through which information can be stolen from a system. Also fixed 7 spoofing vulnerabilities in the OS, and 3 denial of service vulnerabilities.