Microsoft warns of tcp/ip vulnerabilities and zeroday during Patch Tuesday

Microsoft released a separate warning for vulnerabilities targeting tcp/ip during the monthly Patch Tuesday patch. Among other things, three bugs have been fixed that allow remote code executions.

The warning specifically addresses three bugs: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. The latter is a denial-of-service vulnerability that can cause a blue screen of death, the first two allow remote code executions. According to Microsoft, the vulnerabilities are in the tcp/ip implementation of all Windows systems. The company expects that the DoS attack in particular will soon be implemented in practice with a working exploit. According to Microsoft, the two RCE attacks are more difficult to exploit in practice.

Microsoft fixed the three vulnerabilities during the monthly Patch Tuesday. In it, the company fixed a total of 56 vulnerabilities, nine of which were given a Critical rating. One, CVE-2021-1732, is a zeroday in Windows 10 and Windows Server 2016 and above. It is a privilege escalation bug that has been actively exploited, although details about that attack are lacking.

There is also a vulnerability with a score of 9.8 in the DNS server implementation on Windows Server from versions 2008 to 2019. CVE-2021-24078 is primarily a threat in enterprise environments.