It seems like Microsoft has just been trying to lull us into a false sense of security from these last few patch Tuesdays; they thought they could slip one in, and we would not notice. We did see Microsoft... we did see. This time around, we have 89 CVE’s getting patched, with 14 being critical. Those ten are pretty bad, though, the worst being a remote execution flaw that does not require user interaction or any privileges. This is what would usually get a name, but recently with the lack of information released with the CVE’s that type of stuff is happening less than before. Five of these are being actively exploited, with two being publicly known.
Some Highlights (Or Lowlights)
CVE-2021-26897 - This is the exploit we mentioned above. It impacts the DNS server role and allows remote execution. If this sounds familiar, this seems to be very similar to CVE-2021-24078. My guess is that the patch from last month left a portion of it still exposed. This one alone makes patching critical this month.
CVE-2021-26867 - This is a remote execution vulnerability for Hyper-V. It has many the same score markers as the first exploit, but it does require some level of authentication for it to work.
CVE-2021-27080 - This last one is an unsigned code execution exploit for Azure Sphere. It does not require authentication or user interaction, but the attack vector is local only.
CVE-2021-26411 - The exploit for internet explorer and HTML-based Edge. This allows someone to run code against the impacted system. This requires the user to click on a bad link or go to a compromised website. It is more challenging to execute, but it is already publicly known and actively exploited, so we figure it would be a good one to mention.
OOF! Some of the critical patches for this one are pretty bad. On a brighter note, none of them has been publicly known or is being actively exploited. So... patch, because they are for sure out in the wild now. These are ones you want to close ASAP. We have some excellent news for you, though. We have taken the liberty of automating patching your systems; in under 15 minutes, you can have your Windows patching on a schedule that you never have to look at.