Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2021.0114 Microsoft Patch Tuesday update for Microsoft Apps for June 2021 9 June 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: 3D Viewer Intune management extension Paint 3D Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-31942 CVE-2021-31943 CVE-2021-31944 CVE-2021-31945 CVE-2021-31946 CVE-2021-31980 CVE-2021-31983 Reference: https://portal.msrc.microsoft.com/en-us/security-guidance OVERVIEW Microsoft has released its monthly security patch update for the month of June 2021. This update resolves 7 vulnerabilities across the following products: [1] 3D Viewer Intune management extension Paint 3D IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2021-31942 Remote Code Execution Important CVE-2021-31943 Remote Code Execution Important CVE-2021-31944 Information Disclosure Important CVE-2021-31945 Remote Code Execution Important CVE-2021-31946 Remote Code Execution Important CVE-2021-31980 Remote Code Execution Important CVE-2021-31983 Remote Code Execution Important MITIGATION Microsoft recommends updating the software to the latest available version available on the Microsoft Update Catalog. [1]. REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYMAKJ+NLKJtyKPYoAQhP/RAAi6KN1bD343T1hEE70qU5IBsnh7pM9G8d HXqfODuGgkNWK09yO4itGFskXTwPtDyNIiU/+etU08OSzz65XteBTLGs5IaSRPvh G9pXq8OuG3BpHiPORIm14mL4iXhhQwy847jheRw+gSNh0Sy8IWnnOGE04guIi665 m6oZhApakyxCCe2nuEx0Ve7H+QyNVQxAciAE8dPjgSGebBcZ/cIafScQj8fWW8fo QpdCJ1MWNX/ahqYY+qbOPs7dPzf2Z69BVjbfK0vqwHyhrwHAChTee7h5bIybUQiq gKDGZrbjWnIjpwa9q5ZZaxZAiOb7MRjjwiItj4135bnwikc8AU6q0+Tr/8kdFJeQ XGGwaNaaIgdICJ1MVJ463cWF5rH5zfiPCO04f+NGyCYALn6dHaslCb6vNOM8UcId tO5dOwySVX5D3yBKiUGcqKSA0I+NGseJwdhpDYU+EFrgJYxyGLhb47bEkM53Veyj ws1xONjEAD1ZW+yZ3QoelnSNWlBGTWNAXzmak3JBGVen0rWsl1SQ2zuGn6imtFaH nfEcW97IKT9edJA0F1bZEp4/6mDOSjFeSNBe5R4660ZNZKazq41a/Y7ULf13jRlU Ti0ECa6sMS1wBS8AOba288i2wf55h2eyctEXtFXJVkxzGVMOvDYgWMBOSCOcTYgZ D7h5/ca4fkE= =9NVC -----END PGP SIGNATURE-----