Hash: SHA256

                         AUSCERT Security Bulletin

        Microsoft Patch Tuesday update for Windows for October 2021
                              13 October 2021


        AusCERT Security Bulletin Summary

Product:          Windows 10
                  Windows 11
                  Windows 8.1
                  Windows Server 2012
                  Windows Server 2012 R2
                  Windows Server 2016
                  Windows Server 2019
                  Windows Server 2022
Operating System: Windows
Impact/Access:    Execute Arbitrary Code/Commands -- Remote with User Interaction
                  Increased Privileges            -- Existing Account            
                  Denial of Service               -- Remote/Unauthenticated      
                  Provide Misleading Information  -- Remote with User Interaction
                  Unauthorised Access             -- Remote/Unauthenticated      
                  Access Confidential Data        -- Existing Account            
Resolution:       Patch/Upgrade
CVE Names:        CVE-2021-41361 CVE-2021-41357 CVE-2021-41347
                  CVE-2021-41346 CVE-2021-41345 CVE-2021-41343
                  CVE-2021-41342 CVE-2021-41340 CVE-2021-41339
                  CVE-2021-41338 CVE-2021-41337 CVE-2021-41336
                  CVE-2021-41335 CVE-2021-41334 CVE-2021-41332
                  CVE-2021-41331 CVE-2021-41330 CVE-2021-40489
                  CVE-2021-40488 CVE-2021-40478 CVE-2021-40477
                  CVE-2021-40476 CVE-2021-40475 CVE-2021-40470
                  CVE-2021-40469 CVE-2021-40468 CVE-2021-40467
                  CVE-2021-40466 CVE-2021-40465 CVE-2021-40464
                  CVE-2021-40463 CVE-2021-40462 CVE-2021-40461
                  CVE-2021-40460 CVE-2021-40456 CVE-2021-40455
                  CVE-2021-40454 CVE-2021-40450 CVE-2021-40449
                  CVE-2021-40443 CVE-2021-38672 CVE-2021-38663
                  CVE-2021-38662 CVE-2021-36970 CVE-2021-36953
                  CVE-2021-26442 CVE-2021-26441 

Comment: Microsoft notes that CVE-2021-40449 is being actively exploited


        Microsoft has released its monthly security patch update for the
        month of October 2021.
        This update resolves 47 vulnerabilities across the following
        products: [1]
         Windows 10
         Windows 11
         Windows 8.1
         Windows RT 8.1
         Windows Server
         Windows Server 2012
         Windows Server 2012 R2
         Windows Server 2016
         Windows Server 2019
         Windows Server 2022


        Microsoft has given the following details regarding these vulnerabilities.
         Details         Impact                   Severity
         CVE-2021-26441  Elevation of Privilege   Important
         CVE-2021-26442  Elevation of Privilege   Important
         CVE-2021-36953  Denial of Service        Important
         CVE-2021-36970  Spoofing                 Important
         CVE-2021-38662  Information Disclosure   Important
         CVE-2021-38663  Information Disclosure   Important
         CVE-2021-38672  Remote Code Execution    Critical
         CVE-2021-40443  Elevation of Privilege   Important
         CVE-2021-40449  Elevation of Privilege   Important
         CVE-2021-40450  Elevation of Privilege   Important
         CVE-2021-40454  Information Disclosure   Important
         CVE-2021-40455  Spoofing                 Important
         CVE-2021-40456  Security Feature Bypass  Important
         CVE-2021-40460  Security Feature Bypass  Important
         CVE-2021-40461  Remote Code Execution    Critical
         CVE-2021-40462  Remote Code Execution    Important
         CVE-2021-40463  Denial of Service        Important
         CVE-2021-40464  Elevation of Privilege   Important
         CVE-2021-40465  Remote Code Execution    Important
         CVE-2021-40466  Elevation of Privilege   Important
         CVE-2021-40467  Elevation of Privilege   Important
         CVE-2021-40468  Information Disclosure   Important
         CVE-2021-40469  Remote Code Execution    Important
         CVE-2021-40470  Elevation of Privilege   Important
         CVE-2021-40475  Information Disclosure   Important
         CVE-2021-40476  Elevation of Privilege   Important
         CVE-2021-40477  Elevation of Privilege   Important
         CVE-2021-40478  Elevation of Privilege   Important
         CVE-2021-40488  Elevation of Privilege   Important
         CVE-2021-40489  Elevation of Privilege   Important
         CVE-2021-41330  Remote Code Execution    Important
         CVE-2021-41331  Remote Code Execution    Important
         CVE-2021-41332  Information Disclosure   Important
         CVE-2021-41334  Elevation of Privilege   Important
         CVE-2021-41335  Elevation of Privilege   Important
         CVE-2021-41336  Information Disclosure   Important
         CVE-2021-41337  Security Feature Bypass  Important
         CVE-2021-41338  Security Feature Bypass  Important
         CVE-2021-41339  Elevation of Privilege   Important
         CVE-2021-41340  Remote Code Execution    Important
         CVE-2021-41342  Remote Code Execution    Important
         CVE-2021-41343  Information Disclosure   Important
         CVE-2021-41345  Elevation of Privilege   Important
         CVE-2021-41346  Security Feature Bypass  Important
         CVE-2021-41347  Elevation of Privilege   Important
         CVE-2021-41357  Elevation of Privilege   Important
         CVE-2021-41361  Spoofing                 Important


        Microsoft recommends updating the software with the version made
        available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1].
         KB5006667, KB5006669, KB5006670, KB5006671, KB5006672
         KB5006674, KB5006675, KB5006699, KB5006714, KB5006729
         KB5006732, KB5006739


        [1] Microsoft Security Update Guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: http://www.auscert.org.au/render.html?it=1967