Operating System:

[WIN]

Published:

10 November 2021

Protect yourself against future threats.

//Service

Phishing Take-Down

Drawing on our strong international CERT relationships we have a high success rate in delivering phishing take-downs.

Read more
Resources > Security Bulletins > ASB-2021.0240 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2021.0240
           Microsoft Patch Tuesday update for Microsoft Extended
             Security Update (ESU) products for November 2021
                             10 November 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Windows 7
                  Windows Server 2008
                  Windows Server 2008 R2
Operating System: Windows
Impact/Access:    Execute Arbitrary Code/Commands -- Remote with User Interaction
                  Increased Privileges            -- Existing Account            
                  Access Confidential Data        -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2021-42291 CVE-2021-42287 CVE-2021-42285
                  CVE-2021-42283 CVE-2021-42282 CVE-2021-42278
                  CVE-2021-42275 CVE-2021-41379 CVE-2021-41377
                  CVE-2021-41371 CVE-2021-41370 CVE-2021-41367
                  CVE-2021-38666 CVE-2021-38665 CVE-2021-38631
Reference:        ASB-2021.0232

OVERVIEW

        Microsoft has released its monthly security patch update for the
        month of November 2021.
        This update resolves 15 vulnerabilities across the following
        products: [1]
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
         Details         Impact                   Severity
         CVE-2021-38631  Information Disclosure   Important
         CVE-2021-38665  Information Disclosure   Important
         CVE-2021-38666  Remote Code Execution    Critical
         CVE-2021-41367  Elevation of Privilege   Important
         CVE-2021-41370  Elevation of Privilege   Important
         CVE-2021-41371  Information Disclosure   Important
         CVE-2021-41377  Elevation of Privilege   Important
         CVE-2021-41379  Elevation of Privilege   Important
         CVE-2021-42275  Remote Code Execution    Important
         CVE-2021-42278  Elevation of Privilege   Important
         CVE-2021-42282  Elevation of Privilege   Important
         CVE-2021-42283  Elevation of Privilege   Important
         CVE-2021-42285  Elevation of Privilege   Important
         CVE-2021-42287  Elevation of Privilege   Important
         CVE-2021-42291  Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made
        available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1].
         KB5007233, KB5007236, KB5007246, KB5007263


REFERENCES

        [1] Microsoft Security Update Guidance
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYYsRl+NLKJtyKPYoAQgOUhAAqwwNmfGUZuPwBlmTj4+BR6p0D0MlcHCI
zRXuKtam2JNxBOtAW7AN6rdPCbtHYy8yZRG0JVJZnoO63XmHQCWXEWVt0hWRMtmC
chdHAIL/s/NxUmUFuw7i3qErlhzU/CatZp8KKDUJV2O6mXcV/rr/pK1JLE2+A7Yp
aEovlUc3RXDCrACGMrY1vRi2WNHaLSIRQ0gGOxe2F1067Wev6+3ENiUmGCLpV5Tr
ydhy0VY9RFL/tAhQxAG2mzZ9hApcqMUxWPfA/XreLkQ9LAoZt74qANY7usNQjfmB
MTpnh53mumn4URKEZ9L5MSw7o5YULsep+V/xjoJ49V+FzgHCkaThvtXk72SaQvoC
F20mU0B4SlqWDTN5ZYD8lpy4th8StuUkLoTFfFYnJF5VVT419Kn+P1MRKnawJmNh
/pcoMgSgtSozhVPn1nUcCqXdVOC9YeLO5tEdxnm1x+eoYArIhRKKnufyAtHwpk3j
0inGRfAQ2uHKHr7pFa4X505lwQ19k4xasrZAJKVQAy7EamBloPwiioPPOwkf+2CM
ksogZv9Xgq5ux9FavvX6JtPzKp8I2+H9isUEdU51Nw8xV51q6sBNXlgc5hYXrFXJ
Z9QLXsK5b0isCRvCmW2qSfv5btA0m5aDS3LjUrb3acMh5oE5PSDrqc2E24NQQa1U
QkSJnD7inoM=
=Xttb
-----END PGP SIGNATURE-----