Microsoft released the November 2021 Patch Tuesday as promised, with 55 security patches. The issue only affected Windows 7 and 8 users who hadn’t updated for over 10 years (an average of about 3 to 4 years), but still had a serious impact on computers that were running insecurely outdated software. Experts say Microsoft is making progress in addressing its old operating system’s vulnerabilities, despite some complaints that it too slowly adopts new computing standards.
Alexandru Poloboc is an author.
Editor of the News
Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overriding drive to always get to the bottom of things and find the truth… Continue reading
Yes, it’s that time of the month again, and Microsoft has published 55 security updates, including patches for zero-day vulnerabilities that are being actively exploited.
Six major vulnerabilities, 15 remote code execution (RCE) defects, information leaks, and elevation of privilege security weaknesses, as well as concerns that might lead to spoofing and manipulation, are all addressed in the newest wave of updates from the tech giant.
The fixes affect Microsoft Azure, the Chromium-based Edge browser, Microsoft Office and its related products, Visual Studio, Exchange Server, Windows Kernel, and Windows Defender.
There were fifteen remote code execution issues repaired.
Another hectic month for Redmond programmers and developers, as they continue to battle old and new problems.
While some issues just required minor adjustments, others were critical and were addressed as such by the IT firm.
The following are some of the most notable vulnerabilities addressed in this version, all of which are considered critical:
- (CVSS:3.1 8.8 / 7.7) CVE-2021-42321 This vulnerability affects Microsoft Exchange Server and may result in RCE owing to poor validation of cmdlet inputs. Attackers, on the other hand, must be verified.
- (CVSS:3.1 7.8 / 7.0) CVE-2021-42292 This vulnerability, which has been exploited in the wild, was discovered in Microsoft Excel and may be used to bypass security restrictions. The Preview Pane, according to Microsoft, is not an attack vector. Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 do not have any patches available right now.
- (CVSS:3.1 7.8 / 6.8) CVE-2021-43209. This flaw, which is a 3D Viewer vulnerability, may be exploited locally to cause RCE.
- (CVSS:3.1 7.8 / 6.8) CVE-2021-43208 Another well-known vulnerability, the 3D Viewer security weakness may be exploited by a local attacker for code execution.
- (CVSS: 3.0 4.4 / 3.9) CVE-2021-38631 This security hole in the Windows Remote Desktop Protocol (RDP), which was also made public, may be leveraged to leak information.
- (CVSS:3.1 4.4 / 3.9) CVE-2021-41371 Finally, this RDP vulnerability may be exploited locally to compel an information leak, since it was discovered before fix was available.
When compared to prior years’ releases, this release had a comparatively low number of vulnerabilities addressed in November.
Microsoft fixed 71 issues last month, so we may call this a rather tranquil time. Patches for a total of four zero-day defects, one of which was actively exploited in the wild, and three of which were made public, are of special significance.
If we go back a little farther, Microsoft patched over 60 vulnerabilities on Patch Tuesday in September. A fix for an RCE in MSHTML was one of the changes.
Let’s not forget that, in addition to Microsoft’s Patch Tuesday software release, other firms have released security patches as well, including:
Have you encountered any of the mistakes or flaws mentioned in this article? Please share your thoughts in the comments box below.
Was this page of assistance to you?
Thank you very much!
There are insufficient details It’s difficult to comprehend Other Speak with a Professional
Start a discussion.
Frequently Asked Questions
What is Microsofts Patch Tuesday?
A: Microsoft has a program called Patch Tuesday where they release updates for their operating systems. These are security fixes and other things that fix bugs in the system, like some of those released on February 12th 2019 were related to how your computer tells time.
What time on Tuesday does Microsoft release patches?
A: Microsoft releases patches on Tuesdays at 10 AM PST.
When was the last Microsoft Patch Tuesday?
A: The last Microsoft Patch Tuesday was on June 11th, 2019.
