Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws

Label CVE ID CVE title Gravity applications CVE-2021-43890 Windows AppX installer spoofing vulnerability Important ASP.NET Core and Visual Studio CVE-2021-43877 ASP.NET Core and Visual Studio elevation of privilege vulnerability Important Azure Bot Framework SDK CVE-2021-43225 Bot Framework SDK Remote Code Execution Vulnerability Important BizTalk ESB Toolkit CVE-2021-43892 Microsoft BizTalk ESB Toolkit spoofing vulnerability Important Internet Storage Name Service CVE-2021-43215 ISNS Server Memory Corruption Vulnerability May Lead to Remote Code Execution Critical Microsoft Defender for IoT CVE-2021-41365 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42311 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42310 Microsoft Defender Remote Code Execution Vulnerability for IoT Critical Microsoft Defender for IoT CVE-2021-43882 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-43888 Microsoft Defender Information Disclosure Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42314 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42313 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42312 Microsoft Defender Elevation of Privilege Vulnerability for IOT Important Microsoft Defender for IoT CVE-2021-43889 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft Defender for IoT CVE-2021-42315 Microsoft Defender Remote Code Execution Vulnerability for IoT Important Microsoft devices CVE-2021-43899 Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Microsoft Edge (Chrome based) CVE-2021-4056 Chromium: CVE-2021-4056: Type confusion in loader Unknown Microsoft Edge (Chrome based) CVE-2021-4055 Chrome: CVE-2021-4055 Buffer overflow in extensions Unknown Microsoft Edge (Chrome based) CVE-2021-4054 Chrome: CVE-2021-4054 ​​Incorrect security UI in autofill Unknown Microsoft Edge (Chrome based) CVE-2021-4052 Chrome: CVE-2021-4052 Free to use in web applications Unknown Microsoft Edge (Chrome based) CVE-2021-4053 Chrome: CVE-2021-4053 Free to use in user interface Unknown Microsoft Edge (Chrome based) CVE-2021-4065 Chrome: CVE-2021-4065 Use after free in autofill Unknown Microsoft Edge (Chrome based) CVE-2021-4064 Chrome: CVE-2021-4064 Use after free in screenshot Unknown Microsoft Edge (Chrome based) CVE-2021-4063 Chrome: CVE-2021-4063 Free to use in developer tools Unknown Microsoft Edge (Chrome based) CVE-2021-4068 Chrome: CVE-2021-4068 Insufficient validation of untrusted entries in new tab page Unknown Microsoft Edge (Chrome based) CVE-2021-4067 Chrome: CVE-2021-4067 Use after free in window manager Unknown Microsoft Edge (Chrome based) CVE-2021-4066 Chrome: CVE-2021-4066 Integer overflow in ANGLE Unknown Microsoft Edge (Chrome based) CVE-2021-4059 Chrome: CVE-2021-4059 Insufficient data validation in the loader Unknown Microsoft Edge (Chrome based) CVE-2021-4062 Chrome: CVE-2021-4062 Buffer overflow in BFCache Unknown Microsoft Edge (Chrome based) CVE-2021-4061 Chrome: CVE-2021-4061 Type confusion in the V8 Unknown Microsoft Edge (Chrome based) CVE-2021-4058 Chrome: CVE-2021-4058 Buffer overflow in ANGLE Unknown Microsoft Edge (Chrome based) CVE-2021-4057 Chrome: CVE-2021-4057 Use after free in file API Unknown Microsoft Local Security Authority Server (lsasrv) CVE-2021-43216 Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability Important Microsoft Message Queuing CVE-2021-43236 Microsoft Message Queuing Information Disclosure Vulnerability Important Microsoft Message Queuing CVE-2021-43222 Microsoft Message Queuing Information Disclosure Vulnerability Important Microsoft Office CVE-2021-43875 Microsoft Office Graphics Remote Code Execution Vulnerability Important Microsoft Office CVE-2021-42295 Information Disclosure Vulnerability in Visual Basic for Applications Important Microsoft Office CVE-2021-43905 Microsoft Office application remote code execution vulnerability Critical Microsoft Office Access CVE-2021-42293 Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability Important Microsoft Office Excel CVE-2021-43256 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-42309 Microsoft SharePoint Server Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2021-42320 Microsoft SharePoint Server spoofing vulnerability Important Microsoft Office SharePoint CVE-2021-43242 Microsoft SharePoint Server spoofing vulnerability Important Microsoft Office SharePoint CVE-2021-42294 Microsoft SharePoint Server Remote Code Execution Vulnerability Important Microsoft PowerShell CVE-2021-43896 Microsoft PowerShell spoofing vulnerability Important Microsoft Windows Codec Library CVE-2021-41360 HEVC Video Extensions Remote Code Execution Vulnerability Important Microsoft Windows Codec Library CVE-2021-43248 Windows Digital Media Receiver Elevation of Privilege Vulnerability Important Microsoft Windows Codec Library CVE-2021-43214 Web Media Extensions Remote Code Execution Vulnerability Important Microsoft Windows Codec Library CVE-2021-40452 HEVC Video Extensions Remote Code Execution Vulnerability Important Microsoft Windows Codec Library CVE-2021-40453 HEVC Video Extensions Remote Code Execution Vulnerability Important Microsoft Windows Codec Library CVE-2021-43243 VP9 Video Extensions Information Disclosure Vulnerability Important Desktop development platform CVE-2021-43255 Microsoft Office Trust Center spoofing vulnerability Important Remote Desktop Client CVE-2021-43233 Remote Desktop Client Remote Code Execution Vulnerability Critical Role: Windows Fax Service CVE-2021-43234 Windows Fax Service Remote Code Execution Vulnerability Important Role: Windows Hyper-V CVE-2021-43246 Windows Hyper-V Denial of Service Vulnerability Important Visual Studio code CVE-2021-43891 Remote Code Execution Vulnerability in Visual Studio Code Important Visual Studio code CVE-2021-43908 Visual Studio Code Spoofing Vulnerability Important Visual Studio Code – WSL Extension CVE-2021-43907 Visual Studio Code WSL Extension Remote Code Execution Vulnerability Critical Windows Common Log File System Driver CVE-2021-43226 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows Common Log File System Driver CVE-2021-43224 Windows Common Log File System Driver Information Disclosure Vulnerability Important Windows Common Log File System Driver CVE-2021-43207 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important Windows digital TV tuner CVE-2021-43245 Windows Digital TV Tuner Elevation of Privilege Vulnerability Important Windows DirectX CVE-2021-43219 DirectX graphics kernel file denial of service vulnerability Important Windows Encryption File System (EFS) CVE-2021-43217 Windows Encryption File System (EFS) Remote Code Execution Vulnerability Critical Windows Encryption File System (EFS) CVE-2021-43893 Windows Encryption File System (EFS) Elevation of Privilege Vulnerability Important Windows Event Tracking CVE-2021-43232 Windows Event Tracking Remote Code Execution Vulnerability Important Windows Installer CVE-2021-43883 Windows Installer Elevation of Privilege Vulnerability Important Windows kernel CVE-2021-43244 Windows Kernel Information Disclosure Vulnerability Important Windows Media CVE-2021-40441 Windows Media Center Elevation of Privilege Vulnerability Important Windows Mobile Device Management CVE-2021-43880 Windows Mobile Device Management Elevation of Privilege Vulnerability Important Windows NTFS CVE-2021-43240 NTFS Set Short Name Elevation of Privilege Vulnerability Important Windows NTFS CVE-2021-43231 Windows NTFS elevation of privilege vulnerability Important Windows NTFS CVE-2021-43230 Windows NTFS elevation of privilege vulnerability Important Windows NTFS CVE-2021-43229 Windows NTFS elevation of privilege vulnerability Important Windows Print Spooler Components CVE-2021-41333 Windows Print Spooler Elevation of Privilege Vulnerability Important Windows Remote Access Connection Manager CVE-2021-43223 Windows Remote Access Connection Manager elevation of privilege vulnerability Important Windows Remote Access Connection Manager CVE-2021-43238 Windows Remote Access Elevation of Privilege Vulnerability Important Windows storage CVE-2021-43235 Storage space controller information disclosure vulnerability Important Windows Storage Controller CVE-2021-43227 Storage space controller information disclosure vulnerability Important Windows SymCrypt CVE-2021-43228 SymCrypt Denial of Service Vulnerability Important Windows TCP / IP CVE-2021-43247 Windows TCP / IP Driver Elevation of Privilege Vulnerability Important Windows update stack CVE-2021-43237 Windows installation elevation of privilege vulnerability Important Windows update stack CVE-2021-43239 Windows Recovery Environment Agent Elevation of Privilege Vulnerability Important


Source link

Comments are closed.