{"id":18971,"date":"2021-10-14T19:56:19","date_gmt":"2021-10-14T15:56:19","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/18971\/"},"modified":"2021-10-14T19:56:19","modified_gmt":"2021-10-14T15:56:19","slug":"october-patch-tuesday-vulnerabilities","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/18971\/","title":{"rendered":"71 reasons to update Windows ASAP"},"content":{"rendered":"

During the latest Patch Tuesday, Microsoft closed a total of 71 vulnerabilities. The most dangerous of them is CVE-2021-40449, a use-after-free<\/a> vulnerability in the Win32k driver that cybercriminals are already exploiting<\/a>.<\/p>\n

In addition to that, Microsoft closed three serious vulnerabilities already known to the public. For now, Microsoft experts consider their probability of exploitation as \u201cless likely.\u201d However, security experts are actively discussing those vulnerabilities, and proofs-of-concept<\/a> are available on the Internet \u2014 and therefore, someone may try to use one.<\/p>\n

Microsoft Windows kernel vulnerability<\/h2>\n

CVE-2021-41335<\/a>, the most dangerous of those three vulnerabilities, rates a 7.8 on the CVSS scale. Contained in the Microsoft Windows kernel, it allows for the privilege escalation of a potentially malicious process.<\/p>\n

Bypassing Windows AppContainer<\/h2>\n

The second vulnerability, CVE-2021-41338<\/a>, involves bypassing the restrictions of the Windows AppContainer environment, which protects applications and processes. If certain conditions are met, an unauthorized person can exploit it thanks to default Windows Filtering Platform rules. As a result, it can lead to privilege escalation.<\/p>\n

Members of Google Project Zero discovered the vulnerability in July<\/a> and reported it to Microsoft, giving the company a 90-day deadline to fix it and ultimately \u00a0publishing proof of concept in the public domain. The vulnerability has a CVSS rating of 5.5.<\/p>\n

Windows DNS Server vulnerability<\/h2>\n

Vulnerability CVE-2021-40469<\/a> applies only to Microsoft Windows machines running as DNS servers. However, all current server versions of the operating system, starting with Server 2008 and up to the recently released Server 2022, are vulnerable. CVE-2021-40469 allows remote code execution<\/a> on the server and has a rating of 7.2 on the CVSS scale.<\/p>\n

How to protect your company<\/h2>\n

The results<\/a> of our Incident Response Analyst Report 2021, which our Incident Response<\/a> colleagues produced, indicate that vulnerabilities remain popular initial attack vectors. Moreover, the vulnerabilities aren\u2019t necessarily the most recent \u2014 the main threat here is not zero-day vulnerabilities, but delays in the installation of updates in general. Therefore, we always recommend installing updates on all connected devices as soon as possible. Updating is especially important for critical applications such as operating systems, browsers, and security solutions.<\/p>\n

To protect your company from attacks using yet-unknown vulnerabilities, use security solutions with proactive protection technologies<\/a> that can detect zero-day exploits.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

On October\u2019s Patch Tuesday, Microsoft patched 71 vulnerabilities, several of which are particularly serious.<\/p>\n","protected":false},"author":2581,"featured_media":18972,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1318,1916,1917],"tags":[268,113],"class_list":{"0":"post-18971","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-vulnerabilities","11":"tag-windows"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/18971\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/october-patch-tuesday-vulnerabilities\/23494\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/25571\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/october-patch-tuesday-vulnerabilities\/23643\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/23096\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/october-patch-tuesday-vulnerabilities\/26225\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/october-patch-tuesday-vulnerabilities\/31715\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/october-patch-tuesday-vulnerabilities\/10168\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/42462\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/october-patch-tuesday-vulnerabilities\/17881\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/october-patch-tuesday-vulnerabilities\/18284\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/october-patch-tuesday-vulnerabilities\/15415\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/october-patch-tuesday-vulnerabilities\/27560\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/october-patch-tuesday-vulnerabilities\/27724\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/october-patch-tuesday-vulnerabilities\/24485\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/october-patch-tuesday-vulnerabilities\/29846\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/october-patch-tuesday-vulnerabilities\/29644\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/vulnerabilities\/","name":"vulnerabilities"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/18971","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=18971"}],"version-history":[{"count":0,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/18971\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/18972"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=18971"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=18971"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=18971"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}