Recently, Microsoft released security patches for December, which repaired 67 CVE vulnerabilities for Microsoft products, including 7 serious vulnerabilities and 60 high-risk vulnerabilities. Involving Windows and Windows components, ASP.NET Core and Visual Studio, Azure Bot framework SDK, Internet Storage Name Service, Defender for IoT, Edge (based on Chromium), Microsoft Office and Office components, SharePoint Server, PowerShell, remote desktop client , Windows Hyper-V, Windows Mobile device management, Windows remote access connection manager, TCP/IP and Windows update stack, etc. It is recommended that the majority of users do asset self-inspection and vulnerability repair work in a timely manner.
Vulnerability description
CVE-2021-43215 -iSNS Server Memory Corruption Vulnerability
The Internet Storage Name Service (iSNS) server provides registration functions so that all entities in the storage network can register and query the iSNS database. The attacker will send a specially designed request to the Internet Storage Name Service (iSNS) server, which may lead to remote code execution. (Note: Windows iSNS is not installed by default). The vulnerability CVSS3 score: 9.8 Exploitability: more likely to be exploited
CVE-2021-43890 -Windows AppX Installer Spoofing Vulnerability
This patch fixes a bug in the AppX installer affecting Windows. The attacker can make malicious attachments for use in phishing activities, and then the attacker must persuade the user to open the specially crafted attachment. The vulnerability has been found to be exploited in the wild. CVSS3 score of the vulnerability: 7.1 Public disclosure: Yes Exploit in the wild: Yes
CVE-2021-43907 -Visual Studio Code WSL extension remote code execution vulnerability
Visual Studio Code WSL allows users to develop in a Linux-based environment, and to run and debug Linux-based applications in Windows. This patch fixes a remote code execution vulnerability in the extension, allowing attackers to execute arbitrary code without authentication. The vulnerability CVSS3 score: 9.8 Vulnerability rating: severe
Vulnerability list
| CVE number | product | CVE title | CVSS3 |
|---|---|---|---|
| CVE-2021-43907 | Visual Studio Code-WSL Extension | Visual Studio Code WSL extension remote code execution vulnerability | 9.8 |
| CVE-2021-43899 | Microsoft Devices | Microsoft 4K wireless display adapter remote code execution vulnerability | 9.8 |
| CVE-2021-43215 | Internet Storage Name Service | iSNS server memory corruption vulnerability can lead to remote code execution | 9.8 |
| CVE-2021-43905 | Microsoft Office | Remote code execution vulnerability in Microsoft Office applications | 9.6 |
| CVE-2021-43882 | Microsoft Defender for IoT | Microsoft Defender for IoT | 9 |
| CVE-2021-42315 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.8 |
| CVE-2021-42314 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.8 |
| CVE-2021-42313 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.8 |
| CVE-2021-42311 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.8 |
| CVE-2021-42309 | Microsoft Office SharePoint | Microsoft SharePoint Server remote code execution vulnerability | 8.8 |
| CVE-2021-41365 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.8 |
| CVE-2021-43217 | Windows Encrypting File System (EFS) | Windows Encrypting File System (EFS) remote code execution vulnerability | 8.1 |
| CVE-2021-42310 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 8.1 |
| CVE-2021-42320 | Microsoft Office SharePoint | Microsoft SharePoint Server Spoofing Vulnerability | 8 |
| CVE-2021-43891 | Visual Studio Code | Visual Studio Code remote code execution vulnerability | 7.8 |
| CVE-2021-43877 | ASP.NET Core & Visual Studio | ASP.NET Core and Visual Studio | 7.8 |
| CVE-2021-43875 | Microsoft Office | Microsoft Office Graphics Remote Code Execution Vulnerability | 7.8 |
| CVE-2021-43256 | Microsoft Office Excel | Microsoft Excel remote code execution vulnerability | 7.8 |
| CVE-2021-43248 | Microsoft Windows Codecs Library | Windows Digital Media Receiver Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43247 | Windows TCP/IP | Windows TCP/IP Driver Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43245 | Windows Digital TV Tuner | Windows Digital TV Tuner Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43240 | Windows NTFS | NTFS Set Short Name Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43238 | Windows Remote Access Connection Manager | Windows Remote Access Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43237 | Windows Update Stack | Windows Installer Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43234 | Role: Windows Fax Service | Windows Fax Service Remote Code Execution Vulnerability | 7.8 |
| CVE-2021-43232 | Windows Event Tracing | Windows Event Tracking Remote Code Execution Vulnerability | 7.8 |
| CVE-2021-43231 | Windows NTFS | Windows NTFS Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43230 | Windows NTFS | Windows NTFS Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43229 | Windows NTFS | Windows NTFS Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43226 | Windows Common Log File System Driver | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43223 | Windows Remote Access Connection Manager | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43214 | Microsoft Windows Codecs Library | Web Media extension remote code execution vulnerability | 7.8 |
| CVE-2021-43207 | Windows Common Log File System Driver | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-42312 | Microsoft Defender for IoT | Microsoft Defender for IoT Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-41360 | Microsoft Windows Codecs Library | Remote code execution vulnerability in HEVC Video extension | 7.8 |
| CVE-2021-41333 | Windows Print Spooler Components | Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-40453 | Microsoft Windows Codecs Library | Remote code execution vulnerability in HEVC Video extension | 7.8 |
| CVE-2021-40452 | Microsoft Windows Codecs Library | Remote code execution vulnerability in HEVC Video extension | 7.8 |
| CVE-2021-40441 | Windows Media | Windows Media Center Elevation of Privilege Vulnerability | 7.8 |
| CVE-2021-43242 | Microsoft Office SharePoint | Microsoft SharePoint Server Spoofing Vulnerability | 7.6 |
| CVE-2021-43893 | Windows Encrypting File System (EFS) | Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | 7.5 |
| CVE-2021-43888 | Microsoft Defender for IoT | Information Disclosure Vulnerability in Microsoft Defender for IoT | 7.5 |
| CVE-2021-43236 | Microsoft Message Queuing | Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
| CVE-2021-43233 | Remote Desktop Client | Remote Desktop Client Remote Code Execution Vulnerability | 7.5 |
| CVE-2021-43228 | Windows SymCrypt | SymCrypt Denial of Service Vulnerability | 7.5 |
| CVE-2021-43225 | Azure Bot fr amework SDK | Bot fr amework SDK remote code execution vulnerability | 7.5 |
| CVE-2021-43222 | Microsoft Message Queuing | Microsoft Message Queuing Information Disclosure Vulnerability | 7.5 |
| CVE-2021-43219 | Windows DirectX | DirectX Graphics Kernel File Denial of Service Vulnerability | 7.4 |
| CVE-2021-43889 | Microsoft Defender for IoT | Remote code execution vulnerability in Microsoft Defender for IoT | 7.2 |
| CVE-2021-42294 | Microsoft Office SharePoint | Microsoft SharePoint Server remote code execution vulnerability | 7.2 |
| CVE-2021-43892 | BizTalk ESB Toolkit | Microsoft BizTalk ESB Toolkit Spoofing Vulnerability | 7.1 |
| CVE-2021-43890 | Apps | Windows AppX installer spoofing vulnerability | 7.1 |
| CVE-2021-43883 | Windows Installer | Windows Installer Elevation of Privilege Vulnerability | 7.1 |
| CVE-2021-43239 | Windows Update Stack | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | 7.1 |
| CVE-2021-43244 | Windows Kernel | Windows Kernel Information Disclosure Vulnerability | 6.5 |
| CVE-2021-43216 | Microsoft Local Security Authority Server (lsasrv) | Microsoft Local Security Authentication Server (lsasrv) Information Disclosure Vulnerability | 6.5 |
| CVE-2021-42293 | Microsoft Office Access | Microsoft Jet Red Database Engine and Access Connectivity Engine privilege escalation vulnerabilities | 6.5 |
| CVE-2021-43246 | Role: Windows Hyper-V | Windows Hyper-V Denial of Service Vulnerability | 5.6 |
Mitigation and Fixes
All the above-mentioned vulnerability has been patched and Microsoft has already released the fixes in December Tuesday patch. We recommend everyone to update your system as there are some flaws that are seen to be exploited in the wild. Setting > Update> Check for Updates.