Microsoft Releases Patches for Several Vulnerabilities, Some Currently Exploited in the Wild

Summary

Microsoft urges customers to apply recent updates as soon as possible after they identified and patched critical and high severity vulnerabilities. Three of these are vulnerabilities in Windows TCP/IP affecting Windows 7 and higher, both client and server versions. CVE-2021-24074 and CVE-2021-24094 are remote code execution vulnerabilities and are considered difficult to exploit. However, a separate denial-of-service (DOS) vulnerability, CVE-2021-24086, is easier to exploit and Microsoft considers its exploitation in the wild imminent. The DOS vulnerability may allow a remote threat actor to cause a stop error resulting in a blue screen on any Windows system directly exposed to the internet. Additionally, a security advisory was released to address CVE-2021-1732, a privilege escalation vulnerability found in Microsoft Win32k. This vulnerability has been exploited in the wild and impacts Windows 10 and Windows 2019 servers.

Recommendations

The NJCCIC urges users to apply patches immediately after appropriate testing. Workarounds are also available for those systems that cannot be patched immediately. Additional information can be found in the MSRC update guide and the ZDNet article.