Security News > 2021 > June > Microsoft Patches Six Zero-Day Security Holes
Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.
June's Patch Tuesday addresses just 49 security holes - about half the normal number of vulnerabilities lately.
CVE-2021-31956, an elevation of privilege flaw in Windows NTFS-CVE-2021-33739, an elevation of privilege flaw in the Microsoft Desktop Window Manager.
Microsoft also patched five critical bugs - flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users.
CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008, 2012, 2016 and 2019.
If you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see this guide.
News URL
https://krebsonsecurity.com/2021/06/microsoft-patches-six-zero-day-security-holes/
Related news
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft: January Windows security updates break audio playback (source)
- Microsoft shares workaround for Windows security update issues (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-08 | CVE-2021-33739 | Unspecified vulnerability in Microsoft products Microsoft DWM Core Library Elevation of Privilege Vulnerability | 0.0 |
| 2021-06-08 | CVE-2021-31959 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 0.0 |
| 2021-06-08 | CVE-2021-31956 | Integer Underflow (Wrap or Wraparound) vulnerability in Microsoft products Windows NTFS Elevation of Privilege Vulnerability | 0.0 |