Security News > 2021 > June > Extra urgency in June's Patch Tuesday: Microsoft warns six more bugs are being exploited

Extra urgency in June's Patch Tuesday: Microsoft warns six more bugs are being exploited
2021-06-09 00:21

Microsoft's traditional Patch Tuesday saw the software giant release fixes for 50 flaws, and a reminder to apply updates as soon as possible because six of them are being exploited in the wild by miscreants.

A maliciously crafted webpage or some other file can execute arbitrary code on the machine when opened and parsed by MSHTML, which is "Used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control," according to Microsoft.

Details of one of the exploited privilege-escalation bugs.

An additional important denial-of-service vulnerability with Remote Desktop Services, CVE-2021-31968, that goes back to Windows 7 has been publicly disclosed, too, Microsoft notes, but not yet exploited in the wild.

One critical issue is in Microsoft Defender, though that'll be automatically patched, as will the critical VP9 codecs flaw from the Microsoft Store.

Adobe says none of the flaws are being actively exploited in the wild, as far as anyone knows, though patching as soon as possible is advised.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/09/june_patch_tuesday/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-31968 Unspecified vulnerability in Microsoft products
Windows Remote Desktop Services Denial of Service Vulnerability
network
low complexity
microsoft
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 473 68 2214 4928 253 7463