Security News > 2021 > June > Extra urgency in June's Patch Tuesday: Microsoft warns six more bugs are being exploited
Microsoft's traditional Patch Tuesday saw the software giant release fixes for 50 flaws, and a reminder to apply updates as soon as possible because six of them are being exploited in the wild by miscreants.
A maliciously crafted webpage or some other file can execute arbitrary code on the machine when opened and parsed by MSHTML, which is "Used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control," according to Microsoft.
Details of one of the exploited privilege-escalation bugs.
An additional important denial-of-service vulnerability with Remote Desktop Services, CVE-2021-31968, that goes back to Windows 7 has been publicly disclosed, too, Microsoft notes, but not yet exploited in the wild.
One critical issue is in Microsoft Defender, though that'll be automatically patched, as will the critical VP9 codecs flaw from the Microsoft Store.
Adobe says none of the flaws are being actively exploited in the wild, as far as anyone knows, though patching as soon as possible is advised.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/06/09/june_patch_tuesday/
Related news
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- Microsoft's May Patch Tuesday update fails on some Windows 11 VMs (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- May 2025 Patch Tuesday forecast: Panic, change, and hope (source)
- Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast (source)
- Go ahead and ignore Patch Tuesday – it might improve your security (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-08 | CVE-2021-31968 | Unspecified vulnerability in Microsoft products Windows Remote Desktop Services Denial of Service Vulnerability | 0.0 |