Security News > 2021 > June > Update Your Windows Computers to Patch 6 New In-the-Wild Zero-Day Bugs
Microsoft on Tuesday released another round of security updates for Windows operating system and other supported software, squashing 50 vulnerabilities, including six zero-days that are said to be under active attack.
The flaws were identified and resolved in Microsoft Windows,.
Microsoft didn't disclose the nature of the attacks, how widespread they are, or the identities of the threat actors exploiting them.
The Windows maker also noted that both CVE-2021-31201 and CVE-2021-31199 address flaws related to CVE-2021-28550, an arbitrary code execution vulnerability rectified by Adobe last month that it said was being "Exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
"While we were not able to retrieve the exploit used for remote code execution in the Chrome web browser, we were able to find and analyze an elevation of privilege exploit that was used to escape the sandbox and obtain system privileges," Kaspersky Lab researchers said.
To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update or by selecting Check for Windows updates.
News URL
Related news
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization (source)
- Play ransomware exploited Windows logging flaw in zero-day attacks (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- ThreatLocker Patch Management: A Security-First Approach to Closing Vulnerability Windows (source)
- Microsoft's May Patch Tuesday update fails on some Windows 11 VMs (source)
- Microsoft ships emergency patch to fix Windows 11 startup failures (source)
- New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-28550 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |
| 2021-06-08 | CVE-2021-31201 | Unspecified vulnerability in Microsoft products Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | 0.0 |
| 2021-06-08 | CVE-2021-31199 | Unspecified vulnerability in Microsoft products Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | 0.0 |