Security News > 2021 > September > Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability
A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to light last week.
Of the 66 flaws, three are rated Critical, 62 are rated Important, and one is rated Moderate in severity.
The most important of the updates concerns a patch for CVE-2021-40444, an actively exploited remote code execution vulnerability in MSHTML that leverages malware-laced Microsoft Office documents, with EXPMON researchers noting "The exploit uses logical flaws so the exploitation is perfectly reliable."
Also addressed is a publicly disclosed, but not actively exploited, zero-day flaw in Windows DNS. Designated as CVE-2021-36968, the elevation of privilege vulnerability is rated 7.8 in severity.
Other flaws of note resolved by Microsoft involve a number of remote code execution bugs in Open Management Infrastructure, Windows WLAN AutoConfig Service, Office, Visual Studio, and Word as well as a memory corruption flaw in Windows Scripting Engine.
What's more, the Windows maker has rectified three privilege escalation flaws newly uncovered in its Print Spooler service, while CVE-2021-36975 and CVE-2021-38639, both of which relate to an elevation of privilege vulnerabilities in Win32k, are listed as 'exploitation more likely,' making it imperative that users move quickly to apply the security updates.
News URL
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-40444 | Path Traversal vulnerability in Microsoft products <p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. | 0.0 |
| 2021-09-15 | CVE-2021-38639 | Improper Privilege Management vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
| 2021-09-15 | CVE-2021-36975 | Improper Privilege Management vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
| 2021-09-15 | CVE-2021-36968 | Improper Privilege Management vulnerability in Microsoft Windows 7 and Windows Server 2008 Windows DNS Elevation of Privilege Vulnerability | 0.0 |