Security News > 2021 > October > Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)

"Although Microsoft lists user interaction required, the Preview Pane is also listed as an attack vector. This creates a much larger attack surface. When combined with a privilege escalation - like the one currently under active attack - this could be used to take over a target system," noted Dustin Childs, with Trend Micro's Zero Day Initiative.
CVE-2021-26427 is a Microsoft Exchange Server RCE vulnerability that has the highest CVSS score this month.
"We don't often highlight information disclosure bugs, but this vulnerability goes beyond just dumping random memory locations. This bug could allow an attacker to recover cleartext passwords from memory, even on Windows 11.".
Finally, Satnam Narang, staff research engineer at Tenable pointed out CVE-2021-36970, a spoofing vulnerability in Microsoft's Windows Print Spooler, as worthy of a quick fix.
Which vulnerabilities should be remediated first? It depends on which Microsoft solutions an organization uses, the severity of the vulnerabilities and the likelihood of a vulnerability getting exploited sooner rather than later.
"We always recommend patching anything that is being actively exploited first. Privilege escalation vulnerabilities always score lower than remote code execution, but are more commonly used by attackers once they have that initial access, so do not let the raw CVSS score be your priority order!".
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/mrzZVQ_EZAg/
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-13 | CVE-2021-36970 | Unspecified vulnerability in Microsoft products Windows Print Spooler Spoofing Vulnerability | 0.0 |
2021-10-13 | CVE-2021-26427 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |