Security News > 2021 > October > Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack
Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems.
At the top of the list is CVE-2021-40449, a use-after-free vulnerability in the Win32k kernel driver discovered by Kaspersky as being exploited in the wild in late August and early September 2021 as part of a widespread espionage campaign targeting IT companies, defense contractors, and diplomatic entities.
Other bugs of note include remote code execution vulnerabilities affecting Microsoft Exchange Server, Windows Hyper-V, SharePoint Server, and Microsoft Word as well as an information disclosure flaw in Rich Text Edit Control.
CVE-2021-26427, which has a CVSS score of 9.0 and was identified by the U.S. National Security Agency, underscores that "Exchange servers are high-value targets for hackers looking to penetrate business networks," Bharat Jogi, senior manager of vulnerability and threat research at Qualys, said.
The October Patch Tuesday is rounded out by fixes for two shortcomings newly discovered in the Print Spooler component - CVE-2021-41332 and CVE-2021-36970 - each concerning an information disclosure bug and a spoofing vulnerability, which has been tagged with an "Exploitation More Likely" exploitability index assessment.
In addition to Microsoft, patches have also been released by a number of other vendors to address several vulnerabilities, including -.
News URL
Related news
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now (source)
- Don't want your Kubernetes Windows nodes hijacked? Patch this hole now (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-13 | CVE-2021-41332 | Unspecified vulnerability in Microsoft products Windows Print Spooler Information Disclosure Vulnerability | 0.0 |
| 2021-10-13 | CVE-2021-40449 | Use After Free vulnerability in Microsoft products Win32k Elevation of Privilege Vulnerability | 0.0 |
| 2021-10-13 | CVE-2021-36970 | Unspecified vulnerability in Microsoft products Windows Print Spooler Spoofing Vulnerability | 0.0 |
| 2021-10-13 | CVE-2021-26427 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |