Security News > 2021 > December > Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware
Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that's being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads.
It's worth noting that this is in addition to the 21 flaws resolved in the Chromium-based Microsoft Edge browser.
The most critical of the lot is CVE-2021-43890, a Windows AppX installer spoofing vulnerability that Microsoft said could be exploited to achieve arbitrary code execution.
Sophos security researchers Andrew Brandt as well as Rick Cole and Nick Carr of the Microsoft Threat Intelligence Center, have been credited with reporting the vulnerability.
"Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/ Trickbot/ Bazaloader," the company further added.
The December patch also comes with remediations for 10 remote code execution flaws in Defender for IoT, in addition to critical bugs affecting iSNS Server, 4K Wireless Display Adapter, Visual Studio Code WSL Extension, Office app, Windows Encrypting File System, Remote Desktop Client, and SharePoint Server.
News URL
https://thehackernews.com/2021/12/microsoft-issues-windows-update-to.html
Related news
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability (source)
- Microsoft says Windows 10 21H2 support is ending in June (source)
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- Hackers abuse Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Microsoft again bothers Chrome users with Bing popup ads in Windows (source)
- New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-15 | CVE-2021-43890 | Unspecified vulnerability in Microsoft APP Installer <p>We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. | 7.1 |