Microsoft Patches Multiple Zero-Day Bugs

Microsoft Patches Multiple Zero-Day Bugs

Microsoft fixed 74 new CVEs yesterday, including several zero-day vulnerabilities, one of which is being actively exploited in the wild.

Zero-day bug CVE-2021-40449 is a Win32k elevation of privilege vulnerability in Windows affecting Windows 7 and Server 2008 up to Windows 11 and Server 2022. It has reportedly been exploited by Chinese threat actors known as “IronHusky.”

“Microsoft only rated the vulnerability as “important” by their severity scoring system, which is a good example of why organizations need to focus on vulnerability remediation based on risk,” argued Ivanti senior director of product management, Chris Goettl.

“A risk-based approach to vulnerability management takes into account more real-world indicators such as known exploited, public disclosure, and usage trends by threat actors to better understand what exposures you should be focusing on first.”

Microsoft also fixed three publicly disclosed (zero-day) flaws which have had proof-of-concept code released, giving attackers a head-start in crafting exploits for them.

These are CVE-2021-41338, a security feature bypass vulnerability in Windows AppContainer Firewall; Windows kernel elevation of privilege bug CVE-2021-41335; and Windows DNS remote code execution vulnerability CVE-2021-40469.

There was also an updated fix for CVE-2021-33781, a security feature bypass flaw in Azure AD.

Read More: https://www.infosecurity-magazine.com/news/microsoft-patches-multiple-zeroday/