The Zero-day Bugs
Windows users should update their computers asap to fix six new in-the-wild zero-day bugs.
On Tuesday, Microsoft released another batch of security patches available for supporting Windows OS and other applications, fixing over 50 vulnerabilities, including six zero-day vulnerabilities that are being actively exploited.
Bugs were found and fixed in Microsoft Windows, .NET Core, and Visual Studio, as well as other Microsoft applications, such as Microsoft Office, Microsoft Edge, and SharePoint Server.
Fortyfive of these bugs are classified as Important, whereas five are ranked Critical. The flaws that are known to be actively exploited are outlined below.
- VE-2021-33739 (CVSS score: 8.4) is an Elevation of Privilege vulnerability in the Microsoft DWM Core Library.
This flaw allows for a number of malicious activities to be performed and can provide malicious actors with unauthorized access to higher permissions.
- CVE-2021-31956 (CVSS score: 7.8) – A critical elevation of privilege vulnerability in Windows NTFS.
- CVE-2021-31955 (CVSS score: 5.5) – An information disclosure vulnerability discovered in the Windows Kernel.
These two vulnerabilities of a high risk have been linked to an attack targeting various corporations on April 14 and 15 through an in-the-wild Chrome zero-day exploit tracked as CVE-2021-21224. A new threat actor known as “PuzzleMaker” was suspected of being responsible for this attack.
- CVE-2021-33742 (CVSS score: 7.5) – A Remote Code Execution Vulnerability discovered in the Windows MSHTML Platform.
Ranked as critical, this vulnerability allows for limited nation state Eastern Europe and Middle East targeting if exploited by malicious actors.
- CVE-2021-31199 (CVSS score: 5.2) – Elevation of Privilege vulnerability in Microsoft Enhanced Cryptographic Provider.
- CVE-2021-31201 (CVSS score: 5.2) – Another Elevation of Privilege vulnerability in Microsoft Enhanced Cryptographic Provider.
What has been revealed by the Windows maker about these two flaws is that they both address flaws linked to CVE-2021-28550, an arbitrary code execution vulnerability that Adobe repaired last month. It is known that this vulnerability was exploited in the wild targeting Adobe Reader users on Windows in a limited number of attacks.
Microsoft didn’t publicly reveal any details of the attacks where these vulnerabilities have reportedly been exploited, and has not mentioned their number, or who is behind them. However, the four privilege escalation vulnerabilities that are listed here suggest that attackers might take advantage of them in a number of ways, including to gain unauthorized access to higher permissions and perhaps run malicious code or steal sensitive data.
Windows users who are concerned about their safety should go to Start > Settings > Update & Security > Windows Update to find the newest security updates, or go to the “Check for updates” option in the Windows Update interface.