Cybersecurity Threat Advisory: Microsoft Patch Tuesday
Posted on December 23, 2021 by Glenn Bischoff
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Advisory Overview
Microsoft’s Patch Tuesday release for December 2021 comes with a Windows update that will apply patches for 67 different vulnerabilities. This update includes fixes for seven critical vulnerabilities, as well as those that prevented denial-of-service, remote code execution, privilege escalation, and spoofing cyberattacks. MCP recommends updating all Windows machines and services to apply these patches and remediate the vulnerabilities.
What Is the Threat?
The seven critical vulnerabilities include:
- CVE-2021-43883 – Windows Installer Zero-Day: This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 7.8. If not patched, it could allow for unauthorized privilege escalation
- CVE-2021-43240 – Privilege Escalation Vulnerability: This vulnerability has a CVSS score of 7.8. It is publicly known, as a proof-of-concept (POC) exploit code is available
- CVE-2021-43890 – Windows AppX Installer Spoofing Zero-Day: This vulnerability has a CVSS score of 7.1. This one is publicly known and has been exploited. It is being used to spread the Emotet, Trickbot, and Bazaloader malware families
- CVE-2021-41333 – Windows Print Spooler Privilege Escalation Vulnerability
- CVE-2021-43893 – Windows Encrypting File System Privilege Escalation Vulnerability
- CVE-2021-43880 – Windows Mobile Device Management Privilege Escalation Vulnerability: This vulnerability could allow cyberattackers to delete targeted files on a system.
Why Is it Noteworthy?
Microsoft products are used and trusted by thousands of individuals and businesses worldwide. Microsoft products and devices running the Windows operating system are integrated into everyday businesses worldwide. As a result of this widespread usage, cyberattackers always target Microsoft and Windows devices due to the wide scope of potential targets. As demonstrated by the scale of these updates, security researchers constantly are searching for and discovering new exploits on these products. It is crucial to update these devices regularly, and patches were created specifically to prevent these vulnerabilities from being exploited.
What Is the Risk?
All of the vulnerabilities/exploits patched by Microsoft this month, especially the ones detailed in this advisory, could pose a significant threat to users. If exploited, these vulnerabilities could enable cyberattackers to escalate privileges, bypass authentication, execute remote code, spoof installers, delete targeted files, or launch other cyberattacks. Further, these vulnerabilities open up the possibility for data leakage, denial-of-service attacks, and complete system compromises, as well as other forms of damage.
Many companies rely on sensitive data stored on their Windows devices and services remaining private. In many cases, these devices and services are business-critical and are needed to conduct everyday business. These vulnerabilities put these expectations at potential risk if they are exploited by cyberattackers, so it is very important to ensure that the patches are applied as soon as possible.
What Are the Recommendations?
Microsoft has released Windows updates that address all of these vulnerabilities. MCP highly recommends downloading these updates, to enable the patches to be applied.
References
For more in-depth information about the recommendations, please visit the following links:
- https://securityaffairs.co/wordpress/125667/security/microsoft-december-2021-patch-tuesday.html
- https://www.zdnet.com/article/microsoft-december-2021-patch-tuesday-zero-day-exploited-to-spread-emotet-malware/
- https://krebsonsecurity.com/2021/12/microsoft-patch-tuesday-december-2021-edition/
If you are looking for guidance, please reach out. MCP offers a comprehensive cybersecurity solutions suite that is designed specifically for public safety and justice entities and other critical infrastructure organizations, to help them determine their network, data, and application vulnerabilities. We can help you develop a complete cyberattack prevention strategy. Contact us today to learn more.
Mike Beagles is MCP's director of IT and cybersecurity services. He can be reached here.
Topics: Cybersecurity, Network Management