Patch Tuesday is once again upon us. The December 2021 edition of Patch Tuesday brings us 68 fixes, 7 of which are rated as critical. This month also includes a windows 10 version going end of life. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the December 2021 Patch Tuesday Audit Report
Windows 10 Version 2004 End of Life
Windows 10 version 2004 will, unlike others, go end of life in one big sweep. No matter what edition of Windows 10 you have, version 2004 is end of life starting today! Luckily, we’re prepared and we already have a Windows 10 end-of-life report that provides an overview of all current Windows 10 versions in your environment along with how many days are left until it is no longer supported.
iSNS Server Memory Corruption Vulnerability
With a CVSS 3.1 base score of 9.8, CVE-2021-43215 is one of the most critical vulnerabilities in this month’s patch Tuesday.
iSNS, or the Internet Storage Name Service protocol is used for communication between iSNS servers and iSNS clients. As the name would suggest iSNS manages an Internet Storage Name Service server that provides registration functionality in a storage network so that registering and querying the iSNS database is possible. Luckily iSNS isn’t something that is installed by default, so there is less chance you’re affected.
To quickly find which if your servers have the iSNS feature installed, the report below will provide you a quick overview.
Windows Encrypting File System (EFS) RCE
Windows’ EFS also received a patch, even when EFS isn’t in use, attackers can still exploit this vulnerability by causing a buffer overflow. This allows attackers to perform unauthenticated non-sandboxed code execution.
What’s special about this vulnerability is that it is being fixed in two stages. Stage 1 starts with today’s patch and will enable packet-level privacy for EFS when the client initiates a connection, and the server will only allow connections with packet-level privacy. Stage 2 will happen in Q1 2022, support for the AllowAllCliAuth registry key will be removed and servers will require packet-level privacy regardless of the registry key setting.
Run the Patch Tuesday December 2021 Audit Report
To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see at a glance which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
Patch Tuesday December 2021 CVE Codes & Titles
| CVE Number | CVE Title |
| CVE-2021-43908 | Visual Studio Code Spoofing Vulnerability |
| CVE-2021-43907 | Visual Studio Code WSL Extension Remote Code Execution Vulnerability |
| CVE-2021-43905 | Microsoft Office app Remote Code Execution Vulnerability |
| CVE-2021-43899 | Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability |
| CVE-2021-43896 | Microsoft PowerShell Spoofing Vulnerability |
| CVE-2021-43893 | Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability |
| CVE-2021-43892 | Microsoft BizTalk ESB Toolkit Spoofing Vulnerability |
| CVE-2021-43891 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2021-43890 | Windows AppX Installer Spoofing Vulnerability |
| CVE-2021-43889 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-43888 | Microsoft Defender for IoT Information Disclosure Vulnerability |
| CVE-2021-43883 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2021-43882 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-43880 | Windows Mobile Device Management Elevation of Privilege Vulnerability |
| CVE-2021-43877 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2021-43875 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2021-43256 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2021-43255 | Microsoft Office Trust Center Spoofing Vulnerability |
| CVE-2021-43248 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
| CVE-2021-43247 | Windows TCP/IP Driver Elevation of Privilege Vulnerability |
| CVE-2021-43246 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2021-43245 | Windows Digital TV Tuner Elevation of Privilege Vulnerability |
| CVE-2021-43244 | Windows Kernel Information Disclosure Vulnerability |
| CVE-2021-43243 | VP9 Video Extensions Information Disclosure Vulnerability |
| CVE-2021-43242 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2021-43240 | NTFS Set Short Name Elevation of Privilege Vulnerability |
| CVE-2021-43239 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
| CVE-2021-43238 | Windows Remote Access Elevation of Privilege Vulnerability |
| CVE-2021-43237 | Windows Setup Elevation of Privilege Vulnerability |
| CVE-2021-43236 | Microsoft Message Queuing Information Disclosure Vulnerability |
| CVE-2021-43235 | Storage Spaces Controller Information Disclosure Vulnerability |
| CVE-2021-43234 | Windows Fax Service Remote Code Execution Vulnerability |
| CVE-2021-43233 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2021-43232 | Windows Event Tracing Remote Code Execution Vulnerability |
| CVE-2021-43231 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43230 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43229 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2021-43228 | SymCrypt Denial of Service Vulnerability |
| CVE-2021-43227 | Storage Spaces Controller Information Disclosure Vulnerability |
| CVE-2021-43226 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2021-43225 | Bot Framework SDK Remote Code Execution Vulnerability |
| CVE-2021-43224 | Windows Common Log File System Driver Information Disclosure Vulnerability |
| CVE-2021-43223 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| CVE-2021-43222 | Microsoft Message Queuing Information Disclosure Vulnerability |
| CVE-2021-43219 | DirectX Graphics Kernel File Denial of Service Vulnerability |
| CVE-2021-43217 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability |
| CVE-2021-43216 | Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability |
| CVE-2021-43215 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution |
| CVE-2021-43214 | Web Media Extensions Remote Code Execution Vulnerability |
| CVE-2021-43207 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2021-42320 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2021-42315 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42314 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42313 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42312 | Microsoft Defender for IOT Elevation of Privilege Vulnerability |
| CVE-2021-42311 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42310 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-42309 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2021-42295 | Visual Basic for Applications Information Disclosure Vulnerability |
| CVE-2021-42294 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2021-42293 | Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability |
| CVE-2021-41365 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2021-41360 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-41333 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2021-40453 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-40452 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2021-40441 | Windows Media Center Elevation of Privilege Vulnerability |
Receive the Latest Patch Tuesday Report for FREE Every Month
"*" indicates required fields
