Clever Geek Handbook

Update Tuesday: Microsoft has released June security updates

Microsoft has released planned security updates covering 50 vulnerabilities, 5 of which were classified as Critical. Among the closed vulnerabilities, 2 were publicly disclosed, and the exploitation of 6 vulnerabilities at once was recorded in real attacks (0-day). In this article, I will cover the highlights of this release.





Remember that 90% of all vulnerabilities already had patches from the manufacturers at the time of their release *, so it is so important not only to update your software, but also to do it in a timely manner.





A summary of the number and type of vulnerabilities in the respective software products is shown in the graph.





Microsoft released June 2021 security updates
Microsoft released June 2021 security updates

You should pay special attention to the following vulnerabilities and security updates.

,   .





 CVE-2021-31199  Microsoft Enhanced Cryptographic Provider, Windows Windows Server. CVSS 5.2.





 CVE-2021-31955  Windows Kernel. Windows 10 Windows Server 20H2, 2004, 1909. CVSS 5.5.





 CVE-2021-31956  NTFS. Windows 10. CVSS 7.8.





 CVE-2021-33739  Desktop Window Manager. , . Windows 10 Windows Server 2019. CVSS 8.4.





 CVE-2021-33742  Windows MSHTML Platform. Windows Windows Server. CVSS 7.5.





,  CVE-2021-31962  Kerberos AppContainer. Windows Windows Server. CVSS 9.4, .





 CVE-2021-26414  Windows DCOM. Windows Windows Server. CVSS 4.8, .





 CVE-2021-31959  Scripting Engine. Windows Windows Server. CVSS 6.4, .





 CVE-2021-31939  Microsoft Excel. Microsoft Office 2016-2019, Microsoft Excel 2013–2016, Microsoft 365 Apps for Enterprise, Microsoft Office Online Server, Microsoft Office Web Apps Server 2013. CVSS 7.8, .





 CVE-2021-31941  Microsoft Office Graphics. Microsoft Office 2013, 2016, 2019, Microsoft 365 Apps for Enterprise, Microsoft Office 2019 for Mac. CVSS 7.8, .





 CVE-2021-31963  Microsoft SharePoint Server. SharePoint Server 2019, 2016, 2013. CVSS 7.1, .





,   .





, Microsoft Edge ( EdgeHTML). Microsoft Edge Chromium.  .





15 2022 . Internet Explorer 11.  .





Servicing Stack Updates (SSU)    :





  • Windows 10 1809, 1909, 2004, 20H2;





  • Windows Server 2019, 1909, 2004, 20





Windows 10 Windows Server 2004 20H2 SSU     . , SSU, , , ,  .





 Security Update Guide. Security Updates Guide,  .





       Microsoft.





, Microsoft,  https://aka.ms/artsin.





  CISSP, CCSP, MCSE, Certified Azure Security Engineer



Microsoft





Twitter: https://aka.ms/artsin

YouTube: https://aka.ms/artsinvideo





*Vulnerability Review Report by Flexera







More articles:


All Articles