6 Zero-days fixed in November 2021 Patch Tuesday

6 Zero-days fixed in November 2021 Patch Tuesday

Hello everyone,

November 2021 Patch Tuesday comes with fixes for 55 vulnerabilities, out of which 6 are zero-day vulnerabilities. The details of the zero-day vulnerabilities are as follows:

 CVE ID
 Vulnerability
 Publicly Disclosed
 Actively Exploited
 CVE-2021-42292
Microsoft Excel Security Feature Bypass Vulnerability
 CVE-2021-42321
Microsoft Exchange Server Remote Code Execution Vulnerability
 CVE-2021-38631
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
 CVE-2021-41371
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
 CVE-2021-43208
3D Viewer Remote Code Execution Vulnerability
 CVE-2021-43209
3D Viewer Remote Code Execution Vulnerability

For the actively exploited vulnerabilities that were not publicly disclosed, namely CVE-2021-42292 and CVE-2021-42321, the patches to be deployed are as follows. Initiate a sync between the Desktop Central server and the Central Patch Repository and deploy the relevant patches to your target systems.

For CVE-2021-42292

Patch ID
Bulletin ID
Patch Description
 32464
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21050) (Online Installer)
 32465
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20600) (Online Installer)
 32463
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Current Channel Version 2110 (Build 14527.20276) (Online Installer)
 32452
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)
 32454
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)
 32460
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20600)
 32462
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20600)
 32440
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2110 of version(14527.20276)
 32442
 MS18-O365
Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2110 of version(14527.20276)
 32456
 MS18-O365B
Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)
 32458
 MS18-O365B
Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)
 32444
 MS18-O365B
Update for Microsoft 365 Apps for Business Current Channel for x64 2110 of version(14527.20276)
 32446
 MS18-O365B
Update for Microsoft 365 Apps for Business Current Channel for x86 2110 of version(14527.20276)
 32450
 MS19-O2019
Update for Office 2019 for x64 1808 of version(10380.20037)
 32448
 MS19-O2019
Update for Office 2019 for x86 1808 of version(10380.20037)
 32430
 MS21-NOV7
Security Update for Microsoft Excel 2013 (KB5002072) 64-Bit Edition (CVE-2021-42292)
 32429
 MS21-NOV7
Security Update for Microsoft Excel 2013 (KB5002072) 32-Bit Edition (CVE-2021-42292)
 32432
 MS21-NOV7
Security Update for Microsoft Excel 2016 (KB5002056) 64-Bit Edition (CVE-2021-42292)
 32431
 MS21-NOV7
Security Update for Microsoft Excel 2016 (KB5002056) 32-Bit Edition (CVE-2021-42292)
 32434
 MS21-NOV7
Security Update for Microsoft Office 2013 (KB5002035) 64-Bit Edition (CVE-2021-42292)
 32435
 MS21-NOV7
Security Update for Microsoft Office 2013 (KB5002035) 32-Bit Edition (CVE-2021-42292)
 32466
 MS21-NOV7
Security Update for Microsoft Office 2016 (KB4486670) 64-Bit Edition
 32436
 MS21-NOV7
Security Update for Microsoft Office 2016 (KB4486670) 32-Bit Edition (CVE-2021-42292)

For CVE-2021-42321

 Patch ID
 Bulletin ID
 Patch Description
 32419
 MS21-NOV8
Security Update For Exchange Server 2013 CU23 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32420
 MS21-NOV8
Security Update For Exchange Server 2016 CU21 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32421
 MS21-NOV8
Security Update For Exchange Server 2016 CU22 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32422
 MS21-NOV8
Security Update For Exchange Server 2019 CU11 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32423
 MS21-NOV8
Security Update For Exchange Server 2019 CU10 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)

Cheers,

The ManageEngine Team 

 
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products