6 Zero-days fixed in November 2021 Patch Tuesday

6 Zero-days fixed in November 2021 Patch Tuesday

Hello everyone,

November 2021 Patch Tuesday comes with fixes for 55 vulnerabilities, out of which 6 are zero-day vulnerabilities. The details of the zero-day vulnerabilities are as follows:

 CVE ID Vulnerability Publicly Disclosed Actively Exploited
 CVE-2021-42292Microsoft Excel Security Feature Bypass Vulnerability
 CVE-2021-42321Microsoft Exchange Server Remote Code Execution Vulnerability
 CVE-2021-38631Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
 CVE-2021-41371Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
 CVE-2021-432083D Viewer Remote Code Execution Vulnerability
 CVE-2021-432093D Viewer Remote Code Execution Vulnerability

For the actively exploited vulnerabilities that were not publicly disclosed, namely CVE-2021-42292 and CVE-2021-42321, the patches to be deployed are as follows. Initiate a sync between the Vulnerability Manager Plus server and the Central Patch Repository and deploy the relevant patches to your target systems.

For CVE-2021-42292

Patch IDBulletin IDPatch Description
 32464 MS18-O365Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21050) (Online Installer)
 32465 MS18-O365Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20600) (Online Installer)
 32463 MS18-O365Update for Microsoft 365 Apps for Enterprise Current Channel Version 2110 (Build 14527.20276) (Online Installer)
 32452 MS18-O365Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21050)
 32454 MS18-O365Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21050)
 32460 MS18-O365Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20600)
 32462 MS18-O365Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20600)
 32440 MS18-O365Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2110 of version(14527.20276)
 32442 MS18-O365Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2110 of version(14527.20276)
 32456 MS18-O365BUpdate for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21050)
 32458 MS18-O365BUpdate for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21050)
 32444 MS18-O365BUpdate for Microsoft 365 Apps for Business Current Channel for x64 2110 of version(14527.20276)
 32446 MS18-O365BUpdate for Microsoft 365 Apps for Business Current Channel for x86 2110 of version(14527.20276)
 32450 MS19-O2019Update for Office 2019 for x64 1808 of version(10380.20037)
 32448 MS19-O2019Update for Office 2019 for x86 1808 of version(10380.20037)
 32430 MS21-NOV7Security Update for Microsoft Excel 2013 (KB5002072) 64-Bit Edition (CVE-2021-42292)
 32429 MS21-NOV7Security Update for Microsoft Excel 2013 (KB5002072) 32-Bit Edition (CVE-2021-42292)
 32432 MS21-NOV7Security Update for Microsoft Excel 2016 (KB5002056) 64-Bit Edition (CVE-2021-42292)
 32431 MS21-NOV7Security Update for Microsoft Excel 2016 (KB5002056) 32-Bit Edition (CVE-2021-42292)
 32434 MS21-NOV7Security Update for Microsoft Office 2013 (KB5002035) 64-Bit Edition (CVE-2021-42292)
 32435 MS21-NOV7Security Update for Microsoft Office 2013 (KB5002035) 32-Bit Edition (CVE-2021-42292)
 32466 MS21-NOV7Security Update for Microsoft Office 2016 (KB4486670) 64-Bit Edition
 32436 MS21-NOV7Security Update for Microsoft Office 2016 (KB4486670) 32-Bit Edition (CVE-2021-42292)

For CVE-2021-42321

 Patch ID Bulletin ID Patch Description
 32419 MS21-NOV8Security Update For Exchange Server 2013 CU23 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32420 MS21-NOV8Security Update For Exchange Server 2016 CU21 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32421 MS21-NOV8Security Update For Exchange Server 2016 CU22 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32422 MS21-NOV8Security Update For Exchange Server 2019 CU11 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)
 32423 MS21-NOV8Security Update For Exchange Server 2019 CU10 (KB5007409) (CVE-2021-42321)(CVE-2021-42305)(CVE-2021-41349)

Cheers,

The ManageEngine Team 

 


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products