CVE-2021-40449 actively exploited zero-day patched in October 2021 Patch Tuesday

CVE-2021-40449 actively exploited zero-day patched in October 2021 Patch Tuesday

Hello everyone,


Microsoft Patch Tuesday October 2021 comes with fixes for 81 vulnerabilities (including Microsoft Edge for chromium updates), of which 4 are zero-day vulnerabilities.

Of the 4 zero-days, one is actively exploited and the other 3 are publicly disclosed vulnerabilities. The details of which are given below:

Publicly disclosed but not actively exploited:

  • CVE-2021-40469 - Windows DNS Server Remote Code Execution Vulnerability

  • CVE-2021-41335 - Windows Kernel Elevation of Privilege Vulnerability

  • CVE-2021-41338 - Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability

 

Actively exploited:

 

Vulnerability description of CVE-2021-40449

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Win32k driver in Microsoft Windows kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with elevated privileges.

Patch details: CVE-2021-40449 

 Patch ID Bulletin ID Description
 32203 MS21-OCT22021-10 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5006715) (CVE-2021-40449) (CVE-2021-40469) (ESU)
 32202 MS21-OCT22021-10 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB5006715) (CVE-2021-40449) (CVE-2021-40469) (ESU)
 32201 MS21-OCT22021-10 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5006728) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32199 MS21-OCT22021-10 Security Only Quality Update for Windows 7 for x64-based Systems (KB5006728) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32200 MS21-OCT22021-10 Security Only Quality Update for Windows 7 for x86-based Systems (KB5006728) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32164 MS21-OCT22021-10 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5006732) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32162 MS21-OCT22021-10 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32163 MS21-OCT22021-10 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32161 MS21-OCT22021-10 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32181 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
 32182 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
 32177 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32179 MS21-OCT32021-10 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32178 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32167 MS21-OCT32021-10 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32170 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32165 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32171 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32169 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32168 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32172 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32184 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32183 MS21-OCT32021-10 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32185 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32176 MS21-OCT32021-10 Cumulative Update for Windows 11 for x64-based Systems (KB5006674)
 32175 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
 32174 MS21-OCT32021-10 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
 32180 MS21-OCT32021-10 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5006699) (CVE-2021-40449) (CVE-2021-40469)
 32205 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5006736) (CVE-2021-40449) (CVE-2021-40469) (ESU)
 32204 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB5006736) (CVE-2021-40449) (CVE-2021-40469) (ESU)
 32207 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5006743) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32208 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB5006743) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32206 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB5006743) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338) (ESU)
 32198 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5006739) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32195 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32196 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
 32197 MS21-OCT62021-10 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)

Cheers, 
The ManageEngine team