Get in Touch
Microsoft Patch Tuesday November 2021
Overview
In total 55 vulnerabilities are being fixed as part of November 2021’s Patch Tuesday.
Microsoft’s monthly patch release includes fixes for several critical vulnerabilities, including two actively-exploited zero-day flaws in Excel and Exchange Server, that could be abused to take control of an affected system.
The most serious errors are CVE-2021-42321 (CVSS score: 8.8) and CVE-2021-42292 (CVSS score: 7.8). The flaws affect Microsoft Exchange Server with regards to a post-authentication remote code execution flaw and Microsoft Excel versions 2013-2021 – a security bypass vulnerability.
Impact
Earlier in the year, there were four zero-day exploits, which included attacks on researchers, law firms, universities, defence contractors, policy think tanks and NGOs.
Situations like these show that Microsoft Exchange servers are a high target for threat actors wanting to target critical networks.
Affected Products
- 3D Viewer
- Azure
- Azure RTOS
- Azure Sphere
- Microsoft Dynamics
- Microsoft Edge (Chromium-based)
- Microsoft Edge (Chromium-based) in IE Mode
- Microsoft Exchange Server
- Microsoft Office
- Microsoft Office Access
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Microsoft Windows
- Microsoft Windows Codecs Library
- Power BI
- Role: Windows Hyper-V
- Visual Studio
- Visual Studio Code
- Windows Active Directory
- Windows COM
- Windows Core Shell
- Windows Cred SSProvider Protocol
- Windows Defender
- Windows Desktop Bridge
- Windows Diagnostic Hub
- Windows Fastfat Driver
- Windows Feedback Hub
- Windows Hello
- Windows Installer
- Windows Kernel
- Windows NTFS
- Windows RDP
- Windows Scripting
- Windows Virtual Machine Bus
Containment, Mitigations & Remediation
Update installation: Microsoft has released several security updates for vulnerabilities. Our recommendation is to install these updates immediately to protect your environment.
There are two update paths. Exchange Server is running one of the following currently supported CUs:
Path 1
• Exchange Server 2013 CU23
• Exchange Server 2016 CU21 or CU22
• Exchange Server 2019 CU10 or CU11
> Install November 2021 Security Updates
Path 2
Exchange Server is NOT running any of the above CUs
> Install supported CU
> Install November 2021 Security Updates
Indicators of Compromise
None published at this time.
Mitre Methodologies
T1068 – Exploitation for Privilege Escalation