You are currently viewing Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days

Microsoft June 2021 Patch Tuesday Addresses 50 CVEs Including Six Zero-Days

  • Post author:
  • Reading time:13 mins read

Microsoft has released June Patch Tuesday, security updates with a total of 50 vulnerabilities in the family of Windows and Mac operating systems and related products. In the release by Microsoft, 5 were rated as Critical and 45 as Important. The products covered in June’s security update include Microsoft Office, Windows Cryptographic Services, .NET Core & Visual Studio, Outlook, Excel, etc. However, a vulnerability assessment tool was used here.

Microsoft has also released patches for six zero-days that are being actively exploited in the wild. It also addressed another zero-day reported by Microsoft but not actively exploited in the wild. Also, a patch management tool can patch these critical vulnerabilities


Zero-day vulnerabilities

 CVE-2021-31956Windows NTFS Elevation of Privilege Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows local attackers to escalate their privileges and take control of a system. PuzzleMaker Group has wildly exploited it.

 CVE-2021-31201Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows attackers to escalate privileges and read or modify restricted information.

CVE-2021-31955Windows Kernel Information Disclosure Vulnerability. Researchers at Kaspersky discovered the vulnerability. It allows attackers to disclose sensitive information such as kernel addresses from the system. PuzzleMaker Group is wildly exploiting this.

CVE-2021-33742Windows MSHTML Platform Remote Code Execution Vulnerability. However, The vulnerability is discovered by Google’s Threat Analysis Group (TAG). Also, Here attackers can trick the victim into opening a crafted file or visiting a malicious website using an affected application to execute arbitrary code on the system. The flaw is due to an improper boundary check when processing HTML content within the Windows MSHTML Platform.

More Zero-day Vulnerabilities

 CVE-2021-33739 Microsoft DWM Core Library Elevation of Privilege Vulnerability. The vulnerability was discovered by researchers at DBAPPSecurity Threat Intelligence Center . The flaw is due to  inefficient privilege management in the Microsoft Desktop Window Manager (DWM) core library, dwmcore.dll. Moreover, It allows attackers to execute arbitrary code and compromise the affected system.

CVE-2021-31199Microsoft Enhanced Cryptographic Provider Security restrictions bypass Vulnerability. The vulnerability is due to improper implementation of security restrictions in Microsoft Enhanced Cryptographic Provider. As a result, it allows local attackers to escalate privileges and read or modify restricted information.

The other zero-day which is not being actively exploited is,

CVE-2021-31968Windows Remote Desktop Services Denial of Service Vulnerability. The vulnerability is due to an improper security feature implementation in Windows Remote Desktop Services. It allows attackers to cause a denial of service condition on the target system.


Critical vulnerabilities

The remaining critical vulnerabilities addressed other than zero-days are,

CVE-2021-31959Chakra JScript scripting engine Memory Corruption vulnerability. A critical memory corruption vulnerability existing in Scripting Engine can be triggered by the user opening a specially crafted file. It allows an attacker to execute arbitrary code on the target system and may also lead to a complete takeover of the system.

 CVE-2021-31985Microsoft’s Defender Code Injection vulnerability. A critical remote code execution vulnerability exists in Microsoft Defender due to improper input validation. Successful exploitation may even lead to complete compromise of a vulnerable system. The likelihood of exploitation of this CVE is also determined as high.

 CVE-2021-31963Microsoft SharePoint Server Remote Code Execution vulnerability. A critical remote code execution vulnerability exists in Microsoft SharePoint Server due to improper input validation. Also, It can be triggered by sending a specially crafted request to the vulnerable system. However, Successful exploitation may result in a complete compromise of a vulnerable system.


Microsoft security bulletin summary for June 2021

  • Microsoft Office
  • Microsoft Browsers
  • Microsoft Windows
  • Microsoft Malware Protection Engine
  • Intune management extension
  • .NET Core
  • Visual Studio
  • Visual Studio Code
  • 3D Viewer

  1. Product: Microsoft Windows
    CVEs/Advisory: CVE-2021-1675, CVE-2021-26414, CVE-2021-31199, CVE-2021-31201, CVE-2021-31951, CVE-2021-31952, CVE-2021-31953, CVE-2021-31954, CVE-2021-31955, CVE-2021-31956, CVE-2021-31958, CVE-2021-31959, CVE-2021-31960, CVE-2021-31962, CVE-2021-31968, CVE-2021-31969, CVE-2021-31970, CVE-2021-31971, CVE-2021-31972, CVE-2021-31973, CVE-2021-31974, CVE-2021-31975, CVE-2021-31976, CVE-2021-31977, CVE-2021-33739, CVE-2021-33742
    Impact: Remote Code Execution, Elevation of Privilege, Denial of Service, Security Feature Bypass, Spoofing, Information Disclosure
    Severity: Critical, Important
    KBs: 5003635, 5003636, 5003637, 5003638, 5003646, 5003671, 5003681, 5003687, 5003696, 5003697

2. Product: Microsoft Office
CVEs/Advisory: CVE-2021-26420, CVE-2021-31939, CVE-2021-31940, CVE-2021-31941, CVE-2021-31948, CVE-2021-31949, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966
Impact: Remote Code Execution
Severity: Important
KBs: 5001934, 5001939, 5001942, 5001947, 5001950, 5001951, 5001953, 5001955, 5001956, 5001962, 5001963


3. Product: Microsoft Office SharePoint
CVEs/Advisory: CVE-2021-26420, CVE-2021-31948, CVE-2021-31950, CVE-2021-31963, CVE-2021-31964, CVE-2021-31965, CVE-2021-31966
Impact: Remote Code Execution, Denial of Service
Severity: Important
KBs:4011698, 5001922, 5001939, 5001944, 5001945, 5001946, 5001954, 5001962


4. Product: 3D Viewer
CVEs/Advisory: CVE-2021-31944, CVE-2021-31943, CVE-2021-31942
Impact: Remote Code Execution, Information Disclosure
Severity: Important


5. Product: Intune management extension
CVEs/Advisory: CVE-2021-31980
Impact: Remote Code Execution
Severity: Important


6. Product: Microsoft Visual Studio
CVEs/Advisory: CVE-2021-31957
Impact: Denial of Service
Severity: Important


7. Product: Microsoft .NET
CVEs/Advisory: CVE-2021-31957
Impact: Denial of Service
Severity: Important


8. Product: Microsoft Visual Studio Code
CVEs/Advisory: CVE-2021-31938
Impact: Remote Code Execution
Severity: Important


9. Product: Microsoft Malware Protection Engine
CVEs/Advisory: CVE-2021-31985, CVE-2021-31978
Impact: Remote Code Execution, Denial of Service
Severity: Critical, Important


SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.