![\"\"](\"\/wp-content\/uploads\/2021\/06\/patch-watch-1-23.png\")
<\/h2>\nMicrosoft patched 55 unique security vulnerabilities in November 2021, which includes six zero-day exploits. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.<\/p>\n
<\/h2>\n\n
This November, Microsoft patched 55 vulnerabilities discovered in 2021.<\/p>\n
15 CVEs are classified as Remote Code Execution bugs<\/p>\n<\/li>\n
20 CVEs with Privilege Escalation capabilities<\/p>\n<\/li>\n
10 CVEs are linked to Information Disclosure<\/p>\n<\/li>\n
3 CVEs have Denial of Service capabilities<\/p>\n<\/li>\n
4 CVEs has Spoofing possibilities<\/p>\n<\/li>\n
2 CVEs are Security Bypass bugs<\/p>\n<\/li>\n<\/ul>\n
![\"\"](\"\/wp-content\/uploads\/2021\/06\/patch-watch-2-24.png\")
<\/p>\n
Two of the CVEs (CVE-2021-42292<\/a> and CVE-2021-42321<\/a>) have been classified as actively exploited and were disclosed publicly. Most concerning is that these two CVEs have been called out by CISA in its recent directive<\/a> encouraging users to apply immediate patching to a list of 291 Known Exploited Vulnerabilities<\/a> (KEV).<\/p>\n Microsoft had disclosed that security updates for Microsoft Office for Mac have not been released as of yet.<\/p>\n \n Microsoft had released fixes for six zero-day vulnerabilities this month:<\/p>\n CVE-2021-38631<\/a> – Windows Remote Desktop Protocol (RDP)<\/p>\n<\/li>\n CVE-2021-41371<\/a> – Windows Remote Desktop Protocol (RDP)<\/p>\n<\/li>\n CVE-2021-43208<\/a> – 3D Viewer<\/p>\n<\/li>\n CVE-2021-43209<\/a> – 3D Viewer<\/p>\n<\/li>\n CVE-2021-42292<\/a> – Microsoft Excel<\/p>\n<\/li>\n CVE-2021-42321<\/a> – Microsoft Exchange Server<\/p>\n<\/li>\n<\/ul>\n \n CVE-2021-42321 is a remote code execution vulnerability in Microsoft Exchange Server. The bug\u00a0 with a CVSS v3 score of\u00a0 8.8 (high) arises as a result of incorrect validation of command-let (cmdlet) parameters. An attacker would have to be authenticated to a susceptible Exchange Server in order to exploit this issue. According to Microsoft, this vulnerability has been used in “limited targeted attacks” in the wild.<\/p>\n \n Throughout 2021, many notable vulnerabilities in Microsoft Exchange Server have been exposed, starting with ProxyLogon and linked zero-days in March, and later followed by ProxyShell. Organizations running Exchange Server on-premises should deploy security upgrades as soon as possible to avoid future exploitation once the proof-of-concept code is made public.<\/p>\n \n When analyzing these vulnerabilities based on the Common Weakness Enumeration (CWE) categorization, 20 CVEs carry a CWE of CWE-269 (Improper Privilege Management) that falls under 2021 CWE Top 30 Most Dangerous Software Weaknesses<\/a>. On the whole, 24 CVEs have not been assigned a CWE Identifier yet.<\/p>\n \n The November patch package has an influence on the following products: Microsoft Azure, the Chromium-based Edge browser, Microsoft Office — as well as associated products such as Excel, Word, and SharePoint — Visual Studio, Exchange Server, Windows Kernel, and Windows Defender. Windows products received a fix for 27 vulnerabilities in which 6 CVEs accounted for Remote Code Execution and 14 CVEs for Privilege Escalation.<\/p>\nZero-days<\/h2>\n
\n
CWE Analysis<\/h2>\n
![\"\"](\"\/wp-content\/uploads\/2021\/06\/cwe-analysis.png\")
<\/p>\nSeverity Scores<\/h2>\n
![\"\"](\"\/wp-content\/uploads\/2021\/06\/patch-watch-3-17.png\")
<\/p>\nProduct Analysis<\/h2>\n
![\"\"](\"\/wp-content\/uploads\/2021\/06\/patch-watch-4-14.png\")
\n