Nov 10, 2021
0 0

Microsoft November 2021 Patch Tuesday fixes 6 zero-days, 55 flaws

Written by

State hackers breach defense, energy, healthcare orgs worldwide
MediaMarkt hit by Hive ransomware, initial $240 million ransom
REvil ransomware affiliates arrested in Romania and Kuwait
Pwn2Own: Printer plays AC/DC, Samsung Galaxy S21 hacked twice
NUCLEUS:13 TCP security bugs impact critical healthcare devices
TeamTNT hackers target your poorly configured Docker servers
Microsoft: Windows 10 2004 reaches end of service next month
Microsoft urges Exchange admins to patch bug exploited in the wild
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Patch Tuesday
Today is Microsoft’s November 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 55 flaws. The actively exploited vulnerabilities are for Microsoft Exchange and Excel, with the Exchange zero-day used as part of the Tianfu hacking contest.
Microsoft has fixed 55 vulnerabilities with today’s update, with six classified as Critical and 49 as Important. The number of each type of vulnerability is listed below:
For information about the non-security Windows updates, you can read about today’s Windows 10 KB5007186 & KB5007189 cumulative updates and the Windows 11 KB5007215 cumulative update.
November’s Patch Tuesday includes fixes for six zero-day vulnerabilities, two actively exploited against Microsoft Exchange and Microsoft Excel.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The actively exploited vulnerabilities fixed this month are:
The Microsoft Exchange CVE-2021-42321 vulnerability is an authenticated remote code execution bug used as part of the Tianfu Cup hacking contest last month.
However, the Microsoft Excel CVE-2021-42292 was discovered by the Microsoft Threat Intelligence Center and has been actively used in malicious attacks.
The security updates for Microsoft Office for Mac have not been released as of yet.
Microsoft also fixed four other publicly disclosed vulnerabilities that are not known to be exploited in attacks.
Other vendors who released updates in November include:
Below is the complete list of resolved vulnerabilities and released advisories in the November 2021 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.
Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws
How to fix the Windows 0x0000011b network printing error
New Windows security updates break network printing
Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws
Windows 11 KB5007215 update released with application fixes
Not a member yet? Register Now
MediaMarkt hit by Hive ransomware, initial $240 million ransom
State hackers breach defense, energy, healthcare orgs worldwide
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


Article Categories:
Cybersecurity News

Comments are closed.