9^th October 2021 is the patch Tuesday, and it was fix 6 zero-day vulnerabilities where 2 of them are actively exploited and 55 flaws. 6 of the flaws a critical while 49 are important.

• 20 Elevation of Privilege vulnerabilities
• 2 Security Feature Bypass vulnerabilities
• 15 Remote Code Execution vulnerabilities
• 10 Information Disclosure vulnerabilities
• 3 Denial of Service vulnerabilities
• 4 Spoofing vulnerabilities

The two actively exploiting vulnerabilities are from Microsoft Exchange and Excel,

CVE-2021-42292 – Microsoft Excel Security Feature Bypass Vulnerability

A code execution issue that can be triggered by an attacker tricking the victims into opening a specially crafted file with an affected version of Excel. The flaw affects Microsoft Office for macOS, but the company has yet to fix the issue for Apple’s platform. This has been actively used in malicious attack and was discovered by Microsoft Threat Intelligence Center

CVE-2021-42321 – Microsoft Exchange Server Remote Code Execution Vulnerability

This an authenticated remote code execution bug hat occurs due to improper validation of cmdlet arguments. This was used on Tianfu Cup hacking contest last month. Admins are advice to deploy patches as soon as possible.

The other four publicly disclosed vulnerabilities but are not actively exploited are,

• CVE-2021-38631 – Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
• CVE-2021-41371 – Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
• CVE-2021-43208 – 3D Viewer Remote Code Execution Vulnerability
• CVE-2021-43209 – 3D Viewer Remote Code Execution Vulnerability

Find the complete list of vulnerabilities here

Reference

• https://msrc.microsoft.com/update-guide/releaseNote/2021-Nov
• https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2021-exchange-server-security-updates/ba-p/2933169