Virtual Administrator’s October 2021 Patch Recommendations
This month Microsoft released patches for 71 vulnerabilities with 2 rated “Critical”, 68 “Important” and 1 “Low” in severity.
All patches have been approved in our patch policy.
A modest number of patches for October. CVE-2021-40449 is being exploited. This is a Win32k Elevation of Privilege vulnerability. One critical bug concerns Microsoft Word (CVE-2021-40486), and two others are remote code execution flaws in Windows Hyper-V (CVE-2021-38672, CVE-2021-40461). The Hyper-V vulnerability impacts Windows 10/11 systems, as well as those Server versions. CVE-2021-26427 is another important bug in Microsoft Exchange Server. CVE-2021-36970 is another spoofing vulnerability in Microsoft’s Windows Print Spooler – see known issues below. Windows 11 is now available.
Head Up! Windows 11 has arrived
What’s new in Windows 11
https://docs.microsoft.com/en-us/windows/whats-new/windows-11-whats-new
Windows 11 update history
FYI Silverlight End of Support
“Microsoft Silverlight will reach the end of support on October 12, 2021. Silverlight development framework is currently only supported on Internet Explorer 10 and Internet Explorer 11.”
“Microsoft is not planning to take any specific action to terminate Silverlight applications. After this date, however, Silverlight will be in an unsupported state and will not receive any future quality or security updates.”
Disclosed: CVE-2021-40469, CVE-2021-41335, CVE-2021-41338
Exploited: CVE-2021-40449
Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance
Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com
We will no longer listing “affected software” in this post. Previously Microsoft listed affected “software”. This month the list includes “products, features and roles” which makes the list too long. If you look at the month’s Release Notes on the Security Update Guide page you can view this list.
Microsoft Security Advisories
ADV990001 | Latest Servicing Stack Updates (Published:11/13/2018 | Last Updated:10/12/2021)
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001
Reason for Revision: A Servicing Stack Update has been released for some versions of Windows.
Note: For Windows 10 1809 and above the SSU is included in the monthly cumulative update. You no longer need to use our “MS Stack Audit AIO – SSU” procedure to update these newer versions. If Microsoft releases a standalone SSU for these versions (as they did last August) we will warn partners and publish an agent procedure to deploy it.
Known Issues
There are no new known issues this month reported by Microsoft.
Ongoing problems causing issues with printers deployed via group policy
Network Printer Problems Again This Month
Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.
Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.
Windows message center
https://docs.microsoft.com/en-us/windows/release-health/windows-message-center
Monthly Rollups and Cumulative Updates KBs
Links are https://support.microsoft.com/en-us/help/####### with the KB number only.
Security and Quality Rollup
- KB5006743 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5006714 – Windows 8.1, Windows Server 2012 R2
- KB5006739 – Windows Server 2012
- KB5006736 – Windows Server 2008 (ESU)
Security Only Update
- KB5006728 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5006729 – Windows 8.1, Windows Server 2012 R2
- KB5006732 – Windows Server 2012
- KB5006715 – Windows Server 2008 (ESU)
Cumulative Updates
Windows 10
- KB5006675 – Original release version 1507 (OS Build 10240)
- KB5006669 – Version 1607 “Anniversary Update” (OS Build 14393)
- KB5006672 – Version 1809 “October 2018 Update” (OS Build 17763)
- KB5006667 – Version 1909 “November 2019 Update” (OS Build 18363)
- KB5006670 – Version 2004 “May 2020 Update” (OS Build 19041)
- KB5006670 – Version 20H2 “October 2020 Update” (OS Build 19042)
- KB5006670 – Version 21H1 “May 2021 Update” (OS Build 19043)
- (Versions 1511,1703,1709,1803,1903 are no longer under support)
Windows 11
- KB5006674 – Original release (OS Build 22000)
Windows Server
- KB5006669 – Server 2016 (same KB as Windows 10 Version 1607)
- KB5006672 – Server 2019 (same KB as Windows 10 Version 1809)
- KB5006699 – Server 2022 (OS Build 20348)
- KB5006671 – Cumulative security update for Internet Explorer
October 2021 updates for Microsoft Office
Notable CVEs
CVE-2021-26427 | Microsoft Exchange Server Remote Code Execution Vulnerability (KB5007011/KB5007012)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26427
CVE-2021-36970 | Windows Print Spooler Spoofing Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36970
CVE-2021-38672 | Windows Hyper-V Remote Code Execution Vulnerability (Cumulative Update)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-38672
CVE-2021-41335 | Windows Kernel Elevation of Privilege Vulnerability (Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41335
CVE-2021-41338 | Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability (Cumulative Update)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-41338
CVE-2021-40449 | Win32k Elevation of Privilege Vulnerability (Cumulative Update/Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449
CVE-2021-40461 | Windows Hyper-V Remote Code Execution Vulnerability (Cumulative Update)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40461
CVE-2021-40469 | Windows DNS Server Remote Code Execution Vulnerability (Monthly Rollup)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40469
CVE-2021-40486 | Microsoft Word Remote Code Execution Vulnerability (various KBs)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40486
