Virtual Administrator’s September 2021 Patch Recommendations


This month Microsoft released patches for 60 vulnerabilities with 3 rated “Critical”, 56 “Important” and 1 “Moderate” in severity.

All patches have been approved in our patch policy.

A moderate number of patches for September. Two zero-day flaws this month – CVE-2021-40444 and CVE-2021-36968. CVE-2021-40444 is a remote code execution vulnerability in MSHTML that affects Microsoft Windows. CVE-2021-36968 addresses an Elevation of Privilege vulnerability in Windows DNS in the legacy Windows OSs. Also notable is a Windows WLAN AutoConfig Service RCE vulnerability CVE-2021-36965. CVE-2021-38671 is another in the long line of recent Windows Print Spooler patches. Many are complaining of network printing problems after patching – see “Heads Up” below.

Head Up!

New Windows security updates break network printing

Print spooler vulnerability patches may trigger issues when group policy is used to push printers to non admin users.

Point and Print Default Behavior Change

Disclosed: CVE-2021-36968, CVE-2021-40444

Exploited: CVE-2021-40444

Security Update Guide

Morphus Labs patch dashboard here:

We will no longer listing “affected software” in this post. Previously Microsoft listed affected “software”. This month the list includes “products, features and roles” which makes the list too long. If you look at the month’s Release Notes on the Security Update Guide page you can view this list.

Microsoft Security Advisories

ADV990001 | Latest Servicing Stack Updates (Published:11/13/2018 | Last Updated:09/14/2021)

Reason for Revision: A Servicing Stack Update has been released for some versions of Windows.

Known Issues

There are no new known issues this month reported by Microsoft.

Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.

Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.

Windows message center

Monthly Rollup/Security Only/Windows 10/Server 2016,2019 KBs

Links are with the KB number only.

Security and Quality Rollup

  • KB5005633 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5005613 – Windows 8.1, Windows Server 2012 R2
  • KB5005623 – Windows Server 2012
  • KB5005606 – Windows Server 2008 (ESU)

Security Only Update

  • KB5005615 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5005627 – Windows 8.1, Windows Server 2012 R2
  • KB5005607 – Windows Server 2012
  • KB5005618 – Windows Server 2008 (ESU)

Cumulative Update for Windows 10

  • KB5005569 – Original release version 1507 (OS Build 10240)
  • None – Version 1511 (OS Build 10586)
  • KB5005573 – Version 1607 “Anniversary Update” (OS Build 14393)
  • None – Version 1703 “Creators Update” (OS Build 15063)
  • None – Version 1709 “Fall Creators Update” (OS Build 16299)
  • None – Version 1803 “Spring Creators Update” (OS Build 17134)
  • KB5005568 – Version 1809 “October 2018 Update” (OS Build 17763)
  • None – Version 1903 “May 2019 Update” (OS Build 18362)
  • KB5005566 – Version 1909 “November 2019 Update” (OS Build 18363)
  • KB5005565 – Version 2004 “May 2020 Update” (OS Build 19041)
  • KB5005565 – Version 20H2 “October 2020 Update” (OS Build 19042)
  • KB5005565 – Version 21H1 “May 2021 Update” (OS Build 19043)

Note: Server 2016 uses the same KB as Windows 10 Version 1607. Server 2019 uses the same KB as Windows 10 Version 1809.

KB5005563 – Cumulative security update for Internet Explorer

September 2021 updates for Microsoft Office

Notable CVEs

CVE-2021-26435 – Windows Scripting Engine Memory Corruption Vulnerability (Cumulative Update/Monthly Rollup)

CVE-2021-36965 – Windows WLAN AutoConfig Service Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)

CVE-2021-36968 – Windows DNS Elevation of Privilege Vulnerability (Monthly Rollup)

CVE-2021-38633, CVE-2021-36963 – Windows Common Log File System Driver Elevation of Privilege Vulnerability (Monthly Rollup)

CVE-2021-38671 – Windows Print Spooler Elevation of Privilege Vulnerability (Monthly Rollup)

CVE-2021-40444 – Microsoft MSHTML Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)