Η Microsoft κυκλοφόρησε χθες το Patch Tuesday Ιουνίου 2021, το οποίο διορθώνει συνολικά 50 σφάλματα, επτά από τα οποία είναι zero-day ευπάθειες. Επομένως, οι διαχειριστές Windows συστημάτων πρέπει να εγκαταστήσουν άμεσα τη νέα ενημέρωση για να προστατεύσουν τις συσκευές τους.
Δείτε επίσης: Η Microsoft δεν θα κυκλοφορήσει νέες preview εκδόσεις των Windows 10
Οι πέντε από τις 50 ευπάθειες που διορθώνονται, έχουν χαρακτηριστεί “κρίσιμες“, ενώ οι υπόλοιπες 45 έχουν κατηγοριοποιηθεί σαν “σημαντικές”.
Δείτε επίσης: Η Microsoft διορθώνει τα σφάλματα στον Microsoft Edge 91
Microsoft Patch Tuesday: Διόρθωση zero-day ευπαθειών
Το Microsoft Patch Tuesday Ιουνίου 2021 διορθώνει, όπως είπαμε παραπάνω, επτά zero-day ευπάθειες. Έξι από αυτές έχουν ήδη χρησιμοποιηθεί από εγκληματίες του κυβερνοχώρου.
Οι ευπάθειες αυτές είναι:
- CVE-2021-31955 – Windows Kernel Information Disclosure Vulnerability
- CVE-2021-31956 – Windows NTFS Elevation of Privilege Vulnerability
- CVE-2021-33739 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
- CVE-2021-33742 – Windows MSHTML Platform Remote Code Execution Vulnerability
- CVE-2021-31199 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
- CVE-2021-31201 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
Η έβδομη zero-day ευπάθεια είναι η “CVE-2021-31968 – Windows Remote Desktop Services Denial of Service Vulnerability”, που δεν έχει εντοπιστεί σε επιθέσεις.
Σε μια έκθεση που κυκλοφόρησε από την Kaspersky, οι ερευνητές εξηγούν ότι οι ευπάθειες CVE-2021-31955 και CVE-2021-31956 χρησιμοποιήθηκαν σε επιθέσεις από μια νέα ομάδα hackers, γνωστή ως PuzzleMaker.
Οι εγκληματίες συνδύασαν τις ευπάθειες CVE-2021-31955 και CVE-2021-31956 για να αποκτήσουν περισσότερα προνόμια στις παραβιασμένες συσκευές.
Δείτε επίσης: Η Microsoft προειδοποιεί: Η εκστρατεία phishing Nobelium υποδύεται την USAID
Στο τέλος, οι hackers εγκαθιστούσαν ένα απομακρυσμένο shell που τους επέτρεπε να ανεβάζουν και να κατεβάζουν αρχεία και να εκτελούν εντολές.
Microsoft Patch Tuesday Ιουνίου 2021: Αναλυτικά οι ευπάθειες
Στον παρακάτω πίνακα, μπορείτε να δείτε αναλυτικά όλες τις ευπάθειες που διορθώνει η Microsoft με τις ενημερώσεις Ιουνίου:
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Core & Visual Studio | CVE-2021-31957 | .NET Core and Visual Studio Denial of Service Vulnerability | Important |
| 3D Viewer | CVE-2021-31942 | 3D Viewer Remote Code Execution Vulnerability | Important |
| 3D Viewer | CVE-2021-31943 | 3D Viewer Remote Code Execution Vulnerability | Important |
| 3D Viewer | CVE-2021-31944 | 3D Viewer Information Disclosure Vulnerability | Important |
| Microsoft DWM Core Library | CVE-2021-33739 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2021-33741 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Intune | CVE-2021-31980 | Microsoft Intune Management Extension Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-31940 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-31941 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-31964 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-31963 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2021-31950 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-31948 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-31966 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-31965 | Microsoft SharePoint Server Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-26420 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2021-31959 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Windows Codecs Library | CVE-2021-31967 | VP9 Video Extensions Remote Code Execution Vulnerability | Critical |
| Paint 3D | CVE-2021-31946 | Paint 3D Remote Code Execution Vulnerability | Important |
| Paint 3D | CVE-2021-31983 | Paint 3D Remote Code Execution Vulnerability | Important |
| Paint 3D | CVE-2021-31945 | Paint 3D Remote Code Execution Vulnerability | Important |
| Role: Hyper-V | CVE-2021-31977 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Visual Studio Code – Kubernetes Tools | CVE-2021-31938 | Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability | Important |
| Windows Bind Filter Driver | CVE-2021-31960 | Windows Bind Filter Driver Information Disclosure Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2021-31954 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2021-31201 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2021-31199 | Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability | Important |
| Windows DCOM Server | CVE-2021-26414 | Windows DCOM Server Security Feature Bypass | Important |
| Windows Defender | CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | Important |
| Windows Defender | CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | Critical |
| Windows Drivers | CVE-2021-31969 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows Event Logging Service | CVE-2021-31972 | Event Tracing for Windows Information Disclosure Vulnerability | Important |
| Windows Filter Manager | CVE-2021-31953 | Windows Filter Manager Elevation of Privilege Vulnerability | Important |
| Windows HTML Platform | CVE-2021-31971 | Windows HTML Platform Security Feature Bypass Vulnerability | Important |
| Windows Installer | CVE-2021-31973 | Windows GPSVC Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2021-31962 | Kerberos AppContainer Security Feature Bypass Vulnerability | Important |
| Windows Kernel | CVE-2021-31951 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2021-31955 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2021-31952 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows MSHTML Platform | CVE-2021-33742 | Windows MSHTML Platform Remote Code Execution Vulnerability | Critical |
| Windows Network File System | CVE-2021-31975 | Server for NFS Information Disclosure Vulnerability | Important |
| Windows Network File System | CVE-2021-31974 | Server for NFS Denial of Service Vulnerability | Important |
| Windows Network File System | CVE-2021-31976 | Server for NFS Information Disclosure Vulnerability | Important |
| Windows NTFS | CVE-2021-31956 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTLM | CVE-2021-31958 | Windows NTLM Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2021-1675 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop | CVE-2021-31968 | Windows Remote Desktop Services Denial of Service Vulnerability | Important |
| Windows TCP/IP | CVE-2021-31970 | Windows TCP/IP Driver Security Feature Bypass Vulnerability | Important |
Πηγή: Bleeping Computer