Microsoft today released the monthly security updates, also known as Patch Tuesday. This month, the company fixed 56 security vulnerabilities along with a zero-day.
You will find zero-day in CVE-2021-1732, and it concerns an error in Win32k, a key component of the Windows operating system.
Zero-day has already been used for attacks on Windows systems to gain system-level access.
Of course, no details were revealed about these attacks.
Aside from the zero-day, this month's Patch Tuesday also stands out due to the large number of vulnerabilities it fixes.
The six bugs in Microsoft products have already been posted online before today's updates:
- CVE-2021-1721 - .NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2021-1733 - Sysinternals PsExec Elevation of Privilege Vulnerability
- CVE-2021-26701 - .NET Core Remote Code Execution Vulnerability
- CVE-2021-1727 - Windows Installer Elevation of Privilege Vulnerability
- CVE-2021-24098 - Windows Console Driver Denial of Service Vulnerability
- CVE-2021-24106 - Windows DirectX Information Disclosure Vulnerability
The good news is that none of the above errors have been exploited.
You can see all the security updates from the official Security Update Guide portal of Microsoft.