سهشنبه وصله امینتی ماه دسامبر مایکروسافت منتشر شد که به همراه آن شش آسیبپذیری روز صفر و در مجموع ۶۷ نقص برطرف می شود. این بروزرسانیها شامل اصلاحی برای آسیبپذیری Windows Installer است که به طور فعال مورد سوء استفاده قرار گرفته است.
در این بروزرسانی مایکروسافت 55 آسیب پذیری را (بدون احتساب Microsoft Edge) شامل (هفت مورد آسیب پذیری به عنوان بحرانی و 60 مورد به عنوان مهم )برطرف کرده است.
تعداد هر نوع آسیب پذیری شامل:
• 21 آسیب پذیری Elevation of Privilege
• 26 آسیب پذیری Remote Code Execution
• 10 آسیب پذیری Information Disclosure
• 3 آسیب پذیری Denial of Service
• 7 آسیب پذیری Spoofing
شش آسیب پذیری Zero-day برطرف شد، که دو مورد آنها به طور فعال مورد سوء استفاده قرار می گیرند.
بروزرسانی سهشنبه دسامبر شامل اصلاحاتی برای رفع شش آسیبپذیری روز صفر است که شامل یکی از آسیبپذیریهای Windows AppX Installer می باشد.
مایکروسافت آسیب پذیری هایی را که به صورت عمومی افشا می شود و به صورت فعال مورد سوء استفاده قرار می گیرد و هیچ بروزرسانی امنیتی برای آن منتشر نشده در دسته Zero-day طبقه بندی می کند.
آسیبپذیری روز صفر Windows AppX Installer که به طور فعال مورد سوء استفاده قرار میگیرد، با نام CVE-2021-43890 شناسایی میشود و در کمپینهای مختلف، از جمله Emotet، TrickBot، و BazarLoader مورد استفاده قرار می گیرد.
مایکروسافت همچنین پنج آسیبپذیری روز صفر دیگرکه بهصورت عمومی فاش شده بود را برطرف کرد:
• آسیب پذیری CVE-2021-43240 – NTFS Set Short Name Elevation of Privilege
• آسیب پذیری CVE-2021-41333 – Windows Print Spooler Elevation of Privilege
• آسیب پذیری CVE-2021-43880 – Windows Mobile Device Management Elevation of Privilege
• آسیب پذیری CVE-2021-43883– Windows Installer Elevation of Privilege
• آسیب پذیری CVE-2021-43893 – Windows Encrypting File System (EFS) Elevation of Privilege
بروز رسانی های اخیر از سایر شرکت ها : سایر شرکت هایی که در ماه دسامبر بروزرسانی هایی را منتشر کردند عبارتند از:
• آپدیت های امنیتی ماه دسامبراندروید هفته گذشته منتشر شد.
• Apache Log4j :توصیههای امنیتی متعددی برای آسیبپذیری بسیار مشکلساز موجود در اینترنت منتشر شد.
• اپل بروزرسانیهای امنیتی را برای iOS، iPadOS، macOS، tvOS و watchOS منتشر کرد.
• سیسکو در این ماه بروزرسانیهای امنیتی را برای بسیاری از محصولات منتشر کرد، از جمله توصیههای مربوط به آسیبپذیری Log4j در محصولاتش.
• SAP بروزرسانی های امنیتی دسامبر 2021 خود را منتشر کرد.
• VMWare یک توصیه در مورد وصله های فعلی آسیب پذیری Log4j در محصولات خود منتشر کرد.
بروزرسانیهای امنیتی سهشنبه دسامبر۲۰۲۱
لیست کامل این بروز رسانی ها در جدول زیر قابل مشاهده می باشد:
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| Apps | CVE-2021-43890 | Windows AppX Installer Spoofing Vulnerability | Important |
| ASP.NET Core & Visual Studio | CVE-2021-43877 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | Important |
| Azure Bot Framework SDK | CVE-2021-43225 | Bot Framework SDK Remote Code Execution Vulnerability | Important |
| BizTalk ESB Toolkit | CVE-2021-43892 | Microsoft BizTalk ESB Toolkit Spoofing Vulnerability | Important |
| Internet Storage Name Service | CVE-2021-43215 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution | Critical |
| Microsoft Defender for IoT | CVE-2021-41365 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42311 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42310 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Critical |
| Microsoft Defender for IoT | CVE-2021-43882 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-43888 | Microsoft Defender for IoT Information Disclosure Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42314 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42313 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42312 | Microsoft Defender for IOT Elevation of Privilege Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-43889 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Defender for IoT | CVE-2021-42315 | Microsoft Defender for IoT Remote Code Execution Vulnerability | Important |
| Microsoft Devices | CVE-2021-43899 | Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability | Critical |
| Microsoft Edge (Chromium-based) | CVE-2021-4056 | Chromium: CVE-2021-4056: Type Confusion in loader | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4055 | Chromium: CVE-2021-4055 Heap buffer overflow in extensions | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4054 | Chromium: CVE-2021-4054 Incorrect security UI in autofill | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4052 | Chromium: CVE-2021-4052 Use after free in web apps | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4053 | Chromium: CVE-2021-4053 Use after free in UI | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4065 | Chromium: CVE-2021-4065 Use after free in autofill | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4064 | Chromium: CVE-2021-4064 Use after free in screen capture | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4063 | Chromium: CVE-2021-4063 Use after free in developer tools | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4068 | Chromium: CVE-2021-4068 Insufficient validation of untrusted input in new tab page | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4067 | Chromium: CVE-2021-4067 Use after free in window manager | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4066 | Chromium: CVE-2021-4066 Integer underflow in ANGLE | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4059 | Chromium: CVE-2021-4059 Insufficient data validation in loader | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4062 | Chromium: CVE-2021-4062 Heap buffer overflow in BFCache | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4061 | Chromium: CVE-2021-4061 Type Confusion in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4058 | Chromium: CVE-2021-4058 Heap buffer overflow in ANGLE | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2021-4057 | Chromium: CVE-2021-4057 Use after free in file API | Unknown |
| Microsoft Local Security Authority Server (lsasrv) | CVE-2021-43216 | Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability | Important |
| Microsoft Message Queuing | CVE-2021-43236 | Microsoft Message Queuing Information Disclosure Vulnerability | Important |
| Microsoft Message Queuing | CVE-2021-43222 | Microsoft Message Queuing Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2021-43875 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2021-42295 | Visual Basic for Applications Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2021-43905 | Microsoft Office app Remote Code Execution Vulnerability | Critical |
| Microsoft Office Access | CVE-2021-42293 | Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability | Important |
| Microsoft Office Excel | CVE-2021-43256 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-42309 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-42320 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-43242 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2021-42294 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft PowerShell | CVE-2021-43896 | Microsoft PowerShell Spoofing Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-41360 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-43248 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-43214 | Web Media Extensions Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-40452 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-40453 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2021-43243 | VP9 Video Extensions Information Disclosure Vulnerability | Important |
| Office Developer Platform | CVE-2021-43255 | Microsoft Office Trust Center Spoofing Vulnerability | Important |
| Remote Desktop Client | CVE-2021-43233 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Role: Windows Fax Service | CVE-2021-43234 | Windows Fax Service Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2021-43246 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Visual Studio Code | CVE-2021-43891 | Visual Studio Code Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2021-43908 | Visual Studio Code Spoofing Vulnerability | Important |
| Visual Studio Code – WSL Extension | CVE-2021-43907 | Visual Studio Code WSL Extension Remote Code Execution Vulnerability | Critical |
| Windows Common Log File System Driver | CVE-2021-43226 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2021-43224 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2021-43207 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Digital TV Tuner | CVE-2021-43245 | Windows Digital TV Tuner Elevation of Privilege Vulnerability | Important |
| Windows DirectX | CVE-2021-43219 | DirectX Graphics Kernel File Denial of Service Vulnerability | Important |
| Windows Encrypting File System (EFS) | CVE-2021-43217 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | Critical |
| Windows Encrypting File System (EFS) | CVE-2021-43893 | Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | Important |
| Windows Event Tracing | CVE-2021-43232 | Windows Event Tracing Remote Code Execution Vulnerability | Important |
| Windows Installer | CVE-2021-43883 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2021-43244 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Media | CVE-2021-40441 | Windows Media Center Elevation of Privilege Vulnerability | Important |
| Windows Mobile Device Management | CVE-2021-43880 | Windows Mobile Device Management Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2021-43240 | NTFS Set Short Name Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2021-43231 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2021-43230 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2021-43229 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2021-41333 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2021-43223 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2021-43238 | Windows Remote Access Elevation of Privilege Vulnerability | Important |
| Windows Storage | CVE-2021-43235 | Storage Spaces Controller Information Disclosure Vulnerability | Important |
| Windows Storage Spaces Controller | CVE-2021-43227 | Storage Spaces Controller Information Disclosure Vulnerability | Important |
| Windows SymCrypt | CVE-2021-43228 | SymCrypt Denial of Service Vulnerability | Important |
| Windows TCP/IP | CVE-2021-43247 | Windows TCP/IP Driver Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2021-43237 | Windows Setup Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2021-43239 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | Important |
منبع:
