Microsoft's recent security update in November 2023 is a testament to this ongoing battle. The update addresses a total of 55 vulnerabilities, with six rated as "Critical" and two actively exploited in the wild.
Exchange Server Vulnerabilities
One of the most significant vulnerabilities patched was found in the Microsoft Exchange Server (CVE-2021-42321). This Remote Code Execution (RCE) vulnerability, exploited in the wild, was disclosed during the Tianfu International Cybersecurity Contest. It requires an authenticated user to run arbitrary code on an on-premise Exchange Server. Additionally, two important Microsoft Exchange Server Spoofing vulnerabilities (CVE-2021-42305 and CVE-2021-41349) were patched. These could be exploited remotely without authentication, though user interaction is required for successful exploitation.
Microsoft Excel Security Concerns
A worrying vulnerability in Microsoft Excel (CVE-2021-42292) was also addressed. This Security Feature Bypass vulnerability, with a CVSS score of 7.8 out of 10, has been exploited in the wild. Notably, the Preview Pane is not an attack vector for this vulnerability, and updates for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 were pending at the time of the update.
Remote Desktop Protocol (RDP) Issues
The Remote Desktop Protocol (RDP) had four vulnerabilities, one of which was a critical RCE (CVE-2021-38666). This vulnerability can be initiated remotely without authentication but requires the victim's interaction for successful exploitation.
3D Viewer and Microsoft Defender Updates
Microsoft’s 3D Viewer utility had two important RCE vulnerabilities (CVE-2021-43208 and CVE-2021-43209) that were patched. The Microsoft Store automatically updates affected customers, ensuring widespread protection. Microsoft Defender, an integral part of Windows security, had a critical RCE vulnerability (CVE-2021-42298). This vulnerability was notable for its potential impact, given Defender’s high privilege level within the operating system and the fact that an attack could be initiated remotely without authentication.
Conclusion
Microsoft's swift response in addressing these vulnerabilities is commendable, but it also underscores the relentless nature of cybersecurity threats in the digital age. As technology continues to advance, so too must our strategies for protecting it.
