Nasty Office bug fixed with the September 2021 Patch Tuesday

Microsoft made a rare announcement on September 10th, 2021 that it had fixed a nasty bug in an update to Windows. The company also revealed the patch would be released on September 11th, 2021.

The may 2021 patch tuesday problems is a bug that has been present since the release of Windows 10. Microsoft released a fix on September 2021 Patch Tuesday.

Microsoft-Cloud-Gaming-comes-to-Windows-10-and-iOS

Alexandru Poloboc is an author.

Editor of the News

Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overwhelming urge to always get to the bottom of things and discover the truth… Continue reading

  • Patch Tuesday this month delivers a total of 67 updates to users all around the world.
  • Almost half of the fixes issued address problems with computer user privileges.
  • The ability to run arbitrary code on a victim’s PC has also been addressed.
  • Microsoft Office’s MSHTML component is also being extensively abused.

Nasty-Office-bug-fixed-with-the-September-2021-Patch-Tuesday

This month, the Redmond firm’s usual slew of updates takes on added significance as the company publishes a patch for a critical-severity issue.

This is presently referred to by the CVE-2021-40444 vulnerability designation reference.

We also know it’s being used right now in Office documents, as well as major updates for Microsoft products and cloud services.

Patch Tuesday helps Microsoft address security flaws.

Microsoft issued a total of 67 updates for several of its products on Patch Tuesday this month.

The most patches, 27, were to address issues that an attacker might exploit to elevate their own privilege level on a machine.

If you’re curious about the second-largest number, 14 in this instance, it refers to an attacker’s capacity to run arbitrary code on a victim’s machine.

It’s essential to note that all but one of the major flaws are classified as Remote Code Execution.

The -40444 issue, often known as the Microsoft MSHTML Remote Code Execution Vulnerability, is one such.

The non-RCE critical vulnerability is an information disclosure flaw in Microsoft’s Azure Sphere platform (CVE-2021-36956), which is designed to provide security to Internet-of-Things (IoT) devices.

The tech giant has addressed some of the unpleasant issues that were impacting the Edge browser on both Android and iOS devices.

Users of that browser on those devices will have to download updated versions from the appropriate app store for their device, both of which are vulnerable to spoofing, according to Microsoft.

The WLAN AutoConfig Service is affected by the serious vulnerabilities (CVE-2021-36965 and CVE-2021-26435) that impact Windows itself.

If you didn’t know, this is part of the process used by Windows 10 to choose the wireless network to which a computer will join, as well as the Windows Scripting Engine.

Prior to the Patch Tuesday deadline, Microsoft released no further details regarding the method through which these vulnerabilities execute code on a machine.

This month, Redmond engineers are tackling a major Office issue.

On September 7, once the issue was identified and made public, security experts and analysts started exchanging proof-of-concept examples of how an attacker might use it.

Unfortunately, because to the bug’s high visibility, attackers are likely to have noticed it and will soon begin exploiting it.

This terrible issue affects Microsoft Office’s MSHTML component, which may display browser pages inside an Office document.

An attacker exploits the flaw by creating a maliciously designed ActiveX control and then embedding code in an Office document that calls the ActiveX control when it is opened or previewed.

In general, the phases of the assault are as follows:

  1. Target gets an Office document in the format.docx or.rtf and opens it.
  2. The document downloads HTML from a malicious web URL from a remote location.
  3. A.CAB archive is sent to the target’s computer via the infected website.
  4. From inside the.CAB, the exploit starts an executable (usually named with a .INF extension)

In order to execute the file with a.inf extension (which is really a malicious.dll) extracted from the.cab file, the malicious programming utilizes the built-in handler for.cpl files (Windows Control Panel).

Many individuals have not only developed and released working proof-of-concept (PoC) vulnerabilities, but also building tools that anybody can use to weaponize an Office document.

We’ve already seen some versions of the exploit that use.rtf file extensions. The initial version of the exploit utilized Microsoft Word.docx documents, but we’ve already seen some variants that use.rtf file extensions.

Using rundll32, attackers utilize the methods to launch not only.exe files but also malicious.dll files. There’s no reason to think the attack won’t be extended to additional Office document formats in the future.

It’s comforting to know that Redmond authorities are doing all they can to keep us safe, but this is a team effort, so we must all pitch in.

What are your views on the Patch Tuesday updates this month? Please let us know what you think in the comments area below.

Was this page of assistance to you?

Thank you very much!

There are insufficient details It’s difficult to comprehend Other Speak with a Professional

Start a discussion.

Microsoft released the patch tuesday may 2021 to fix a nasty bug that has been present in the Nasty Office.

Related Tags

  • patch tuesday schedule 2021
  • patch tuesday august 2021
  • patch tuesday july 2021
  • microsoft patch tuesday july 2021
  • patch tuesday june 2021
You May Also Like