Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET!
Windows 10

Patch Tuesday – June 2021

This month Microsoft patches 7 zero-day flaws in Windows, 6 of which are being exploited in the wild. And there are also important updates for SharePoint Server, Microsoft Office, and Adobe Acrobat and Reader.

Windows and Windows Server

If you haven’t already started testing and deploying June’s updates for Windows and Windows Server, then it’s time to get cracking because there are 7 zero-days fixed in this month’s round of patches. 6 of the 7 zero-day vulnerabilities are already being exploited in the wild. The last flaw in the list is not yet being exploited but it won’t take hackers long to start weaponizing it.

  1. CVE-2021-31955 – Windows Kernel Information Disclosure Vulnerability
  2. CVE-2021-31956 – Windows NTFS Elevation of Privilege Vulnerability
  3. CVE-2021-33739 – Microsoft DWM Core Library Elevation of Privilege Vulnerability
  4. CVE-2021-33742 – Windows MSHTML Platform Remote Code Execution Vulnerability
  5. CVE-2021-31199 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
  6. CVE-2021-31201 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability
  7. CVE-2021-31968 – Windows Remote Desktop Services Denial of Service Vulnerability

Kaspersky Labs reported that CVE-2021-31955 and CVE-2021-31956 are being used as part of an attack that targets Google Chrome in the exploit chain, leading to remote code execution.

News and Interests on the Windows taskbar

As a quick sidenote, News and Interests on the Windows taskbar is now available to users on all supported versions of Windows 10 on the Semi Annual Channel (SAC).

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

News and Interests now available in Windows 10 (Image Credit: Russell Smith)

Exchange, SQL, and SharePoint Server

There’s one critical remote code execution flaw this month for SharePoint Enterprise Server 2013 Service Pack 1. And there are 7 other fixes for remote code execution bugs, rated Important, that affect SharePoint Enterprise Server 2016, SharePoint Server 2016, and SharePoint Foundation Server 2013 Service Pack 1.

Microsoft Office

Outlook gets a patch for a remote code execution flaw that a hacker could exploit if a user opens a specially crafted file. There’s also a patch for a remote code execution vulnerability in Microsoft Office graphics that affects users of Microsoft Office 2013, 2016, and 2019.

Adobe software

Finally this month, Adobe lists security updates for its products including 5 critical flaws in Adobe Acrobat and Reader, 2 critical flaws in Photoshop, and 1 important vulnerability in Adobe Connect. Check out Adobe’s website here for more information.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.

RSVP Now

Sponsored By