Microsoft Security Bulletin Coverage for July 2021
SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of July 2021. A list of issues reported, along with SonicWall coverage information is as follows:
CVE-2021-31979 Windows Kernel Elevation of Privilege Vulnerability
ASPY 197:Malformed-File exe.MP.195
CVE-2021-33771 Windows Kernel Elevation of Privilege Vulnerability
ASPY 198:Malformed-File exe.MP.196
CVE-2021-34448 Scripting Engine Memory Corruption Vulnerability
IPS 15631:Scripting Engine Memory Corruption Vulnerability (CVE-2021-34448)
CVE-2021-34449 Win32k Elevation of Privilege Vulnerability
ASPY 185:Malformed-File exe.MP.184
CVE-2021-34467 Microsoft SharePoint Server Remote Code Execution Vulnerability
IPS 15630:Microsoft SharePoint Server Remote Code Execution (CVE-2021-34467)
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
IPS 15632:Microsoft Exchange Server Remote Code Execution (CVE-2021-34473)
CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability
IPS 15622: Print Spooler AddPrinterDriverEx Request
Adobe Coverage:
CVE-2021-28640Acrobat Reader Use After Free
ASPY 195: Malformed-File pdf.MP.476
CVE-2021-28635 Acrobat Reader Use After Free
ASPY 196: Malformed-File pdf.MP.477
The following vulnerabilities do not have exploits in the wild :
CVE-2021-31183 Windows TCP/IP Driver Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-31196 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-31206 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-31947 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-31961 Windows InstallService Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-31984 Power BI Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33740 Windows Media Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33743 Windows Projected File System Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33744 Windows Secure Kernel Mode Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-33745 Windows DNS Server Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-33746 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33749 Windows DNS Snap-in Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33750 Windows DNS Snap-in Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33751 Storage Spaces Controller Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33752 Windows DNS Snap-in Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33753 Microsoft Bing Search Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-33754 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33755 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-33756 Windows DNS Snap-in Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33757 Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-33758 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-33759 Windows Desktop Bridge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33760 Media Foundation Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-33761 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33763 Windows Remote Access Connection Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-33764 Windows Key Distribution Center Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-33765 Windows Installer Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-33766 Microsoft Exchange Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-33767 Open Enclave SDK Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33768 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33772 Windows TCP/IP Driver Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-33773 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33774 Windows Event Tracing Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33775 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33776 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33777 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33778 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33779 Windows ADFS Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-33780 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-33781 Active Directory Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-33782 Windows Authenticode Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-33783 Windows SMB Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-33784 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-33785 Windows AF_UNIX Socket Provider Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-33786 Windows LSA Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-33788 Windows LSA Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34438 Windows Font Driver Host Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34439 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34440 GDI+ Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34441 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34442 Windows DNS Server Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34444 Windows DNS Server Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34445 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34446 Windows HTML Platform Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-34447 Windows MSHTML Platform Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34450 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34451 Microsoft Office Online Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-34452 Microsoft Word Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34454 Windows Remote Access Connection Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34455 Windows File History Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34456 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34457 Windows Remote Access Connection Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34458 Windows Kernel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34459 Windows AppContainer Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34460 Storage Spaces Controller Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34461 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34462 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34464 Microsoft Defender Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34466 Windows Hello Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-34468 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34469 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2021-34470 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34474 Dynamics Business Central Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34476 Bowser.sys Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34477 Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34479 Microsoft Visual Studio Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-34488 Windows Console Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34489 DirectWrite Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34490 Windows TCP/IP Driver Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34491 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34492 Windows Certificate Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-34493 Windows Partition Management Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34494 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34496 Windows GDI Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34497 Windows MSHTML Platform Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34498 Windows GDI Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34499 Windows DNS Server Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2021-34500 Windows Kernel Memory Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34501 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34503 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34504 Windows Address Book Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34507 Windows Remote Assistance Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34508 Windows Kernel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34509 Storage Spaces Controller Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34510 Storage Spaces Controller Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34511 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34512 Storage Spaces Controller Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34513 Storage Spaces Controller Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34514 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34516 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34517 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2021-34518 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34519 Microsoft SharePoint Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2021-34520 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34521 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34522 Microsoft Defender Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2021-34525 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34528 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2021-34529 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
