This month, Microsoft released security updates for 66 vulnerabilities and risk exposures, including three of Critical impact, and 62 classified as Important. Microsoft also released updates to resolve one vulnerability identified as “Zero Day”. Guidance for the most Critical updates is highlighted below:
Vulnerability | Affected Products | CVEs |
MSHTML remote code execution | All Windows versions | CVE-2021-40444 |
OMI remote code execution | Azure Open Management Infrastructure | CVE-2021-38647 |
Windows DNS elevation of privilege | Windows 7, Windows Server 2008, Windows Server 2008 R2 | CVE-2021-36968 |
Windows Scripting Engine memory corruption | All Windows versions | CVE-2021-26435 |
Windows WLAN AutoConfig Service elevation of privilege | Windows 10, Windows Server 2016, Windows Server 2019 | CVE-2021-36967 |
SAINT released updates for these issues on September 15, 2021. Please ensure your SAINT product is updated to version 9.9.83 or higher and scan your environment to ensure all updates have been applied, to mitigate against threats that target these vulnerabilities. Additional information about these vulnerabilities, as well as the impacts and resolution details can be found in the Tutorials released in this update.
If you need assistance updating SAINT to the current version or help on other SAINT topics, contact support at support@saintcorporation.com. If you need assistance getting SAINT for your organization, please contact sales at be.secure@carsoninc.com.
Follow us on social media for the latest on SAINT updates and our security services below: