66 Bulletins, Solely 3 Crucial



The September 2021 Patch Tuesday cycle is comparatively excellent news for system directors with solely 66 whole bulletins. Maybe extra considerably, solely three of those have been Crucial bulletins. Eleven of those bulletins fastened vulnerabilities that have been disclosed to Microsoft through the Zero Day Initiative. Total, the month presents system directors an opportunity to atone for different essential duties.
Solely 3 Crucial Patches for September
As talked about beforehand, solely three of this month’s bulletins have been rated by Microsoft as Crucial. One among these bulletins covers a vulnerability within the Home windows Scripting Engine (CVE-2021-26435), one other a vulnerability within the WLAN automated configuration service (CVE-2021-36965). The third vulnerability is within the Open Administration Infrastructure (CVE-2021-38647).
One other important flaw fastened was CVE-2021-40444. This was a vulnerability that allowed malicious ActiveX controls to be executed through specifically crafted Workplace paperwork, and was disclosed to the general public final week as a result of its use within the wild.
The remaining vulnerabilities cowl a wide range of Microsoft merchandise, as anticipated. Among the merchandise/parts with a number of bulletins embrace Edge, Workplace, the print spooler, and the SMB stack. These parts have been featured prominently in earlier Patch Tuesday cycles, so their presence on this month shouldn’t be a shock.
Pattern Micro Options
A proactive, multilayered method to safety is vital towards threats that exploit vulnerabilities — from the gateway, endpoints, networks, and servers.
The Pattern Micro™ Deep Safety™ resolution offers community safety, system safety, and malware prevention. Mixed with Vulnerability Safety, it may defend person programs from a variety of upcoming threats which may goal vulnerabilities. Word that filters shipped in earlier months supplied zero-day safety for vulnerabilities lined this month. Each options defend customers from exploits that concentrate on these vulnerabilities through the next guidelines:

39937: ZDI-CAN-13828: Zero Day Initiative Vulnerability (Microsoft Workplace Visio) (CVE-2021-38653)
39938: ZDI-CAN-14041: Zero Day Initiative Vulnerability (Microsoft Visible Studio) (CVE-2021-36952)
39999: ZDI-CAN-13918: Zero Day Initiative Vulnerability (Microsoft Phrase) (CVE-2021-38656)
40000: ZDI-CAN-14118: Zero Day Initiative Vulnerability (Microsoft Excel) (CVE-2021-38655)
40001: ZDI-CAN-14194: Zero Day Initiative Vulnerability (Microsoft Workplace Visio) (CVE-2021-38654)
40018: ZDI-CAN-14198: Zero Day Initiative Vulnerability (Microsoft Phrase) (CVE-2021-38658)
40074: ZDI-CAN-14451: Zero Day Initiative Vulnerability (Microsoft Workplace PowerPoint) (CVE-2021-38659)