December's Patch Tuesday Updates Fixes Seven Security Vulnerabilities
Microsoft has fixed a zero-day vulnerability that is used to deliver Emotet, Trickbot through fake applications. The patch is part of Microsoft's December Patch Tuesday update, which included 67 fixes for security vulnerabilities. The patches cover almost the full portfolio of Microsoft including Edge, Microsoft Office, SharePoint Server, PowerShell, Remote Desktop Client, Windows Hyper-V, Windows Mobile Device Management, Windows Remote Access Connection Manager, TCP/IP, and the Windows Update Stack. Seven of the bugs fixed are rated critical and six were zero-days.
The zero-day flaw, CVE-2021-43890, is a spoofing vulnerability in the Windows AppX Installer, which is a utility for side-loading Windows 10 apps, available on the App Store. According to Kevin Breen, director of cyber threat research at Immersive Labs, stated that the bug allows a hacker to create a malicious file that looks like a legitimate program and has been used to deliver Emotet. With the patch, packages can no longer be spoofed to appear valid. According to Satnam Narang, research engineer at Tenable, the flaw was used in multiple attacks associated with Emotet, TrickBot and Bazaloader.
Microsoft also patched CVE-2021-43883, a privilege-escalation vulnerability in Windows Installer, for which hackers have been actively targeting. The patch appears to be a fix for the patch for CVE-2021-41379, another elevation-of-privilege vulnerability in Windows Installer that was supposedly fixed in November. Researchers found that fix was incomplete, and a proof-of-concept was made public late last month. After gaining administrator-level access, hackers can disable security tools and deploy additional malware or tools like Mimikatz. Almost all ransomware attacks in the last year used some form of privilege escalation to launch ransomware attacks.
The update brings the total number of CVEs patched by Microsoft this year to 887, which is down almost 30 percent from 2020. This highlights the need to keep systems up to date. Software updates offer plenty of benefits. It's all about revisions. These might include repairing security holes that have been discovered and fixing or removing computer bugs. Updates can add new features to your devices and remove outdated ones. Hackers love security flaws and can take advantage of the weakness by writing code to target the vulnerability.